Ejemplo n.º 1
0
 /**
  * Downloads a tarball of the site configuration.
  */
 public function downloadExport()
 {
     $session = \Drupal::request()->getSession();
     if (isset($session)) {
         $archive_name = $session->get('features_download');
         $request = new Request(array('file' => $archive_name));
         return $this->fileDownloadController->download($request, 'temporary');
     }
 }
Ejemplo n.º 2
0
 /**
  * Downloads a tarball of the site configuration.
  *
  * @param string $uri
  *   The URI to download.
  * @param \Symfony\Component\HttpFoundation\Request $request
  *   The request.
  *
  * @return \Symfony\Component\HttpFoundation\BinaryFileResponse
  *   The downloaded file.
  */
 public function downloadExport($uri, Request $request)
 {
     if ($uri) {
         // @todo Simplify once https://www.drupal.org/node/2630920 is solved.
         if (!$this->csrfToken->validate($request->query->get('token'), $uri)) {
             throw new AccessDeniedHttpException();
         }
         $request = new Request(array('file' => $uri));
         return $this->fileDownloadController->download($request, 'temporary');
     }
 }
Ejemplo n.º 3
0
 /**
  * Downloads a tarball of the site configuration.
  */
 public function downloadExport()
 {
     file_unmanaged_delete(file_directory_temp() . '/config.tar.gz');
     $archiver = new ArchiveTar(file_directory_temp() . '/config.tar.gz', 'gz');
     // Get raw configuration data without overrides.
     foreach ($this->configManager->getConfigFactory()->listAll() as $name) {
         $archiver->addString("{$name}.yml", Yaml::encode($this->configManager->getConfigFactory()->get($name)->getRawData()));
     }
     // Get all override data from the remaining collections.
     foreach ($this->targetStorage->getAllCollectionNames() as $collection) {
         $collection_storage = $this->targetStorage->createCollection($collection);
         foreach ($collection_storage->listAll() as $name) {
             $archiver->addString(str_replace('.', '/', $collection) . "/{$name}.yml", Yaml::encode($collection_storage->read($name)));
         }
     }
     $request = new Request(array('file' => 'config.tar.gz'));
     return $this->fileDownloadController->download($request, 'temporary');
 }
Ejemplo n.º 4
0
 /**
  * Generates a derivative, given a style and image path.
  *
  * After generating an image, transfer it to the requesting agent.
  *
  * @param \Symfony\Component\HttpFoundation\Request $request
  *   The request object.
  * @param string $scheme
  *   The file scheme, defaults to 'private'.
  * @param \Drupal\image\ImageStyleInterface $image_style
  *   The image style to deliver.
  *
  * @return \Symfony\Component\HttpFoundation\BinaryFileResponse|\Symfony\Component\HttpFoundation\Response
  *   The transferred file as response or some error response.
  *
  * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
  *   Thrown when the user does not have access to the file.
  * @throws \Symfony\Component\HttpKernel\Exception\ServiceUnavailableHttpException
  *   Thrown when the file is still being generated.
  */
 public function deliver(Request $request, $scheme, ImageStyleInterface $image_style)
 {
     $target = $request->query->get('file');
     $image_uri = $scheme . '://' . $target;
     // Check that the style is defined, the scheme is valid, and the image
     // derivative token is valid. Sites which require image derivatives to be
     // generated without a token can set the
     // 'image.settings:allow_insecure_derivatives' configuration to TRUE to
     // bypass the latter check, but this will increase the site's vulnerability
     // to denial-of-service attacks. To prevent this variable from leaving the
     // site vulnerable to the most serious attacks, a token is always required
     // when a derivative of a style is requested.
     // The $target variable for a derivative of a style has
     // styles/<style_name>/... as structure, so we check if the $target variable
     // starts with styles/.
     $valid = !empty($image_style) && file_stream_wrapper_valid_scheme($scheme);
     if (!$this->config('image.settings')->get('allow_insecure_derivatives') || strpos(ltrim($target, '\\/'), 'styles/') === 0) {
         $valid &= $request->query->get(IMAGE_DERIVATIVE_TOKEN) === $image_style->getPathToken($image_uri);
     }
     if (!$valid) {
         throw new AccessDeniedHttpException();
     }
     $derivative_uri = $image_style->buildUri($image_uri);
     $headers = array();
     // If using the private scheme, let other modules provide headers and
     // control access to the file.
     if ($scheme == 'private') {
         if (file_exists($derivative_uri)) {
             return parent::download($request, $scheme);
         } else {
             $headers = $this->moduleHandler()->invokeAll('file_download', array($image_uri));
             if (in_array(-1, $headers) || empty($headers)) {
                 throw new AccessDeniedHttpException();
             }
         }
     }
     // Don't try to generate file if source is missing.
     if (!file_exists($image_uri)) {
         // If the image style converted the extension, it has been added to the
         // original file, resulting in filenames like image.png.jpeg. So to find
         // the actual source image, we remove the extension and check if that
         // image exists.
         $path_info = pathinfo($image_uri);
         $converted_image_uri = $path_info['dirname'] . DIRECTORY_SEPARATOR . $path_info['filename'];
         if (!file_exists($converted_image_uri)) {
             $this->logger->notice('Source image at %source_image_path not found while trying to generate derivative image at %derivative_path.', array('%source_image_path' => $image_uri, '%derivative_path' => $derivative_uri));
             return new Response($this->t('Error generating image, missing source file.'), 404);
         } else {
             // The converted file does exist, use it as the source.
