Index: authorize.php =================================================================== RCS file: authorize.php diff -N authorize.php --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ authorize.php 14 Oct 2009 20:04:49 -0000 @@ -0,0 +1,159 @@ + $results['messages'])); + + $links = array(); + if (is_array($results['tasks'])) { + $links += $results['tasks']; + } + + $links = array_merge($links, array( + l(t('Administration pages'), 'admin'), + l(t('Front page'), ''), + )); + + $output .= theme('item_list', array('items' => $links)); + } + // If a batch is running, let it run. + elseif (isset($_GET['batch'])) { + $output = _batch_page(); + } + else { + if (empty($_SESSION['authorize_operation']) || empty($_SESSION['authorize_filetransfer_backends'])) { + $output = t("It appears you have reached this page in error."); + } + elseif (!$batch = batch_get()) { + // We have a batch to process, show the filetransfer form. + $output = drupal_render(drupal_get_form('authorize_filetransfer_form')); + } + } + // We defer the display of messages until all operations are done. + $show_messages = !(($batch = batch_get()) && isset($batch['running'])); +} +else { + $output = authorize_access_denied_page(); +} + +if (!empty($output)) { + print theme('update_page', array('content' => $output, 'show_messages' => $show_messages)); +} + cvs diff: Diffing includes Index: includes/authorize.inc =================================================================== RCS file: includes/authorize.inc diff -N includes/authorize.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ includes/authorize.inc 14 Oct 2009 20:06:48 -0000 @@ -0,0 +1,232 @@ + '

', + '#markup' => t('To continue please provide your server connection details'), + '#suffix' => '

', + ); + + $form['connection_settings']['#tree'] = TRUE; + $form['connection_settings']['authorize_filetransfer_default'] = array( + '#type' => 'select', + '#title' => t('Connection method'), + '#default_value' => $authorize_filetransfer_default, + '#weight' => -10, + ); + + /* + * Here we create two submit buttons. For a JS enabled client, they will + * only ever see submit_process. However, if a client doesn't have JS + * enabled, they will see submit_connection on the first form (whden picking + * what filetranfer type to use, and submit_process on the second one (which + * leads to the actual operation) + */ + $form['submit_connection'] = array( + '#prefix' => "
", + '#name' => 'enter_connection_settings', // This is later changed in JS. + '#type' => 'submit', + '#value' => t('Enter connetion settings'), // As is this. @see authorize.js. + '#weight' => 100, + ); + + $form['submit_process'] = array( + '#name' => 'process_updates', // This is later changed in JS. + '#type' => 'submit', + '#value' => t('Process Updates'), // As is this. @see authorize.js + '#weight' => 100, + '#attributes' => array('style' => 'display:none'), + ); + + // Build a hidden fieldset for each one. + foreach ($available_backends as $name => $backend) { + $form['connection_settings']['authorize_filetransfer_default']['#options'][$name] = $backend['title']; + $form['connection_settings'][$name] = array( + '#type' => 'fieldset', + '#attributes' => array('class' => "filetransfer-$name filetransfer"), + '#title' => t('@backend connection settings', array('@backend' => $backend['title'])), + ); + + $current_settings = variable_get("authorize_filetransfer_connection_settings_" . $name, array()); + $form['connection_settings'][$name] += system_get_filetransfer_settings_form($name, $current_settings); + + // Start non-JS code. + if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default']) && $form_state['values']['connection_settings']['authorize_filetransfer_default'] == $name) { + + // If the user switches from JS to non-JS, Drupal (and Batch API) will + // barf. This is a known bug: http://drupal.org/node/229825. + setcookie('has_js', '', time() - 3600, '/'); + unset($_COOKIE['has_js']); + + // Change the submit button to the submit_process one. + $form['submit_process']['#attributes'] = array(); + unset($form['submit_connection']); + + // Activate the proper filetransfer settings form. + $form['connection_settings'][$name]['#attributes']['style'] = 'display:block'; + // Disable the select box. + $form['connection_settings']['authorize_filetransfer_default']['#disabled'] = TRUE; + + // Create a button for changing the type of connection. + $form['connection_settings']['change_connection_type'] = array( + '#name' => 'change_connection_type', + '#type' => 'submit', + '#value' => t('Change connection type'), + '#weight' => -5, + '#attributes' => array('class' => 'filetransfer-change-connection-type'), + ); + } + // End non-JS code. + } + return $form; +} + +/** + * Validate callback for the filetransfer authorization form. + * + * @see authorize_filetransfer_form() + */ +function authorize_filetransfer_form_validate($form, &$form_state) { + if (isset($form_state['values']['connection_settings'])) { + $backend = $form_state['values']['connection_settings']['authorize_filetransfer_default']; + $filetransfer = authorize_get_filetransfer($backend, $form_state['values']['connection_settings'][$backend]); + try { + if (!$filetransfer) { + throw new Exception(t("Error, this type of connection protocol (%backend) doesn't exist.", array('%backend' => $backend))); + } + $filetransfer->connect(); + } + catch (Exception $e) { + form_set_error('connection_settings', $e->getMessage()); + } + } +} + +/** + * Submit callback when a file transfer is being authorized. + * + * @see authorize_filetransfer_form() + */ +function authorize_filetransfer_form_submit($form, &$form_state) { + global $base_url; + switch ($form_state['clicked_button']['#name']) { + case 'process_updates': + + // Save the connection settings to the DB. + $filetransfer_backend = $form_state['values']['connection_settings']['authorize_filetransfer_default']; + + // If the database is available then try to save our settings. We have + // to make sure it is available since this code could potentially (will + // likely) be called during the installation process, before the + // database is set up. + if (db_is_active()) { + $connection_settings = array(); + foreach ($form_state['values']['connection_settings'][$filetransfer_backend] as $key => $value) { + // We do *not* want to store passwords in the database, unless the + // backend explicitly says so via the magic #filetransfer_save form + // property. Otherwise, we store everything that's not explicitly + // marked with #filetransfer_save set to FALSE. + if (!isset($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save'])) { + if ($form['connection_settings'][$filetransfer_backend][$key]['#type'] != 'password') { + $connection_settings[$key] = $value; + } + } + // The attribute is defined, so only save if set to TRUE. + elseif ($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save']) { + $connection_settings[$key] = $value; + } + } + // Set this one as the default authorize method. + variable_set('authorize_filetransfer_default', $filetransfer_backend); + // Save the connection settings minus the password. + variable_set("authorize_filetransfer_connection_settings_" . $filetransfer_backend, $connection_settings); + + $filetransfer = authorize_get_filetransfer($filetransfer_backend, $form_state['values']['connection_settings'][$filetransfer_backend]); + + // Now run the operation. + authorize_run_operation($filetransfer); + } + break; + + case 'enter_connection_settings': + $form_state['rebuild'] = TRUE; + break; + + case 'change_connection_type': + $form_state['rebuild'] = TRUE; + unset($form_state['values']['connection_settings']['authorize_filetransfer_default']); + break; + } +} + +/** + * Run the operation specified in $_SESSION['authorize_operation'] + * + * @param $filetransfer + * The FileTransfer object to use for running the operation. + */ +function authorize_run_operation($filetransfer) { + $operation = $_SESSION['authorize_operation']; + unset($_SESSION['authorize_operation']); + + if (!empty($operation['page_title'])) { + drupal_set_title(check_plain($operation['page_title'])); + } + + require_once DRUPAL_ROOT . '/' . $operation['file']; + call_user_func_array($operation['callback'], array_merge(array($filetransfer), $operation['arguments'])); +} + +/** + * Get a FileTransfer class for a specific transfer method and settings. + * + * @param $backend + * The FileTransfer backend to get the class for. + * @param $settings + * Array of settings for the FileTransfer. + * @return + * An instantiated FileTransfer object for the requested method and settings, + * or FALSE if there was an error finding or instantiating it. + */ +function authorize_get_filetransfer($backend, $settings = array()) { + $filetransfer = FALSE; + if (!empty($_SESSION['authorize_filetransfer_backends'][$backend])) { + $filetransfer = call_user_func_array(array($_SESSION['authorize_filetransfer_backends'][$backend]['class'], 'factory'), array(DRUPAL_ROOT, $settings)); + } + return $filetransfer; +} + Index: includes/common.inc =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/includes/common.inc,v retrieving revision 1.1017 diff -u -p -r1.1017 common.inc --- includes/common.inc 13 Oct 2009 21:16:42 -0000 1.1017 +++ includes/common.inc 14 Oct 2009 17:26:38 -0000 @@ -4851,23 +4851,10 @@ function drupal_common_theme() { 'arguments' => array('page' => NULL), 'template' => 'page', ), - 'maintenance_page' => array( - 'arguments' => array('content' => NULL, 'show_messages' => TRUE), - 'template' => 'maintenance-page', - ), - 'update_page' => array( - 'arguments' => array('content' => NULL, 'show_messages' => TRUE), - ), - 'install_page' => array( - 'arguments' => array('content' => NULL), - ), 'region' => array( 'arguments' => array('elements' => NULL), 'template' => 'region', ), - 'task_list' => array( - 'arguments' => array('items' => NULL, 'active' => NULL), - ), 'status_messages' => array( 'arguments' => array('display' => NULL), ), @@ -4922,6 +4909,26 @@ function drupal_common_theme() { 'indentation' => array( 'arguments' => array('size' => 1), ), + // from theme.maintenance.inc + 'maintenance_page' => array( + 'arguments' => array('content' => NULL, 'show_messages' => TRUE), + 'template' => 'maintenance-page', + ), + 'update_page' => array( + 'arguments' => array('content' => NULL, 'show_messages' => TRUE), + ), + 'install_page' => array( + 'arguments' => array('content' => NULL), + ), + 'task_list' => array( + 'arguments' => array('items' => NULL, 'active' => NULL), + ), + 'authorize_message' => array( + 'arguments' => array('message' => NULL, 'success' => TRUE), + ), + 'authorize_report' => array( + 'arguments' => array('messages' => array()), + ), // from pager.inc 'pager' => array( 'arguments' => array('tags' => array(), 'element' => 0, 'parameters' => array(), 'quantity' => 9), @@ -5797,3 +5804,25 @@ function xmlrpc($url) { return call_user_func_array('_xmlrpc', $args); } +/** + * Drupal Updater registry. + * + * An Updater is a class that knows how to update various parts of the Drupal + * file system, for example to update modules that have newer releases, or to + * install a new theme. + * + * @return + * Returns the Drupal Updater class registry. + * + * @see hook_updater_info() + * @see hook_updater_info_alter() + */ +function drupal_get_updaters() { + $updaters = &drupal_static(__FUNCTION__); + if (!isset($updaters)) { + $updaters = module_invoke_all('updater_info'); + drupal_alter('updater_info', $updaters); + } + return $updaters; +} + Index: includes/theme.maintenance.inc =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/includes/theme.maintenance.inc,v retrieving revision 1.42 diff -u -p -r1.42 theme.maintenance.inc --- includes/theme.maintenance.inc 9 Oct 2009 00:59:54 -0000 1.42 +++ includes/theme.maintenance.inc 14 Oct 2009 17:26:38 -0000 @@ -202,3 +202,48 @@ function theme_update_page($variables) { return theme_render_template('themes/garland/maintenance-page.tpl.php', $variables); } + +/** + * Generate a report of the results from an operation run via authorize.php. + * + * @param array $variables + * - messages: An array of result messages. + */ +function theme_authorize_report($variables) { + $messages = $variables['messages']; + $output = ''; + if (!empty($messages)) { + $output .= '
'; + foreach ($messages as $heading => $logs) { + $output .= '

