コード例 #1
0
ファイル: URI.inc.php プロジェクト: robinpaulson/dataserver
 public static function getLibraryURI($libraryID, $skipNames = false)
 {
     $libraryType = Zotero_Libraries::getType($libraryID);
     switch ($libraryType) {
         case 'user':
             $id = Zotero_Users::getUserIDFromLibraryID($libraryID);
             return self::getUserURI($id, $skipNames);
         case 'group':
             $id = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
             $group = Zotero_Groups::get($id);
             return self::getGroupURI($group, $skipNames);
     }
 }
コード例 #2
0
ファイル: URI.inc.php プロジェクト: selenus/dataserver
 public static function getLibraryURI($libraryID, $www = false, $useSlug = false)
 {
     $libraryType = Zotero_Libraries::getType($libraryID);
     switch ($libraryType) {
         case 'user':
             $id = Zotero_Users::getUserIDFromLibraryID($libraryID);
             return self::getUserURI($id, $www, $useSlug);
         case 'publications':
             $id = Zotero_Users::getUserIDFromLibraryID($libraryID);
             return self::getUserURI($id, $www, $useSlug) . "/publications";
         case 'group':
             $id = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
             $group = Zotero_Groups::get($id);
             return self::getGroupURI($group, $www, $useSlug);
         default:
             throw new Exception("Invalid library type '{$libraryType}'");
     }
 }
コード例 #3
0
ファイル: API.inc.php プロジェクト: juego11/dataserver
 public static function getLibraryURI($libraryID)
 {
     $libraryType = Zotero_Libraries::getType($libraryID);
     switch ($libraryType) {
         case 'user':
             $id = Zotero_Users::getUserIDFromLibraryID($libraryID);
             return self::getBaseURI() . "users/{$id}";
         case 'publications':
             $id = Zotero_Users::getUserIDFromLibraryID($libraryID);
             return self::getBaseURI() . "users/{$id}/publications";
         case 'group':
             $id = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
             return self::getBaseURI() . "groups/{$id}";
         default:
             throw new Exception("Invalid library type '{$libraryType}'");
     }
 }
コード例 #4
0
ファイル: S3.inc.php プロジェクト: robinpaulson/dataserver
 public static function getUserUsage($userID)
 {
     $usage = array();
     $libraryID = Zotero_Users::getLibraryIDFromUserID($userID);
     $sql = "SELECT SUM(size) AS bytes FROM storageFileItems\n\t\t\t\tJOIN items USING (itemID) WHERE libraryID=?";
     $libraryBytes = Zotero_DB::valueQuery($sql, $libraryID, Zotero_Shards::getByLibraryID($libraryID));
     $usage['library'] = round($libraryBytes / 1024 / 1024, 1);
     $groupBytes = 0;
     $usage['groups'] = array();
     $ownedLibraries = Zotero_Groups::getUserOwnedGroupLibraries($userID);
     if ($ownedLibraries) {
         $shardIDs = Zotero_Groups::getUserGroupShards($userID);
         foreach ($shardIDs as $shardID) {
             $sql = "SELECT libraryID, SUM(size) AS `bytes` FROM storageFileItems\n\t\t\t\t\t\tJOIN items I USING (itemID)\n\t\t\t\t\t\tWHERE libraryID IN\n\t\t\t\t\t\t(" . implode(', ', array_fill(0, sizeOf($ownedLibraries), '?')) . ")\n\t\t\t\t\t\tGROUP BY libraryID WITH ROLLUP";
             $libraries = Zotero_DB::query($sql, $ownedLibraries, $shardID);
             if ($libraries) {
                 foreach ($libraries as $library) {
                     if ($library['libraryID']) {
                         $usage['groups'][] = array('id' => Zotero_Groups::getGroupIDFromLibraryID($library['libraryID']), 'usage' => round($library['bytes'] / 1024 / 1024, 1));
                     } else {
                         $groupBytes += $library['bytes'];
                     }
                 }
             }
         }
     }
     $usage['total'] = round(($libraryBytes + $groupBytes) / 1024 / 1024, 1);
     return $usage;
 }
コード例 #5
0
 /**
  * Handle S3 request
  *
  * Permission-checking provided by items()
  */
 private function _handleFileRequest($item)
 {
     if (!$this->permissions->canAccess($this->objectLibraryID, 'files')) {
         $this->e403();
     }
     $this->allowMethods(array('HEAD', 'GET', 'POST', 'PATCH'));
     if (!$item->isAttachment()) {
         $this->e400("Item is not an attachment");
     }
     // File info for client sync
     //
     // Use of HEAD method is deprecated after 2.0.8/2.1b1 due to
     // compatibility problems with proxies and security software
     if ($this->method == 'HEAD' || $this->method == 'GET' && $this->fileMode == 'info') {
         $info = Zotero_S3::getLocalFileItemInfo($item);
         if (!$info) {
             $this->e404();
         }
         /*
         header("Last-Modified: " . gmdate('r', $info['uploaded']));
         header("Content-Type: " . $info['type']);
         */
         header("Content-Length: " . $info['size']);
         header("ETag: " . $info['hash']);
