navigation MDL-21996 Added permission and check permission icons
[moodle.git] / repository / repository_ajax.php
CommitLineData
aa6c1ced 1<?php
5bce5972 2
6f2cd52a
DC
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18
19/**
20 * The Web service script that is called from the filepicker front end
21 *
22 * @since 2.0
23 * @package moodlecore
24 * @subpackage repository
25 * @copyright 2009 Dongsheng Cai <dongsheng@moodle.com>
26 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
27 */
455860ce 28
14469892
DC
29require_once(dirname(dirname(__FILE__)).'/config.php');
30require_once(dirname(dirname(__FILE__)).'/lib/filelib.php');
31require_once(dirname(__FILE__).'/lib.php');
99eaca9d 32
9d4ef80f 33require_login();
cf493e89 34
d0f8585d 35/// Parameters
9d4ef80f 36$action = optional_param('action', '', PARAM_ALPHA);
f8df83f3 37$repo_id = optional_param('repo_id', 0, PARAM_INT); // repository ID
9d4ef80f 38$callback = optional_param('callback', '', PARAM_CLEANHTML);
d10c92f3
DC
39$client_id = optional_param('client_id', '', PARAM_RAW); // client ID
40$contextid = optional_param('ctx_id', SYSCONTEXTID, PARAM_INT); // context ID
9d4ef80f 41$env = optional_param('env', 'filepicker', PARAM_ALPHA); // opened in editor or moodleform
1dce6261
DC
42$license = optional_param('license', $CFG->sitedefaultlicense, PARAM_TEXT);
43$author = optional_param('author', '', PARAM_TEXT);
14469892 44$source = optional_param('source', '', PARAM_RAW); // file to download
9d4ef80f 45$itemid = optional_param('itemid', 0, PARAM_INT);
9d4ef80f 46$page = optional_param('page', '', PARAM_RAW); // page
b8cea715 47$maxbytes = optional_param('maxbytes', 0, PARAM_INT);
9d4ef80f 48$req_path = optional_param('p', '', PARAM_RAW); // path
14469892
DC
49$saveas_filearea = optional_param('filearea', 'user_draft', PARAM_TEXT);
50$saveas_filename = optional_param('title', '', PARAM_FILE); // new file name
7e4944c8 51$saveas_path = optional_param('savepath', '/', PARAM_PATH);
9d4ef80f
DC
52$search_text = optional_param('s', '', PARAM_CLEANHTML);
53$linkexternal = optional_param('linkexternal', '', PARAM_ALPHA);
455860ce 54
577aab9b 55/// Headers to make it not cacheable
9d4ef80f
DC
56header('Cache-Control: no-cache, must-revalidate');
57header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
58
59$err = new stdclass;
60$err->client_id = $client_id;
0eb58cf4 61
b8cea715
DC
62if ($maxbytes == 0) {
63 $maxbytes = get_max_upload_file_size();
64}
65
d0f8585d 66/// Check permissions
9d4ef80f
DC
67if (! (isloggedin() && repository::check_context($contextid)) ) {
68 $err->e = get_string('nopermissiontoaccess', 'repository');
69 die(json_encode($err));
70}
0eb58cf4 71
577aab9b 72/// Wait as long as it takes for this script to finish
9d4ef80f 73set_time_limit(0);
577aab9b 74
9d4ef80f
DC
75// Early actions which need to be done before repository instaces initialised
76switch ($action) {
77 // global search
78 case 'gsearch':
79 $params = array();
80 $params['context'] = array(get_context_instance_by_id($contextid), get_system_context());
81 $params['currentcontext'] = get_context_instance_by_id($contextid);
82 $repos = repository::get_instances($params);
83 $list = array();
84 foreach($repos as $repo){
85 if ($repo->global_search()) {
86 try {
87 $ret = $repo->search($search_text);
88 array_walk($ret['list'], 'repository_attach_id', $repo->id); // See function below
89 $tmp = array_merge($list, $ret['list']);
90 $list = $tmp;
91 } catch (repository_exception $e) {
92 $err->e = $e->getMessage();
93 die(json_encode($err));
d0f8585d 94 }
95 }
9d4ef80f
DC
96 }
97 $listing = array('list'=>$list);
98 $listing['gsearch'] = true;
99 $listing['client_id'] = $client_id;
100 die(json_encode($listing));
101 break;
d0f8585d 102
9d4ef80f
DC
103 // remove the cache files & logout
104 case 'ccache':
105 $cache = new curl_cache;
106 $cache->refresh();
107 $action = 'list';
108 break;
109}
d0f8585d 110
111/// Get repository instance information
9d4ef80f
DC
112$sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.
