/** * Handle the PHP shutdown event. * * @return void */ public function handleShutdown() { if (!is_null($error = error_get_last()) && $this->isFatal($error['type'])) { $e = new ErrorException($error['message'], $error['type'], 0, $error['file'], $error['line']); $this->emitter->run('application.error', $e); } }
public function applyHook($name, $data = null) { if (static::$emitter) { $data = static::$emitter->apply($name, $data); } return $data; }
/** * Creates a new file for Directus Media * * @param string $filePath * @param string $targetName * * @return Array file info */ private function processUpload($filePath, $targetName) { // set true as $filePath it's outside adapter path // $filePath is on a temporary php directory $fileData = $this->getFileInfo($filePath, true); $mediaPath = $this->filesystem->getPath(); $fileData['title'] = Formatting::fileNameToFileTitle($targetName); $targetName = $this->getFileName($targetName); $finalPath = rtrim($mediaPath, '/') . '/' . $targetName; $data = file_get_contents($filePath); $this->emitter->run('files.saving', ['name' => $targetName, 'size' => strlen($data)]); $this->filesystem->getAdapter()->write($targetName, $data); $this->emitter->run('files.saving:after', ['name' => $targetName, 'size' => strlen($data)]); $fileData['name'] = basename($finalPath); $fileData['date_uploaded'] = DateUtils::now(); $fileData['storage_adapter'] = $this->config['adapter']; return $fileData; }
/** * Get Hook Emitter * * @return Emitter */ private static function hookEmitter() { $emitter = new Emitter(); $emitter->addAction('application.error', function ($e) { $log = Bootstrap::get('log'); $log->error($e); }); $emitter->addAction('table.insert.directus_groups', function ($data) { $acl = Bootstrap::get('acl'); $zendDb = Bootstrap::get('zendDb'); $privilegesTable = new DirectusPrivilegesTableGateway($acl, $zendDb); $privilegesTable->insertPrivilege(['group_id' => $data['id'], 'allow_view' => 1, 'allow_add' => 0, 'allow_edit' => 1, 'allow_delete' => 0, 'allow_alter' => 0, 'table_name' => 'directus_users', 'read_field_blacklist' => 'token', 'write_field_blacklist' => 'group,token']); }); return $emitter; }
/** * Get Hook Emitter * * @return Emitter */ private static function hookEmitter() { $emitter = new Emitter(); $emitter->addAction('application.error', function ($e) { $log = Bootstrap::get('log'); $log->error($e); }); $emitter->addAction('table.insert.directus_groups', function ($data) { $acl = Bootstrap::get('acl'); $zendDb = Bootstrap::get('zendDb'); $privilegesTable = new DirectusPrivilegesTableGateway($acl, $zendDb); $privilegesTable->insertPrivilege(['group_id' => $data['id'], 'allow_view' => 1, 'allow_add' => 0, 'allow_edit' => 1, 'allow_delete' => 0, 'allow_alter' => 0, 'table_name' => 'directus_users', 'read_field_blacklist' => 'token', 'write_field_blacklist' => 'group,token']); }); $emitter->addFilter('table.insert:before', function ($tableName, $data) { if ($tableName == 'directus_files') { unset($data['data']); $data['user'] = AuthProvider::getUserInfo('id'); } return $data; }); // Add file url and thumb url $emitter->addFilter('table.select', function ($result, $selectState) { if ($selectState['table'] == 'directus_files') { $fileRows = $result->toArray(); $files = new \Directus\Files\Files(); foreach ($fileRows as &$row) { $config = Bootstrap::get('config'); $fileURL = $config['filesystem']['root_url']; $thumbnailURL = $config['filesystem']['root_thumb_url']; $thumbnailFilenameParts = explode('.', $row['name']); $thumbnailExtension = array_pop($thumbnailFilenameParts); $row['url'] = $fileURL . '/' . $row['name']; if (in_array($thumbnailExtension, ['tif', 'tiff', 'psd', 'pdf'])) { $thumbnailExtension = 'jpg'; } $thumbnailFilename = $row['id'] . '.' . $thumbnailExtension; $row['thumbnail_url'] = $thumbnailURL . '/' . $thumbnailFilename; // filename-ext-100-100-true.jpg // @TODO: This should be another hook listener $row['thumbnail_url'] = null; $filename = implode('.', $thumbnailFilenameParts); if ($row['type'] == 