Source of file EditableFileField.php
Size: 9,590 Bytes - Last Modified: 2021-12-23T10:35:40+00:00
/var/www/docs.ssmods.com/process/src/code/Model/EditableFormField/EditableFileField.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293 | <?php namespace SilverStripe\UserForms\Model\EditableFormField; use SilverStripe\Assets\File; use SilverStripe\Assets\Folder; use SilverStripe\Assets\Upload_Validator; use SilverStripe\Core\Config\Config; use SilverStripe\Core\Convert; use SilverStripe\Forms\FieldList; use SilverStripe\Core\Injector\Injector; use SilverStripe\Forms\FileField; use SilverStripe\Forms\LiteralField; use SilverStripe\Forms\NumericField; use SilverStripe\Forms\TreeDropdownField; use SilverStripe\ORM\ValidationResult; use SilverStripe\Security\Member; use SilverStripe\Security\InheritedPermissions; use SilverStripe\UserForms\Control\UserDefinedFormAdmin; use SilverStripe\UserForms\Control\UserDefinedFormController; use SilverStripe\UserForms\Model\EditableFormField; use SilverStripe\UserForms\Model\Submission\SubmittedFileField; /** * Allows a user to add a field that can be used to upload a file. * * @package userforms * @property int $FolderConfirmed * @property int $FolderID * @property float $MaxFileSizeMB * @method Folder Folder */ class EditableFileField extends EditableFormField { private static $singular_name = 'File Upload Field'; private static $plural_names = 'File Fields'; private static $db = [ 'MaxFileSizeMB' => 'Float', 'FolderConfirmed' => 'Boolean', ]; private static $has_one = [ 'Folder' => Folder::class // From CustomFields ]; private static $table_name = 'EditableFileField'; /** * Further limit uploadable file extensions in addition to the restrictions * imposed by the File.allowed_extensions global configuration. * @config */ private static $allowed_extensions_blacklist = [ 'htm', 'html', 'xhtml', 'swf', 'xml' ]; /** * Returns a string describing the permissions of a folder * @param Folder|null $folder * @return string */ public static function getFolderPermissionString(Folder $folder = null) { $folderPermissions = static::getFolderPermissionTuple($folder); $icon = 'font-icon-user-lock'; if ($folderPermissions['CanViewType'] == InheritedPermissions::ANYONE) { $icon = 'font-icon-address-card-warning'; } return sprintf( '<span class="icon %s form-description__icon" aria-hidden="true"></span>%s %s', $icon, $folderPermissions['CanViewTypeString'], htmlspecialchars(implode(', ', $folderPermissions['ViewerGroups']), ENT_QUOTES) ); } /** * Returns an array with a view type string and the viewer groups * @param Folder|null $folder * @return array */ private static function getFolderPermissionTuple(Folder $folder = null) { $viewersOptionsField = [ InheritedPermissions::INHERIT => _t(__CLASS__.'.INHERIT', 'Visibility for this folder is inherited from the parent folder'), InheritedPermissions::ANYONE => _t(__CLASS__.'.ANYONE', 'Unrestricted access, uploads will be visible to anyone'), InheritedPermissions::LOGGED_IN_USERS => _t(__CLASS__.'.LOGGED_IN', 'Restricted access, uploads will be visible to logged-in users'), InheritedPermissions::ONLY_THESE_USERS => _t(__CLASS__.'.ONLY_GROUPS', 'Restricted access, uploads will be visible to the following groups:') ]; if (!$folder) { return [ 'CanViewType' => InheritedPermissions::ANYONE, 'CanViewTypeString' => $viewersOptionsField[InheritedPermissions::ANYONE], 'ViewerGroups' => [], ]; } $folder = static::getNonInheritedViewType($folder); // ViewerGroups may still exist when permissions have been loosened $viewerGroups = []; if ($folder->CanViewType === InheritedPermissions::ONLY_THESE_USERS) { $viewerGroups = $folder->ViewerGroups()->column('Title'); } return [ 'CanViewType' => $folder->CanViewType, 'CanViewTypeString' => $viewersOptionsField[$folder->CanViewType], 'ViewerGroups' => $viewerGroups, ]; } /** * Returns the nearest non-inherited view permission of the provided * @param File $file * @return File */ private static function getNonInheritedViewType(File $file) { if ($file->CanViewType !