113 'WHERE i.id=? AND i.typeid=r.id';
d0f8585d 114
9d4ef80f
DC
115if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
116 $err->e = get_string('invalidrepositoryid', 'repository');
117 die(json_encode($err));
118} else {
119 $type = $repository->type;
120}
121
122if (file_exists($CFG->dirroot.'/repository/'.$type.'/repository.class.php')) {
123 require_once($CFG->dirroot.'/repository/'.$type.'/repository.class.php');
124 $classname = 'repository_' . $type;
125 try {
126 $repo = new $classname($repo_id, $contextid, array('ajax'=>true, 'name'=>$repository->name, 'type'=>$type, 'client_id'=>$client_id));
127 } catch (repository_exception $e){
128 $err->e = $e->getMessage();
bf1fccf0 129 die(json_encode($err));
5bce5972 130 }
a06878d3 131} else {
9d4ef80f
DC
132 $err->e = get_string('invalidplugin', 'repository', $type);
133 die(json_encode($err));
a06878d3 134}
9d4ef80f
DC
135
136
137if (!empty($callback)) {
138 // call opener window to refresh repository
139 // the callback url should be something like this:
140 // http://xx.moodle.com/repository/repository_ajax.php?callback=yes&repo_id=1&sid=xxx
141 // sid is the attached auth token from external source
142 // If Moodle is working on HTTPS mode, then we are not allowed to access
143 // parent window, in this case, we need to alert user to refresh the repository
144 // manually.
145 $strhttpsbug = get_string('cannotaccessparentwin', 'repository');
146 $strrefreshnonjs = get_string('refreshnonjsfilepicker', 'repository');
147 $js =<<<EOD
148<html>
149<head>
150 <script type="text/javascript">
151 if(window.opener){
152 window.opener.M.core_filepicker.active_filepicker.list();
153 window.close();
154 } else {
155 alert("{$strhttpsbug }");
156 }
157 </script>
158</head>
5e98ab96 159<body>
9d4ef80f 160 <noscript>
99eaca9d 161 {$strrefreshnonjs}
9d4ef80f 162 </noscript>
5e98ab96 163</body>
164</html>
d0f8585d 165EOD;
9d4ef80f
DC
166 die($js);
167}
d0f8585d 168
169/// These actions all occur on the currently active repository instance
9d4ef80f
DC
170switch ($action) {
171 case 'sign':
172 case 'signin':
173 case 'list':
174 if ($repo->check_login()) {
d0f8585d 175 try {
9d4ef80f 176 $listing = $repo->get_listing($req_path, $page);
e189ec00 177 $listing['client_id'] = $client_id;
178 $listing['repo_id'] = $repo_id;
179 echo json_encode($listing);
d0f8585d 180 } catch (repository_exception $e) {
d0f8585d 181 $err->e = $e->getMessage();
182 die(json_encode($err));
183 }
184 break;
9d4ef80f
DC
185 } else {
186 $action = 'login';
187 }
188 case 'login':
189 try {
190 $listing = $repo->print_login();
191 $listing['client_id'] = $client_id;
192 $listing['repo_id'] = $repo_id;
193 echo json_encode($listing);
194 } catch (repository_exception $e){
195 $err->e = $e->getMessage();
196 die(json_encode($err));
197 }
198 break;
199 case 'logout':
200 $logout = $repo->logout();
201 $logout['client_id'] = $client_id;
202 $logout['repo_id'] = $repo_id;
203 echo json_encode($logout);
204 break;
205 case 'searchform':
206 $search_form['form'] = $repo->print_search($client_id);
207 $search_form['client_id'] = $client_id;
208 echo json_encode($search_form);
209 break;
210 case 'search':
211 try {
212 $search_result = $repo->search($search_text, (int)$page);
213 $search_result['client_id'] = $client_id;
214 $search_result['repo_id'] = $repo_id;
215 $search_result['search_result'] = true;
216 echo json_encode($search_result);
217 } catch (repository_exception $e) {
218 $err->e = $e->getMessage();
219 die(json_encode($err));
220 }
221 break;
222 case 'download':
223 try {
224 // we have two special repoisitory type need to deal with
7f288e50 225 if ($repo->options['type'] == 'local' || $repo->options['type'] == 'recent' ) {
c7e4621e 226 // saveas_filearea
acb70a9b 227 try {
c7e4621e 228 $fileinfo = $repo->copy_to_area($source, $saveas_filearea, $itemid, $saveas_path, $saveas_filename);
acb70a9b
DC
229 } catch (Exception $e) {
230 throw $e;
231 }
9d4ef80f
DC
232 $info = array();
233 $info['client_id'] = $client_id;
234 $info['file'] = $fileinfo['title'];
235 $info['id'] = $itemid;
236 $info['url'] = $CFG->httpswwwroot.'/draftfile.php/'.$fileinfo['contextid'].'/user_draft/'.$itemid.'/'.$fileinfo['title'];
237 $filesize = $fileinfo['filesize'];
acb70a9b 238 if (($maxbytes!==-1) && ($filesize>$maxbytes)) {
dd64051e 239 throw new file_exception('maxbytes');
41076c58 240 }
acb70a9b
DC
241 echo json_encode($info);
242 die; // ends here!!