         header("X-Zotero-Filename: " . $info['filename']);
         header("X-Zotero-Modification-Time: " . $info['mtime']);
         header("X-Zotero-Compressed: " . ($info['zip'] ? 'Yes' : 'No'));
         header_remove("X-Powered-By");
     } else {
         if ($this->method == 'GET' || $this->method == 'POST' && $this->fileView) {
             if ($this->fileView) {
                 $info = Zotero_S3::getLocalFileItemInfo($item);
                 if (!$info) {
                     $this->e404();
                 }
                 // For zip files, redirect to files domain
                 if ($info['zip']) {
                     $url = Zotero_Attachments::getTemporaryURL($item, !empty($_GET['int']));
                     if (!$url) {
                         $this->e500();
                     }
                     header("Location: {$url}");
                     exit;
                 }
             }
             // For single files, redirect to S3
             $url = Zotero_S3::getDownloadURL($item, 60);
             if (!$url) {
                 $this->e404();
             }
             Zotero_S3::logDownload($item, $this->userID, IPAddress::getIP());
             header("Location: {$url}");
             exit;
         } else {
             if ($this->method == 'POST' || $this->method == 'PATCH') {
                 if (!$item->isImportedAttachment()) {
                     $this->e400("Cannot upload file for linked file/URL attachment item");
                 }
                 $libraryID = $item->libraryID;
                 $type = Zotero_Libraries::getType($libraryID);
                 if ($type == 'group') {
                     $groupID = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
                     $group = Zotero_Groups::get($groupID);
                     if (!$group->userCanEditFiles($this->userID)) {
                         $this->e403("You do not have file editing access");
                     }
                 } else {
                     $group = null;
                 }
                 // If not the client, require If-Match or If-None-Match
                 if (!$this->httpAuth) {
                     if (empty($_SERVER['HTTP_IF_MATCH']) && empty($_SERVER['HTTP_IF_NONE_MATCH'])) {
                         $this->e428("If-Match/If-None-Match header not provided");
                     }
                     if (!empty($_SERVER['HTTP_IF_MATCH'])) {
                         if (!preg_match('/^"?([a-f0-9]{32})"?$/', $_SERVER['HTTP_IF_MATCH'], $matches)) {
                             $this->e400("Invalid ETag in If-Match header");
                         }
                         if (!$item->attachmentStorageHash) {
                             $info = Zotero_S3::getLocalFileItemInfo($item);
                             $this->e412("ETag set but file does not exist");
                         }
                         if ($item->attachmentStorageHash != $matches[1]) {
                             $this->e412("ETag does not match current version of file");
                         }
                     } else {
                         if ($_SERVER['HTTP_IF_NONE_MATCH'] != "*") {
                             $this->e400("Invalid value for If-None-Match header");
                         }
                         if ($this->attachmentStorageHash) {
                             $this->e412("If-None-Match: * set but file exists");
                         }
                     }
                 }
                 //
                 // Upload authorization
                 //
                 if (!isset($_POST['update']) && !isset($_REQUEST['upload'])) {
                     $info = new Zotero_StorageFileInfo();
                     // Validate upload metadata
                     if (empty($_REQUEST['md5'])) {
                         $this->e400('MD5 hash not provided');
                     }
                     $info->hash = $_REQUEST['md5'];
                     if (!preg_match('/[abcdefg0-9]{32}/', $info->hash)) {
                         $this->e400('Invalid MD5 hash');
                     }
                     if (empty($_REQUEST['mtime'])) {
                         $this->e400('File modification time not provided');
                     }
                     $info->mtime = $_REQUEST['mtime'];
                     if (!isset($_REQUEST['filename']) || $_REQUEST['filename'] === "") {
                         $this->e400('File name not provided');
                     }
                     $info->filename = $_REQUEST['filename'];
                     if (!isset($_REQUEST['filesize'])) {
                         $this->e400('File size not provided');
                     }
                     $info->size = $_REQUEST['filesize'];
                     if (!is_numeric($info->size)) {
                         $this->e400("Invalid file size");
                     }
