[moodle.git] / repository / repository_ajax.php

<?php

// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.


/**
 * The Web service script that is called from the filepicker front end
 *
 * @since 2.0
 * @package moodlecore
 * @subpackage repository
 * @copyright 2009 Dongsheng Cai <dongsheng@moodle.com>
 * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */

define('AJAX_SCRIPT', true);

require_once(dirname(dirname(__FILE__)).'/config.php');
require_once(dirname(dirname(__FILE__)).'/lib/filelib.php');
require_once(dirname(__FILE__).'/lib.php');

require_login();

/// Parameters
$action    = optional_param('action', '', PARAM_ALPHA);
$repo_id   = optional_param('repo_id', 0, PARAM_INT);           // Pepository ID
$contextid = optional_param('ctx_id', SYSCONTEXTID, PARAM_INT); // Context ID
$env       = optional_param('env', 'filepicker', PARAM_ALPHA);  // Opened in editor or moodleform
$license   = optional_param('license', $CFG->sitedefaultlicense, PARAM_TEXT);
$author    = optional_param('author', '', PARAM_TEXT);          // File author
$source    = optional_param('source', '', PARAM_RAW);           // File to download
$itemid    = optional_param('itemid', 0, PARAM_INT);            // Itemid
$page      = optional_param('page', '', PARAM_RAW);             // Page
$maxbytes  = optional_param('maxbytes', 0, PARAM_INT);          // Maxbytes
$req_path  = optional_param('p', '', PARAM_RAW);                // Path
$accepted_types  = optional_param('accepted_types', '*', PARAM_RAW);
$saveas_filename = optional_param('title', '', PARAM_FILE);     // save as file name
$saveas_path   = optional_param('savepath', '/', PARAM_PATH);   // save as file path
$search_text   = optional_param('s', '', PARAM_CLEANHTML);
$linkexternal  = optional_param('linkexternal', '', PARAM_ALPHA);

/// Headers to make it not cacheable
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');

$err = new stdclass;

if (!confirm_sesskey()) {
    $err->error = get_string('invalidsesskey');
    die(json_encode($err));
}

/// Check permissions
if (! (isloggedin() && repository::check_context($contextid)) ) {
    $err->error = get_string('nopermissiontoaccess', 'repository');
    die(json_encode($err));
}

$moodle_maxbytes = get_max_upload_file_size();
// to prevent maxbytes greater than moodle maxbytes setting
if ($maxbytes == 0 || $maxbytes>=$moodle_maxbytes) {
    $maxbytes = $moodle_maxbytes;
}

/// Wait as long as it takes for this script to finish
set_time_limit(0);

// Early actions which need to be done before repository instaces initialised
switch ($action) {
    // global search
    case 'gsearch':
        $params = array();
        $params['context'] = array(get_context_instance_by_id($contextid), get_system_context());
        $params['currentcontext'] = get_context_instance_by_id($contextid);
        $repos = repository::get_instances($params);
        $list = array();
        foreach($repos as $repo){
            if ($repo->global_search()) {
                $ret = $repo->search($search_text);
                array_walk($ret['list'], 'repository_attach_id', $repo->id);  // See function below
                $tmp = array_merge($list, $ret['list']);
                $list = $tmp;
            }
        }
        $listing = array('list'=>$list);
        $listing['gsearch'] = true;
        die(json_encode($listing));
        break;

    // remove the cache files & logout
    case 'ccache':
        $cache = new curl_cache;
        $cache->refresh();
        $action = 'list';
        break;
}

/// Get repository instance information
$sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.
       'WHERE i.id=? AND i.typeid=r.id';

if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
    $err->error = get_string('invalidrepositoryid', 'repository');
    die(json_encode($err));
} else {
    $type = $repository->type;
}

if (file_exists($CFG->dirroot.'/repository/'.$type.'/lib.php')) {
    require_once($CFG->dirroot.'/repository/'.$type.'/lib.php');
    $classname = 'repository_' . $type;
    $repo = new $classname($repo_id, $contextid, array('ajax'=>true, 'name'=>$repository->name, 'type'=>$type));
} else {
    $err->error = get_string('invalidplugin', 'repository', $type);
    die(json_encode($err));
}