' . check_plain($heading) . '

'; + foreach ($logs as $number => $log_message) { + if ($number === '#abort') { + continue; + } + $output .= theme('authorize_message', array('message' => $log_message['message'], 'success' => $log_message['success'])); + } + } + $output .= '
'; + } + return $output; +} + +/** + * Render a single log message from the authorize.php batch operation. + * + * @param $variables + * - message: The log message. + * - success: A boolean indicating failure or success. + */ +function theme_update_plugin_manager_message($variables) { + $output = ''; + $message = $variables['message']; + $success = $variables['success']; + if ($success) { + $output .= '
  • ' . check_plain($message) . '
    • '; + } + else { + $output .= '
  • ' . t('Failed') . ': ' . $message . '
    • '; + } + return $output; +} Index: includes/updater.inc =================================================================== RCS file: includes/updater.inc diff -N includes/updater.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ includes/updater.inc 14 Oct 2009 23:16:48 -0000 @@ -0,0 +1,322 @@ +source = $source; + $this->name = self::getProjectName($source); + $this->title = self::getProjectTitle($source); + } + + /** + * Return an Updater of the appropriate type depending on the source. + * + * If a directory is provided which contains a module, will return a + * ModuleUpdater. + * + * @param string $source + * Directory of a Drupal project. + * + * @return object Updater + */ + static function factory($source) { + if (is_dir($source)) { + $updater = self::getUpdaterFromDirectory($source); + } + else { + throw new UpdaterError('Unable to determine the type of the source directory'); + } + return new $updater($source); + } + + /** + * Determine which Updater class can operate on the given directory. + * + * @param string $directory + * Extracted Drupal project. + * @return string + * The class name which can work with this project type. + */ + static function getUpdaterFromDirectory($directory) { + // Gets a list of possible implementing classes + $updaters = drupal_get_updaters(); + foreach ($updaters as $updater) { + $class = $updater['class']; + if (call_user_func("{$class}::canUpdateDirectory", $directory)) { + return $class; + } + } + throw new UpdaterError("Cannot determine the type of project"); + } + + /** + * Figure out what the most important (or only) info file is in a directory. + * + * Since there is no enforcement of which info file is the project's "main" + * info file, this will get one with the same name as the directory, or the + * first one it finds. Not ideal, but needs a larger solution. + * + * @param string $directory + * Directory to search in. + * @return string + * Path to the info file. + */ + public static function findInfoFile($directory) { + $info_files = file_scan_directory($directory, '/.*\.info/'); + if (!$info_files) { + return FALSE; + } + foreach ($info_files as $info_file) { + if (drupal_substr($info_file->filename, 0, -5) == basename($directory)) { + // Info file Has the same name as the directory, return it. + return $info_file->uri; + } + } + // Otherwise, return the first one. + $info_file = array_shift($info_files); + return $info_file->uri; + } + + /** + * Get the name of the project directory (basename). + * + * @todo: It would be nice, if projects contained an info file which could + * provide their canonical name. + * + * @param string $directory + * @return string + */ + public static function getProjectName($directory) { + return basename($directory); + } + + /** + * Return the project name from a Drupal info file. + * + * @param string $directory + * Directory to search for the info file. + * @return string + */ + public static function getProjectTitle($directory) { + $info_file = self::findInfoFile($directory); + $info = drupal_parse_info_file($info_file); + if (!$info) { + //@TODO: Add the variables, t(), etc + throw new UpdaterError("Unable to parse info file"); + } + return $info['name']; + } + + /** + * Store the default parameters for the Updater. + * + * @param array $overrides + * An array of overrides for the default parameters. + * @return array + * An array of configuration parameters for an update or install operation. + */ + private function getInstallArgs($overrides = array()) { + $args = array( + 'make_backup' => FALSE, + 'install_dir' => $this->getInstallDirectory(), + 'backup_dir' => $this->getBackupDir(), + ); + return array_merge($args, $overrides); + } + + /** + * Updates a Drupal project, returns a list of next actions. + * + * @param FileTransfer $ft + * Object which is a child of FileTransfer. Used for moving files + * to the server. + * @param array $overrides + * An array of settings to override defaults + * @see self::getInstallArgs + * @return array + * An array of links which the user may need to complete the update + */ + public function update(&$ft, $overrides = array()) { + try { + // Establish arguments with possible overrides. + $args = $this->getInstallArgs($overrides); + + // Take a Backup. + if ($args['make_backup']) { + $this->makeBackup($args['install_dir'], $args['backup_dir']); + } + + if (!$this->name) { + // This is bad, don't want to delete the install directory. + throw new UpdaterError("Fatal error in update, cowardly refusing to wipe out the install directory"); + } + + // Note: If the project is installed in sites/all, it will not be + // deleted. It will be installed in sites/default as that will override + // the sites/all reference and not break other sites which are using it. + if (is_dir($args['install_dir'] . '/' . $this->name)) { + // Remove the existing installed file. + $ft->removeDirectory($args['install_dir'] . '/' . $this->name); + } + + // Copy the directory in place. + $ft->copyDirectory($this->source, $args['install_dir']); +// plugin_make_world_executable($ft, $args['install_dir'] . '/' . $this->name); + // Run the updates. + // @TODO: decide if we want to implement this. + $this->postUpdate(); + // For now, just return a list of links of things to do. + return $this->postUpdateTasks(); + } + catch (FileTransferException $e) { + throw new UpdaterError(t("File Transfer failed, reason: !reason", array('!reason' => t($e->getMessage(), $e->arguments)))); + } + } + + /** + * Installs a Drupal project, returns a list of next actions. + * + * @param FileTransfer $ft + * Object which is a child of FileTransfer. + * @param array $overrides + * An array of settings to override defaults. + * @see self::getInstallArgs + * @return array + * An array of links which the user may need to complete the install. + */ + public function install(&$ft, $overrides = array()) { + try { + // Establish arguments with possible overrides. + $args = $this->getInstallArgs($overrides); + // Copy the directory in place. + $ft->copyDirectory($this->source, $args['install_dir']); +// plugin_make_world_executable($ft, $args['install_dir'] . '/' . $this->name); + // Potentially enable something? + // @TODO: decide if we want to implement this. + $this->postInstall(); + // For now, just return a list of links of things to do. + return $this->postInstallTasks(); + } + catch (FileTransferException $e) { + throw new UpdaterError(t("File Transfer failed, reason: !reason", array('!reason' => t($e->getMessage(), $e->arguments)))); + } + } + + function makeBackup(&$ft, $from, $to) { + //@TODO: Not implemented + } + + function getBackupDir() { + return file_directory_path('temporary'); + } + + /** + * Needs to be overridden by children to work + * Actions to take after the update is complete. + */ + function postUpdate() { + + } + + /** + * Needs to be overridden by children to work + * Actions to take after the install is complete. + */ + function postInstall() { + + } + + /** + * Returns an array of links to pages that should be visited post operation. + * + * @return array + * Links which provide actions to take after the install is finished. + */ + function postInstallTasks() { + return array(); + } + + /** + * Returns an array of links to pages that should be visited post operation. + * + * @return array + * Links which provide actions to take after the update is finished. + */ + function postUpdateTasks() { + return array(); + } +} + +class UpdaterError extends Exception { + +} cvs diff: Diffing includes/database cvs diff: Diffing includes/database/mysql cvs diff: Diffing includes/database/pgsql cvs diff: Diffing includes/database/sqlite cvs diff: Diffing includes/filetransfer Index: includes/filetransfer/ftp.inc =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/includes/filetransfer/ftp.inc,v retrieving revision 1.6 diff -u -p -r1.6 ftp.inc --- includes/filetransfer/ftp.inc 28 Aug 2009 07:51:55 -0000 1.6 +++ includes/filetransfer/ftp.inc 14 Oct 2009 17:26:38 -0000 @@ -5,6 +5,15 @@ * Connection class using the FTP URL wrapper. */ class FileTransferFTPWrapper extends FileTransfer { + + public function __construct($jail, $username, $password, $hostname, $port) { + $this->username = $username; + $this->password = $password; + $this->hostname = $hostname; + $this->port = $port; + parent::__construct($jail); + } + function connect() { $this->connection = 'ftp://' . urlencode($this->username) . ':' . urlencode($this->password) . '@' . $this->hostname . ':' . $this->port . '/'; if (!is_dir($this->connection)) { @@ -19,29 +28,29 @@ class FileTransferFTPWrapper extends Fil } function createDirectoryJailed($directory) { - if (!@drupal_mkdir($directory)) { + if (!@drupal_mkdir($this->connection . $directory)) { $exception = new FileTransferException('Cannot create directory @directory.', NULL, array('@directory' => $directory)); throw $exception; } } function removeDirectoryJailed($directory) { - if (is_dir($directory)) { - $dh = opendir($directory); + if (is_dir($this->connection . $directory)) { + $dh = opendir($this->connection . $directory); while (($resource = readdir($dh)) !== FALSE) { if ($resource == '.' || $resource == '..') { continue; } $full_path = $directory . DIRECTORY_SEPARATOR . $resource; - if (is_file($full_path)) { + if (is_file($this->connection . $full_path)) { $this->removeFile($full_path); } - elseif (is_dir($full_path)) { + elseif (is_dir($this->connection . $full_path)) { $this->removeDirectory($full_path . '/'); } } closedir($dh); - if (!rmdir($directory)) { + if (!rmdir($this->connection . $directory)) { $exception = new FileTransferException('Cannot remove @directory.', NULL, array('@directory' => $directory)); throw $exception; } @@ -70,15 +79,18 @@ class FileTransferFTPWrapper extends Fil } /** - * This is impossible with the stream wrapper, - * So we cheat and use the other implementation + * This is impossible with the stream wrapper, so an exception is thrown. + * + * If the ftp extenstion is available, we will cheat and use it. * - * @staticvar FileTransferFTPExtension $ftp_ext_file_transfer * @param string $path * @param long $mode * @param bool $recursive */ function chmodJailed($path, $mode, $recursive) { + if (!function_exists('ftp_connect')) { + throw new FileTransferException('Unable to set permissions on @path. Change umask settings on server to be world executable.', array('@path' => $path)); + } static $ftp_ext_file_transfer; if (!$ftp_ext_file_transfer) { cvs diff: Diffing misc Index: misc/authorize.js =================================================================== RCS file: misc/authorize.js diff -N misc/authorize.js --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ misc/authorize.js 14 Oct 2009 17:26:38 -0000 @@ -0,0 +1,29 @@ +// $Id$ + +/** + * @file + * Conditionally hide or show the appropriate settings and saved defaults + * on the file transfer connection settings form used by authorize.php. + */ + +(function ($) { + +Drupal.behaviors.authorizeFileTransferForm = { + attach: function(context) { + $('#edit-connection-settings-authorize-filetransfer-default').change(function() { + $('.filetransfer').hide().filter('.filetransfer-' + $(this).val()).show(); + }); + $('.filetransfer').hide().filter('.filetransfer-' + $('#edit-connection-settings-authorize-filetransfer-default').val()).show(); + + // Removes the float on the select box (used for non-JS interface) + if($('.connection-settings-update-filetransfer-default-wrapper').length > 0) { + console.log($('.connection-settings-update-filetransfer-default-wrapper')); + $('.connection-settings-update-filetransfer-default-wrapper').css('float', 'none'); + } + // Hides the submit button for non-js users + $('#edit-submit-connection').hide(); + $('#edit-submit-process').show(); + } +} + +})(jQuery); cvs diff: Diffing misc/farbtastic cvs diff: Diffing misc/ui cvs diff: Diffing misc/ui/images cvs diff: Diffing modules/system Index: modules/system/maintenance.css =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/system/maintenance.css,v retrieving revision 1.1 diff -u -p -r1.1 maintenance.css --- modules/system/maintenance.css 30 Nov 2007 12:19:10 -0000 1.1 +++ modules/system/maintenance.css 14 Oct 2009 17:26:38 -0000 @@ -21,3 +21,18 @@ #update-results li.failure strong { color: #b63300; } + +/* authorize.php styles */ +.connection-settings-update-filetransfer-default-wrapper { + float: left; +} +#edit-submit-connection { + clear: both; +} +.filetransfer { + display: none; + clear: both; +} +#edit-connection-settings-change-connection-type { + margin: 2.6em 0.5em 0em 1em; +} Index: modules/system/system.info =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/system/system.info,v retrieving revision 1.16 diff -u -p -r1.16 system.info --- modules/system/system.info 31 Aug 2009 18:30:27 -0000 1.16 +++ modules/system/system.info 14 Oct 2009 17:26:38 -0000 @@ -12,5 +12,6 @@ files[] = system.install files[] = system.test files[] = system.tar.inc files[] = system.tokens.inc +files[] = system.updater.inc files[] = mail.sending.inc required = TRUE Index: modules/system/system.module =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/system/system.module,v retrieving revision 1.810 diff -u -p -r1.810 system.module --- modules/system/system.module 13 Oct 2009 21:34:15 -0000 1.810 +++ modules/system/system.module 14 Oct 2009 20:01:02 -0000 @@ -1401,6 +1401,70 @@ function _system_themes_access($theme) { } /** + * Invoke a given callback via authorize.php to run with elevated privileges. + * + * To use authorize.php, certain variables must be stashed into + * $_SESSION. This function sets up all the necessary $_SESSION variables, + * then redirects to authorize.php to initiate the workflow that will + * eventually lead to the callback being invoked. The callback will be invoked + * at a low bootstrap level, without all modules being invoked, so it needs to + * be careful not to assume any code exists. + * + * @param $callback + * The name of the function to invoke one the user authorizes the operation. + * @param $file + * The full path to the file where the callback function is implemented. + * @param $arguments + * Optional array of arguments to pass into the callback when it is invoked. + * Note that the first argument to the callback is always the FileTransfer + * object created by authorize.php when the user authorizes the operation. + * @param $page_title + * Optional string to use as the page title once redirected to authorize.php. + * @return + * Nothing. This function redirects to authorize.php and does not return. + */ +function system_run_authorized($callback, $file, $arguments = array(), $page_title = NULL) { + global $base_url; + + // First, figure out what file transfer backends the site supports, and put + // all of those in the SESSION so that authorize.php has access to all of + // them via the class autoloader, even without a full bootstrap. + $_SESSION['authorize_filetransfer_backends'] = module_invoke_all('filetransfer_backends'); + + // Now, define the callback to invoke. + $_SESSION['authorize_operation'] = array( + 'callback' => $callback, + 'file' => $file, + 'arguments' => $arguments, + ); + + if (isset($page_title)) { + $_SESSION['authorize_operation']['page_title'] = $page_title; + } + + // Finally, redirect to authorize.php. + drupal_goto($base_url . '/authorize.php'); +} + +/** + * Implement hook_updater_info(). + */ +function system_updater_info() { + return array( + 'module' => array( + 'class' => 'ModuleUpdater', + 'name' => t('Update modules'), + 'weight' => 0, + ), + 'theme' => array( + 'class' => 'ThemeUpdater', + 'name' => t('Update themes'), + 'weight' => 0, + ), + ); +} + +/** * Implement hook_filetransfer_backends(). */ function system_filetransfer_backends() { Index: modules/system/system.updater.inc =================================================================== RCS file: modules/system/system.updater.inc diff -N modules/system/system.updater.