search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MDL-80880 quiz: change display of previous attempts summary
[moodle.git] / repository / nextcloud / lib.php
blob25f7028c04a2ba73bdd95cd96b2a3edd93aa5ad4
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * Nextcloud repository plugin library.
19 *
20 * @package repository_nextcloud
21 * @copyright 2017 Project seminar (Learnweb, University of Münster)
22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or
23 */
24
25 use repository_nextcloud\issuer_management;
26 use repository_nextcloud\ocs_client;
27
28 defined('MOODLE_INTERNAL') || die();
29
30 require_once($CFG->dirroot . '/repository/lib.php');
31 require_once($CFG->libdir . '/webdavlib.php');
32
33 /**
34 * Nextcloud repository class.
35 *
36 * @package repository_nextcloud
37 * @copyright 2017 Project seminar (Learnweb, University of Münster)
38 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
39 */
40 class repository_nextcloud extends repository {
41 /**
42 * OAuth 2 client
43 * @var \core\oauth2\client
44 */
45 private $client = null;
46
47 /**
48 * OAuth 2 Issuer
49 * @var \core\oauth2\issuer
50 */
51 private $issuer = null;
52
53 /**
54 * Additional scopes needed for the repository. Currently, nextcloud does not actually support/use scopes, so
55 * this is intended as a hint at required functionality and will help declare future scopes.
56 */
57 const SCOPES = 'files ocs';
58
59 /**
60 * Webdav client which is used for webdav operations.
61 *
62 * @var \webdav_client
63 */
64 private $dav = null;
65
66 /**
67 * Basepath for WebDAV operations
68 * @var string
69 */
70 private $davbasepath;
71
72 /**
73 * OCS client that uses the Open Collaboration Services REST API.
74 * @var ocs_client
75 */
76 private $ocsclient;
77
78 /**
79 * @var oauth2_client System account client.
80 */
81 private $systemoauthclient = false;
82
83 /**
84 * OCS systemocsclient that uses the Open Collaboration Services REST API.
85 * @var ocs_client
86 */
87 private $systemocsclient = null;
88
89 /**
90 * Name of the folder for controlled links.
91 * @var string
92 */
93 private $controlledlinkfoldername;
94
95 /**
96 * Curl instance that can be used to fetch file from nextcloud instance.
97 * @var curl
98 */
99 private $curl;
100
101 /**
102 * repository_nextcloud constructor.
103 *
104 * @param int $repositoryid
105 * @param bool|int|stdClass $context
106 * @param array $options
107 */
108 public function __construct($repositoryid, $context = SYSCONTEXTID, $options = array()) {
109 parent::__construct($repositoryid, $context, $options);
110 try {
111 // Issuer from repository instance config.
112 $issuerid = $this->get_option('issuerid');
113 $this->issuer = \core\oauth2\api::get_issuer($issuerid);
114 } catch (dml_missing_record_exception $e) {
115 // A repository is marked as disabled when no issuer is present.
116 $this->disabled = true;
117 return;
118 }
119
120 try {
121 // Load the webdav endpoint and parse the basepath.
122 $webdavendpoint = issuer_management::parse_endpoint_url('webdav', $this->issuer);
123 // Get basepath without trailing slash, because future uses will come with a leading slash.
124 $basepath = $webdavendpoint['path'];
125 if (strlen($basepath) > 0 && substr($basepath, -1) === '/') {
126 $basepath = substr($basepath, 0, -1);
127 }
128 $this->davbasepath = $basepath;
129 } catch (\repository_nextcloud\configuration_exception $e) {
130 // A repository is marked as disabled when no webdav_endpoint is present
131 // or it fails to parse, because all operations concerning files
132 // rely on the webdav endpoint.
133 $this->disabled = true;
134 return;
135 }
136 $this->controlledlinkfoldername = $this->get_option('controlledlinkfoldername');
137
138 if (!$this->issuer) {
139 $this->disabled = true;
140 return;
141 } else if (!$this->issuer->get('enabled')) {
142 // In case the Issuer is not enabled, the repository is disabled.
143 $this->disabled = true;
144 return;
145 } else if (!issuer_management::is_valid_issuer($this->issuer)) {
146 // Check if necessary endpoints are present.
147 $this->disabled = true;
148 return;
149 }
150
151 $this->ocsclient = new ocs_client($this->get_user_oauth_client());
152 $this->curl = new curl();
153 }
154
155 /**
156 * Get or initialise an oauth client for the system account.
157 *
158 * @return false|oauth2_client False if initialisation was unsuccessful, otherwise an initialised client.