/// These actions all occur on the currently active repository instance
switch ($action) {
    case 'sign':
    case 'signin':
    case 'list':
        if ($repo->check_login()) {
            $listing = $repo->get_listing($req_path, $page);
            $listing['repo_id'] = $repo_id;
            echo json_encode($listing);
            break;
        } else {
            $action = 'login';
        }
    case 'login':
        $listing = $repo->print_login();
        $listing['repo_id'] = $repo_id;
        echo json_encode($listing);
        break;
    case 'logout':
        $logout = $repo->logout();
        $logout['repo_id'] = $repo_id;
        echo json_encode($logout);
        break;
    case 'searchform':
        $search_form['form'] = $repo->print_search();
        echo json_encode($search_form);
        break;
    case 'search':
        $search_result = $repo->search($search_text, (int)$page);
        $search_result['repo_id'] = $repo_id;
        $search_result['search_result'] = true;
        echo json_encode($search_result);
        break;
    case 'download':
        // validate mimetype
        $mimetypes = array();
        if ((is_array($accepted_types) and in_array('*', $accepted_types)) or $accepted_types == '*') {
            $mimetypes = '*';
        } else {
            foreach ($accepted_types as $type) {
                $mimetypes[] = mimeinfo('type', $type);
            }
            if (!in_array(mimeinfo('type', $saveas_filename), $mimetypes)) {
                throw new moodle_exception('invalidfiletype', 'repository', '', mimeinfo('type', $saveas_filename));
            }
        }

        // We have two special repoisitory type need to deal with
        // local and recent plugins don't added new files to moodle, just add new records to database
        // so we don't check user quota and maxbytes here
        if (in_array($repo->options['type'], array('local', 'recent', 'user'))) {
            $fileinfo = $repo->copy_to_area($source, 'draft', $itemid, $saveas_path, $saveas_filename);
            $info = array();
            $info['file'] = $fileinfo['title'];
            $info['id'] = $itemid;
            $info['url'] = $CFG->httpswwwroot.'/draftfile.php/'.$fileinfo['contextid'].'/user/draft/'.$itemid.'/'.$fileinfo['title'];
            $filesize = $fileinfo['filesize'];
            if (($maxbytes!==-1) && ($filesize>$maxbytes)) {
                throw new file_exception('maxbytes');
            }
            echo json_encode($info);
            die; // ends here!!
        } else {
            $allowexternallink = (int)get_config(null, 'repositoryallowexternallinks');
            if (!empty($allowexternallink)) {
                $allowexternallink = true;
            } else {
                $allowexternallink = false;
            }
            // allow external links in url element all the time
            $allowexternallink = ($allowexternallink || ($env == 'url'));

            // Use link of the files
            if ($allowexternallink and $linkexternal === 'yes' and ($repo->supported_returntypes() & FILE_EXTERNAL)) {
                // use external link
                $link = $repo->get_link($source);
                $info = array();
                $info['filename'] = $saveas_filename;
                $info['type'] = 'link';
                $info['url'] = $link;
                echo json_encode($info);
                die;
            } else {
                // Download file to moodle
                $file = $repo->get_file($source, $saveas_filename);
                if ($file['path'] === false) {
                    $err->error = get_string('cannotdownload', 'repository');
                    die(json_encode($err));
                }

                // check if exceed maxbytes
                if (($maxbytes!==-1) && (filesize($file['path']) > $maxbytes)) {
                    throw new file_exception('maxbytes');
                }

                // check if exceed user quota
                $userquota = file_get_user_used_space();
                if (filesize($file['path'])+$userquota>=(int)$CFG->userquota) {
                    throw new file_exception('userquotalimit');
                }

                $record = new stdclass;
                $record->filepath = $saveas_path;
                $record->filename = $saveas_filename;
                $record->component = 'user';
                $record->filearea = 'draft';
                $record->itemid   = $itemid;

                if (!empty($file['license'])) {
                    $record->license  = $file['license'];
                } else {
                    $record->license  = $license;
                }
                if (!empty($file['author'])) {
                    $record->author   = $file['author'];
                } else {
                    $record->author   = $author;
                }
                $record->source = !empty($file['url']) ? $file['url'] : '';

                $info = repository::move_to_filepool($file['path'], $record);
                if (empty($info)) {
                    $info['e'] = get_string('error', 'moodle');
                }
                echo json_encode($info);
                die;
            }
        }
        break;
    case 'upload':
        $result = $repo->upload();
        echo json_encode($result);
        break;
}