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ modules/system/system.updater.inc 14 Oct 2009 17:26:38 -0000 @@ -0,0 +1,118 @@ +name); + } + + static function canUpdateDirectory($directory) { + if (file_scan_directory($directory, '/.*\.module/')) { + return TRUE; + } + return FALSE; + } + + static function canUpdate($project_name) { + return (bool) drupal_get_path('module', $project_name); + } + + /** + * @todo: Not implemented + * @return + */ + function getSchemaUpdates() { + require_once './includes/install.inc'; + require_once './includes/update.inc'; + + if (_update_get_project_type($project) != 'module') { + return array(); + } + module_load_include('install', $project); + + if (!$updates = drupal_get_schema_versions($project)) { + return array(); + } + $updates_to_run = array(); + $modules_with_updates = update_get_update_list(); + if ($updates = $modules_with_updates[$project]) { + if ($updates['start']) { + return $updates['pending']; + } + } + return array(); + } + + function postInstallTasks() { + return array( + l(t('Enable newly added modules in !project', array('!project' => $this->title)), 'admin/config/modules'), + ); + } + + function postUpdateTasks() { + // @todo: If there are schema updates. + return array( + l(t('Run database updates for !project', array('!project' => $this->title)), 'update.php'), + ); + } + +} + +/** + * Class for updating themes using FileTransfer classes via authorize.php. + */ +class ThemeUpdater extends Updater implements DrupalUpdaterInterface { + public $installDirectory; + + static function getInstallDirectory() { + return DRUPAL_ROOT . '/' . conf_path() . '/themes'; + } + + function isInstalled() { + return (bool) drupal_get_path('theme', $this->name); + } + + static function canUpdateDirectory($directory) { + // This is a lousy test, but don't know how else to confirm it is a theme. + if (file_scan_directory($directory, '/.*\.module/')) { + return FALSE; + } + return TRUE; + } + + static function canUpdate($project_name) { + return (bool) drupal_get_path('theme', $project_name); + } + + function postInstall() { + // Update the system table. + system_get_theme_data(); + + // Active the theme + db_update('system') + ->fields(array('status' => 1)) + ->condition('type', 'theme') + ->condition('name', $this->name) + ->execute(); + } + + function postInstallTasks() { + return array( + l(t('Set the !project theme as default', array('!project' => $this->title)), 'admin/appearance'), + ); + } +} cvs diff: Diffing modules/update Index: modules/update/update.authorize.inc =================================================================== RCS file: modules/update/update.authorize.inc diff -N modules/update/update.authorize.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ modules/update/update.authorize.inc 15 Oct 2009 01:20:59 -0000 @@ -0,0 +1,209 @@ + $project_info) { + $operations[] = array( + 'update_authorize_batch_copy_project', + array( + $project_info['project'], + $project_info['updater_name'], + $project_info['local_url'], + $filetransfer, + ), + ); + } + + $batch = array( + 'title' => t('Installing updates'), + 'init_message' => t('Preparing to update your site'), + 'operations' => $operations, + 'finished' => 'update_authorize_batch_finished', + 'file' => drupal_get_path('module', 'update') . '/update.authorize.inc', + ); + + batch_set($batch); + // Invoke the batch via authorize.php. + batch_process($base_url . '/authorize.php', $base_url . '/authorize.php?batch=1'); +} + +/** + * Callback invoked by authorize.php to install a new project. + * + * @param FileTransfer $filetransfer + * The FileTransfer object created by authorize.php for use during this + * operation. + * @param string $project + * The canonical project short name (e.g. {system}.name). + * @param string $updater_name + * The name of the Updater class to use for installing this project. + * @param string $local_url + * The URL to the locally installed temp directory where the project has + * already been downloaded and extracted into. + */ +function update_authorize_run_install($filetransfer, $project, $updater_name, $local_url) { + global $base_url; + + $operations[] = array( + 'update_authorize_batch_copy_project', + array( + $project, + $updater_name, + $local_url, + $filetransfer, + ), + ); + + // @todo Instantiate our Updater to set the human-readable title? + $batch = array( + 'title' => t('Installing %project', array('%project' => $project)), + 'init_message' => t('Preparing to install'), + 'operations' => $operations, + // @todo Use a different finished callback for different messages? + 'finished' => 'update_authorize_batch_finished', + 'file' => drupal_get_path('module', 'update') . '/update.authorize.inc', + ); + batch_set($batch); + + // Invoke the batch via authorize.php. + batch_process($base_url . '/authorize.php', $base_url . '/authorize.php?batch=1'); + +} + +/** + * Copy a project to its proper place when authorized with elevated privileges. + * + * @param string $project + * The cannonical short name of the project being installed. + * @param string $updater_name + * The name of the Updater class to use for installing this project. + * @param string $local_url + * The URL to the locally installed temp directory where the project has + * already been downloaded and extracted into. + * @param FileTransfer $filetransfer + * The FileTransfer object to use for performing this operation. + * @param array &$context + * Reference to an array used for BatchAPI storage. + */ +function update_authorize_batch_copy_project($project, $updater_name, $local_url, $filetransfer, &$context) { + + // Initialize some variables in the Batch API $context array. + if (!isset($context['results']['log'])) { + $context['results']['log'] = array(); + } + if (!isset($context['results']['log'][$project])) { + $context['results']['log'][$project] = array(); + } + + if (!isset($context['results']['tasks'])) { + $context['results']['tasks'] = array(); + } + + /** + * The batch API uses a session, and since all the arguments are serialized + * and unserialized between requests, although the FileTransfer object + * itself will be reconstructed, the connection pointer itself will be lost. + * However, the FileTransfer object will still have the connection variable, + * even though the connection itself is now gone. So, although it's ugly, we + * have to unset the connection variable at this point so that the + * FileTransfer object will re-initiate the actual connection. + */ + unset($filetransfer->connection); + + if (!empty($context['results']['log'][$project]['#abort'])) { + $context['#finished'] = 1; + return; + } + + $updater = new $updater_name($local_url); + + try { + if ($updater->isInstalled()) { + // This is an update. + $tasks = $updater->update($filetransfer); + } + else { + $tasks = $updater->install($filetransfer); + } + } + catch (UpdaterError $e) { + _update_batch_create_message($context['results']['log'][$project], t("Error installing / updating"), FALSE); + _update_batch_create_message($context['results']['log'][$project], $e->getMessage(), FALSE); + $context['results']['log'][$project]['#abort'] = TRUE; + return; + } + + _update_batch_create_message($context['results']['log'][$project], t('Installed %project_name successfully', array('%project_name' => $project))); + $context['results']['tasks'] += $tasks; + + // This particular operation is now complete, even though the batch might + // have other operations to perform. + $context['finished'] = 1; +} + +/** + * Batch callback for when the authorized operations batch is finished. + */ +function update_authorize_batch_finished($success, $results) { + foreach ($results['log'] as $project => $messages) { + if (!empty($messages['#abort'])) { + $success = FALSE; + } + } + if ($success) { + variable_set('site_offline', FALSE); + $page_message = array( + 'message' => t('Update was completed successfully! Your site has been taken out of maintenance mode.'), + 'type' => 'status', + ); + } + else { + $page_message = array( + 'message' => t('Update failed! See the log below for more information. Your site is still in maintenance mode.'), + 'type' => 'error', + ); + } + + // Set all these values into the SESSION so authorize.php can display them. + $_SESSION['authorize_results']['success'] = $success; + $_SESSION['authorize_results']['page_message'] = $page_message; + $_SESSION['authorize_results']['messages'] = $results['log']; + $_SESSION['authorize_results']['tasks'] = $results['tasks']; +} + +/** + * Helper function to create a structure of log messages. + * + * @param array $project_results + * @param string $message + * @param bool $success + */ +function _update_batch_create_message(&$project_results, $message, $success = TRUE) { + $project_results[] = array('message' => $message, 'success' => $success); +} + Index: modules/update/update.css =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.css,v retrieving revision 1.5 diff -u -p -r1.5 update.css --- modules/update/update.css 29 Apr 2009 03:57:21 -0000 1.5 +++ modules/update/update.css 14 Oct 2009 17:26:38 -0000 @@ -108,3 +108,17 @@ table.update, .update .check-manually { padding-left: 1em; /* LTR */ } + +.update-major-version-warning { + color: #ff0000; +} + +table tbody tr.update-security, +table tbody tr.update-unsupported { + background: #fcc; +} + +th.update-project-name { + width: 50%; +} + Index: modules/update/update.info =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.info,v retrieving revision 1.6 diff -u -p -r1.6 update.info --- modules/update/update.info 26 Sep 2009 17:03:13 -0000 1.6 +++ modules/update/update.info 14 Oct 2009 17:26:38 -0000 @@ -4,10 +4,12 @@ description = Checks the status of avail version = VERSION package = Core core = 7.x -files[] = update.compare.inc -files[] = update.fetch.inc files[] = update.install files[] = update.module +files[] = update.authorize.inc +files[] = update.compare.inc +files[] = update.fetch.inc +files[] = update.manager.inc files[] = update.report.inc files[] = update.settings.inc files[] = update.test Index: modules/update/update.manager.inc =================================================================== RCS file: modules/update/update.manager.inc diff -N modules/update/update.manager.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ modules/update/update.manager.inc 15 Oct 2009 01:26:59 -0000 @@ -0,0 +1,733 @@ + t('There was a problem getting update information. Please try again later.'), + ); + return $form; + } + + drupal_add_css('misc/ui/ui.all.css'); + drupal_add_css('misc/ui/ui.dialog.css'); + drupal_add_js('misc/ui/ui.core.js', array('weight' => JS_LIBRARY + 5)); + drupal_add_js('misc/ui/ui.dialog.js', array('weight' => JS_LIBRARY + 6)); + $form['#attached']['js'][] = drupal_get_path('module', 'update') . '/update.manager.js'; + $form['#attached']['css'][] = drupal_get_path('module', 'update') . '/update.css'; + + // This will be a nested array. The first key is the kind of project, which + // can be either 'enabled', 'disabled', 'manual-enabled' (enabled add-ons + // which require manual updates, such as core or -dev projects) or + // 'manual-disabled' (disabled add-ons that need a manual update). Then, + // each subarray is an array of projects of that type, indexed by project + // short name, and containing an array of data for cells in that project's + // row in the appropriate table. + $projects = array(); + + // This stores the actual download link we're going to update from for each + // project in the form, regardless of if it's enabled or disabled. + $form['project_downloads'] = array('#tree' => TRUE); + + module_load_include('inc', 'update', 'update.compare'); + $project_data = update_calculate_project_data($available); + foreach ($project_data as $name => $project) { + // Filter out projects which are up2date already. + if ($project['status'] == UPDATE_CURRENT) { + continue; + } + // The project name to display can vary based on the info we have. + if (!empty($project['title'])) { + if (!empty($project['link'])) { + $project_name = l($project['title'], $project['link']); + } + else { + $project_name = check_plain($project['title']); + } + } + elseif (!empty($project['info']['name'])) { + $project_name = check_plain($project['info']['name']); + } + else { + $project_name = check_plain($name); + } + if ($project['project_type'] == 'theme' || $project['project_type'] == 'theme-disabled') { + $project_name .= ' ' . t('(Theme)'); + } + + if (empty($project['recommended'])) { + // If we don't know what to recommend they upgrade to, we should skip + // the project entirely. + continue; + } + + $recommended_release = $project['releases'][$project['recommended']]; + $recommended_version = $recommended_release['version'] . ' ' . l(t('(Release notes)'), $recommended_release['release_link'], array('attributes' => array('title' => t('Release notes for @project_name', array('@project_name' => $project_name))))); + if ($recommended_release['version_major'] != $project['existing_major']) { + $recommended_version .= '
    ' . t('This update is a major version update which means that it may not be backwards compatible with your currently running version. It is recommended that you read the release notes and proceed at your own risk.') . '
    '; + } + + // Create an entry for this project. + $entry = array( + 'title' => $project_name, + 'installed_version' => $project['existing_version'], + 'recommended_version' => $recommended_version, + ); + + switch ($project['status']) { + case UPDATE_NOT_SECURE: + case UPDATE_REVOKED: + $entry['title'] .= ' ' . t('(Security Update)'); + $entry['#weight'] = -2; + $type = 'security'; + break; + + case UPDATE_NOT_SUPPORTED: + $type = 'unsupported'; + $entry['title'] .= ' ' . t('(Unsupported)'); + $entry['#weight'] = -1; + break; + + case UPDATE_UNKNOWN: + case UPDATE_NOT_FETCHED: + case UPDATE_NOT_CHECKED: + case UPDATE_NOT_CURRENT: + $type = 'recommended'; + break; + + default: + // Jump out of the switch and onto the next project in foreach. + continue 2; + } + + $entry['#attributes'] = array('class' => array('update-' . $type)); + + // Drupal core and projects which are dev versions with no stable release + // need to be upgraded manually. + $needs_manual = $project['project_type'] == 'core' || ($project['install_type'] == 'dev' && $recommended_release['version_extra'] == 'dev'); + + if ($needs_manual) { + // Since it won't be tableselect, #weight will confuse the table if it's + // defined, so just unset it (since the order doesn't really matter that + // much in the manual updates table, anyway). + unset($entry['#weight']); + } + else { + $form['project_downloads'][$name] = array( + '#type' => 'value', + '#value' => $recommended_release['download_link'], + ); + } + + // Based on what kind of project this is, save the entry into the + // appropriate subarray. + switch ($project['project_type']) { + case 'core': + // Core is always enabled, but need manual updates at this time. + $projects['manual-enabled'][$name] = $entry; + break; + + case 'module': + case 'theme': + if ($needs_manual) { + $projects['manual-enabled'][$name] = $entry; + } + else { + $projects['enabled'][$name] = $entry; + } + break; + + case 'module-disabled': + case 'theme-disabled': + if ($needs_manual) { + $projects['manual-disabled'][$name] = $entry; + } + else { + $projects['disabled'][$name] = $entry; + } + break; + } + } + + if (empty($projects)) { + $form['message'] = array( + '#markup' => t('All of your projects are up to date.'), + ); + return $form; + } + + $headers = array( + 'title' => array( + 'data' => t('Name'), + 'class' => array('update-project-name'), + ), + 'installed_version' => t('Installed version'), + 'recommended_version' => t('Recommended version'), + ); + + if (!empty($projects['enabled'])) { + $form['projects'] = array( + '#type' => 'tableselect', + '#header' => $headers, + '#options' => $projects['enabled'], + ); + if (count($projects) > 1) { + $form['projects']['#prefix'] = '