159 */
160 private function get_system_oauth_client() {
161 if ($this->systemoauthclient === false) {
162 try {
163 $this->systemoauthclient = \core\oauth2\api::get_system_oauth_client($this->issuer);
164 } catch (\moodle_exception $e) {
165 $this->systemoauthclient = false;
166 }
167 }
168 return $this->systemoauthclient;
169 }
170
171 /**
172 * Get or initialise an ocs client for the system account.
173 *
174 * @return null|ocs_client Null if initialisation was unsuccessful, otherwise an initialised client.
175 */
176 private function get_system_ocs_client() {
177 if ($this->systemocsclient === null) {
178 try {
179 $systemoauth = $this->get_system_oauth_client();
180 if (!$systemoauth) {
181 return null;
182 }
183 $this->systemocsclient = new ocs_client($systemoauth);
184 } catch (\moodle_exception $e) {
185 $this->systemocsclient = null;
186 }
187 }
188 return $this->systemocsclient;
189 }
190
191 /**
192 * Initiates the webdav client.
193 *
194 * @throws \repository_nextcloud\configuration_exception If configuration is missing (endpoints).
195 */
196 private function initiate_webdavclient() {
197 if ($this->dav !== null) {
198 return $this->dav;
199 }
200
201 $webdavendpoint = issuer_management::parse_endpoint_url('webdav', $this->issuer);
202
203 // Selects the necessary information (port, type, server) from the path to build the webdavclient.
204 $server = $webdavendpoint['host'];
205 if ($webdavendpoint['scheme'] === 'https') {
206 $webdavtype = 'ssl://';
207 $webdavport = 443;
208 } else if ($webdavendpoint['scheme'] === 'http') {
209 $webdavtype = '';
210 $webdavport = 80;
211 }
212
213 // Override default port, if a specific one is set.
214 if (isset($webdavendpoint['port'])) {
215 $webdavport = $webdavendpoint['port'];
216 }
217
218 // Authentication method is `bearer` for OAuth 2. Pass token of authenticated client, too.
219 $this->dav = new \webdav_client($server, '', '', 'bearer', $webdavtype,
220 $this->get_user_oauth_client()->get_accesstoken()->token);
221
222 $this->dav->port = $webdavport;
223 $this->dav->debug = false;
224 return $this->dav;
225 }
226
227 /**
228 * This function does exactly the same as in the WebDAV repository. The only difference is, that
229 * the nextcloud OAuth2 client uses OAuth2 instead of Basic Authentication.
230 *
231 * @param string $reference relative path to the file.
232 * @param string $title title of the file.
233 * @return array|bool returns either the moodle path to the file or false.
234 */
235 public function get_file($reference, $title = '') {
236 // Normal file.
237 $reference = urldecode($reference);
238
239 // Prepare a file with an arbitrary name - cannot be $title because of special chars (cf. MDL-57002).
240 $path = $this->prepare_file(uniqid());
241 $this->initiate_webdavclient();
242 if (!$this->dav->open()) {
243 return false;
244 }
245 $this->dav->get_file($this->davbasepath . $reference, $path);
246 $this->dav->close();
247
248 return array('path' => $path);
249 }
250
251 /**
252 * This function does exactly the same as in the WebDAV repository. The only difference is, that
253 * the nextcloud OAuth2 client uses OAuth2 instead of Basic Authentication.
254 *
255 * @param string $path relative path to the directory or file.
256 * @param string $page page number (given multiple pages of elements).
257 * @return array directory properties.
258 */
259 public function get_listing($path='', $page = '') {
260 if (empty($path)) {
261 $path = '/';
262 }
263
264 $ret = $this->get_listing_prepare_response($path);
265
266 // Before any WebDAV method can be executed, a WebDAV client socket needs to be opened
267 // which connects to the server.
268 $this->initiate_webdavclient();
269 if (!$this->dav->open()) {
270 return $ret;
271 }
272
273 // Since the paths which are received from the PROPFIND WebDAV method are url encoded
274 // (because they depict actual web-paths), the received paths need to be decoded back
275 // for the plugin to be able to work with them.
276 $ls = $this->dav->ls($this->davbasepath . urldecode($path));
277 $this->dav->close();
278
279 // The method get_listing return all information about all child files/folders of the
280 // current directory. If no information was received, the directory must be empty.
281 if (!is_array($ls)) {
282 return $ret;
283 }
284
285 // Process WebDAV output and convert it into Moodle format.
286 $ret['list'] = $this->get_listing_convert_response($path, $ls);
287 return $ret;
288
289 }
290
291 /**
292 * Use OCS to generate a public share to the requested file.
293 * This method derives a download link from the public share URL.
