mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-17 15:03:25 +00:00
949bf06cac
Conflicts: CHANGELOG.md bin/console bin/developer bin/setup bower.json composer.json composer.lock features/bootstrap/FeatureContext.php features/bootstrap/GuiContext.php lib/Alchemy/Phrasea/Authentication/Token/TokenValidator.php lib/Alchemy/Phrasea/Command/BuildMissingSubdefs.php lib/Alchemy/Phrasea/Command/CreateCollection.php lib/Alchemy/Phrasea/Command/Developer/JavascriptBuilder.php lib/Alchemy/Phrasea/Controller/Admin/Collection.php lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php lib/Alchemy/Phrasea/Controller/Admin/TaskManager.php lib/Alchemy/Phrasea/Controller/Api/V1.php lib/Alchemy/Phrasea/Controller/Client/Baskets.php lib/Alchemy/Phrasea/Controller/Client/Root.php lib/Alchemy/Phrasea/Controller/Prod/Basket.php lib/Alchemy/Phrasea/Controller/Prod/Export.php lib/Alchemy/Phrasea/Controller/Prod/Property.php lib/Alchemy/Phrasea/Controller/Prod/Records.php lib/Alchemy/Phrasea/Controller/Prod/Tools.php lib/Alchemy/Phrasea/Controller/Prod/Upload.php lib/Alchemy/Phrasea/Controller/Root/Login.php lib/Alchemy/Phrasea/Controller/Thesaurus/Thesaurus.php lib/Alchemy/Phrasea/Core/Event/ApiLoadEndEvent.php lib/Alchemy/Phrasea/Core/Event/ApiLoadStartEvent.php lib/Alchemy/Phrasea/Core/Provider/TaskManagerServiceProvider.php lib/Alchemy/Phrasea/Core/Version.php lib/Alchemy/Phrasea/Exception/XMLParseErrorException.php lib/Alchemy/Phrasea/Helper/DatabaseHelper.php lib/Alchemy/Phrasea/Helper/User/Edit.php lib/Alchemy/Phrasea/SearchEngine/Phrasea/PhraseaEngine.php lib/Alchemy/Phrasea/SearchEngine/SearchEngineOptions.php lib/Doctrine/Entities/AuthFailure.php lib/Doctrine/Entities/Basket.php lib/Doctrine/Entities/BasketElement.php lib/Doctrine/Entities/LazaretAttribute.php lib/Doctrine/Entities/LazaretCheck.php lib/Doctrine/Entities/LazaretFile.php lib/Doctrine/Entities/LazaretSession.php lib/Doctrine/Entities/Session.php lib/Doctrine/Entities/SessionModule.php lib/Doctrine/Entities/StoryWZ.php lib/Doctrine/Entities/UsrList.php lib/Doctrine/Entities/UsrListEntry.php lib/Doctrine/Entities/UsrListOwner.php lib/Doctrine/Entities/ValidationData.php lib/Doctrine/Entities/ValidationParticipant.php lib/Doctrine/Entities/ValidationSession.php lib/Doctrine/Logger/MonologSQLLogger.php lib/Doctrine/Repositories/BasketRepository.php lib/Doctrine/Repositories/ValidationParticipantRepository.php lib/Doctrine/Types/Binary.php lib/Doctrine/Types/Blob.php lib/Doctrine/Types/Enum.php lib/Doctrine/Types/LongBlob.php lib/Doctrine/Types/VarBinary.php lib/classes/API/OAuth2/Account.php lib/classes/API/OAuth2/Application.php lib/classes/API/OAuth2/Application/OfficePlugin.php lib/classes/API/OAuth2/AuthCode.php lib/classes/API/OAuth2/RefreshToken.php lib/classes/API/OAuth2/Token.php lib/classes/API/V1/Abstract.php lib/classes/API/V1/Interface.php lib/classes/API/V1/adapter.php lib/classes/API/V1/exception/abstract.php lib/classes/API/V1/exception/badrequest.php lib/classes/API/V1/exception/forbidden.php lib/classes/API/V1/exception/internalservererror.php lib/classes/API/V1/exception/maintenance.php lib/classes/API/V1/exception/methodnotallowed.php lib/classes/API/V1/exception/notfound.php lib/classes/API/V1/exception/unauthorized.php lib/classes/API/V1/result.php lib/classes/Exception/Feed/EntryNotFound.php lib/classes/Exception/Feed/ItemNotFound.php lib/classes/Exception/Feed/PublisherNotFound.php lib/classes/Feed/Abstract.php lib/classes/Feed/Adapter.php lib/classes/Feed/Aggregate.php lib/classes/Feed/Collection.php lib/classes/Feed/CollectionInterface.php lib/classes/Feed/Entry/Adapter.php lib/classes/Feed/Entry/Collection.php