    ' . t('Enabled add-ons') . '

    '; + } + } + + if (!empty($projects['disabled'])) { + $form['disabled_projects'] = array( + '#type' => 'tableselect', + '#header' => $headers, + '#options' => $projects['disabled'], + '#weight' => 1, + ); + if (count($projects) > 1) { + $form['disabled_projects']['#prefix'] = '

    ' . t('Disabled add-ons') . '

    '; + } + } + + // If either table has been printed yet, we need a submit button and to + // validate the checkboxes. + if (!empty($projects['enabled']) || !empty($projects['disabled'])) { + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Download these updates'), + '#weight' => 10, + ); + $form['#validate'][] = 'update_manager_update_form_validate'; + } + + if (!empty($projects['manual-enabled'])) { + $prefix = '

    ' . t('Add-ons requiring manual updates') . '

    '; + $prefix .= '

    ' . t('Updates of Drupal core or development releases are not supported at this time.') . '

    '; + $form['manual_updates'] = array( + '#type' => 'markup', + '#markup' => theme('table', array('header' => $headers, 'rows' => $projects['manual-enabled'])), + '#prefix' => $prefix, + '#weight' => 20, + ); + } + + if (!empty($projects['manual-disabled'])) { + $prefix = '

    ' . t('Disabled add-ons requiring manual updates') . '

    '; + $prefix .= '

    ' . t('Updates of Drupal core or development releases are not supported at this time.') . '

    '; + $form['manual_disabled'] = array( + '#type' => 'markup', + '#markup' => theme('table', array('header' => $headers, 'rows' => $projects['manual-disabled'])), + '#prefix' => $prefix, + '#weight' => 25, + ); + } + + return $form; +} + +/** + * Theme the first page in the update manager wizard to select projects. + * + * @param $variables + * form: The form + * + * @ingroup themeable + */ +function theme_update_manager_update_form($variables) { + $form = $variables['form']; + $last = variable_get('update_last_check', 0); + $output = theme('update_last_check', array('last' => $last)); + $output .= drupal_render_children($form); + return $output; +} + +/** + * Validation callback to ensure that at least one project is selected. + */ +function update_manager_update_form_validate($form, &$form_state) { + if (!empty($form_state['values']['projects'])) { + $enabled = array_filter($form_state['values']['projects']); + } + if (!empty($form_state['values']['disabled_projects'])) { + $disabled = array_filter($form_state['values']['disabled_projects']); + } + if (empty($enabled) && empty($disabled)) { + form_set_error('projects', t('You must select at least one project to update.')); + } +} + +/** + * Submit function for the main update form. + * + * This sets up a batch to download, extract and verify the selected releases + * + * @see update_manager_update_form() + */ +function update_manager_update_form_submit($form, &$form_state) { + $projects = array(); + foreach (array('projects', 'disabled_projects') as $type) { + if (!empty($form_state['values'][$type])) { + $projects = array_merge($projects, array_keys(array_filter($form_state['values'][$type]))); + } + } + $operations = array(); + foreach ($projects as $project) { + $operations[] = array( + 'update_manager_batch_project_get', + array( + $project, + $form_state['values']['project_downloads'][$project], + ), + ); + } + $batch = array( + 'title' => t('Downloading updates'), + 'init_message' => t('Preparing to download selected updates'), + 'operations' => $operations, + 'finished' => 'update_manager_download_batch_finished', + 'file' => drupal_get_path('module', 'update') . '/update.manager.inc', + ); + batch_set($batch); +} + +/** + * Batch callback invoked when the download batch is completed. + */ +function update_manager_download_batch_finished($success, $results) { + if ($success) { + $_SESSION['update_manager_update_projects'] = $results; + drupal_goto('admin/update/confirm'); + } + else { + foreach($results as $project => $message) { + drupal_set_message($message, 'error'); + } + } +} + +function update_manager_confirm_update_form($form, &$form_state) { + $form['information']['#weight'] = -100; + $form['information']['backup_header'] = array( + '#prefix' => '

    ', + '#markup' => t('Step 1: Backup your site'), + '#suffix' => '

    ', + ); + + $form['information']['backup_message'] = array( + '#prefix' => '

    ', + '#markup' => t('We do not currently have a web based backup tool. Learn more about how to take a backup.', array('@backup_url' => url('http://drupal.org/node/22281'))), + '#suffix' => '

    ', + ); + + $form['information']['maint_header'] = array( + '#prefix' => '

    ', + '#markup' => t('Step 2: Enter maintenance mode'), + '#suffix' => '

    ', + ); + + $form['information']['maint_message'] = array( + '#prefix' => '

    ', + '#markup' => t('It is strongly recommended that you put your site into maintenance mode while performing an update.'), + '#suffix' => '