294 *
295 * @param string $url relative path to the chosen file
296 * @return string the generated download link.
297 * @throws \repository_nextcloud\request_exception If nextcloud responded badly
298 *
299 */
300 public function get_link($url) {
301 // Create a read only public link, remember no update possible in this file/folder.
302 $ocsparams = [
303 'path' => $url,
304 'shareType' => ocs_client::SHARE_TYPE_PUBLIC,
305 'publicUpload' => false,
306 'permissions' => ocs_client::SHARE_PERMISSION_READ
307 ];
308
309 $response = $this->ocsclient->call('create_share', $ocsparams);
310 $xml = simplexml_load_string($response);
311
312 if ($xml === false ) {
313 throw new \repository_nextcloud\request_exception(array('instance' => $this->get_name(),
314 'errormessage' => get_string('invalidresponse', 'repository_nextcloud')));
315 }
316
317 if ((string)$xml->meta->status !== 'ok') {
318 throw new \repository_nextcloud\request_exception(array('instance' => $this->get_name(), 'errormessage' => sprintf(
319 '(%s) %s', $xml->meta->statuscode, $xml->meta->message)));
320 }
321
322 // Take the share link and convert it into a download link.
323 return ((string)$xml->data[0]->url) . '/download';
324 }
325
326 /**
327 * This method does not do any translation of the file source.
328 *
329 * @param string $source source of the file, returned by repository as 'source' and received back from user (not cleaned)
330 * @return string file reference, ready to be stored or json encoded string for public link reference
331 */
332 public function get_file_reference($source) {
333 $usefilereference = optional_param('usefilereference', false, PARAM_BOOL);
334 if ($usefilereference) {
335 return json_encode([
336 'type' => 'FILE_REFERENCE',
337 'link' => $this->get_link($source),
338 ]);
339 }
340 // The simple relative path to the file is enough.
341 return $source;
342 }
343
344 /**
345 * Called when a file is selected as a "access control link".
346 * Invoked at MOODLE/repository/repository_ajax.php
347 *
348 * This is called at the point the reference files are being copied from the draft area to the real area.
349 * What is done here is transfer ownership to the system user (by copying) then delete the intermediate share
350 * used for that. Finally update the reference to point to new file name.
351 *
352 * @param string $reference this reference is generated by repository::get_file_reference()
353 * @param context $context the target context for this new file.
354 * @param string $component the target component for this new file.
355 * @param string $filearea the target filearea for this new file.
356 * @param string $itemid the target itemid for this new file.
357 * @return string updated reference (final one before it's saved to db).
358 * @throws \repository_nextcloud\configuration_exception
359 * @throws \repository_nextcloud\request_exception
360 * @throws coding_exception
361 * @throws moodle_exception
362 * @throws repository_exception
363 */
364 public function reference_file_selected($reference, $context, $component, $filearea, $itemid) {
365 $source = json_decode($reference);
366
367 if (is_object($source)) {
368 if ($source->type != 'FILE_CONTROLLED_LINK') {
369 // Only access controlled links need special handling; we are done.
370 return $reference;
371 }
372 if (!empty($source->usesystem)) {
373 // If we already copied this file to the system account - we are done.
374 return $reference;
375 }
376 }
377
378 // Check this issuer is enabled.
379 if ($this->disabled || $this->get_system_oauth_client() === false || $this->get_system_ocs_client() === null) {
380 throw new repository_exception('cannotdownload', 'repository');
381 }
382
383 $linkmanager = new \repository_nextcloud\access_controlled_link_manager($this->ocsclient, $this->get_system_oauth_client(),
384 $this->get_system_ocs_client(), $this->issuer, $this->get_name());
385
386 // Get the current user.
387 $userauth = $this->get_user_oauth_client();
388 if ($userauth === false) {
389 $details = get_string('cannotconnect', 'repository_nextcloud');
390 throw new \repository_nextcloud\request_exception(array('instance' => $this->get_name(), 'errormessage' => $details));
391 }
392 // 1. Share the File with the system account.
393 $responsecreateshare = $linkmanager->create_share_user_sysaccount($reference);
394 if ($responsecreateshare['statuscode'] == 403) {
395 // File has already been shared previously => find file in system account and use that.
396 $responsecreateshare = $linkmanager->find_share_in_sysaccount($reference);
397 }
398
399 // 2. Create a unique path in the system account.
400 $createdfolder = $linkmanager->create_folder_path_access_controlled_links($context, $component, $filearea,
401 $itemid);
402
403 // 3. Copy File to the new folder path.
404 $linkmanager->transfer_file_to_path($responsecreateshare['filetarget'], $createdfolder, 'copy');
405
406 // 4. Delete the share.