                     $info->contentType = isset($_REQUEST['contentType']) ? $_REQUEST['contentType'] : "";
                     if (!preg_match("/^[a-zA-Z0-9\\-\\/]+\$/", $info->contentType)) {
                         $info->contentType = "";
                     }
                     $info->charset = isset($_REQUEST['charset']) ? $_REQUEST['charset'] : "";
                     if (!preg_match("/^[a-zA-Z0-9\\-]+\$/", $info->charset)) {
                         $info->charset = "";
                     }
                     $contentTypeHeader = $info->contentType . ($info->contentType && $info->charset ? "; charset=" . $info->charset : "");
                     $info->zip = !empty($_REQUEST['zip']);
                     // Reject file if it would put account over quota
                     if ($group) {
                         $quota = Zotero_S3::getEffectiveUserQuota($group->ownerUserID);
                         $usage = Zotero_S3::getUserUsage($group->ownerUserID);
                     } else {
                         $quota = Zotero_S3::getEffectiveUserQuota($this->objectUserID);
                         $usage = Zotero_S3::getUserUsage($this->objectUserID);
                     }
                     $total = $usage['total'];
                     $fileSizeMB = round($info->size / 1024 / 1024, 1);
                     if ($total + $fileSizeMB > $quota) {
                         $this->e413("File would exceed quota ({$total} + {$fileSizeMB} > {$quota})");
                     }
                     Zotero_DB::query("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE");
                     Zotero_DB::beginTransaction();
                     // See if file exists with this filename
                     $localInfo = Zotero_S3::getLocalFileInfo($info);
                     if ($localInfo) {
                         $storageFileID = $localInfo['storageFileID'];
                         // Verify file size
                         if ($localInfo['size'] != $info->size) {
                             throw new Exception("Specified file size incorrect for existing file " . $info->hash . "/" . $info->filename . " ({$localInfo['size']} != {$info->size})");
                         }
                     } else {
                         $oldStorageFileID = Zotero_S3::getFileByHash($info->hash, $info->zip);
                         if ($oldStorageFileID) {
                             // Verify file size
                             $localInfo = Zotero_S3::getFileInfoByID($oldStorageFileID);
                             if ($localInfo['size'] != $info->size) {
                                 throw new Exception("Specified file size incorrect for duplicated file " . $info->hash . "/" . $info->filename . " ({$localInfo['size']} != {$info->size})");
                             }
                             // Create new file on S3 with new name
                             $storageFileID = Zotero_S3::duplicateFile($oldStorageFileID, $info->filename, $info->zip, $contentTypeHeader);
                             if (!$storageFileID) {
                                 $this->e500("File duplication failed");
                             }
                         }
                     }
                     // If we already have a file, add/update storageFileItems row and stop
                     if (!empty($storageFileID)) {
                         Zotero_S3::updateFileItemInfo($item, $storageFileID, $info);
                         Zotero_DB::commit();
                         if ($this->httpAuth) {
                             header('Content-Type: application/xml');
                             echo "<exists/>";
                         } else {
                             header('Content-Type: application/json');
                             echo json_encode(array('exists' => 1));
                         }
                         exit;
                     }
                     Zotero_DB::commit();
                     // Add request to upload queue
                     $uploadKey = Zotero_S3::queueUpload($this->userID, $info);
                     // User over queue limit
                     if (!$uploadKey) {
                         header('Retry-After: ' . Zotero_S3::$uploadQueueTimeout);
                         if ($this->httpAuth) {
                             $this->e413("Too many queued uploads");
                         } else {
                             $this->e429("Too many queued uploads");
                         }
                     }
                     // Output XML for client requests (which use HTTP Auth)
                     if ($this->httpAuth) {
                         $params = Zotero_S3::generateUploadPOSTParams($item, $info, true);
                         header('Content-Type: application/xml');
                         $xml = new SimpleXMLElement('<upload/>');
                         $xml->url = Zotero_S3::getUploadBaseURL();
