/** * Manage how a file collection has to be saved * * @param int $parentId Parent id owning files being saved * @param string $parentType Parent Type owning files being saved (product, category, content, etc.) * @param string $objectType Object type, e.g. image or document * @param array $validMimeTypes an array of valid mime types. If empty, any mime type is allowed. * @param array $extBlackList an array of blacklisted extensions. * @return Response */ public function saveFileAjaxAction($parentId, $parentType, $objectType, $validMimeTypes = array(), $extBlackList = array()) { if (null !== ($response = $this->checkAuth(AdminResources::retrieve($parentType), array(), AccessManager::UPDATE))) { return $response; } $this->checkXmlHttpRequest(); if ($this->getRequest()->isMethod('POST')) { /** @var UploadedFile $fileBeingUploaded */ $fileBeingUploaded = $this->getRequest()->files->get('file'); $fileManager = $this->getFileManager(); // Validate if file is too big if ($fileBeingUploaded->getError() == 1) { $message = $this->getTranslator()->trans('File is too large, please retry with a file having a size less than %size%.', array('%size%' => ini_get('upload_max_filesize')), 'core'); return new ResponseRest($message, 'text', 403); } $message = null; $realFileName = $fileBeingUploaded->getClientOriginalName(); if (!empty($validMimeTypes)) { $mimeType = $fileBeingUploaded->getMimeType(); if (!isset($validMimeTypes[$mimeType])) { $message = $this->getTranslator()->trans('Only files having the following mime type are allowed: %types%', ['%types%' => implode(', ', $validMimeTypes)]); } $regex = "#^(.+)\\.(" . implode("|", $validMimeTypes[$mimeType]) . ")\$#i"; if (!preg_match($regex, $realFileName)) { $message = $this->getTranslator()->trans("There's a conflict between your file extension \"%ext\" and the mime type \"%mime\"", ['%mime' => $mimeType, '%ext' => $fileBeingUploaded->getClientOriginalExtension()]); } } if (!empty($extBlackList)) { $regex = "#^(.+)\\.(" . implode("|", $extBlackList) . ")\$#i"; if (preg_match($regex, $realFileName)) { $message = $this->getTranslator()->trans('Files with the following extension are not allowed: %extension, please do an archive of the file if you want to upload it', ['%extension' => $fileBeingUploaded->getClientOriginalExtension()]); } } if ($message !== null) { return new ResponseRest($message, 'text', 415); } $fileModel = $fileManager->getModelInstance($objectType, $parentType); $parentModel = $fileModel->getParentFileModel(); if ($parentModel === null || $fileModel === null || $fileBeingUploaded === null) { return new Response('', 404); } $defaultTitle = $parentModel->getTitle(); if (empty($defaultTitle)) { $defaultTitle = $fileBeingUploaded->getClientOriginalName(); } $fileModel->setParentId($parentId)->setLocale(Lang::getDefaultLanguage()->getLocale())->setTitle($defaultTitle); $fileCreateOrUpdateEvent = new FileCreateOrUpdateEvent($parentId); $fileCreateOrUpdateEvent->setModel($fileModel); $fileCreateOrUpdateEvent->setUploadedFile($fileBeingUploaded); $fileCreateOrUpdateEvent->setParentName($parentModel->getTitle()); // Dispatch Event to the Action $this->dispatch(TheliaEvents::IMAGE_SAVE, $fileCreateOrUpdateEvent); $this->adminLogAppend(AdminResources::retrieve($parentType), AccessManager::UPDATE, $this->getTranslator()->trans('Saving %obj% for %parentName% parent id %parentId%', array('%parentName%' => $fileCreateOrUpdateEvent->getParentName(), '%parentId%' => $fileCreateOrUpdateEvent->getParentId(), '%obj%' => $objectType))); return new ResponseRest(array('status' => true, 'message' => '')); } return new Response('', 404); }