lib/classes/Feed/Entry/CollectionInterface.php lib/classes/Feed/Entry/Interface.php lib/classes/Feed/Entry/Item.php lib/classes/Feed/Entry/ItemInterface.php lib/classes/Feed/Interface.php lib/classes/Feed/Link.php lib/classes/Feed/LinkInterface.php lib/classes/Feed/Publisher/Adapter.php lib/classes/Feed/Publisher/Interface.php lib/classes/Feed/Token.php lib/classes/Feed/TokenAggregate.php lib/classes/Feed/XML/Abstract.php lib/classes/Feed/XML/Atom.php lib/classes/Feed/XML/Cooliris.php lib/classes/Feed/XML/Interface.php lib/classes/Feed/XML/RSS.php lib/classes/Feed/XML/RSS/Image.php lib/classes/Feed/XML/RSS/ImageInterface.php lib/classes/User/Adapter.php lib/classes/User/Interface.php lib/classes/appbox/register.php lib/classes/connection.php lib/classes/connection/abstract.php lib/classes/connection/interface.php lib/classes/connection/pdo.php lib/classes/connection/pdoStatementDebugger.php lib/classes/deprecated/countries.php lib/classes/deprecated/inscript.api.php lib/classes/eventsmanager/event/test.php lib/classes/ftpclient.php lib/classes/http/request.php lib/classes/media/subdef.php lib/classes/module/console/schedulerStart.php lib/classes/module/console/schedulerState.php lib/classes/module/console/schedulerStop.php lib/classes/module/console/taskState.php lib/classes/module/console/tasklist.php lib/classes/module/console/taskrun.php lib/classes/patch/320alpha4b.php lib/classes/patch/3715alpha1a.php lib/classes/patch/379alpha1a.php lib/classes/patch/380alpha10a.php lib/classes/patch/380alpha11a.php lib/classes/patch/380alpha13a.php lib/classes/patch/380alpha14a.php lib/classes/patch/380alpha15a.php lib/classes/patch/380alpha16a.php lib/classes/patch/380alpha17a.php lib/classes/patch/380alpha18a.php lib/classes/patch/380alpha3a.php lib/classes/patch/380alpha4a.php lib/classes/patch/380alpha6a.php lib/classes/patch/380alpha8a.php lib/classes/patch/380alpha9a.php lib/classes/patch/381alpha1b.php lib/classes/patch/381alpha2a.php lib/classes/patch/381alpha3a.php lib/classes/patch/381alpha4a.php lib/classes/patch/383alpha1a.php lib/classes/patch/383alpha2a.php lib/classes/patch/383alpha3a.php lib/classes/patch/383alpha4a.php lib/classes/record/adapter.php lib/classes/record/preview.php lib/classes/recordutils.php lib/classes/recordutils/audio.php lib/classes/recordutils/document.php lib/classes/recordutils/map.php lib/classes/recordutils/video.php lib/classes/registry.php lib/classes/registryInterface.php lib/classes/set/order.php lib/classes/system/url.php lib/classes/task/Scheduler.php lib/classes/task/appboxAbstract.php lib/classes/task/databoxAbstract.php lib/classes/task/manager.php lib/classes/task/period/RecordMover.php lib/classes/task/period/apibridge.php lib/classes/task/period/apiwebhooks.php lib/classes/task/period/archive.php lib/classes/task/period/cindexer.php lib/classes/task/period/emptyColl.php lib/classes/task/period/ftp.php lib/classes/task/period/ftpPull.php lib/classes/task/period/subdef.php lib/classes/task/period/test.php lib/classes/task/period/writemeta.php lib/conf.d/PhraseaFixture/AbstractWZ.php lib/conf.d/PhraseaFixture/Basket/LoadFiveBaskets.php lib/conf.d/PhraseaFixture/Basket/LoadOneBasket.php lib/conf.d/PhraseaFixture/Basket/LoadOneBasketEnv.php lib/conf.d/PhraseaFixture/Lazaret/LoadOneFile.php lib/conf.d/PhraseaFixture/Story/LoadOneStory.php lib/conf.d/PhraseaFixture/UsrLists/ListAbstract.php lib/conf.d/PhraseaFixture/UsrLists/UsrList.php lib/conf.d/PhraseaFixture/UsrLists/UsrListEntry.php lib/conf.d/PhraseaFixture/UsrLists/UsrListOwner.php lib/conf.d/PhraseaFixture/ValidationParticipant/LoadOneParticipant.php