                         $xml->key = $uploadKey;
                         foreach ($params as $key => $val) {
                             $xml->params->{$key} = $val;
                         }
                         echo $xml->asXML();
                     } else {
                         if (!empty($_REQUEST['params']) && $_REQUEST['params'] == "1") {
                             $params = array("url" => Zotero_S3::getUploadBaseURL(), "params" => array());
                             foreach (Zotero_S3::generateUploadPOSTParams($item, $info) as $key => $val) {
                                 $params['params'][$key] = $val;
                             }
                         } else {
                             $params = Zotero_S3::getUploadPOSTData($item, $info);
                         }
                         $params['uploadKey'] = $uploadKey;
                         header('Content-Type: application/json');
                         echo json_encode($params);
                     }
                     exit;
                 }
                 //
                 // API partial upload and post-upload file registration
                 //
                 if (isset($_REQUEST['upload'])) {
                     $uploadKey = $_REQUEST['upload'];
                     if (!$uploadKey) {
                         $this->e400("Upload key not provided");
                     }
                     $info = Zotero_S3::getUploadInfo($uploadKey);
                     if (!$info) {
                         $this->e400("Upload key not found");
                     }
                     // Partial upload
                     if ($this->method == 'PATCH') {
                         if (empty($_REQUEST['algorithm'])) {
                             throw new Exception("Algorithm not specified", Z_ERROR_INVALID_INPUT);
                         }
                         $storageFileID = Zotero_S3::patchFile($item, $info, $_REQUEST['algorithm'], $this->body);
                     } else {
                         $remoteInfo = Zotero_S3::getRemoteFileInfo($info);
                         if (!$remoteInfo) {
                             error_log("Remote file {$info->hash}/{$info->filename} not found");
                             $this->e400("Remote file not found");
                         }
                         if ($remoteInfo['size'] != $info->size) {
                             error_log("Uploaded file size does not match ({$remoteInfo['size']} != {$info->size}) for file {$info->hash}/{$info->filename}");
                         }
                     }
                     // Set an automatic shared lock in getLocalFileInfo() to prevent
                     // two simultaneous transactions from adding a file
                     Zotero_DB::query("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE");
                     Zotero_DB::beginTransaction();
                     if (!isset($storageFileID)) {
                         // Check if file already exists, which can happen if two identical
                         // files are uploaded simultaneously
                         $fileInfo = Zotero_S3::getLocalFileInfo($info);
                         if ($fileInfo) {
                             $storageFileID = $fileInfo['storageFileID'];
                         } else {
                             $storageFileID = Zotero_S3::addFile($info);
                         }
                     }
                     Zotero_S3::updateFileItemInfo($item, $storageFileID, $info);
                     Zotero_S3::logUpload($this->userID, $item, $uploadKey, IPAddress::getIP());
                     Zotero_DB::commit();
                     header("HTTP/1.1 204 No Content");
                     exit;
                 }
                 //
                 // Client post-upload file registration
                 //
                 if (isset($_POST['update'])) {
                     $this->allowMethods(array('POST'));
                     if (empty($_POST['mtime'])) {
                         throw new Exception('File modification time not provided');
                     }
                     $uploadKey = $_POST['update'];
                     $info = Zotero_S3::getUploadInfo($uploadKey);
                     if (!$info) {
                         $this->e400("Upload key not found");
                     }
                     $remoteInfo = Zotero_S3::getRemoteFileInfo($info);
                     if (!$remoteInfo) {
                         $this->e400("Remote file not found");
                     }
                     if (!isset($info->size)) {
                         throw new Exception("Size information not available");
                     }
                     $info->mtime = $_POST['mtime'];
                     // Set an automatic shared lock in getLocalFileInfo() to prevent
                     // two simultaneous transactions from adding a file