/**
 * Small function to walk an array to attach repository ID
 * @param array $value
 * @param string $key
 * @param int $id
 */
function repository_attach_id(&$value, $key, $id){
    $value['repo_id'] = $id;
}
Commit	Line	Data
aa6c1ced	1	<?php
5bce5972	2
6f2cd52a DC	3	// This file is part of Moodle - http://moodle.org/
	4	//
	5	// Moodle is free software: you can redistribute it and/or modify
	6	// it under the terms of the GNU General Public License as published by
	7	// the Free Software Foundation, either version 3 of the License, or
	8	// (at your option) any later version.
	9	//
	10	// Moodle is distributed in the hope that it will be useful,
	11	// but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	// GNU General Public License for more details.
	14	//
	15	// You should have received a copy of the GNU General Public License
	16	// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
	17
	18
	19	/**
	20	* The Web service script that is called from the filepicker front end
	21	*
	22	* @since 2.0
	23	* @package moodlecore
	24	* @subpackage repository
	25	* @copyright 2009 Dongsheng Cai <dongsheng@moodle.com>
	26	* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
	27	*/
455860ce	28
e35194be DC	29	define('AJAX_SCRIPT', true);
e35194be DC	30
14469892 DC	31	require_once(dirname(dirname(__FILE__)).'/config.php');
	32	require_once(dirname(dirname(__FILE__)).'/lib/filelib.php');
	33	require_once(dirname(__FILE__).'/lib.php');
99eaca9d	34
9d4ef80f	35	require_login();
cf493e89	36
d0f8585d	37	/// Parameters
9d4ef80f	38	$action = optional_param('action', '', PARAM_ALPHA);
3e123368	39	$repo_id = optional_param('repo_id', 0, PARAM_INT); // Pepository ID
3e123368 DC	40	$contextid = optional_param('ctx_id', SYSCONTEXTID, PARAM_INT); // Context ID
3e123368 DC	41	$env = optional_param('env', 'filepicker', PARAM_ALPHA); // Opened in editor or moodleform
1dce6261	42	$license = optional_param('license', $CFG->sitedefaultlicense, PARAM_TEXT);
3e123368 DC	43	$author = optional_param('author', '', PARAM_TEXT); // File author
	44	$source = optional_param('source', '', PARAM_RAW); // File to download
	45	$itemid = optional_param('itemid', 0, PARAM_INT); // Itemid
	46	$page = optional_param('page', '', PARAM_RAW); // Page
	47	$maxbytes = optional_param('maxbytes', 0, PARAM_INT); // Maxbytes
	48	$req_path = optional_param('p', '', PARAM_RAW); // Path
e35194be	49	$accepted_types = optional_param('accepted_types', '*', PARAM_RAW);
3e123368 DC	50	$saveas_filename = optional_param('title', '', PARAM_FILE); // save as file name
3e123368 DC	51	$saveas_path = optional_param('savepath', '/', PARAM_PATH); // save as file path
9d4ef80f DC	52	$search_text = optional_param('s', '', PARAM_CLEANHTML);
9d4ef80f DC	53	$linkexternal = optional_param('linkexternal', '', PARAM_ALPHA);
455860ce	54
577aab9b	55	/// Headers to make it not cacheable
9d4ef80f DC	56	header('Cache-Control: no-cache, must-revalidate');
	57	header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
	58
	59	$err = new stdclass;
0eb58cf4	60
6127179b DC	61	if (!confirm_sesskey()) {
	62	$err->error = get_string('invalidsesskey');
	63	die(json_encode($err));
	64	}
	65
d0f8585d	66	/// Check permissions
9d4ef80f	67	if (! (isloggedin() && repository::check_context($contextid)) ) {
e35194be	68	$err->error = get_string('nopermissiontoaccess', 'repository');
9d4ef80f DC	69	die(json_encode($err));
9d4ef80f DC	70	}
0eb58cf4	71
3e123368 DC	72	$moodle_maxbytes = get_max_upload_file_size();
	73	// to prevent maxbytes greater than moodle maxbytes setting
	74	if ($maxbytes == 0 \|\| $maxbytes>=$moodle_maxbytes) {
	75	$maxbytes = $moodle_maxbytes;
	76	}
	77