'embed/vimeo') { $oldThumbnailFilename = $row['name'] . '-vimeo-220-124-true.jpg'; } else { $oldThumbnailFilename = $filename . '-' . $thumbnailExtension . '-160-160-true.jpg'; } // 314551321-vimeo-220-124-true.jpg // hotfix: there's not thumbnail for this file if ($files->exists('thumbs/' . $oldThumbnailFilename)) { $row['thumbnail_url'] = $thumbnailURL . '/' . $oldThumbnailFilename; } if ($files->exists('thumbs/' . $thumbnailFilename)) { $row['thumbnail_url'] = $thumbnailURL . '/' . $thumbnailFilename; } $embedManager = Bootstrap::get('embedManager'); $provider = $embedManager->getByType($row['type']); $row['html'] = null; if ($provider) { $row['html'] = $provider->getCode($row); } } $filesArrayObject = new \ArrayObject($fileRows); $result->initialize($filesArrayObject->getIterator()); } return $result; }); return $emitter; }
/** * @param Delete $delete * @return mixed * @throws Exception\RuntimeException * @throws \Directus\Acl\Exception\UnauthorizedTableBigDeleteException * @throws \Directus\Acl\Exception\UnauthorizedTableDeleteException */ protected function executeDelete(Delete $delete) { $cuurrentUserId = null; if (Auth::loggedIn()) { $currentUser = Auth::getUserInfo(); $currentUserId = intval($currentUser['id']); } $deleteState = $delete->getRawState(); $deleteTable = $this->getRawTableNameFromQueryStateTable($deleteState['table']); $cmsOwnerColumn = $this->acl->getCmsOwnerColumnByTable($deleteTable); $canBigDelete = $this->acl->hasTablePrivilege($deleteTable, 'bigdelete'); $canDelete = $this->acl->hasTablePrivilege($deleteTable, 'delete'); $aclErrorPrefix = $this->acl->getErrorMessagePrefix(); if (!TableSchema::hasTableColumn($deleteTable, STATUS_COLUMN_NAME)) { if ($this->acl->hasTablePrivilege($deleteTable, 'bigdelete')) { $canBigDelete = true; } else { if ($this->acl->hasTablePrivilege($deleteTable, 'delete')) { $canDelete = true; } } } // @todo: clean way if ($deleteTable === 'directus_bookmarks') { $canBigDelete = true; } /** * ACL Enforcement */ if (!$canBigDelete && !$canDelete) { throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . ' forbidden to hard delete on table `' . $deleteTable . '` because it has Status Column.'); } if (false === $cmsOwnerColumn) { // cannot delete if there's no magic owner column and can't big delete if (!$canBigDelete) { // All deletes are "big" deletes if there is no magic owner column. throw new UnauthorizedTableBigDeleteException($aclErrorPrefix . 'The table `' . $deleteTable . '` is missing the `user_create_column` within `directus_tables` (BigHardDelete Permission Forbidden)'); } } else { if (!$canBigDelete) { // Who are the owners of these rows? list($predicateResultQty, $predicateOwnerIds) = $this->acl->getCmsOwnerIdsByTableGatewayAndPredicate($this, $deleteState['where']); if (!in_array($currentUserId, $predicateOwnerIds)) { // $exceptionMessage = "Table harddelete access forbidden on $predicateResultQty `$deleteTable` table records owned by the authenticated CMS user (#$currentUserId)."; $groupsTableGateway = self::makeTableGatewayFromTableName($this->acl, 'directus_groups', $this->adapter); $group = $groupsTableGateway->find($this->acl->getGroupId()); $exceptionMessage = '[' . $group['name'] . '] permissions only allow you to [delete] your own items.'; // $aclErrorPrefix = $this->acl->getErrorMessagePrefix(); throw new UnauthorizedTableDeleteException($exceptionMessage); } } } try { $this->emitter->run('table.delete:before', [$deleteTable]); $this->emitter->run('table.delete.' . $deleteTable . ':before'); $result = parent::executeDelete($delete); $this->emitter->run('table.delete', [$deleteTable]); $this->emitter->run('table.delete:after', [$deleteTable]); $this->emitter->run('table.delete.' . $deleteTable); $this->emitter->run('table.delete.' . $deleteTable . ':after'); return $result; } catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) { if ('production' !== DIRECTUS_ENV) { throw new \RuntimeException('This query failed: ' . $this->dumpSql($delete), 0, $e); } // @todo send developer warning throw $e; } }