lib/conf.d/PhraseaFixture/ValidationParticipant/LoadParticipantWithSession.php lib/conf.d/PhraseaFixture/ValidationSession/LoadOneValidationSession.php templates/web/admin/collection/collection.html.twig templates/web/common/dialog_export.html.twig templates/web/common/menubar.html.twig templates/web/prod/actions/Tools/index.html.twig templates/web/prod/index.html.twig templates/web/prod/upload/upload-flash.html.twig templates/web/prod/upload/upload.html.twig templates/web/report/report_layout_child.html.twig templates/web/setup/step2.html.twig templates/web/thesaurus/new-synonym-dialog.html.twig templates/web/thesaurus/properties.html.twig templates/web/thesaurus/search.html.twig tests/Alchemy/Tests/Phrasea/Application/ApiAbstract.php tests/Alchemy/Tests/Phrasea/Cache/FactoryTest.php tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php tests/Alchemy/Tests/Phrasea/Controller/Client/RootTest.php
331 lines
12 KiB
PHP
331 lines
12 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of Phraseanet
|
|
*
|
|
* (c) 2005-2015 Alchemy
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Alchemy\Phrasea\Controller\Prod;
|
|
|
|
use Alchemy\Phrasea\Border\File;
|
|
use Alchemy\Phrasea\Border\Attribute\Status;
|
|
use Alchemy\Phrasea\Core\Event\LazaretEvent;
|
|
use Alchemy\Phrasea\Core\Event\RecordEdit;use Alchemy\Phrasea\Core\PhraseaEvents;
|
|
use DataURI\Parser;
|
|
use DataURI\Exception\Exception as DataUriException;
|
|
use Alchemy\Phrasea\Model\Entities\LazaretSession;
|
|
use Silex\Application;
|
|
use Silex\ControllerProviderInterface;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
use Symfony\Component\HttpFoundation\File\UploadedFile;
|
|
use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
|
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
|
|
|
class Upload implements ControllerProviderInterface
|
|
{
|
|
/**
|
|
* Connect the ControllerCollection to the Silex Application
|
|
*
|
|
* @param Application $app A silex application
|
|
* @return \Silex\ControllerCollection
|
|
*/
|
|
public function connect(Application $app)
|
|
{
|
|
$app['controller.prod.upload'] = $this;
|
|
|
|
$controllers = $app['controllers_factory'];
|
|
|
|
$app['firewall']->addMandatoryAuthentication($controllers);
|
|
|
|
$controllers->before(function (Request $request) use ($app) {
|
|
$app['firewall']->requireRight('addrecord');
|
|
});
|
|
|
|
$controllers->get('/', 'controller.prod.upload:getUploadForm')
|
|
->bind('upload_form');
|
|
|
|
$controllers->get('/flash-version/', 'controller.prod.upload:getFlashUploadForm')
|
|
->bind('upload_flash_form');
|
|
$controllers->get('/html5-version/', $this->call('getHtml5UploadForm'))
|
|
->bind('upload_html5_form');
|
|
|
|
$controllers->post('/', 'controller.prod.upload:upload')
|
|
->bind('upload');
|
|
|
|
return $controllers;
|
|
}
|
|
|
|
/**
|
|
* Render the flash upload form
|
|
*
|
|
* @param Application $app A Silex application
|
|
* @param Request $request The current request
|
|
*
|
|
* @return Response
|
|
*/
|
|
public function getFlashUploadForm(Application $app, Request $request)
|
|
{
|
|
$maxFileSize = $this->getUploadMaxFileSize();
|
|
|
|
return $app['twig']->render(
|
|
'prod/upload/upload-flash.html.twig', array(
|
|
'sessionId' => session_id(),
|
|
'collections' => $this->getGrantedCollections($app['authentication']->getUser()),
|
|
'maxFileSize' => $maxFileSize,
|
|
'maxFileSizeReadable' => \p4string::format_octets($maxFileSize)
|
|
));
|
|
}
|
|
|
|
public function getHtml5UploadForm(Application $app, Request $request)
|
|
{
|
|
$maxFileSize = $this->getUploadMaxFileSize();
|
|
|
|
return $app['twig']->render(
|
|
