[moodle.git] / repository / repository_ajax.php

<?php

// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.


/**
 * The Web service script that is called from the filepicker front end
 *
 * @since 2.0
 * @package moodlecore
 * @subpackage repository
 * @copyright 2009 Dongsheng Cai <dongsheng@moodle.com>
 * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */

    require_once('../config.php');
    require_once('../lib/filelib.php');
    require_once('lib.php');

    require_login();

/// Parameters
    $action    = optional_param('action', '', PARAM_ALPHA);
    $repo_id   = optional_param('repo_id', 1, PARAM_INT);           // repository ID
    $callback  = optional_param('callback', '', PARAM_CLEANHTML);
    $client_id = optional_param('client_id', SITEID, PARAM_RAW);    // client ID
    $contextid = optional_param('ctx_id', SITEID, PARAM_INT);       // context ID
    $env       = optional_param('env', 'filepicker', PARAM_ALPHA);  // opened in editor or moodleform
    $file      = optional_param('file', '', PARAM_RAW);             // file to download
    $itemid    = optional_param('itemid', 0, PARAM_INT);
    $title     = optional_param('title', '', PARAM_FILE);           // new file name
    $page      = optional_param('page', '', PARAM_RAW);             // page
    $maxbytes  = optional_param('maxbytes', -1, PARAM_INT);           // repository ID
    $req_path  = optional_param('p', '', PARAM_RAW);                // path
    $save_path = optional_param('savepath', '/', PARAM_PATH);
    $save_filearea = optional_param('filearea', 'user_draft', PARAM_TEXT);
    $search_text   = optional_param('s', '', PARAM_CLEANHTML);
    $linkexternal = optional_param('linkexternal', '', PARAM_ALPHA);

/// Headers to make it not cacheable
    header("Cache-Control: no-cache, must-revalidate");
    header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
    $err = new stdclass;
    $err->client_id = $client_id;

/// Check permissions
    if (! (isloggedin() && repository::check_context($contextid)) ) {
        $err->e = get_string('nopermissiontoaccess', 'repository');
        die(json_encode($err));
    }

/// Wait as long as it takes for this script to finish
    set_time_limit(0);

/// Check for actions that do not need repository ID
    switch ($action) {
        case 'gsearch': //  Global Search
            $params = array();
            $params['context'] = array(get_context_instance_by_id($contextid), get_system_context());
            $params['currentcontext'] = get_context_instance_by_id($contextid);
            $repos = repository::get_instances($params);
            $list = array();
            foreach($repos as $repo){
                if ($repo->global_search()) {
                    try {
                        $ret = $repo->search($search_text);
                        array_walk($ret['list'], 'repository_attach_id', $repo->id);  // See function below
                        $tmp = array_merge($list, $ret['list']);
                        $list = $tmp;
                    } catch (repository_exception $e) {
                        $err->e = $e->getMessage();
                        die(json_encode($err));
                    }
                }
            }
            $listing = array('list'=>$list);
            $listing['gsearch'] = true;
            $listing['client_id'] = $client_id;
            die(json_encode($listing));
            break;

        case 'ccache':      // Clean cache
            $cache = new curl_cache;
            $cache->refresh();
            $action = 'list';
            break;
    }

/// Get repository instance information
    $sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.
           'WHERE i.id=? AND i.typeid=r.id';
    if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
        $err->e = get_string('invalidrepositoryid', 'repository');
        die(json_encode($err));
    } else {
        $type = $repository->type;
    }

    if (file_exists($CFG->dirroot.'/repository/'.$type.'/repository.class.php')) {
        require_once($CFG->dirroot.'/repository/'.$type.'/repository.class.php');
        $classname = 'repository_' . $type;
        try {
            $repo = new $classname($repo_id, $contextid, array('ajax'=>true, 'name'=>$repository->name, 'type'=>$type, 'client_id'=>$client_id));
        } catch (repository_exception $e){
            $err->e = $e->getMessage();
            die(json_encode($err));
        }
    } else {
        $err->e = get_string('invalidplugin', 'repository', $type);
        die(json_encode($err));
    }

    if (!empty($callback)) {
        // call opener window to refresh repository
        // the callback url should be something like this:
        // http://xx.moodle.com/repository/repository_ajax.php?callback=yes&repo_id=1&sid=xxx
        // sid is the attached auth token from external source
        // If Moodle is working on HTTPS mode, then we are not allowed to access
        // parent window, in this case, we need to alert user to refresh the repository
        // manually.
        $strhttpsbug = get_string('cannotaccessparentwin', 'repository');
        $strrefreshnonjs = get_string('refreshnonjsfilepicker', 'repository');
        $js  =<<<EOD
<html><head>
<script type="text/javascript">
if(window.opener){
    window.opener.M.core_filepicker.active_filepicker.list();
    window.close();
} else {
    alert("{$strhttpsbug }");
}
</script>
<body>
<noscript>
    {$strrefreshnonjs}
</noscript>
</body>
</html>
EOD;
        echo $js;
        die;
    }


