--- /dev/null
+<?php
+/**
+ * Implements Special:UploadStash
+ *
+ * Web access for files temporarily stored by UploadStash.
+ *
+ * For example -- files that were uploaded with the UploadWizard extension are stored temporarily
+ * before committing them to the db. But we want to see their thumbnails and get other information
+ * about them.
+ *
+ * Since this is based on the user's session, in effect this creates a private temporary file area.
+ * However, the URLs for the files cannot be shared.
+ *
+ * @file
+ * @ingroup SpecialPage
+ * @ingroup Upload
+ */
+
+class SpecialUploadStash extends UnlistedSpecialPage {
+ // UploadStash
+ private $stash;
+
+ // is the edit request authorized? boolean
+ private $isEditAuthorized;
+
+ // did the user request us to clear the stash? boolean
+ private $requestedClear;
+
+ // Since we are directly writing the file to STDOUT,
+ // we should not be reading in really big files and serving them out.
+ //
+ // We also don't want people using this as a file drop, even if they
+ // share credentials.
+ //
+ // This service is really for thumbnails and other such previews while
+ // uploading.
+ const MAX_SERVE_BYTES = 262144; // 256K
+
+ public function __construct( $request = null ) {
+ global $wgRequest;
+
+ parent::__construct( 'UploadStash', 'upload' );
+ try {
+ $this->stash = RepoGroup::singleton()->getLocalRepo()->getUploadStash();
+ } catch ( UploadStashNotAvailableException $e ) {
+ return null;
+ }
+
+ $this->loadRequest( is_null( $request ) ? $wgRequest : $request );
+ }
+
+ /**
+ * Execute page -- can output a file directly or show a listing of them.
+ *
+ * @param $subPage String: subpage, e.g. in http://example.com/wiki/Special:UploadStash/foo.jpg, the "foo.jpg" part
+ * @return Boolean: success
+ */
+ public function execute( $subPage ) {
+ global $wgUser;
+
+ if ( !$this->userCanExecute( $wgUser ) ) {
+ $this->displayRestrictionError();
+ return;
+ }
+
+ if ( !isset( $subPage ) || $subPage === '' ) {
+ return $this->showUploads();
+ }
+
+ return $this->showUpload( $subPage );
+ }
+
+
+ /**
+ * If file available in stash, cats it out to the client as a simple HTTP response.
+ * n.b. Most sanity checking done in UploadStashLocalFile, so this is straightforward.
+ *
+ * @param $key String: the key of a particular requested file
+ */
+ public function showUpload( $key ) {
+ global $wgOut;
+
+ // prevent callers from doing standard HTML output -- we'll take it from here
+ $wgOut->disable();
+
+ try {
+ $params = $this->parseKey( $key );
+ if ( $params['type'] === 'thumb' ) {
+ return $this->outputThumbFromStash( $params['file'], $params['params'] );
+ } else {
+ return $this->outputLocalFile( $params['file'] );
+ }
+ } catch( UploadStashFileNotFoundException $e ) {
+ $code = 404;
+ $message = $e->getMessage();
+ } catch( UploadStashZeroLengthFileException $e ) {
+ $code = 500;
+ $message = $e->getMessage();
+ } catch( UploadStashBadPathException $e ) {
+ $code = 500;
+ $message = $e->getMessage();
+ } catch( SpecialUploadStashTooLargeException $e ) {
+ $code = 500;
+ $message = 'Cannot serve a file larger than ' . self::MAX_SERVE_BYTES . ' bytes. ' . $e->getMessage();
+ } catch( Exception $e ) {
+ $code = 500;
+ $message = $e->getMessage();
+ }
+
+ wfHttpError( $code, OutputPage::getStatusMessage( $code ), $message );
+ return false;
+ }
+
+ /**
+ * Parse the key passed to the SpecialPage. Returns an array containing
+ * the associated file object, the type ('file' or 'thumb') and if
+ * application the transform parameters
+ *
+ * @param string $key
+ * @return array
+ */
+ private function parseKey( $key ) {
+ $type = strtok( $key, '/' );
+
+ if ( $type !== 'file' && $type !== 'thumb' ) {
+ throw new UploadStashBadPathException( "Unknown type '$type'" );
+ }
+ $fileName = strtok( '/' );
+ $thumbPart = strtok( '/' );
+ $file = $this->stash->getFile( $fileName );
+ if ( $type === 'thumb' ) {
+ $srcNamePos = strrpos( $thumbPart, $fileName );
+ if ( $srcNamePos === false || $srcNamePos < 1 ) {
+ throw new UploadStashBadPathException( 'Unrecognized thumb name' );
+ }
+ $paramString = substr( $thumbPart, 0, $srcNamePos - 1 );
+
+ $handler = $file->getHandler();
+ $params = $handler->parseParamString( $paramString );
+ return array( 'file' => $file, 'type' => $type, 'params' => $params );
+ }
+
+ return array( 'file' => $file, 'type' => $type );
+ }
+
+
+
+
+ /**
+ * Get a thumbnail for file, either generated locally or remotely, and stream it out
+ * @param String $key: key for the file in the stash
+ * @param int $width: width of desired thumbnail
+ * @return boolean success
+ */
+ private function outputThumbFromStash( $file, $params ) {
+
+ // this global, if it exists, points to a "scaler", as you might find in the Wikimedia Foundation cluster. See outputRemoteScaledThumb()
+ // this is part of our horrible NFS-based system, we create a file on a mount point here, but fetch the scaled file from somewhere else that
+ // happens to share it over NFS
+ global $wgUploadStashScalerBaseUrl;
+
+ $flags = 0;
+ if ( $wgUploadStashScalerBaseUrl ) {
+ $this->outputRemoteScaledThumb( $file, $params, $flags );
+ } else {
+ $this->outputLocallyScaledThumb( $file, $params, $flags );
+ }
+
+
+ }
+
+
+ /**
+ * Scale a file (probably with a locally installed imagemagick, or similar) and output it to STDOUT.