'prod/upload/upload.html.twig', array(
|
|
'sessionId' => session_id(),
|
|
'collections' => $this->getGrantedCollections($app['authentication']->getUser()),
|
|
'maxFileSize' => $maxFileSize,
|
|
'maxFileSizeReadable' => \p4string::format_octets($maxFileSize)
|
|
));
|
|
}
|
|
|
|
/**
|
|
* Render the html upload form
|
|
*
|
|
* @param Application $app A Silex application
|
|
* @param Request $request The current request
|
|
*
|
|
* @return Response
|
|
*/
|
|
public function getUploadForm(Application $app, Request $request)
|
|
{
|
|
$maxFileSize = $this->getUploadMaxFileSize();
|
|
|
|
return $app['twig']->render(
|
|
'prod/upload/upload.html.twig', [
|
|
'collections' => $this->getGrantedCollections($app['acl']->get($app['authentication']->getUser())),
|
|
'maxFileSize' => $maxFileSize,
|
|
'maxFileSizeReadable' => \p4string::format_octets($maxFileSize)
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Upload processus
|
|
*
|
|
* @param Application $app The Silex application
|
|
* @param Request $request The current request
|
|
*
|
|
* parameters : 'bas_id' int (mandatory) : The id of the destination collection
|
|
* 'status' array (optional) : The status to set to new uploaded files
|
|
* 'attributes' array (optional) : Attributes id's to attach to the uploaded files
|
|
* 'forceBehavior' int (optional) : Force upload behavior
|
|
* - 0 Force record
|
|
* - 1 Force lazaret
|
|
*
|
|
* @return Response
|
|
*/
|
|
public function upload(Application $app, Request $request)
|
|
{
|
|
$datas = [
|
|
'success' => false,
|
|
'code' => null,
|
|
'message' => '',
|
|
'element' => '',
|
|
'reasons' => [],
|
|
'id' => '',
|
|
];
|
|
|
|
if (null === $request->files->get('files')) {
|
|
throw new BadRequestHttpException('Missing file parameter');
|
|
}
|
|
|
|
if (count($request->files->get('files')) > 1) {
|
|
throw new BadRequestHttpException('Upload is limited to 1 file per request');
|
|
}
|
|
|
|
$base_id = $request->request->get('base_id');
|
|
|
|
if (!$base_id) {
|
|
throw new BadRequestHttpException('Missing base_id parameter');
|
|
}
|
|
|
|
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($base_id, 'canaddrecord')) {
|
|
throw new AccessDeniedHttpException('User is not allowed to add record on this collection');
|
|
}
|
|
|
|
$file = current($request->files->get('files'));
|
|
|
|
if (!$file->isValid()) {
|
|
throw new BadRequestHttpException('Uploaded file is invalid');
|
|
}
|
|
|
|
try {
|
|
// Add file extension, so mediavorus can guess file type for octet-stream file
|
|
$uploadedFilename = $file->getRealPath();
|
|
$renamedFilename = $file->getRealPath() . '.' . pathinfo($file->getClientOriginalName(), PATHINFO_EXTENSION);
|
|
|
|
$app['filesystem']->rename($uploadedFilename, $renamedFilename);
|
|
|
|
$media = $app['mediavorus']->guess($renamedFilename);
|
|
$collection = \collection::get_from_base_id($app, $base_id);
|
|
|
|
$lazaretSession = new LazaretSession();
|
|
$lazaretSession->setUser($app['authentication']->getUser());
|
|
|
|
$app['EM']->persist($lazaretSession);
|
|
|
|
$packageFile = new File($app, $media, $collection, $file->getClientOriginalName());
|
|
|
|
$postStatus = $request->request->get('status');
|
|
|
|
if (isset($postStatus[$collection->get_base_id()]) && is_array($postStatus[$collection->get_base_id()])) {
|
|
$postStatus = $postStatus[$collection->get_base_id()];
|
|
|
|
$status = '';
|
|
foreach (range(0, 31) as $i) {
|
|
$status .= isset($postStatus[$i]) ? ($postStatus[$i] ? '1' : '0') : '0';
|
|
}
|
|
$packageFile->addAttribute(new Status($app, strrev($status)));
|
|
}
|
|
|
|
$forceBehavior = $request->request->get('forceAction');
|
|
|
|