407 $linkmanager->delete_share_dataowner_sysaccount($responsecreateshare['shareid']);
408
409 // Update the returned reference so that the stored_file in moodle points to the newly copied file.
410 $filereturn = new stdClass();
411 $filereturn->type = 'FILE_CONTROLLED_LINK';
412 $filereturn->link = $createdfolder . $responsecreateshare['filetarget'];
413 $filereturn->name = $reference;
414 $filereturn->usesystem = true;
415 $filereturn = json_encode($filereturn);
416
417 return $filereturn;
418 }
419
420 /**
421 * Repository method that serves the referenced file (created e.g. via get_link).
422 * All parameters are there for compatibility with superclass, but they are ignored.
423 *
424 * @param stored_file $storedfile
425 * @param int $lifetime (ignored)
426 * @param int $filter (ignored)
427 * @param bool $forcedownload (ignored)
428 * @param array $options additional options affecting the file serving
429 * @throws \repository_nextcloud\configuration_exception
430 * @throws \repository_nextcloud\request_exception
431 * @throws coding_exception
432 * @throws moodle_exception
433 */
434 public function send_file($storedfile, $lifetime=null , $filter=0, $forcedownload=false, array $options = null) {
435 $repositoryname = $this->get_name();
436 $reference = json_decode($storedfile->get_reference());
437
438 // If the file is a reference which means its a public link in nextcloud.
439 if ($reference->type === 'FILE_REFERENCE') {
440 // This file points to the public link just fetch the latest one from nextcloud repo.
441 redirect($reference->link);
442 }
443
444 // 1. assure the client and user is logged in.
445 if (empty($this->client) || $this->get_system_oauth_client() === false || $this->get_system_ocs_client() === null) {
446 $details = get_string('contactadminwith', 'repository_nextcloud',
447 get_string('noclientconnection', 'repository_nextcloud'));
448 throw new \repository_nextcloud\request_exception(array('instance' => $repositoryname, 'errormessage' => $details));
449 }
450
451 // Download for offline usage. This is strictly read-only, so the file need not be shared.
452 if (!empty($options['offline'])) {
453 // Download from system account and provide the file to the user.
454 $linkmanager = new \repository_nextcloud\access_controlled_link_manager($this->ocsclient,
455 $this->get_system_oauth_client(), $this->get_system_ocs_client(), $this->issuer, $repositoryname);
456
457 // Create temp path, then download into it.
458 $filename = basename($reference->link);
459 $tmppath = make_request_directory() . '/' . $filename;
460 $linkmanager->download_for_offline_usage($reference->link, $tmppath);
461
462 // Output the obtained file to the user and remove it from disk.
463 send_temp_file($tmppath, $filename);
464
465 // That's all.
466 return;
467 }
468
469 if (!$this->client->is_logged_in()) {
470 $this->print_login_popup(['style' => 'margin-top: 250px'], $options['embed']);
471 return;
472 }
473
474 // Determining writeability of file from the using context.
475 // Variable $info is null|\file_info. file_info::is_writable is only true if user may write for any reason.
476 $fb = get_file_browser();
477 $context = context::instance_by_id($storedfile->get_contextid(), MUST_EXIST);
478 $info = $fb->get_file_info($context,
479 $storedfile->get_component(),
480 $storedfile->get_filearea(),
481 $storedfile->get_itemid(),
482 $storedfile->get_filepath(),
483 $storedfile->get_filename());
484 $maywrite = !empty($info) && $info->is_writable();
485
486 $this->initiate_webdavclient();
487
488 // Create the a manager to handle steps.
489 $linkmanager = new \repository_nextcloud\access_controlled_link_manager($this->ocsclient, $this->get_system_oauth_client(),
490 $this->get_system_ocs_client(), $this->issuer, $repositoryname);
491
492 // 2. Check whether user has folder for files otherwise create it.
493 $linkmanager->create_storage_folder($this->controlledlinkfoldername, $this->dav);
494
495 $userinfo = $this->client->get_userinfo();
496 $username = $userinfo['username'];
497
498 // Creates a share between the systemaccount and the user.