                     Zotero_DB::query("SET TRANSACTION ISOLATION LEVEL SERIALIZABLE");
                     Zotero_DB::beginTransaction();
                     // Check if file already exists, which can happen if two identical
                     // files are uploaded simultaneously
                     $fileInfo = Zotero_S3::getLocalFileInfo($info);
                     if ($fileInfo) {
                         $storageFileID = $fileInfo['storageFileID'];
                     } else {
                         $storageFileID = Zotero_S3::addFile($info);
                     }
                     Zotero_S3::updateFileItemInfo($item, $storageFileID, $info);
                     Zotero_S3::logUpload($this->userID, $item, $uploadKey, IPAddress::getIP());
                     Zotero_DB::commit();
                     header("HTTP/1.1 204 No Content");
                     exit;
                 }
             }
         }
     }
     exit;
 }
コード例 #6
0
ファイル: Libraries.inc.php プロジェクト: ergo70/dataserver
 public static function toJSON($libraryID)
 {
     // TODO: cache
     $libraryType = Zotero_Libraries::getType($libraryID);
     if ($libraryType == 'user') {
         $objectUserID = Zotero_Users::getUserIDFromLibraryID($libraryID);
         $json = ['type' => $libraryType, 'id' => $objectUserID, 'name' => self::getName($libraryID), 'links' => ['alternate' => ['href' => Zotero_URI::getUserURI($objectUserID, true), 'type' => 'text/html']]];
     } else {
         if ($libraryType == 'publications') {
             $objectUserID = Zotero_Users::getUserIDFromLibraryID($libraryID);
             $json = ['type' => $libraryType, 'id' => $objectUserID, 'name' => self::getName($libraryID), 'links' => ['alternate' => ['href' => Zotero_URI::getUserURI($objectUserID, true) . "/publications", 'type' => 'text/html']]];
         } else {
             if ($libraryType == 'group') {
                 $objectGroupID = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
                 $group = Zotero_Groups::get($objectGroupID);
                 $json = ['type' => $libraryType, 'id' => $objectGroupID, 'name' => self::getName($libraryID), 'links' => ['alternate' => ['href' => Zotero_URI::getGroupURI($group, true), 'type' => 'text/html']]];
             } else {
                 throw new Exception("Invalid library type '{$libraryType}'");
             }
         }
     }
     return $json;
 }
コード例 #7
0
 public static function isEditable($obj)
 {
     $type = static::field('object');
     // Only enforce for sync controller for now
     if (empty($GLOBALS['controller']) || !$GLOBALS['controller'] instanceof SyncController) {
         return true;
     }
     // Make sure user has access privileges to delete
     $userID = $GLOBALS['controller']->userID;
     if (!$userID) {
         return true;
     }
     $objectLibraryID = $obj->libraryID;
     $libraryType = Zotero_Libraries::getType($objectLibraryID);
     switch ($libraryType) {
         case 'user':
             if (!empty($GLOBALS['controller']->userLibraryID)) {
                 $userLibraryID = $GLOBALS['controller']->userLibraryID;
             } else {
                 $userLibraryID = Zotero_Users::getLibraryIDFromUserID($userID);
             }
             if ($objectLibraryID != $userLibraryID) {
                 return false;
             }
             return true;
         case 'group':
             $groupID = Zotero_Groups::getGroupIDFromLibraryID($objectLibraryID);
             $group = Zotero_Groups::get($groupID);
             if (!$group->hasUser($userID) || !$group->userCanEdit($userID)) {
                 return false;
             }
             if ($type == 'item' && $obj->isImportedAttachment() && !$group->userCanEditFiles($userID)) {
                 return false;
             }
             return true;
         default:
             throw new Exception("Unsupported library type '{$libraryType}'");
     }
 }
コード例 #8
0
ファイル: SyncController.php プロジェクト: selenus/dataserver
 private function handleUploadError(Exception $e, $xmldata)
 {
     $msg = $e->getMessage();
     if ($msg[0] == '=') {
         $msg = substr($msg, 1);
         $explicit = true;
         // TODO: more specific error messages
     } else {
         $explicit = false;
     }
     switch ($e->getCode()) {
         case Z_ERROR_TAG_TOO_LONG:
         case Z_ERROR_COLLECTION_TOO_LONG:
             break;
         default:
             Z_Core::logError($msg);
     }
     if (!$explicit && Z_ENV_TESTING_SITE) {
         switch ($e->getCode()) {
             case Z_ERROR_COLLECTION_NOT_FOUND:
             case Z_ERROR_CREATOR_NOT_FOUND:
             case Z_ERROR_ITEM_NOT_FOUND:
             case Z_ERROR_TAG_TOO_LONG:
             case Z_ERROR_LIBRARY_ACCESS_DENIED:
             case Z_ERROR_TAG_LINKED_ITEM_NOT_FOUND:
                 break;
             default:
                 throw $e;
         }
         $id = 'N/A';
