Exemplo n.º 1
0
 /**
  * Handle the PHP shutdown event.
  *
  * @return void
  */
 public function handleShutdown()
 {
     if (!is_null($error = error_get_last()) && $this->isFatal($error['type'])) {
         $e = new ErrorException($error['message'], $error['type'], 0, $error['file'], $error['line']);
         $this->emitter->run('application.error', $e);
     }
 }
Exemplo n.º 2
0
 public function applyHook($name, $data = null)
 {
     if (static::$emitter) {
         $data = static::$emitter->apply($name, $data);
     }
     return $data;
 }
Exemplo n.º 3
0
 /**
  * Creates a new file for Directus Media
  *
  * @param string $filePath
  * @param string $targetName
  *
  * @return Array file info
  */
 private function processUpload($filePath, $targetName)
 {
     // set true as $filePath it's outside adapter path
     // $filePath is on a temporary php directory
     $fileData = $this->getFileInfo($filePath, true);
     $mediaPath = $this->filesystem->getPath();
     $fileData['title'] = Formatting::fileNameToFileTitle($targetName);
     $targetName = $this->getFileName($targetName);
     $finalPath = rtrim($mediaPath, '/') . '/' . $targetName;
     $data = file_get_contents($filePath);
     $this->emitter->run('files.saving', ['name' => $targetName, 'size' => strlen($data)]);
     $this->filesystem->getAdapter()->write($targetName, $data);
     $this->emitter->run('files.saving:after', ['name' => $targetName, 'size' => strlen($data)]);
     $fileData['name'] = basename($finalPath);
     $fileData['date_uploaded'] = DateUtils::now();
     $fileData['storage_adapter'] = $this->config['adapter'];
     return $fileData;
 }
Exemplo n.º 4
0
 /**
  * Get Hook Emitter
  *
  * @return Emitter
  */
 private static function hookEmitter()
 {
     $emitter = new Emitter();
     $emitter->addAction('application.error', function ($e) {
         $log = Bootstrap::get('log');
         $log->error($e);
     });
     $emitter->addAction('table.insert.directus_groups', function ($data) {
         $acl = Bootstrap::get('acl');
         $zendDb = Bootstrap::get('zendDb');
         $privilegesTable = new DirectusPrivilegesTableGateway($acl, $zendDb);
         $privilegesTable->insertPrivilege(['group_id' => $data['id'], 'allow_view' => 1, 'allow_add' => 0, 'allow_edit' => 1, 'allow_delete' => 0, 'allow_alter' => 0, 'table_name' => 'directus_users', 'read_field_blacklist' => 'token', 'write_field_blacklist' => 'group,token']);
     });
     return $emitter;
 }
Exemplo n.º 5
0
 /**
  * Get Hook Emitter
  *
  * @return Emitter
  */
 private static function hookEmitter()
 {
     $emitter = new Emitter();
     $emitter->addAction('application.error', function ($e) {
         $log = Bootstrap::get('log');
         $log->error($e);
     });
     $emitter->addAction('table.insert.directus_groups', function ($data) {
         $acl = Bootstrap::get('acl');
         $zendDb = Bootstrap::get('zendDb');
         $privilegesTable = new DirectusPrivilegesTableGateway($acl, $zendDb);
         $privilegesTable->insertPrivilege(['group_id' => $data['id'], 'allow_view' => 1, 'allow_add' => 0, 'allow_edit' => 1, 'allow_delete' => 0, 'allow_alter' => 0, 'table_name' => 'directus_users', 'read_field_blacklist' => 'token', 'write_field_blacklist' => 'group,token']);
     });
     $emitter->addFilter('table.insert:before', function ($tableName, $data) {
         if ($tableName == 'directus_files') {
             unset($data['data']);
             $data['user'] = AuthProvider::getUserInfo('id');
         }
         return $data;
     });
     // Add file url and thumb url
     $emitter->addFilter('table.select', function ($result, $selectState) {
         if ($selectState['table'] == 'directus_files') {
             $fileRows = $result->toArray();
             $files = new \Directus\Files\Files();
             foreach ($fileRows as &$row) {
                 $config = Bootstrap::get('config');
                 $fileURL = $config['filesystem']['root_url'];
                 $thumbnailURL = $config['filesystem']['root_thumb_url'];
                 $thumbnailFilenameParts = explode('.', $row['name']);
                 $thumbnailExtension = array_pop($thumbnailFilenameParts);
                 $row['url'] = $fileURL . '/' . $row['name'];
                 if (in_array($thumbnailExtension, ['tif', 'tiff', 'psd', 'pdf'])) {
                     $thumbnailExtension = 'jpg';
                 }
                 $thumbnailFilename = $row['id'] . '.' . $thumbnailExtension;
                 $row['thumbnail_url'] = $thumbnailURL . '/' . $thumbnailFilename;
                 // filename-ext-100-100-true.jpg
                 // @TODO: This should be another hook listener
                 $row['thumbnail_url'] = null;
                 $filename = implode('.', $thumbnailFilenameParts);
                 if ($row['type'] == 'embed/vimeo') {
                     $oldThumbnailFilename = $row['name'] . '-vimeo-220-124-true.jpg';