499 $responsecreateshare = $linkmanager->create_share_user_sysaccount($reference->link, $username, $maywrite);
500
501 $statuscode = $responsecreateshare['statuscode'];
502
503 if ($statuscode == 403) {
504 $shareid = $linkmanager->get_shares_from_path($reference->link, $username);
505 } else if ($statuscode == 100) {
506 $filetarget = $linkmanager->get_share_information_from_shareid($responsecreateshare['shareid'], $username);
507 $copyresult = $linkmanager->transfer_file_to_path($filetarget, $this->controlledlinkfoldername,
508 'move', $this->dav);
509 if (!($copyresult == 201 || $copyresult == 412)) {
510 throw new \repository_nextcloud\request_exception(array('instance' => $repositoryname,
511 'errormessage' => get_string('couldnotmove', 'repository_nextcloud', $this->controlledlinkfoldername)));
512 }
513 $shareid = $responsecreateshare['shareid'];
514 } else if ($statuscode == 997) {
515 throw new \repository_nextcloud\request_exception(array('instance' => $repositoryname,
516 'errormessage' => get_string('notauthorized', 'repository_nextcloud')));
517 } else {
518 $details = get_string('filenotaccessed', 'repository_nextcloud');
519 throw new \repository_nextcloud\request_exception(array('instance' => $repositoryname, 'errormessage' => $details));
520 }
521 $filetarget = $linkmanager->get_share_information_from_shareid((int)$shareid, $username);
522
523 // Obtain the file from Nextcloud using a Bearer token authenticated connection because we cannot perform a redirect here.
524 // The reason is that Nextcloud uses samesite cookie validation, i.e. a redirected request would not be authenticated.
525 // (Also the browser might use the session of a Nextcloud user that is different from the one that is known to Moodle.)
526 $filename = basename($filetarget);
527 $tmppath = make_request_directory() . '/' . $filename;
528 $this->dav->open();
529
530 // Concat webdav path with file path.
531 $webdavendpoint = issuer_management::parse_endpoint_url('webdav', $this->issuer);
532 $filetarget = ltrim($filetarget, '/');
533 $filetarget = $webdavendpoint['path'] . $filetarget;
534
535 // Write file into temp location.
536 if (!$this->dav->get_file($filetarget, $tmppath)) {
537 $this->dav->close();
538 throw new repository_exception('cannotdownload', 'repository');
539 }
540 $this->dav->close();
541
542 // Output the obtained file to the user and remove it from disk.
543 send_temp_file($tmppath, $filename);
544 }
545
546 /**
547 * Which return type should be selected by default.
548 *
549 * @return int
550 */
551 public function default_returntype() {
552 $setting = $this->get_option('defaultreturntype');
553 $supported = $this->get_option('supportedreturntypes');
554 if (($setting == FILE_INTERNAL && $supported !== 'external') || $supported === 'internal') {
555 return FILE_INTERNAL;
556 }
557 return FILE_CONTROLLED_LINK;
558 }
559
560 /**
561 * Return names of the general options.
562 * By default: no general option name.
563 *
564 * @return array
565 */
566 public static function get_type_option_names() {
567 return array();
568 }
569
570 /**
571 * Function which checks whether the user is logged in on the Nextcloud instance.
572 *
573 * @return bool false, if no Access Token is set or can be requested.
574 */
575 public function check_login() {
576 $client = $this->get_user_oauth_client();
577 return $client->is_logged_in();
578 }
579
580 /**
581 * Get a cached user authenticated oauth client.
582 *
583 * @param bool|moodle_url $overrideurl Use this url instead of the repo callback.
584 * @return \core\oauth2\client
585 */
586 protected function get_user_oauth_client($overrideurl = false) {
587 if ($this->client) {
588 return $this->client;
589 }
590 if ($overrideurl) {
591 $returnurl = $overrideurl;
592 } else {
593 $returnurl = new moodle_url('/repository/repository_callback.php');
594 $returnurl->param('callback', 'yes');
595 $returnurl->param('repo_id', $this->id);
596 $returnurl->param('sesskey', sesskey());
597 }
598 $this->client = \core\oauth2\api::get_user_oauth_client($this->issuer, $returnurl, self::SCOPES, true);
599 return $this->client;
600 }
601
602 /**
603 * Prints a simple Login Button which redirects to an authorization window from Nextcloud.
604 *
605 * @return mixed login window properties.
606 * @throws coding_exception
607 */
608 public function print_login() {
609 $client = $this->get_user_oauth_client();
610 $loginurl = $client->get_login_url();
611 if ($this->options['ajax']) {
612 $ret = array();
613 $btn = new \stdClass();
614 $btn->type = 'popup';
615 $btn->url = $loginurl->out(false);
616 $ret['login'] = array($btn);
617 return $ret;
618 } else {
619 echo html_writer::link($loginurl, get_string('login', 'repository'),
620 array('target' => '_blank', 'rel' => 'noopener noreferrer'));
621 }
622 }
623
624 /**
625 * Deletes the held Access Token and prints the Login window.
626 *
627 * @return array login window properties.