577aab9b	78	/// Wait as long as it takes for this script to finish
9d4ef80f	79	set_time_limit(0);
577aab9b	80
9d4ef80f DC	81	// Early actions which need to be done before repository instaces initialised
	82	switch ($action) {
	83	// global search
	84	case 'gsearch':
	85	$params = array();
	86	$params['context'] = array(get_context_instance_by_id($contextid), get_system_context());
	87	$params['currentcontext'] = get_context_instance_by_id($contextid);
	88	$repos = repository::get_instances($params);
	89	$list = array();
	90	foreach($repos as $repo){
	91	if ($repo->global_search()) {
e35194be DC	92	$ret = $repo->search($search_text);
	93	array_walk($ret['list'], 'repository_attach_id', $repo->id); // See function below
	94	$tmp = array_merge($list, $ret['list']);
	95	$list = $tmp;
d0f8585d	96	}
9d4ef80f DC	97	}
	98	$listing = array('list'=>$list);
	99	$listing['gsearch'] = true;
9d4ef80f DC	100	die(json_encode($listing));
9d4ef80f DC	101	break;
d0f8585d	102
9d4ef80f DC	103	// remove the cache files & logout
	104	case 'ccache':
	105	$cache = new curl_cache;
	106	$cache->refresh();
	107	$action = 'list';
	108	break;
	109	}
d0f8585d	110
d0f8585d	111	/// Get repository instance information
9d4ef80f DC	112	$sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.
9d4ef80f DC	113	'WHERE i.id=? AND i.typeid=r.id';
d0f8585d	114
9d4ef80f	115	if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
e35194be	116	$err->error = get_string('invalidrepositoryid', 'repository');
9d4ef80f DC	117	die(json_encode($err));
	118	} else {
	119	$type = $repository->type;
	120	}
	121
e35194be DC	122	if (file_exists($CFG->dirroot.'/repository/'.$type.'/lib.php')) {
e35194be DC	123	require_once($CFG->dirroot.'/repository/'.$type.'/lib.php');
9d4ef80f	124	$classname = 'repository_' . $type;
e35194be	125	$repo = new $classname($repo_id, $contextid, array('ajax'=>true, 'name'=>$repository->name, 'type'=>$type));
a06878d3	126	} else {
e35194be	127	$err->error = get_string('invalidplugin', 'repository', $type);
9d4ef80f	128	die(json_encode($err));
a06878d3	129	}
9d4ef80f	130
d0f8585d	131	/// These actions all occur on the currently active repository instance
9d4ef80f DC	132	switch ($action) {
	133	case 'sign':
	134	case 'signin':
	135	case 'list':
	136	if ($repo->check_login()) {
e35194be DC	137	$listing = $repo->get_listing($req_path, $page);
	138	$listing['repo_id'] = $repo_id;
	139	echo json_encode($listing);
d0f8585d	140	break;
9d4ef80f DC	141	} else {
	142	$action = 'login';
	143	}
	144	case 'login':
e35194be DC	145	$listing = $repo->print_login();
	146	$listing['repo_id'] = $repo_id;
	147	echo json_encode($listing);
9d4ef80f DC	148	break;
	149	case 'logout':
	150	$logout = $repo->logout();
9d4ef80f DC	151	$logout['repo_id'] = $repo_id;
	152	echo json_encode($logout);
	153	break;
	154	case 'searchform':
e35194be	155	$search_form['form'] = $repo->print_search();
9d4ef80f DC	156	echo json_encode($search_form);
	157	break;
	158	case 'search':
e35194be DC	159	$search_result = $repo->search($search_text, (int)$page);
	160	$search_result['repo_id'] = $repo_id;
	161	$search_result['search_result'] = true;
	162	echo json_encode($search_result);
9d4ef80f DC	163	break;
9d4ef80f DC	164	case 'download':
e35194be DC	165	// validate mimetype
e35194be DC	166	$mimetypes = array();
2385e6de	167	if ((is_array($accepted_types) and in_array('', $accepted_types)) or $accepted_types == '') {
e35194be DC	168	$mimetypes = '*';
	169	} else {
	170	foreach ($accepted_types as $type) {
16f61c70	171	$mimetypes[] = mimeinfo('type', $type);
e35194be DC	172	}
e35194be DC	173	if (!in_array(mimeinfo('type', $saveas_filename), $mimetypes)) {