                 } else {
                     $oldThumbnailFilename = $filename . '-' . $thumbnailExtension . '-160-160-true.jpg';
                 }
                 // 314551321-vimeo-220-124-true.jpg
                 // hotfix: there's not thumbnail for this file
                 if ($files->exists('thumbs/' . $oldThumbnailFilename)) {
                     $row['thumbnail_url'] = $thumbnailURL . '/' . $oldThumbnailFilename;
                 }
                 if ($files->exists('thumbs/' . $thumbnailFilename)) {
                     $row['thumbnail_url'] = $thumbnailURL . '/' . $thumbnailFilename;
                 }
                 $embedManager = Bootstrap::get('embedManager');
                 $provider = $embedManager->getByType($row['type']);
                 $row['html'] = null;
                 if ($provider) {
                     $row['html'] = $provider->getCode($row);
                 }
             }
             $filesArrayObject = new \ArrayObject($fileRows);
             $result->initialize($filesArrayObject->getIterator());
         }
         return $result;
     });
     return $emitter;
 }
 /**
  * @param Delete $delete
  * @return mixed
  * @throws Exception\RuntimeException
  * @throws \Directus\Acl\Exception\UnauthorizedTableBigDeleteException
  * @throws \Directus\Acl\Exception\UnauthorizedTableDeleteException
  */
 protected function executeDelete(Delete $delete)
 {
     $cuurrentUserId = null;
     if (Auth::loggedIn()) {
         $currentUser = Auth::getUserInfo();
         $currentUserId = intval($currentUser['id']);
     }
     $deleteState = $delete->getRawState();
     $deleteTable = $this->getRawTableNameFromQueryStateTable($deleteState['table']);
     $cmsOwnerColumn = $this->acl->getCmsOwnerColumnByTable($deleteTable);
     $canBigDelete = $this->acl->hasTablePrivilege($deleteTable, 'bigdelete');
     $canDelete = $this->acl->hasTablePrivilege($deleteTable, 'delete');
     $aclErrorPrefix = $this->acl->getErrorMessagePrefix();
     if (!TableSchema::hasTableColumn($deleteTable, STATUS_COLUMN_NAME)) {
         if ($this->acl->hasTablePrivilege($deleteTable, 'bigdelete')) {
             $canBigDelete = true;
         } else {
             if ($this->acl->hasTablePrivilege($deleteTable, 'delete')) {
                 $canDelete = true;
             }
         }
     }
     // @todo: clean way
     if ($deleteTable === 'directus_bookmarks') {
         $canBigDelete = true;
     }
     /**
      * ACL Enforcement
      */
     if (!$canBigDelete && !$canDelete) {
         throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . ' forbidden to hard delete on table `' . $deleteTable . '` because it has Status Column.');
     }
     if (false === $cmsOwnerColumn) {
         // cannot delete if there's no magic owner column and can't big delete
         if (!$canBigDelete) {
             // All deletes are "big" deletes if there is no magic owner column.
             throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . 'The table `' . $deleteTable . '` is missing the `user_create_column` within `directus_tables` (BigHardDelete Permission Forbidden)');
         }
     } else {
         if (!$canBigDelete) {
             // Who are the owners of these rows?
             list($predicateResultQty, $predicateOwnerIds) = $this->acl->getCmsOwnerIdsByTableGatewayAndPredicate($this, $deleteState['where']);
             if (!in_array($currentUserId, $predicateOwnerIds)) {
                 //   $exceptionMessage = "Table harddelete access forbidden on $predicateResultQty `$deleteTable` table records owned by the authenticated CMS user (#$currentUserId).";
                 $groupsTableGateway = self::makeTableGatewayFromTableName($this->acl, 'directus_groups', $this->adapter);
                 $group = $groupsTableGateway->find($this->acl->getGroupId());
                 $exceptionMessage = '[' . $group['name'] . '] permissions only allow you to [delete] your own items.';
                 //   $aclErrorPrefix = $this->acl->getErrorMessagePrefix();
                 throw new UnauthorizedTableDeleteException($exceptionMessage);
             }
         }
     }
     try {
         $this->emitter->run('table.delete:before', [$deleteTable]);
         $this->emitter->run('table.delete.' . $deleteTable . ':before');
         $result = parent::executeDelete($delete);
         $this->emitter->run('table.delete', [$deleteTable]);
         $this->emitter->run('table.delete:after', [$deleteTable]);
         $this->emitter->run('table.delete.' . $deleteTable);
         $this->emitter->run('table.delete.' . $deleteTable . ':after');
         return $result;
     } catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) {
         if ('production' !== DIRECTUS_ENV) {
             throw new \RuntimeException('This query failed: ' . $this->dumpSql($delete), 0, $e);
         }
         // @todo send developer warning
         throw $e;
     }
 }