628 */
629 public function logout() {
630 $client = $this->get_user_oauth_client();
631 $client->log_out();
632 return parent::logout();
633 }
634
635 /**
636 * Sets up access token after the redirection from Nextcloud.
637 */
638 public function callback() {
639 $client = $this->get_user_oauth_client();
640 // If an Access Token is stored within the client, it has to be deleted to prevent the addition
641 // of an Bearer authorization header in the request method.
642 $client->log_out();
643
644 // This will upgrade to an access token if we have an authorization code and save the access token in the session.
645 $client->is_logged_in();
646 }
647
648 /**
649 * Create an instance for this plug-in
650 *
651 * @param string $type the type of the repository
652 * @param int $userid the user id
653 * @param stdClass $context the context
654 * @param array $params the options for this instance
655 * @param int $readonly whether to create it readonly or not (defaults to not)
656 * @return mixed
657 * @throws dml_exception
658 * @throws required_capability_exception
659 */
660 public static function create($type, $userid, $context, $params, $readonly=0) {
661 require_capability('moodle/site:config', context_system::instance());
662 return parent::create($type, $userid, $context, $params, $readonly);
663 }
664
665 /**
666 * This method adds a select form and additional information to the settings form..
667 *
668 * @param \moodleform $mform Moodle form (passed by reference)
669 * @return bool|void
670 * @throws coding_exception
671 * @throws dml_exception
672 */
673 public static function instance_config_form($mform) {
674 if (!has_capability('moodle/site:config', context_system::instance())) {
675 $mform->addElement('static', null, '', get_string('nopermissions', 'error', get_string('configplugin',
676 'repository_nextcloud')));
677 return false;
678 }
679
680 // Load configured issuers.
681 $issuers = core\oauth2\api::get_all_issuers();
682 $types = array();
683
684 // Validates which issuers implement the right endpoints. WebDav is necessary for Nextcloud.
685 $validissuers = [];
686 foreach ($issuers as $issuer) {
687 $types[$issuer->get('id')] = $issuer->get('name');
688 if (\repository_nextcloud\issuer_management::is_valid_issuer($issuer)) {
689 $validissuers[] = $issuer->get('name');
690 }
691 }
692
693 // Render the form.
694 $url = new \moodle_url('/admin/tool/oauth2/issuers.php');
695 $mform->addElement('static', null, '', get_string('oauth2serviceslink', 'repository_nextcloud', $url->out()));
696
697 $mform->addElement('select', 'issuerid', get_string('chooseissuer', 'repository_nextcloud'), $types);
698 $mform->addRule('issuerid', get_string('required'), 'required', null, 'issuer');
699 $mform->addHelpButton('issuerid', 'chooseissuer', 'repository_nextcloud');
700 $mform->setType('issuerid', PARAM_INT);
701
702 // All issuers that are valid are displayed seperately (if any).
703 if (count($validissuers) === 0) {
704 $mform->addElement('static', null, '', get_string('no_right_issuers', 'repository_nextcloud'));
705 } else {
706 $mform->addElement('static', null, '', get_string('right_issuers', 'repository_nextcloud',
707 implode(', ', $validissuers)));
708 }
709
710 $mform->addElement('text', 'controlledlinkfoldername', get_string('foldername', 'repository_nextcloud'));
711 $mform->addHelpButton('controlledlinkfoldername', 'foldername', 'repository_nextcloud');
712 $mform->setType('controlledlinkfoldername', PARAM_TEXT);
713 $mform->setDefault('controlledlinkfoldername', 'Moodlefiles');
714
715 $mform->addElement('static', null, '', get_string('fileoptions', 'repository_nextcloud'));
716 $choices = [
717 'both' => get_string('both', 'repository_nextcloud'),
718 'internal' => get_string('internal', 'repository_nextcloud'),
719 'external' => get_string('external', 'repository_nextcloud'),
720 ];
721 $mform->addElement('select', 'supportedreturntypes', get_string('supportedreturntypes', 'repository_nextcloud'), $choices);
722
723 $choices = [
724 FILE_INTERNAL => get_string('internal', 'repository_nextcloud'),
725 FILE_CONTROLLED_LINK => get_string('external', 'repository_nextcloud'),
726 ];
727 $mform->addElement('select', 'defaultreturntype', get_string('defaultreturntype', 'repository_nextcloud'), $choices);
728 }
729
730 /**
731 * Save settings for repository instance
732 *
733 * @param array $options settings
734 * @return bool
735 */
736 public function set_option($options = array()) {
737 $options['issuerid'] = clean_param($options['issuerid'], PARAM_INT);
738 $options['controlledlinkfoldername'] = clean_param($options['controlledlinkfoldername'], PARAM_TEXT);
739
740 $ret = parent::set_option($options);
741 return $ret;
742 }
743
744 /**
745 * Names of the plugin settings
746 *
747 * @return array
748 */
749 public static function get_instance_option_names() {
750 return ['issuerid', 'controlledlinkfoldername',
751 'defaultreturntype', 'supportedreturntypes'];
752 }
753
754 /**
755 * Method to define which file-types are supported (hardcoded can not be changed in Admin Menu)
756 *
757 * By default FILE_INTERNAL is supported. In case a system account is connected and an issuer exist,
758 * FILE_CONTROLLED_LINK is supported.