             $image_uri = $converted_image_uri;
         }
     }
     // Don't start generating the image if the derivative already exists or if
     // generation is in progress in another thread.
     $lock_name = 'image_style_deliver:' . $image_style->id() . ':' . Crypt::hashBase64($image_uri);
     if (!file_exists($derivative_uri)) {
         $lock_acquired = $this->lock->acquire($lock_name);
         if (!$lock_acquired) {
             // Tell client to retry again in 3 seconds. Currently no browsers are
             // known to support Retry-After.
             throw new ServiceUnavailableHttpException(3, $this->t('Image generation in progress. Try again shortly.'));
         }
     }
     // Try to generate the image, unless another thread just did it while we
     // were acquiring the lock.
     $success = file_exists($derivative_uri) || $image_style->createDerivative($image_uri, $derivative_uri);
     if (!empty($lock_acquired)) {
         $this->lock->release($lock_name);
     }
     if ($success) {
         $image = $this->imageFactory->get($derivative_uri);
         $uri = $image->getSource();
         $headers += array('Content-Type' => $image->getMimeType(), 'Content-Length' => $image->getFileSize());
         // \Drupal\Core\EventSubscriber\FinishResponseSubscriber::onRespond()
         // sets response as not cacheable if the Cache-Control header is not
         // already modified. We pass in FALSE for non-private schemes for the
         // $public parameter to make sure we don't change the headers.
         return new BinaryFileResponse($uri, 200, $headers, $scheme !== 'private');
     } else {
         $this->logger->notice('Unable to generate the derived image located at %path.', array('%path' => $derivative_uri));
         return new Response($this->t('Error generating image.'), 500);
     }
 }
 /**
  * Generates a derivative, given a style and image path.
  *
  * After generating an image, transfer it to the requesting agent.
  *
  * @param \Symfony\Component\HttpFoundation\Request $request
  *   The request object.
  * @param string $scheme
  *   The file scheme, defaults to 'private'.
  * @param \Drupal\image\ImageStyleInterface $image_style
  *   The image style to deliver.
  *
  * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
  *   Thrown when the user does not have access to the file.
  * @throws \Symfony\Component\HttpKernel\Exception\ServiceUnavailableHttpException
  *   Thrown when the file is still being generated.
  *
  * @return \Symfony\Component\HttpFoundation\BinaryFileResponse|\Symfony\Component\HttpFoundation\Response
  *   The transferred file as response or some error response.
  */
 public function deliver(Request $request, $scheme, ImageStyleInterface $image_style)
 {
     $target = $request->query->get('file');
     $image_uri = $scheme . '://' . $target;
     // Check that the style is defined, the scheme is valid, and the image
     // derivative token is valid. Sites which require image derivatives to be
     // generated without a token can set the
     // 'image.settings:allow_insecure_derivatives' configuration to TRUE to
     // bypass the latter check, but this will increase the site's vulnerability
     // to denial-of-service attacks.
     $valid = !empty($image_style) && file_stream_wrapper_valid_scheme($scheme);
     if (!$this->config('image.settings')->get('allow_insecure_derivatives')) {
         $valid &= $request->query->get(IMAGE_DERIVATIVE_TOKEN) === $image_style->getPathToken($image_uri);
     }
     if (!$valid) {
         throw new AccessDeniedHttpException();
     }
     $derivative_uri = $image_style->buildUri($image_uri);
     $headers = array();
     // If using the private scheme, let other modules provide headers and
     // control access to the file.
     if ($scheme == 'private') {
         if (file_exists($derivative_uri)) {
             return parent::download($request, $scheme);
         } else {
             $headers = $this->moduleHandler()->invokeAll('file_download', array($image_uri));
             if (in_array(-1, $headers) || empty($headers)) {
                 throw new AccessDeniedHttpException();
             }
         }
     }
     // Don't try to generate file if source is missing.
     if (!file_exists($image_uri)) {
         watchdog('image', 'Source image at %source_image_path not found while trying to generate derivative image at %derivative_path.', array('%source_image_path' => $image_uri, '%derivative_path' => $derivative_uri));
         return new Response($this->t('Error generating image, missing source file.'), 404);
     }
     // Don't start generating the image if the derivative already exists or if
     // generation is in progress in another thread.
     $lock_name = 'image_style_deliver:' . $image_style->id() . ':' . Crypt::hashBase64($image_uri);
     if (!file_exists($derivative_uri)) {
         $lock_acquired = $this->lock->acquire($lock_name);
         if (!$lock_acquired) {
             // Tell client to retry again in 3 seconds. Currently no browsers are
             // known to support Retry-After.
             throw new ServiceUnavailableHttpException(3, $this->t('Image generation in progress. Try again shortly.'));
         }
     }
     // Try to generate the image, unless another thread just did it while we
     // were acquiring the lock.
     $success = file_exists($derivative_uri) || $image_style->createDerivative($image_uri, $derivative_uri);
     if (!empty($lock_acquired)) {
         $this->lock->release($lock_name);
     }
     if ($success) {
         drupal_page_is_cacheable(FALSE);
         $image = $this->imageFactory->get($derivative_uri);
         $uri = $image->getSource();
         $headers += array('Content-Type' => $image->getMimeType(), 'Content-Length' => $image->getFileSize());
         return new BinaryFileResponse($uri, 200, $headers);
     } else {
         watchdog('image', 'Unable to generate the derived image located at %path.', array('%path' => $derivative_uri));
         return new Response($this->t('Error generating image.'), 500);
     }
 }