/// These actions all occur on the currently active repository instance
    switch ($action) {
        case 'sign':
        case 'signin':
        case 'list':
            if ($repo->check_login()) {
                try {
                    $listing = $repo->get_listing($req_path, $page);
                    $listing['client_id'] = $client_id;
                    $listing['repo_id'] = $repo_id;
                    echo json_encode($listing);
                } catch (repository_exception $e) {
                    $err->e = $e->getMessage();
                    die(json_encode($err));
                }
                break;
            } else {
                $action = 'login';
            }
        case 'login':
            try {
                $listing = $repo->print_login();
                $listing['client_id'] = $client_id;
                $listing['repo_id'] = $repo_id;
                echo json_encode($listing);
            } catch (repository_exception $e){
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'logout':
            $logout = $repo->logout();
            $logout['client_id'] = $client_id;
            $logout['repo_id'] = $repo_id;
            echo json_encode($logout);
            break;
        case 'searchform':
            $search_form['form'] = $repo->print_search($client_id);
            $search_form['client_id'] = $client_id;
            echo json_encode($search_form);
            break;
        case 'search':
            try {
                $search_result = $repo->search($search_text, (int)$page);
                $search_result['client_id'] = $client_id;
                $search_result['repo_id'] = $repo_id;
                $search_result['search_result'] = true;
                echo json_encode($search_result);
            } catch (repository_exception $e) {
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'download':
            try {
                // we have two special repoisitory type need to deal with
                if ($repo->options['type'] == 'local') {
                    $fileinfo = $repo->move_to_draft($file, $title, $itemid, $save_path);
                    $info = array();
                    $info['client_id'] = $client_id;
                    $info['file'] = $fileinfo['title'];
                    $info['id'] = $itemid;
                    $info['url'] = $CFG->httpswwwroot.'/draftfile.php/'.$fileinfo['contextid'].'/user_draft/'.$itemid.'/'.$fileinfo['title'];
                    $filesize = $fileinfo['filesize'];
                    if (($maxbytes!==-1) && ($filesize > $maxbytes)) {
                        $fileinfo->delete();
                        throw new file_exception('maxbytes');
                    }
                    die(json_encode($info));
                }

                $allowexternallink = (int)get_config(null, 'repositoryallowexternallinks');
                if (!empty($allowexternallink)) {
                    $allowexternallink = true;
                } else {
                    $allowexternallink = false;
                }
                // allow external links in url element all the time
                $allowexternallink = ($allowexternallink || ($env == 'url'));

                if ($allowexternallink and $linkexternal === 'yes' and ($repo->supported_returntypes() || FILE_EXTERNAL)) {
                    try {
                        $link = $repo->get_link($file);
                    } catch (repository_exception $e){
                    }
                    $info = array();
                    $info['filename'] = $title;
                    $info['type'] = 'link';
                    $info['url'] = $link;
                    die(json_encode($info));
                }

                // get the file location
                $filepath = $repo->get_file($file, $title, $itemid, $save_path);
                if ($filepath === false) {
                    $err->e = get_string('cannotdownload', 'repository');
                    die(json_encode($err));
                }
                if (($maxbytes!==-1) && (filesize($filepath) > $maxbytes)) {
                    throw new file_exception('maxbytes');
                }
                $info = repository::move_to_filepool($filepath, $title, $itemid, $save_path, $save_filearea);
                if (empty($info)) {
                    $info['e'] = get_string('error', 'moodle');
                }
                echo json_encode($info);
            } catch (repository_exception $e){
                $err->e = $e->getMessage();
                die(json_encode($err));
            } catch (Exception $e) {
                $err->e = $e->getMessage();
                die(json_encode($err));
            }
            break;
        case 'upload':
            try {
                $result = $repo->upload($maxbytes);
                $result['client_id'] = $client_id;
                echo json_encode($result);
            } catch (Exception $e){
                $err->e = $e->getMessage();
                $err->client_id = $client_id;
                die(json_encode($err));
            }
            break;
    }