759 *
760 * FILE_INTERNAL - the file is uploaded/downloaded and stored directly within the Moodle file system.
761 * FILE_CONTROLLED_LINK - creates a copy of the file in Nextcloud from which private shares to permitted users will be
762 * created. The file itself can not be changed any longer by the owner.
763 *
764 * @return int return type bitmask supported
765 */
766 public function supported_returntypes() {
767 // We can only support references if the system account is connected.
768 if (!empty($this->issuer) && $this->issuer->is_system_account_connected()) {
769 $setting = $this->get_option('supportedreturntypes');
770 if ($setting === 'internal') {
771 return FILE_INTERNAL;
772 } else if ($setting === 'external') {
773 return FILE_CONTROLLED_LINK;
774 } else {
775 return FILE_CONTROLLED_LINK | FILE_INTERNAL | FILE_REFERENCE;
776 }
777 } else {
778 return FILE_INTERNAL | FILE_REFERENCE;
779 }
780 }
781
782
783 /**
784 * Take the WebDAV `ls()' output and convert it into a format that Moodle's filepicker understands.
785 *
786 * @param string $dirpath Relative (urlencoded) path of the folder of interest.
787 * @param array $ls Output by WebDAV
788 * @return array Moodle-formatted list of directory contents; ready for use as $ret['list'] in get_listings
789 */
790 private function get_listing_convert_response($dirpath, $ls) {
791 global $OUTPUT;
792 $folders = array();
793 $files = array();
794 $parsedurl = issuer_management::parse_endpoint_url('webdav', $this->issuer);
795 $basepath = rtrim('/' . ltrim($parsedurl['path'], '/ '), '/ ');
796
797 foreach ($ls as $item) {
798 if (!empty($item['lastmodified'])) {
799 $item['lastmodified'] = strtotime($item['lastmodified']);
800 } else {
801 $item['lastmodified'] = null;
802 }
803
804 // Extracting object title from absolute path: First remove Nextcloud basepath.
805 $item['href'] = substr(urldecode($item['href']), strlen($basepath));
806 // Then remove relative path to current folder.
807 $title = substr($item['href'], strlen($dirpath));
808
809 if (!empty($item['resourcetype']) && $item['resourcetype'] == 'collection') {
810 // A folder.
811 if ($dirpath == $item['href']) {
812 // Skip "." listing.
813 continue;
814 }
815
816 $folders[strtoupper($title)] = array(
817 'title' => rtrim($title, '/'),
818 'thumbnail' => $OUTPUT->image_url(file_folder_icon())->out(false),
819 'children' => array(),
820 'datemodified' => $item['lastmodified'],
821 'path' => $item['href']
822 );
823 } else {
824 // A file.
825 $size = !empty($item['getcontentlength']) ? $item['getcontentlength'] : '';
826 $files[strtoupper($title)] = array(
827 'title' => $title,
828 'thumbnail' => $OUTPUT->image_url(file_extension_icon($title))->out(false),
829 'size' => $size,
830 'datemodified' => $item['lastmodified'],
831 'source' => $item['href']
832 );
833 }
834 }
835 ksort($files);
836 ksort($folders);
837 return array_merge($folders, $files);
838 }
839
840 /**
841 * Print the login in a popup.
842 *
843 * @param array|null $attr Custom attributes to be applied to popup div.
844 */
845 private function print_login_popup($attr = null, $embed = false) {
846 global $OUTPUT, $PAGE;
847
848 if ($embed) {
849 $PAGE->set_pagelayout('embedded');
850 }
851
852 $this->client = $this->get_user_oauth_client();
853 $url = new moodle_url($this->client->get_login_url());
854 $state = $url->get_param('state') . '&reloadparent=true';
855 $url->param('state', $state);
856
857 echo $OUTPUT->header();
858
859 $button = new single_button($url, get_string('logintoaccount', 'repository', $this->get_name()),
860 'post', single_button::BUTTON_PRIMARY);
861 $button->add_action(new popup_action('click', $url, 'Login'));
862 $button->class = 'mdl-align';
863 $button = $OUTPUT->render($button);
864 echo html_writer::div($button, '', $attr);
865
866 echo $OUTPUT->footer();
867 }
868
869 /**
870 * Prepare response of get_listing; namely
871 * - defining setting elements,
872 * - filling in the parent path of the currently-viewed directory.