     } else {
         $id = substr(md5(uniqid(rand(), true)), 0, 8);
         $str = date("D M j G:i:s T Y") . "\n";
         $str .= "IP address: " . $_SERVER['REMOTE_ADDR'] . "\n";
         if (isset($_SERVER['HTTP_X_ZOTERO_VERSION'])) {
             $str .= "Version: " . $_SERVER['HTTP_X_ZOTERO_VERSION'] . "\n";
         }
         $str .= $msg;
         switch ($e->getCode()) {
             // Don't log uploaded data for some errors
             case Z_ERROR_TAG_TOO_LONG:
             case Z_ERROR_FIELD_TOO_LONG:
             case Z_ERROR_NOTE_TOO_LONG:
             case Z_ERROR_COLLECTION_TOO_LONG:
                 break;
             default:
                 $str .= "\n\n" . $xmldata;
         }
         if (!file_put_contents(Z_CONFIG::$SYNC_ERROR_PATH . $id, $str)) {
             error_log("Unable to save error report to " . Z_CONFIG::$SYNC_ERROR_PATH . $id);
         }
     }
     Zotero_DB::rollback(true);
     switch ($e->getCode()) {
         case Z_ERROR_LIBRARY_ACCESS_DENIED:
             preg_match('/[Ll]ibrary ([0-9]+)/', $e->getMessage(), $matches);
             $libraryID = $matches ? $matches[1] : null;
             $this->error(400, 'LIBRARY_ACCESS_DENIED', "Cannot make changes to library (Report ID: {$id})", array('libraryID' => $libraryID));
             break;
         case Z_ERROR_ITEM_NOT_FOUND:
         case Z_ERROR_COLLECTION_NOT_FOUND:
         case Z_ERROR_CREATOR_NOT_FOUND:
             error_log($e);
             $this->error(500, "FULL_SYNC_REQUIRED", "Please perform a full sync in the Sync->Reset pane of the Zotero preferences. (Report ID: {$id})");
             break;
         case Z_ERROR_TAG_TOO_LONG:
             $message = $e->getMessage();
             preg_match("/Tag '(.+)' too long/s", $message, $matches);
             if ($matches) {
                 $name = $matches[1];
                 $this->error(400, "TAG_TOO_LONG", "Tag '" . mb_substr($name, 0, 50) . "…' too long", array(), array("tag" => $name));
             }
             break;
         case Z_ERROR_COLLECTION_TOO_LONG:
             $message = $e->getMessage();
             preg_match("/Collection '(.+)' too long/s", $message, $matches);
             if ($matches) {
                 $name = $matches[1];
                 $this->error(400, "COLLECTION_TOO_LONG", "Collection '" . mb_substr($name, 0, 50) . "…' too long", array(), array("collection" => $name));
             }
             break;
         case Z_ERROR_NOTE_TOO_LONG:
             preg_match("/Note '(.+)' too long(?: for item '(.+)\\/(.+)')?/s", $msg, $matches);
             if ($matches) {
                 $name = $matches[1];
                 $libraryID = false;
                 if (isset($matches[2])) {
                     $libraryID = (int) $matches[2];
                     $itemKey = $matches[3];
                     if (Zotero_Libraries::getType($libraryID) == 'group') {
                         $groupID = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
                         $group = Zotero_Groups::get($groupID);
                         $libraryName = $group->name;
                     } else {
                         $libraryName = false;
                     }
                 } else {
                     $itemKey = '';
                 }
                 $showNoteKey = false;
                 if (isset($_SERVER['HTTP_X_ZOTERO_VERSION'])) {
                     require_once '../model/ToolkitVersionComparator.inc.php';
                     $showNoteKey = ToolkitVersionComparator::compare($_SERVER['HTTP_X_ZOTERO_VERSION'], "4.0.27") < 0;
                 }
                 if ($showNoteKey) {
                     $this->error(400, "ERROR_PROCESSING_UPLOAD_DATA", "The note '" . mb_substr($name, 0, 50) . "…' in " . ($libraryName === false ? "your library " : "the group '{$libraryName}' ") . "is too long to sync to zotero.org.\n\n" . "Search for the excerpt above or copy and paste " . "'{$itemKey}' into the Zotero search bar. " . "Shorten the note, or delete it and empty the Zotero " . "trash, and then try syncing again.");
                 } else {
                     $this->error(400, "NOTE_TOO_LONG", "The note '" . mb_substr($name, 0, 50) . "…' in " . ($libraryName === false ? "your library " : "the group '{$libraryName}' ") . "is too long to sync to zotero.org.\n\n" . "Shorten the note, or delete it and empty the Zotero " . "trash, and then try syncing again.", [], $libraryID ? ["item" => $libraryID . "/" . $itemKey] : []);
                 }
             }
             break;
         case Z_ERROR_FIELD_TOO_LONG:
             preg_match("/(.+) field value '(.+)\\.\\.\\.' too long(?: for item '(.+)')?/s", $msg, $matches);
             if ($matches) {
                 $fieldName = $matches[1];
                 $value = $matches[2];
                 if (isset($matches[3])) {
                     $parts = explode("/", $matches[3]);