/**
 * Small function to walk an array to attach repository ID
 */
function repository_attach_id(&$value, $key, $id){
    $value['repo_id'] = $id;
}
Commit	Line	Data
aa6c1ced	1	<?php
5bce5972	2
6f2cd52a DC	3	// This file is part of Moodle - http://moodle.org/
	4	//
	5	// Moodle is free software: you can redistribute it and/or modify
	6	// it under the terms of the GNU General Public License as published by
	7	// the Free Software Foundation, either version 3 of the License, or
	8	// (at your option) any later version.
	9	//
	10	// Moodle is distributed in the hope that it will be useful,
	11	// but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	// GNU General Public License for more details.
	14	//
	15	// You should have received a copy of the GNU General Public License
	16	// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
	17
	18
	19	/**
	20	* The Web service script that is called from the filepicker front end
	21	*
	22	* @since 2.0
	23	* @package moodlecore
	24	* @subpackage repository
	25	* @copyright 2009 Dongsheng Cai <dongsheng@moodle.com>
	26	* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
	27	*/
455860ce	28
d0f8585d	29	require_once('../config.php');
	30	require_once('../lib/filelib.php');
	31	require_once('lib.php');
99eaca9d	32
d1bfc05e	33	require_login();
cf493e89	34
d0f8585d	35	/// Parameters
6f2cd52a	36	$action = optional_param('action', '', PARAM_ALPHA);
99eaca9d	37	$repo_id = optional_param('repo_id', 1, PARAM_INT); // repository ID
add6e27d	38	$callback = optional_param('callback', '', PARAM_CLEANHTML);
e189ec00	39	$client_id = optional_param('client_id', SITEID, PARAM_RAW); // client ID
a560785f	40	$contextid = optional_param('ctx_id', SITEID, PARAM_INT); // context ID
6f2cd52a DC	41	$env = optional_param('env', 'filepicker', PARAM_ALPHA); // opened in editor or moodleform
6f2cd52a DC	42	$file = optional_param('file', '', PARAM_RAW); // file to download
539d4041	43	$itemid = optional_param('itemid', 0, PARAM_INT);
6f2cd52a DC	44	$title = optional_param('title', '', PARAM_FILE); // new file name
6f2cd52a DC	45	$page = optional_param('page', '', PARAM_RAW); // page
494bf5c8	46	$maxbytes = optional_param('maxbytes', -1, PARAM_INT); // repository ID
a560785f	47	$req_path = optional_param('p', '', PARAM_RAW); // path
e5fa0e8d	48	$save_path = optional_param('savepath', '/', PARAM_PATH);
539d4041	49	$save_filearea = optional_param('filearea', 'user_draft', PARAM_TEXT);
6f2cd52a	50	$search_text = optional_param('s', '', PARAM_CLEANHTML);
99eaca9d	51	$linkexternal = optional_param('linkexternal', '', PARAM_ALPHA);
455860ce	52
577aab9b	53	/// Headers to make it not cacheable
	54	header("Cache-Control: no-cache, must-revalidate");
	55	header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
e189ec00	56	$err = new stdclass;
e189ec00	57	$err->client_id = $client_id;
0eb58cf4	58
d0f8585d	59	/// Check permissions
add6e27d	60	if (! (isloggedin() && repository::check_context($contextid)) ) {
d0f8585d	61	$err->e = get_string('nopermissiontoaccess', 'repository');
3570711a	62	die(json_encode($err));
bf1fccf0	63	}
0eb58cf4	64
577aab9b	65	/// Wait as long as it takes for this script to finish
	66	set_time_limit(0);
	67
d0f8585d	68	/// Check for actions that do not need repository ID
d0f8585d	69	switch ($action) {
6f2cd52a DC	70	case 'gsearch': // Global Search
	71	$params = array();
	72	$params['context'] = array(get_context_instance_by_id($contextid), get_system_context());
	73	$params['currentcontext'] = get_context_instance_by_id($contextid);
	74	$repos = repository::get_instances($params);
d0f8585d	75	$list = array();
	76	foreach($repos as $repo){
	77	if ($repo->global_search()) {
	78	try {
353d5cf3	79	$ret = $repo->search($search_text);
d0f8585d	80	array_walk($ret['list'], 'repository_attach_id', $repo->id); // See function below
