class.ilObjFileDAV.php

Go to the documentation of this file.

<?php
use Sabre\DAV\Exception;
use Sabre\DAV\Exception\Forbidden;

require_once 'Modules/File/classes/class.ilObjFile.php';

class ilObjFileDAV extends ilObjectDAV implements Sabre\DAV\IFile
{
    protected $obj;
    
    protected $versioning_enabled;

    public function __construct(ilObjFile $a_obj, ilWebDAVRepositoryHelper $repo_helper, ilWebDAVObjDAVHelper $dav_helper)
    {
        $settings = new ilSetting('file_access');
        $this->versioning_enabled = (bool) $settings->get('webdav_versioning_enabled', true);
        parent::__construct($a_obj, $repo_helper, $dav_helper);
    }

    public function put($data)
    {
        if ($this->repo_helper->checkAccess('write', $this->getRefId())) {
            $this->setObjValuesForNewFileVersion();
            if ($this->versioning_enabled === true) {
                // Stolen from ilObjFile->addFileVersion
                $this->handleFileUpload($data, 'new_version');
            } else {
                $this->handleFileUpload($data, 'replace');
            }


            return $this->getETag();
        }
        throw new Exception\Forbidden("Permission denied. No write access for this file");
    }

    public function get()
    {
        if ($this->repo_helper->checkAccess("read", $this->obj->getRefId())) {
            $file = $this->getPathToFile();

            if (file_exists($file)) {
                return fopen($file, 'r');
            } else {
                throw new Exception\NotFound("File not found");
            }
        }

        throw new Exception\Forbidden("Permission denied. No read access for this file");
    }

    public function getName()
    {
        return ilFileUtils::getValidFilename($this->obj->getTitle());
    }
    
    public function getContentType()
    {
        return  $this->obj->guessFileType();
    }
    
    public function getETag()
    {
        if (file_exists($path = $this->getPathToFile())) {
            return '"' . sha1(
                fileinode($path) .
                filesize($path) .
                filemtime($path)
                ) . '"';
        }
        
        return null;
    }
    
    public function getSize()
    {
        if (file_exists($this->getPathToFile())) {
            return $this->obj->getFileSize();
        }
        return 0;
    }

    public function setName($a_name)
    {
        if ($this->dav_helper->isValidFileNameWithValidFileExtension($a_name)) {
            parent::setName($a_name);
        } else {
            throw new Exception\Forbidden("Invalid file extension");
        }
    }

    public function handleFileUpload($a_data, $a_file_action)
    {
        // Set name for uploaded file because due to the versioning, the title can change for different versions. This setter-call here
        // ensures that the uploaded file is saved with the title of the object. This obj->setFileName() has to be called
        // before $this->getPathToFile(). Otherwise, the file could be saved under the wrong filename.
        if ($a_file_action === 'replace') {
            $this->obj->deleteVersions();
            $this->obj->clearDataDirectory();
        }
        $this->obj->setFileName($this->getName());
        $file_dest_path = $this->getPathToFile();

        // If dir does not exist yet -> create it
        if (!file_exists($file_dest_path)) {
            ilUtil::makeDirParents($this->getPathToDirectory());
        }
        
        $written_length = $this->uploadFile($a_data, $file_dest_path);
              
        if ($written_length > ilUtil::getUploadSizeLimitBytes()) {
            $this->deleteObjOrVersion();
            throw new Exception\Forbidden('File is too big');
        }
        
        // Security checks
        $this->checkForVirus($file_dest_path);

        // Set last meta data
        $this->obj->setFileType(ilMimeTypeUtil::lookupMimeType($file_dest_path));
        $this->obj->setFileSize($written_length);
        if ($this->obj->update()) {
            $this->createHistoryAndNotificationForObjUpdate($a_file_action);
            ilPreview::createPreview($this->obj, true);
        }
    }

    protected function uploadFile($a_data, string $file_dest_path)
    {
        $written_length = file_put_contents($file_dest_path, $a_data);
        if ($written_length === false && strlen($a_data) > 0) {
            throw new Exception\Forbidden('Forbidden to write file');
        }
        return $written_length;
    }
    
    protected function getPathToDirectory()
    {
        return $this->obj->getDirectory($this->obj->getVersion());
    }

    protected function getPathToFile()
    {
        // ilObjFile delivers the filename like it was on the upload. But if the file-extension is forbidden, the file
        // will be safed as .sec-file. In this case ->getFileName returns the wrong file name
        $path = $this->getPathToDirectory() . "/" . $this->obj->getFileName();

        // For the case of forbidden file-extensions, ::getValidFilename($path) returns the path with the .sec extension
        return ilFileUtils::getValidFilename($path);
    }
    
    protected function checkForVirus(string $file_dest_path)
    {
        $vrs = ilUtil::virusHandling($file_dest_path, '', true);
        // If vrs[0] == false -> virus found
        if ($vrs[0] == false) {
            ilLoggerFactory::getLogger('WebDAV')->error(get_class($this) . ' ' . $this->obj->getTitle() . " -> virus found on '$file_dest_path'!");
            $this->deleteObjOrVersion();
            throw new Exception\Forbidden('Virus found!');
        }
    }

    protected function setObjValuesForNewFileVersion()
    {
        // This is necessary for windows explorer. Because windows explorer makes always 2 PUT requests. One with a 0 Byte
        // file to test, if the user has write permissions and the second one to upload the original file.
        if ($this->obj->getFileSize() > 0) {
            // Stolen from ilObjFile->addFileVersion
            $this->obj->setVersion($this->obj->getMaxVersion() + 1);
            $this->obj->setMaxVersion($this->obj->getMaxVersion() + 1);
        }
    }

    protected function createHistoryAndNotificationForObjUpdate($a_action)
    {
        // Add history entry and notification for new file version (stolen from ilObjFile->addFileVersion)
        switch ($a_action) {
            case "new_version":
            case "replace":
                ilHistory::_createEntry($this->obj->getId(), $a_action, $this->obj->getTitle() . "," . $this->obj->getVersion() . "," . $this->obj->getMaxVersion());
                break;
        }

        $this->obj->addNewsNotification("file_updated");
    }
    
    protected function deleteObjOrVersion()
    {
        if ($this->obj->getVersion() > 1) {
            $version_dir = $this->obj->getDirectory($this->obj->getVersion());
            ilUtil::delDir($version_dir);
        } else {
            $this->obj->deleteVersions();
            $this->obj->delete();
        }
    }
}