                     $libraryID = (int) $parts[0];
                     $itemKey = $parts[1];
                     if (Zotero_Libraries::getType($libraryID) == 'group') {
                         $groupID = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
                         $group = Zotero_Groups::get($groupID);
                         $libraryName = "the group '" . $group->name . "'";
                     } else {
                         $libraryName = "your personal library";
                     }
                 } else {
                     $libraryName = "one of your libraries";
                     $itemKey = false;
                 }
                 $this->error(400, "ERROR_PROCESSING_UPLOAD_DATA", "The {$fieldName} field value '{$value}…' in {$libraryName} is " . "too long to sync to zotero.org.\n\n" . "Search for the excerpt above " . ($itemKey === false ? "using " : "or copy and paste " . "'{$itemKey}' into ") . "the Zotero search bar. " . "Shorten the field, or delete the item and empty the " . "Zotero trash, and then try syncing again.");
             }
             break;
         case Z_ERROR_ARRAY_SIZE_MISMATCH:
             $this->error(400, 'DATABASE_TOO_LARGE', "Databases of this size cannot yet be synced. Please check back soon. (Report ID: {$id})");
             break;
         case Z_ERROR_TAG_LINKED_ITEM_NOT_FOUND:
             $this->error(400, 'WRONG_LIBRARY_TAG_ITEM', "Error processing uploaded data (Report ID: {$id})");
             break;
         case Z_ERROR_SHARD_READ_ONLY:
         case Z_ERROR_SHARD_UNAVAILABLE:
             $this->error(503, 'SERVER_ERROR', Z_CONFIG::$MAINTENANCE_MESSAGE);
             break;
     }
     if (strpos($msg, "Lock wait timeout exceeded; try restarting transaction") !== false || strpos($msg, "MySQL error: Deadlock found when trying to get lock; try restarting transaction") !== false) {
         $this->error(500, 'TIMEOUT', "Sync upload timed out. Please try again in a few minutes. (Report ID: {$id})");
     }
     if (strpos($msg, "Data too long for column 'xmldata'") !== false) {
         $this->error(400, 'DATABASE_TOO_LARGE', "Databases of this size cannot yet be synced. Please check back soon. (Report ID: {$id})");
     }
     // On certain messages, send 400 to prevent auto-retry
     if (strpos($msg, " too long") !== false || strpos($msg, "First and last name are empty") !== false) {
         $this->error(400, 'ERROR_PROCESSING_UPLOAD_DATA', $explicit ? $msg : "Error processing uploaded data (Report ID: {$id})");
     }
     if (preg_match("/Incorrect datetime value: '([0-9]{4}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}:[0-9]{2})' " . "for column 'date(Added|Modified)'/", $msg, $matches)) {
         if (isset($_SERVER['HTTP_X_ZOTERO_VERSION'])) {
             require_once '../model/ToolkitVersionComparator.inc.php';
             if (ToolkitVersionComparator::compare($_SERVER['HTTP_X_ZOTERO_VERSION'], "2.1rc1") < 0) {
                 $msg = "Invalid timestamp '{$matches[1]}' in uploaded data. Upgrade to Zotero 2.1rc1 when available to fix automatically.";
             } else {
                 $msg = "Invalid timestamp '{$matches[1]}' in uploaded data. Sync again to correct automatically.";
             }
         } else {
             $msg = "Invalid timestamp '{$matches[1]}' in uploaded data. Upgrade to Zotero 2.1rc1 when available to fix automatically.";
         }
         $this->error(400, 'INVALID_TIMESTAMP', $msg);
     }
     $this->error(500, 'ERROR_PROCESSING_UPLOAD_DATA', $explicit ? $msg : "Error processing uploaded data (Report ID: {$id})");
 }
コード例 #9
0
ファイル: API.inc.php プロジェクト: robinpaulson/dataserver
 public static function getLibraryURI($libraryID)
 {
     $libraryType = Zotero_Libraries::getType($libraryID);
     switch ($libraryType) {
         case 'user':
             $id = Zotero_Users::getUserIDFromLibraryID($libraryID);
             return self::getBaseURI() . "users/{$id}";
         case 'group':
             $id = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
             return self::getBaseURI() . "groups/{$id}";
     }
 }
コード例 #10
0
 public static function getOwner($libraryID)
 {
     $type = self::getType($libraryID);
     switch ($type) {
         case 'user':
             return Zotero_Users::getUserIDFromLibraryID($libraryID);
         case 'group':
             $groupID = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
             $group = Zotero_Groups::get($groupID);
             return $group->ownerUserID;
     }
 }
コード例 #11
0
ファイル: Key.inc.php プロジェクト: ergo70/dataserver
 public function toJSON()
 {
     if (($this->id || $this->key) && !$this->loaded) {
         $this->load();
     }
     $json = [];
     $json['key'] = $this->key;
     $json['userID'] = $this->userID;
     $json['username'] = Zotero_Users::getUsername($this->userID);
     $json['name'] = $this->name;
     if ($this->permissions) {