	81	$tmp = array_merge($list, $ret['list']);
	82	$list = $tmp;
	83	} catch (repository_exception $e) {
d0f8585d	84	$err->e = $e->getMessage();
	85	die(json_encode($err));
	86	}
	87	}
	88	}
e189ec00	89	$listing = array('list'=>$list);
fc3ec2ca	90	$listing['gsearch'] = true;
e189ec00	91	$listing['client_id'] = $client_id;
e189ec00	92	die(json_encode($listing));
d0f8585d	93	break;
	94
	95	case 'ccache': // Clean cache
e189ec00	96	$cache = new curl_cache;
d0f8585d	97	$cache->refresh();
	98	$action = 'list';
	99	break;
cf493e89	100	}
d0f8585d	101
	102	/// Get repository instance information
	103	$sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i '.
b7bad38b	104	'WHERE i.id=? AND i.typeid=r.id';
b7bad38b	105	if (!$repository = $DB->get_record_sql($sql, array($repo_id))) {
d0f8585d	106	$err->e = get_string('invalidrepositoryid', 'repository');
fbd508b4	107	die(json_encode($err));
d0f8585d	108	} else {
d0f8585d	109	$type = $repository->type;
fbd508b4	110	}
d0f8585d	111
	112	if (file_exists($CFG->dirroot.'/repository/'.$type.'/repository.class.php')) {
	113	require_once($CFG->dirroot.'/repository/'.$type.'/repository.class.php');
	114	$classname = 'repository_' . $type;
	115	try {
41076c58	116	$repo = new $classname($repo_id, $contextid, array('ajax'=>true, 'name'=>$repository->name, 'type'=>$type, 'client_id'=>$client_id));
d0f8585d	117	} catch (repository_exception $e){
d0f8585d	118	$err->e = $e->getMessage();
d0f8585d	119	die(json_encode($err));
bf1fccf0	120	}
d0f8585d	121	} else {
3a90e17e	122	$err->e = get_string('invalidplugin', 'repository', $type);
bf1fccf0	123	die(json_encode($err));
5bce5972	124	}
d0f8585d	125
	126	if (!empty($callback)) {
	127	// call opener window to refresh repository
	128	// the callback url should be something like this:
644e3ad4	129	// http://xx.moodle.com/repository/repository_ajax.php?callback=yes&repo_id=1&sid=xxx
d0f8585d	130	// sid is the attached auth token from external source
a06878d3	131	// If Moodle is working on HTTPS mode, then we are not allowed to access
	132	// parent window, in this case, we need to alert user to refresh the repository
	133	// manually.
d1bfc05e	134	$strhttpsbug = get_string('cannotaccessparentwin', 'repository');
d1bfc05e	135	$strrefreshnonjs = get_string('refreshnonjsfilepicker', 'repository');
d0f8585d	136	$js =<<<EOD
5e98ab96	137	<html><head>
5e98ab96	138	<script type="text/javascript">
a06878d3	139	if(window.opener){
539d4041	140	window.opener.M.core_filepicker.active_filepicker.list();
d0f8585d	141	window.close();
a06878d3	142	} else {
d1bfc05e	143	alert("{$strhttpsbug }");
a06878d3	144	}
5e98ab96	145	</script>
	146	<body>
	147	<noscript>
99eaca9d	148	{$strrefreshnonjs}
5e98ab96	149	</noscript>
	150	</body>
	151	</html>
d0f8585d	152	EOD;
	153	echo $js;
	154	die;
bf1fccf0	155	}
d0f8585d	156
	157
	158	/// These actions all occur on the currently active repository instance
	159	switch ($action) {
d68c527f	160	case 'sign':
99eaca9d	161	case 'signin':
d68c527f	162	case 'list':
	163	if ($repo->check_login()) {
	164	try {
e189ec00	165	$listing = $repo->get_listing($req_path, $page);
	166	$listing['client_id'] = $client_id;
	167	$listing['repo_id'] = $repo_id;
	168	echo json_encode($listing);
d68c527f	169	} catch (repository_exception $e) {
d68c527f	170	$err->e = $e->getMessage();
	171	die(json_encode($err));
	172	}
	173	break;
	174	} else {
	175	$action = 'login';
	176	}
d0f8585d	177	case 'login':
d0f8585d	178	try {
e189ec00	179	$listing = $repo->print_login();
	180	$listing['client_id'] = $client_id;
	181	$listing['repo_id'] = $repo_id;
	182	echo json_encode($listing);
d0f8585d	183	} catch (repository_exception $e){
d0f8585d	184	$err->e = $e->getMessage();
	185	die(json_encode($err));
	186	}
	187	break;
d68c527f	188	case 'logout':