2385e6de	174	throw new moodle_exception('invalidfiletype', 'repository', '', mimeinfo('type', $saveas_filename));
e35194be DC	175	}
	176	}
	177
	178	// We have two special repoisitory type need to deal with
	179	// local and recent plugins don't added new files to moodle, just add new records to database
	180	// so we don't check user quota and maxbytes here
	181	if (in_array($repo->options['type'], array('local', 'recent', 'user'))) {
	182	$fileinfo = $repo->copy_to_area($source, 'draft', $itemid, $saveas_path, $saveas_filename);
	183	$info = array();
	184	$info['file'] = $fileinfo['title'];
	185	$info['id'] = $itemid;
16f61c70	186	$info['url'] = $CFG->httpswwwroot.'/draftfile.php/'.$fileinfo['contextid'].'/user/draft/'.$itemid.'/'.$fileinfo['title'];
e35194be DC	187	$filesize = $fileinfo['filesize'];
	188	if (($maxbytes!==-1) && ($filesize>$maxbytes)) {
	189	throw new file_exception('maxbytes');
	190	}
	191	echo json_encode($info);
	192	die; // ends here!!
	193	} else {
	194	$allowexternallink = (int)get_config(null, 'repositoryallowexternallinks');
	195	if (!empty($allowexternallink)) {
	196	$allowexternallink = true;
	197	} else {
	198	$allowexternallink = false;
	199	}
	200	// allow external links in url element all the time
	201	$allowexternallink = ($allowexternallink \|\| ($env == 'url'));
	202
	203	// Use link of the files
	204	if ($allowexternallink and $linkexternal === 'yes' and ($repo->supported_returntypes() & FILE_EXTERNAL)) {
	205	// use external link
	206	$link = $repo->get_link($source);
9d4ef80f	207	$info = array();
e35194be DC	208	$info['filename'] = $saveas_filename;
	209	$info['type'] = 'link';
	210	$info['url'] = $link;
acb70a9b	211	echo json_encode($info);
e35194be	212	die;
9d4ef80f	213	} else {
e35194be DC	214	// Download file to moodle
	215	$file = $repo->get_file($source, $saveas_filename);
	216	if ($file['path'] === false) {
	217	$err->error = get_string('cannotdownload', 'repository');
	218	die(json_encode($err));
99d52655	219	}
ea1780ad	220
e35194be DC	221	// check if exceed maxbytes
	222	if (($maxbytes!==-1) && (filesize($file['path']) > $maxbytes)) {
	223	throw new file_exception('maxbytes');
	224	}
14469892	225
e35194be DC	226	// check if exceed user quota
	227	$userquota = file_get_user_used_space();
	228	if (filesize($file['path'])+$userquota>=(int)$CFG->userquota) {
	229	throw new file_exception('userquotalimit');
	230	}
ea1780ad	231
e35194be DC	232	$record = new stdclass;
	233	$record->filepath = $saveas_path;
	234	$record->filename = $saveas_filename;
	235	$record->component = 'user';
	236	$record->filearea = 'draft';
	237	$record->itemid = $itemid;
14469892	238
e35194be DC	239	if (!empty($file['license'])) {
	240	$record->license = $file['license'];
	241	} else {
	242	$record->license = $license;
	243	}
	244	if (!empty($file['author'])) {
	245	$record->author = $file['author'];
	246	} else {
	247	$record->author = $author;
	248	}
	249	$record->source = !empty($file['url']) ? $file['url'] : '';
1dce6261	250
e35194be DC	251	$info = repository::move_to_filepool($file['path'], $record);
	252	if (empty($info)) {
	253	$info['e'] = get_string('error', 'moodle');
acb70a9b	254	}
e35194be DC	255	echo json_encode($info);
e35194be DC	256	die;
9d4ef80f	257	}
9d4ef80f DC	258	}
	259	break;
	260	case 'upload':
e35194be DC	261	$result = $repo->upload();
e35194be DC	262	echo json_encode($result);
9d4ef80f DC	263	break;
9d4ef80f DC	264	}
d0f8585d	265
	266	/**
	267	* Small function to walk an array to attach repository ID
9d4ef80f DC	268	* @param array $value
	269	* @param string $key
	270	* @param int $id
d0f8585d	271	*/
	272	function repository_attach_id(&$value, $key, $id){
	273	$value['repo_id'] = $id;
0eb58cf4	274	}