         $json['access'] = ['user' => [], 'groups' => []];
         foreach ($this->permissions as $libraryID => $p) {
             // group="all" is stored as libraryID 0
             if ($libraryID === 0) {
                 $json['access']['groups']['all']['library'] = true;
                 $json['access']['groups']['all']['write'] = !empty($p['write']);
             } else {
                 $type = Zotero_Libraries::getType($libraryID);
                 switch ($type) {
                     case 'user':
                         $json['access']['user']['library'] = true;
                         foreach ($p as $permission => $granted) {
                             if ($permission == 'library') {
                                 continue;
                             }
                             $json['access']['user'][$permission] = (bool) $granted;
                         }
                         break;
                     case 'group':
                         $groupID = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
                         $json['access']['groups'][$groupID]['library'] = true;
                         $json['access']['groups'][$groupID]['write'] = !empty($p['write']);
                         break;
                 }
             }
         }
         if (sizeOf($json['access']['user']) === 0) {
             unset($json['access']['user']);
         }
         if (sizeOf($json['access']['groups']) === 0) {
             unset($json['access']['groups']);
         }
     }
     $json['dateAdded'] = Zotero_Date::sqlToISO8601($this->dateAdded);
     if ($this->lastUsed != '0000-00-00 00:00:00') {
         $json['lastUsed'] = Zotero_Date::sqlToISO8601($this->lastUsed);
     }
     $ips = $this->getRecentIPs();
     if ($ips) {
         $json['recentIPs'] = $ips;
     }
     return $json;
 }
コード例 #12
0
 /**
  * This should be called after canAccess()
  */
 public function canWrite($libraryID)
 {
     if ($this->super) {
         return true;
     }
     if ($libraryID === 0) {
         return false;
     }
     if (!$libraryID) {
         throw new Exception('libraryID not provided');
     }
     if (!empty($this->permissions[$libraryID]['write'])) {
         return true;
     }
     $libraryType = Zotero_Libraries::getType($libraryID);
     switch ($libraryType) {
         case 'user':
             return false;
             // Write permissions match key's write access to user library
         // Write permissions match key's write access to user library
         case 'publications':
             $userLibraryID = Zotero_Users::getLibraryIDFromUserID($this->userID);
             return $this->canWrite($userLibraryID);
         case 'group':
             $groupID = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
             // If key has write access to all groups, grant access if user
             // has write access to group
             if (!empty($this->permissions[0]['write'])) {
                 $group = Zotero_Groups::get($groupID);
                 return $group->userCanEdit($this->userID);
             }
             return false;
         default:
             throw new Exception("Unsupported library type '{$libraryType}'");
     }
 }
コード例 #13
0
ファイル: Key.inc.php プロジェクト: robinpaulson/dataserver
 /**
  * Converts key to a SimpleXMLElement item
  *
  * @return	SimpleXMLElement				Key data as SimpleXML element
  */
 public function toXML()
 {
     if (($this->id || $this->key) && !$this->loaded) {
         $this->load();
     }
     $xml = '<key/>';
     $xml = new SimpleXMLElement($xml);
     $xml['key'] = $this->key;
     $xml['dateAdded'] = $this->dateAdded;
     if ($this->lastUsed != '0000-00-00 00:00:00') {
         $xml['lastUsed'] = $this->lastUsed;
     }
     $xml->name = $this->name;
     if ($this->permissions) {
         foreach ($this->permissions as $libraryID => $p) {
             $access = $xml->addChild('access');
             // group="all" is stored as libraryID 0
             if ($libraryID === 0) {
                 $access['group'] = 'all';
                 if (!empty($p['write'])) {
                     $access['write'] = 1;
                 }
                 continue;
             }
             $type = Zotero_Libraries::getType($libraryID);
             switch ($type) {
                 case 'user':
                     foreach ($p as $permission => $granted) {
                         $access[$permission] = (int) $granted;
                     }
                     break;
                 case 'group':
                     $access['group'] = Zotero_Groups::getGroupIDFromLibraryID($libraryID);
                     if (!empty($p['write'])) {
                         $access['write'] = 1;
                     }
                     break;
             }
         }
     }
     $ips = $this->getRecentIPs();
     if ($ips) {
         $xml->recentIPs = implode(' ', $ips);
     }
     return $xml;
 }