e189ec00	189	$logout = $repo->logout();
e189ec00	190	$logout['client_id'] = $client_id;
870f4b56	191	$logout['repo_id'] = $repo_id;
e189ec00	192	echo json_encode($logout);
d68c527f	193	break;
d68c527f	194	case 'searchform':
d1bfc05e	195	$search_form['form'] = $repo->print_search($client_id);
b763c2d9	196	$search_form['client_id'] = $client_id;
b763c2d9	197	echo json_encode($search_form);
d68c527f	198	break;
d0f8585d	199	case 'search':
d0f8585d	200	try {
99eaca9d	201	$search_result = $repo->search($search_text, (int)$page);
e189ec00	202	$search_result['client_id'] = $client_id;
e189ec00	203	$search_result['repo_id'] = $repo_id;
99eaca9d	204	$search_result['search_result'] = true;
6ecf0dfa	205	echo json_encode($search_result);
d0f8585d	206	} catch (repository_exception $e) {
d0f8585d	207	$err->e = $e->getMessage();
	208	die(json_encode($err));
	209	}
	210	break;
d0f8585d	211	case 'download':
d0f8585d	212	try {
41076c58	213	// we have two special repoisitory type need to deal with
0f8b3f08	214	if ($repo->options['type'] == 'local') {
41076c58	215	$fileinfo = $repo->move_to_draft($file, $title, $itemid, $save_path);
add6e27d	216	$info = array();
	217	$info['client_id'] = $client_id;
	218	$info['file'] = $fileinfo['title'];
	219	$info['id'] = $itemid;
	220	$info['url'] = $CFG->httpswwwroot.'/draftfile.php/'.$fileinfo['contextid'].'/user_draft/'.$itemid.'/'.$fileinfo['title'];
6926df75	221	$filesize = $fileinfo['filesize'];
494bf5c8 DC	222	if (($maxbytes!==-1) && ($filesize > $maxbytes)) {
	223	$fileinfo->delete();
	224	throw new file_exception('maxbytes');
	225	}
41076c58 DC	226	die(json_encode($info));
	227	}
	228
99d52655 DC	229	$allowexternallink = (int)get_config(null, 'repositoryallowexternallinks');
	230	if (!empty($allowexternallink)) {
	231	$allowexternallink = true;
	232	} else {
	233	$allowexternallink = false;
	234	}
	235	// allow external links in url element all the time
	236	$allowexternallink = ($allowexternallink \|\| ($env == 'url'));
	237
99eaca9d	238	if ($allowexternallink and $linkexternal === 'yes' and ($repo->supported_returntypes() \|\| FILE_EXTERNAL)) {
99d52655 DC	239	try {
	240	$link = $repo->get_link($file);
	241	} catch (repository_exception $e){
	242	}
	243	$info = array();
99eaca9d	244	$info['filename'] = $title;
99d52655 DC	245	$info['type'] = 'link';
	246	$info['url'] = $link;
	247	die(json_encode($info));
	248	}
	249
494bf5c8	250	// get the file location
41076c58 DC	251	$filepath = $repo->get_file($file, $title, $itemid, $save_path);
	252	if ($filepath === false) {
	253	$err->e = get_string('cannotdownload', 'repository');
	254	die(json_encode($err));
d0f8585d	255	}
494bf5c8 DC	256	if (($maxbytes!==-1) && (filesize($filepath) > $maxbytes)) {
	257	throw new file_exception('maxbytes');
	258	}
539d4041	259	$info = repository::move_to_filepool($filepath, $title, $itemid, $save_path, $save_filearea);
99eaca9d DC	260	if (empty($info)) {
	261	$info['e'] = get_string('error', 'moodle');
	262	}
41076c58	263	echo json_encode($info);
d0f8585d	264	} catch (repository_exception $e){
d0f8585d	265	$err->e = $e->getMessage();
	266	die(json_encode($err));
	267	} catch (Exception $e) {
d0f8585d	268	$err->e = $e->getMessage();
	269	die(json_encode($err));
	270	}
	271	break;
	272	case 'upload':
	273	try {
8a3e6a56	274	$result = $repo->upload($maxbytes);
7d9cb3b5 DC	275	$result['client_id'] = $client_id;
	276	echo json_encode($result);
	277	} catch (Exception $e){
d0f8585d	278	$err->e = $e->getMessage();
7d9cb3b5	279	$err->client_id = $client_id;
d0f8585d	280	die(json_encode($err));
	281	}
	282	break;
5a3b9db9	283	}
d0f8585d	284
	285	/**
	286	* Small function to walk an array to attach repository ID
	287	*/
	288	function repository_attach_id(&$value, $key, $id){
	289	$value['repo_id'] = $id;
0eb58cf4	290	}