9d4ef80f 243 } else {
acb70a9b
DC
244 $allowexternallink = (int)get_config(null, 'repositoryallowexternallinks');
245 if (!empty($allowexternallink)) {
246 $allowexternallink = true;
247 } else {
248 $allowexternallink = false;
99d52655 249 }
acb70a9b
DC
250 // allow external links in url element all the time
251 $allowexternallink = ($allowexternallink || ($env == 'url'));
99d52655 252
acb70a9b
DC
253 if ($allowexternallink and $linkexternal === 'yes' and ($repo->supported_returntypes() || FILE_EXTERNAL)) {
254 // use external link
255 try {
256 $link = $repo->get_link($source);
257 } catch (repository_exception $e){
258 }
259 $info = array();
260 $info['filename'] = $saveas_filename;
261 $info['type'] = 'link';
262 $info['url'] = $link;
263 echo json_encode($info);
264 die;
265 } else {
266 // get the file location
267 $file = $repo->get_file($source, $saveas_filename);
268 if ($file['path'] === false) {
269 $err->e = get_string('cannotdownload', 'repository');
270 die(json_encode($err));
271 }
acb70a9b 272 if (($maxbytes!==-1) && (filesize($file['path']) > $maxbytes)) {
dd64051e 273 throw new file_exception('maxbytes');
acb70a9b 274 }
14469892 275
acb70a9b
DC
276 $record = new stdclass;
277 $record->filepath = $saveas_path;
278 $record->filename = $saveas_filename;
279 $record->filearea = $saveas_filearea;
280 $record->itemid = $itemid;
14469892 281
acb70a9b
DC
282 if (!empty($file['license'])) {
283 $record->license = $file['license'];
284 } else {
285 $record->license = $license;
286 }
287 if (!empty($file['author'])) {
288 $record->author = $file['author'];
289 } else {
290 $record->author = $author;
291 }
292 $record->source = !empty($file['url']) ? $file['url'] : '';
1dce6261 293
acb70a9b
DC
294 $info = repository::move_to_filepool($file['path'], $record);
295 if (empty($info)) {
296 $info['e'] = get_string('error', 'moodle');
297 }
298 echo json_encode($info);
299 die;
300 }
9d4ef80f 301 }
9d4ef80f
DC
302 } catch (repository_exception $e){
303 $err->e = $e->getMessage();
304 die(json_encode($err));
305 } catch (Exception $e) {
306 $err->e = $e->getMessage();
307 die(json_encode($err));
308 }
309 break;
310 case 'upload':
311 try {
1dce6261 312 $result = $repo->upload();
9d4ef80f
DC
313 $result['client_id'] = $client_id;
314 echo json_encode($result);
315 } catch (Exception $e){
316 $err->e = $e->getMessage();
317 $err->client_id = $client_id;
318 die(json_encode($err));
319 }
320 break;
321}
d0f8585d 322
323/**
324 * Small function to walk an array to attach repository ID
9d4ef80f
DC
325 * @param array $value
326 * @param string $key
327 * @param int $id
d0f8585d 328 */
329function repository_attach_id(&$value, $key, $id){
330 $value['repo_id'] = $id;
0eb58cf4 331}