+ * @param $file: File object
+ * @param $params: scaling parameters ( e.g. array( width => '50' ) );
+ * @param $flags: scaling flags ( see File:: constants )
+ * @throws MWException
+ * @return boolean success
+ */
+ private function outputLocallyScaledThumb( $file, $params, $flags ) {
+
+ // n.b. this is stupid, we insist on re-transforming the file every time we are invoked. We rely
+ // on HTTP caching to ensure this doesn't happen.
+
+ $flags |= File::RENDER_NOW;
+
+ $thumbnailImage = $file->transform( $params, $flags );
+ if ( !$thumbnailImage ) {
+ throw new MWException( 'Could not obtain thumbnail' );
+ }
+
+ // we should have just generated it locally
+ if ( ! $thumbnailImage->getPath() ) {
+ throw new UploadStashFileNotFoundException( "no local path for scaled item" );
+ }
+
+ // now we should construct a File, so we can get mime and other such info in a standard way
+ // n.b. mimetype may be different from original (ogx original -> jpeg thumb)
+ $thumbFile = new UnregisteredLocalFile( false, $this->stash->repo, $thumbnailImage->getPath(), false );
+ if ( ! $thumbFile ) {
+ throw new UploadStashFileNotFoundException( "couldn't create local file object for thumbnail" );
+ }
+
+ return $this->outputLocalFile( $thumbFile );
+
+ }
+
+ /**
+ * Scale a file with a remote "scaler", as exists on the Wikimedia Foundation cluster, and output it to STDOUT.
+ * Note: unlike the usual thumbnail process, the web client never sees the cluster URL; we do the whole HTTP transaction to the scaler ourselves
+ * and cat the results out.
+ * Note: We rely on NFS to have propagated the file contents to the scaler. However, we do not rely on the thumbnail being created in NFS and then
+ * propagated back to our filesystem. Instead we take the results of the HTTP request instead.
+ * Note: no caching is being done here, although we are instructing the client to cache it forever.
+ * @param $file: File object
+ * @param $params: scaling parameters ( e.g. array( width => '50' ) );
+ * @param $flags: scaling flags ( see File:: constants )
+ * @throws MWException
+ * @return boolean success
+ */
+ private function outputRemoteScaledThumb( $file, $params, $flags ) {
+
+ // this global probably looks something like 'http://upload.wikimedia.org/wikipedia/test/thumb/temp'
+ // do not use trailing slash
+ global $wgUploadStashScalerBaseUrl;
+
+ $scalerThumbName = $file->getParamThumbName( $file->name, $params );
+ $scalerThumbUrl = $wgUploadStashScalerBaseUrl . '/' . $file->getRel() . '/' . $scalerThumbName;
+
+ // make a curl call to the scaler to create a thumbnail
+ $httpOptions = array(
+ 'method' => 'GET',
+ 'timeout' => 'default'
+ );
+ $req = MWHttpRequest::factory( $scalerThumbUrl, $httpOptions );
+ $status = $req->execute();
+ if ( ! $status->isOK() ) {
+ $errors = $status->getErrorsArray();
+ throw new MWException( "Fetching thumbnail failed: " . join( ", ", $errors ) );
+ }
+ $contentType = $req->getResponseHeader( "content-type" );
+ if ( ! $contentType ) {
+ throw new MWException( "Missing content-type header" );
+ }
+ return $this->outputContents( $req->getContent(), $contentType );
+ }
+
+ /**
+ * Output HTTP response for file
+ * Side effect: writes HTTP response to STDOUT.
+ * XXX could use wfStreamfile (in includes/Streamfile.php), but for consistency with outputContents() doing it this way.
+ * XXX is mimeType really enough, or do we need encoding for full Content-Type header?
+ *
+ * @param $file File object with a local path (e.g. UnregisteredLocalFile, LocalFile. Oddly these don't share an ancestor!)
+ */
+ private function outputLocalFile( $file ) {
+ if ( $file->getSize() > self::MAX_SERVE_BYTES ) {
+ throw new SpecialUploadStashTooLargeException();
+ }
+ self::outputFileHeaders( $file->getMimeType(), $file->getSize() );
+ readfile( $file->getPath() );
+ return true;
+ }
+
+ /**
+ * Output HTTP response of raw content
+ * Side effect: writes HTTP response to STDOUT.