== InheritedPermissions::INHERIT) { return $file; } $parent = $file->Parent(); if ($parent->exists()) { return static::getNonInheritedViewType($parent); } else { // anyone can view top level files $file->CanViewType = InheritedPermissions::ANYONE; } return $file; } /** * @return FieldList */ public function getCMSFields() { $fields = parent::getCMSFields(); $treeView = TreeDropdownField::create( 'FolderID', _t(__CLASS__.'.SELECTUPLOADFOLDER', 'Select upload folder'), Folder::class ); $treeView->setDescription(static::getFolderPermissionString($this->Folder())); $fields->addFieldToTab( 'Root.Main', $treeView ); // Warn the user if the folder targeted by this field is not restricted if ($this->FolderID && !$this->Folder()->hasRestrictedAccess()) { $fields->addFieldToTab("Root.Main", LiteralField::create( 'FileUploadWarning', '<p class="alert alert-warning">' . _t( 'SilverStripe\\UserForms\\Model\\UserDefinedForm.UnrestrictedFileUploadWarning', 'Access to the current upload folder "{path}" is not restricted. Uploaded files will be publicly accessible if the exact URL is known.', ['path' => Convert::raw2att($this->Folder()->Filename)] ) . '</p>' ), 'Type'); } $fields->addFieldToTab( 'Root.Main', NumericField::create('MaxFileSizeMB') ->setTitle('Max File Size MB') ->setDescription("Note: Maximum php allowed size is {$this->getPHPMaxFileSizeMB()} MB") ); $fields->removeByName('Default'); return $fields; } /** * @return ValidationResult */ public function validate() { $result = parent::validate(); $max = static::get_php_max_file_size(); if ($this->MaxFileSizeMB * 1024 * 1024 > $max) { $result->addError("Your max file size limit can't be larger than the server's limit of {$this->getPHPMaxFileSizeMB()}."); } return $result; } public function getFormField() { $field = FileField::create($this->Name, $this->Title ?: false) ->setFieldHolderTemplate(EditableFormField::class . '_holder') ->setTemplate(__CLASS__) ->setValidator(Injector::inst()->get(Upload_Validator::class . '.userforms')); $field->setFieldHolderTemplate(EditableFormField::class . '_holder') ->setTemplate(__CLASS__); $field->getValidator()->setAllowedExtensions( array_diff( // filter out '' since this would be a regex problem on JS end array_filter(Config::inst()->get(File::class, 'allowed_extensions')), $this->config()->get('allowed_extensions_blacklist') ) ); if ($this->MaxFileSizeMB > 0) { $field->getValidator()->setAllowedMaxFileSize($this->MaxFileSizeMB * 1024 * 1024); } else { $field->getValidator()->setAllowedMaxFileSize(static::get_php_max_file_size()); } $folder = $this->Folder(); if ($folder && $folder->exists()) { $field->setFolderName( preg_replace("/^assets\//", "", $folder->Filename) ); } $this->doUpdateFormField($field); return $field; } /** * Return the value for the database, link to the file is stored as a * relation so value for the field can be null. * * @return string */ public function getValueFromData() { return null; } public function getSubmittedFormField() { return SubmittedFileField::create(); } /** * @return float */ public static function get_php_max_file_size() { $maxUpload = File::ini2bytes(ini_get('upload_max_filesize')); $maxPost = File::ini2bytes(ini_get('post_max_size')); return min($maxUpload, $maxPost); } public function getPHPMaxFileSizeMB() { return round(static::get_php_max_file_size() / 1024 / 1024, 1); } public function onBeforeWrite() { parent::onBeforeWrite(); $folderChanged = $this->isChanged('FolderID'); // Default to either an existing sibling's folder, or the default form submissions folder if ($this->FolderID === null) { $inheritableSibling = EditableFileField::get()->filter([ 'ParentID' => $this->ParentID, 'FolderConfirmed' => true, ])->first(); if ($inheritableSibling) { $this->FolderID = $inheritableSibling->FolderID; } else { $folder = UserDefinedFormAdmin::getFormSubmissionFolder(); $this->FolderID = $folder->ID; } } if ($folderChanged) { $this->FolderConfirmed = true; } } } |