873 *
874 * @param string $path Relative path
875 * @return array ret array for use as get_listing's $ret
876 */
877 private function get_listing_prepare_response($path) {
878 $ret = [
879 // Fetch the list dynamically. An AJAX request is sent to the server as soon as the user opens a folder.
880 'dynload' => true,
881 'nosearch' => true, // Disable search.
882 'nologin' => false, // Provide a login link because a user logs into his/her private Nextcloud storage.
883 'path' => array([ // Contains all parent paths to the current path.
884 'name' => $this->get_meta()->name,
885 'path' => '',
886 ]),
887 'defaultreturntype' => $this->default_returntype(),
888 'manage' => $this->issuer->get('baseurl'), // Provide button to go into file management interface quickly.
889 'list' => array(), // Contains all file/folder information and is required to build the file/folder tree.
890 'filereferencewarning' => get_string('externalpubliclinkwarning', 'repository_nextcloud'),
891 ];
892
893 // If relative path is a non-top-level path, calculate all its parents' paths.
894 // This is used for navigation in the file picker.
895 if ($path != '/') {
896 $chunks = explode('/', trim($path, '/'));
897 $parent = '/';
898 // Every sub-path to the last part of the current path is a parent path.
899 foreach ($chunks as $chunk) {
900 $subpath = $parent . $chunk . '/';
901 $ret['path'][] = [
902 'name' => urldecode($chunk),
903 'path' => $subpath
904 ];
905 // Prepare next iteration.
906 $parent = $subpath;
907 }
908 }
909 return $ret;
910 }
911
912 /**
913 * When a controlled link is clicked in the file picker get the human readable info about this file.
914 *
915 * @param string $reference
916 * @param int $filestatus
917 * @return string
918 */
919 public function get_reference_details($reference, $filestatus = 0) {
920 if ($this->disabled) {
921 throw new repository_exception('cannotdownload', 'repository');
922 }
923 if (empty($reference)) {
924 return get_string('unknownsource', 'repository');
925 }
926 $source = json_decode($reference);
927 $path = '';
928 if (!empty($source->usesystem) && !empty($source->name)) {
929 $path = $source->name;
930 }
931
932 return $path;
933 }
934
935 /**
936 * Synchronize the external file if there is an update happened to it.
937 *
938 * If the file has been updated in the nextcloud instance, this method
939 * would take care of the file we copy into the moodle file pool.
940 *
941 * The call to this method reaches from stored_file::sync_external_file()
942 *
943 * @param stored_file $file
944 * @return bool true if synced successfully else false if not ready to sync or reference link not set
945 */
946 public function sync_reference(stored_file $file):bool {
947 global $CFG;
948
949 if ($file->get_referencelastsync() + DAYSECS > time()) {
950 // Synchronize once per day.
951 return false;
952 }
953
954 $reference = json_decode($file->get_reference());
955
956 if (!isset($reference->link)) {
957 return false;
958 }
959
960 $url = $reference->link;
961 if (file_extension_in_typegroup($file->get_filepath() . $file->get_filename(), 'web_image')) {
962 $saveas = $this->prepare_file(uniqid());
963 try {
964 $result = $this->curl->download_one($url, [], [
965 'filepath' => $saveas,
966 'timeout' => $CFG->repositorysyncimagetimeout,
967 'followlocation' => true,
968 ]);
969
970 $info = $this->curl->get_info();
971
972 if ($result === true && isset($info['http_code']) && $info['http_code'] === 200) {
973 $file->set_synchronised_content_from_file($saveas);
974 return true;
975 }
976 } catch (Exception $e) {
977 // If the download fails lets download with get().
978 $this->curl->get($url, null, ['timeout' => $CFG->repositorysyncimagetimeout, 'followlocation' => true, 'nobody' => true]);
979 $info = $this->curl->get_info();
980
981 if (isset($info['http_code']) && $info['http_code'] === 200 &&
982 array_key_exists('download_content_length', $info) &&
983 $info['download_content_length'] >= 0) {
984 $filesize = (int)$info['download_content_length'];
985 $file->set_synchronized(null, $filesize);
986 return true;
987 }
988
989 $file->set_missingsource();
990 return true;
991 }
992 }
993 return false;
994 }
995 }
Read-only mirror of the Moodle CVS