$reasons = [];
|
|
$elementCreated = null;
|
|
|
|
$callback = function ($element, $visa, $code) use ($app, &$reasons, &$elementCreated) {
|
|
foreach ($visa->getResponses() as $response) {
|
|
if (!$response->isOk()) {
|
|
$reasons[] = $response->getMessage($app['translator']);
|
|
}
|
|
}
|
|
|
|
$elementCreated = $element;
|
|
};
|
|
|
|
$code = $app['border-manager']->process(
|
|
$lazaretSession, $packageFile, $callback, $forceBehavior
|
|
);
|
|
|
|
$app['filesystem']->rename($renamedFilename, $uploadedFilename);
|
|
|
|
if (!!$forceBehavior) {
|
|
$reasons = [];
|
|
}
|
|
|
|
if ($elementCreated instanceof \record_adapter) {
|
|
$id = $elementCreated->get_serialize_key();
|
|
$element = 'record';
|
|
$message = $app->trans('The record was successfully created');
|
|
$app['phraseanet.SE']->addRecord($elementCreated);
|
|
|
|
$app['dispatcher']->dispatch(PhraseaEvents::RECORD_UPLOAD, new RecordEdit($elementCreated));
|
|
|
|
// try to create thumbnail from data URI
|
|
if ('' !== $b64Image = $request->request->get('b64_image', '')) {
|
|
try {
|
|
$dataUri = Parser::parse($b64Image);
|
|
|
|
$fileName = $app['temporary-filesystem']->createTemporaryFile('base_64_thumb', null, "png");
|
|
file_put_contents($fileName, $dataUri->getData());
|
|
$media = $app['mediavorus']->guess($fileName);
|
|
$app['subdef.substituer']->substitute($elementCreated, 'thumbnail', $media);
|
|
$app['phraseanet.logger']($elementCreated->get_databox())->log(
|
|
$elementCreated,
|
|
\Session_Logger::EVENT_SUBSTITUTE,
|
|
'thumbnail',
|
|
''
|
|
);
|
|
|
|
unset($media);
|
|
$app['temporary-filesystem']->clean('base_64_thumb');
|
|
} catch (DataUriException $e) {
|
|
|
|
}
|
|
}
|
|
} else {
|
|
$app['dispatcher']->dispatch(PhraseaEvents::LAZARET_CREATE, new LazaretEvent($elementCreated));
|
|
|
|
$id = $elementCreated->getId();
|
|
$element = 'lazaret';
|
|
$message = $app->trans('The file was moved to the quarantine');
|
|
}
|
|
|
|
$datas = [
|
|
'success' => true,
|
|
'code' => $code,
|
|
'message' => $message,
|
|
'element' => $element,
|
|
'reasons' => $reasons,
|
|
'id' => $id,
|
|
];
|
|
} catch (\Exception $e) {
|
|
$datas['message'] = $app->trans('Unable to add file to Phraseanet');
|
|
}
|
|
|
|
$response = $app->json($datas);
|
|
// IE 7 and 8 does not correctly handle json response in file API
|
|
// lets send them an html content-type header
|
|
$response->headers->set('Content-type', 'text/html');
|
|
|
|
return $response;
|
|
}
|
|
|
|
/**
|
|
* Get current user's granted collections where he can upload
|
|
*
|
|
* @param \ACL $acl The user's ACL.
|
|
*
|
|
* @return array
|
|
*/
|
|
private function getGrantedCollections(\ACL $acl)
|
|
{
|
|
$collections = [];
|
|
|
|
foreach ($acl->get_granted_base(['canaddrecord']) as $collection) {
|
|
$databox = $collection->get_databox();
|
|
|
|
if ( ! isset($collections[$databox->get_sbas_id()])) {
|
|
$collections[$databox->get_sbas_id()] = [
|
|
'databox' => $databox,
|
|
'databox_collections' => []
|
|
];
|
|
}
|
|
|
|
$collections[$databox->get_sbas_id()]['databox_collections'][] = $collection;
|
|
}
|
|
|
|
return $collections;
|
|
}
|
|
|
|
/**
|
|
* Get POST max file size
|
|
*
|
|
* @return integer
|
|
*/
|
|
private function getUploadMaxFileSize()
|
|
{
|
|
$postMaxSize = trim(ini_get('post_max_size'));
|
|
|
|
if ('' === $postMaxSize) {
|
|
$postMaxSize = PHP_INT_MAX;
|
|
}
|
|
|
|
switch (strtolower(substr($postMaxSize, -1))) {
|
|
case 'g':
|
|
$postMaxSize *= 1024;
|
|
case 'm':
|
|
$postMaxSize *= 1024;
|
|
case 'k':
|
|
$postMaxSize *= 1024;
|
|
}
|
|
|
|
return min(UploadedFile::getMaxFilesize(), (int) $postMaxSize);
|
|
}
|
|
}
|