+ * @param String $content: content
+ * @param String $mimeType: mime type
+ */
+ private function outputContents( $content, $contentType ) {
+ $size = strlen( $content );
+ if ( $size > self::MAX_SERVE_BYTES ) {
+ throw new SpecialUploadStashTooLargeException();
+ }
+ self::outputFileHeaders( $contentType, $size );
+ print $content;
+ return true;
+ }
+
+ /**
+ * Output headers for streaming
+ * XXX unsure about encoding as binary; if we received from HTTP perhaps we should use that encoding, concatted with semicolon to mimeType as it usually is.
+ * Side effect: preps PHP to write headers to STDOUT.
+ * @param String $contentType : string suitable for content-type header
+ * @param String $size: length in bytes
+ */
+ private static function outputFileHeaders( $contentType, $size ) {
+ header( "Content-Type: $contentType", true );
+ header( 'Content-Transfer-Encoding: binary', true );
+ header( 'Expires: Sun, 17-Jan-2038 19:14:07 GMT', true );
+ header( "Content-Length: $size", true );
+ }
+
+
+ /**
+ * Initialize authorization & actions to take, from the request
+ * @param $request: WebRequest
+ */
+ private function loadRequest( $request ) {
+ global $wgUser;
+ if ( $request->wasPosted() ) {
+
+ $token = $request->getVal( 'wpEditToken' );
+ $this->isEditAuthorized = $wgUser->matchEditToken( $token );
+
+ $this->requestedClear = $request->getBool( 'clear' );
+
+ }
+ }
+
+ /**
+ * Static callback for the HTMLForm in showUploads, to process
+ * Note the stash has to be recreated since this is being called in a static context.
+ * This works, because there really is only one stash per logged-in user, despite appearances.
+ *
+ * @return Status
+ */
+ public static function tryClearStashedUploads( $formData ) {
+ wfDebug( __METHOD__ . " form data : " . print_r( $formData, 1 ) );
+ if ( isset( $formData['clear'] ) and $formData['clear'] ) {
+ $stash = new UploadStash();
+ wfDebug( "stash has: " . print_r( $stash->listFiles(), 1 ) );
+ if ( ! $stash->clear() ) {
+ return Status::newFatal( 'uploadstash-errclear' );
+ }
+ }
+ return Status::newGood();
+ }
+
+ /**
+ * Default action when we don't have a subpage -- just show links to the uploads we have,
+ * Also show a button to clear stashed files
+ * @param Status : $status - the result of processRequest
+ */
+ private function showUploads( $status = null ) {
+ global $wgOut;
+ if ( $status === null ) {
+ $status = Status::newGood();
+ }
+
+ // sets the title, etc.
+ $this->setHeaders();
+ $this->outputHeader();
+
+
+ // create the form, which will also be used to execute a callback to process incoming form data
+ // this design is extremely dubious, but supposedly HTMLForm is our standard now?
+
+ $form = new HTMLForm( array(
+ 'Clear' => array(
+ 'type' => 'hidden',
+ 'default' => true,
+ 'name' => 'clear',
+ )
+ ), 'clearStashedUploads' );
+ $form->setSubmitCallback( array( __CLASS__, 'tryClearStashedUploads' ) );
+ $form->setTitle( $this->getTitle() );
+ $form->addHiddenField( 'clear', true, array( 'type' => 'boolean' ) );
+ $form->setSubmitText( wfMsg( 'uploadstash-clear' ) );
+
+ $form->prepareForm();
+ $formResult = $form->tryAuthorizedSubmit();
+
+
+ // show the files + form, if there are any, or just say there are none
+ $refreshHtml = Html::element( 'a', array( 'href' => $this->getTitle()->getLocalURL() ), wfMsg( 'uploadstash-refresh' ) );
+ $files = $this->stash->listFiles();
+ if ( count( $files ) ) {
+ sort( $files );
+ $fileListItemsHtml = '';
+ foreach ( $files as $file ) {
+ $fileListItemsHtml .= Html::rawElement( 'li', array(),
+ Html::element( 'a', array( 'href' =>
+ $this->getTitle( "file/$file" )->getLocalURL() ), $file )
+ );
+ }
+ $wgOut->addHtml( Html::rawElement( 'ul', array(), $fileListItemsHtml ) );
+ $form->displayForm( $formResult );
+ $wgOut->addHtml( Html::rawElement( 'p', array(), $refreshHtml ) );
+ } else {
+ $wgOut->addHtml( Html::rawElement( 'p', array(),
+ Html::element( 'span', array(), wfMsg( 'uploadstash-nofiles' ) )
+ . ' '
+ . $refreshHtml
+ ) );
+ }
+
+ return true;
+ }
+}
+
+class SpecialUploadStashTooLargeException extends MWException {};
scripts.mit.edu / autoinstallsdev / mediawiki.git / blobdiff