    ', + ); + + $form['information']['site_offline'] = array( + '#title' => t('Perform updates with site in maintenance mode'), + '#type' => 'checkbox', + '#default_value' => TRUE, + ); + + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Install updates'), + '#weight' => 100, + ); + + return $form; +} + +function update_manager_confirm_update_form_submit($form, &$form_state) { + if ($form_state['values']['site_offline'] == TRUE) { + variable_set('site_offline', TRUE); + } + + if (!empty($_SESSION['update_manager_update_projects'])) { + // Make sure the Updater registry is loaded. + drupal_get_updaters(); + + $updates = array(); + $directory = _update_manager_extract_directory(); + + $projects = $_SESSION['update_manager_update_projects']; + unset($_SESSION['update_manager_update_projects']); + + foreach ($projects as $project => $url) { + $project_location = $directory . '/' . $project; + $updater = Updater::factory($project_location); + $updates[] = array( + 'project' => $project, + 'updater_name' => get_class($updater), + 'local_url' => drupal_realpath($project_location), + ); + } + + system_run_authorized('update_authorize_run_update', drupal_get_path('module', 'update') . '/update.authorize.inc', array($updates)); + } +} + +/** + * @} End of "defgroup update_manager_update". + */ + +/** + * @defgroup update_manager_install Update manager for installing new code. + * @{ + */ + +function update_manager_install_form(&$form_state) { + $form = array(); + + $form['project_url'] = array( + '#type' => 'textfield', + '#title' => t('URL'), + '#description' => t('Paste the URL to a Drupal module or theme archive (.tar.gz) to install it. (e.g http://ftp.drupal.org/files/projects/projectname.tar.gz)'), + ); + + $form['information'] = array( + '#prefix' => '', + '#markup' => t('Or'), + '#suffix' => '', + ); + + $form['project_upload'] = array( + '#type' => 'file', + '#title' => t('Upload a module or theme'), + '#description' => t('Upload a Drupal module or theme (in .tar.gz format) to install it.'), + ); + + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Install'), + ); + + return $form; +} + +/** + * Validate the form for installing a new project via the update manager. + */ +function update_manager_install_form_validate($form, &$form_state) { + if (!($form_state['values']['project_url'] XOR !empty($_FILES['files']['name']['project_upload']))) { + form_set_error('project_url', t('You must either provide a URL or upload an archive file to install.')); + } +} + +/** + * Handle form submission when installing new projects via the update manager. + * + * Either downloads the file specified in the URL to a temporary cache, or + * uploads the file attached to the form, then attempts to extract the archive + * into a temporary location and verify it. Instantiate the appropriate + * Updater class for this project and make sure it is not already installed in + * the live webroot. If everything is successful, setup an operation to run + * via authorize.php which will copy the extracted files from the temporary + * location into the live site. + */ +function update_manager_install_form_submit($form, &$form_state) { + if ($form_state['values']['project_url']) { + $field = 'project_url'; + $local_cache = update_manager_file_get($form_state['values']['project_url']); + if (!$local_cache) { + form_set_error($field, t('Unable to retreive Drupal project from %url.', array('%url' => $form_state['values']['project_url']))); + return; + } + } + elseif ($_FILES['files']['name']['project_upload']) { + $field = 'project_upload'; + // @todo: add some validators here. + $finfo = file_save_upload($field, array(), NULL, FILE_EXISTS_REPLACE); + // @todo: find out if the module is already instealled, if so, throw an error. + $local_cache = $finfo->uri; + } + + $directory = _update_manager_extract_directory(); + try { + $archive = update_manager_archive_extract($local_cache, $directory); + } + catch (Exception $e) { + form_set_error($field, $e->getMessage()); + return; + } + + $files = $archive->listContent(); + if (!$files) { + form_set_error($field, t('Provided archive contains no files.')); + return; + } + // Unfortunately, we can only use the directory name for this. :( + $project = drupal_substr($files[0]['filename'], 0, -1); + + try { + update_manager_archive_verify($project, $local_cache, $directory); + } + catch (Exception $e) { + form_set_error($field, $e->getMessage()); + return; + } + + // Make sure the Updater registry is loaded. + drupal_get_updaters(); + + $project_location = $directory . '/' . $project; + $updater = Updater::factory($project_location); + $project_title = Updater::getProjectTitle($project_location); + + if (!$project_title) { + form_set_error($field, t('Unable to determine %project name.', array('%project' => $project))); + } + + if ($updater->isInstalled()) { + form_set_error($field, t('%project is already installed.', array('%project' => $project_title))); + return; + } + + $arguments = array( + 'project' => $project, + 'updater_name' => get_class($updater), + 'local_url' => drupal_realpath($project_location), + ); + + return system_run_authorized('update_authorize_run_install', drupal_get_path('module', 'update') . '/update.authorize.inc', $arguments); +} + +/** + * @} End of "defgroup update_manager_install". + */ + +/** + * @defgroup update_manager_file Update manager file management functions. + * @{ + */ + +/** + * Return the directory where update archive files should be extracted. + * + * If the directory does not already exist, attempt to create it. + * + * @return + * The full path to the temporary directory where update file archives + * should be extracted. + */ +function _update_manager_extract_directory() { + $directory = &drupal_static(__FUNCTION__, ''); + if (empty($directory)) { + $directory = DRUPAL_ROOT . '/' . file_directory_path('temporary') . '/update-extraction'; + if (!file_exists($directory)) { + mkdir($directory); + } + } + return $directory; +} + +/** + * Unpack a downloaded archive file. + * + * @param string $project + * The short name of the project to download. + * @param string $file + * The filename of the archive you wish to extract. + * @param string $directory + * The directory you wish to extract the archive info. + * + * @return + * The Archive_Tar class used to extract the archive. + * @throws Exception on failure. + * + * @todo Currently, this is hard-coded to only support .tar.gz. This is an API + * bug, and should be fixed. See http://drupal.org/node/604618. + */ +function update_manager_archive_extract($file, $directory) { + $archive_tar = new Archive_Tar(drupal_realpath($file)); + if (!$archive_tar->extract($directory)) { + throw new Exception(t('Unable to extract %file', array('%file' => $file))); + } + return $archive_tar; +} + +/** + * Verify an archive after it has been downloaded and extracted. + * + * This function is responsible for invoking hook_verify_update_archive(). + * + * @param string $project + * The short name of the project to download. + * @param string $archive_file + * The filename of the unextracted archive. + * @param string $directory + * The directory that the archive was extracted into. + * + * @return void + * @throws Exception on failure. + * + */ +function update_manager_archive_verify($project, $archive_file, $directory) { + $failures = module_invoke_all('verify_update_archive', $project, $archive_file, $directory); + if (!empty($failures)) { + throw new Exception(t('Unable to extact %file', array('%file' => $file))); + } +} + +/** + * Copies a file from $url to the temporary directory for updates. + * + * If the file has already been downloaded, returns the the local path. + * + * @param $url + * The URL of the file on the server. + * + * @return string + * Path to local file. + */ +function update_manager_file_get($url) { + $parsed_url = parse_url($url); + $remote_schemes = array('http', 'https', 'ftp', 'ftps', 'smb', 'nfs'); + if (!in_array($parsed_url['scheme'], $remote_schemes)) { + // This is a local file, just return the path. + return drupal_realpath($url); + } + + // Check the cache and download the file if needed. + $local = 'temporary://update-cache/' . basename($parsed_url['path']); + $cache_directory = DRUPAL_ROOT . '/' . file_directory_path('temporary') . '/update-cache/'; + + if (!file_exists($cache_directory)) { + mkdir($cache_directory); + } + + if (!file_exists($local)) { + return system_retrieve_file($url, $local); + } + else { + return $local; + } +} + +/** + * Batch operation: download, unpack, and verify a project. + * + * This function assumes that the provided URL points to a file archive of + * some sort. The URL can have any scheme that we have a file stream wrapper + * to support. The file is downloaded to a local cache. + * + * @param string $project + * The short name of the project to download. + * @param string $url + * The URL to download a specific project release archive file. + * @param array &$context + * Reference to an array used for BatchAPI storage. + * + * @see update_manager_download_page() + */ +function update_manager_batch_project_get($project, $url, &$context) { + // This is here to show the user that we are in the process of downloading. + if (!isset($context['sandbox']['started'])) { + $context['sandbox']['started'] = TRUE; + $context['message'] = t('Downloading %project', array('%project' => $project)); + $context['success'] = TRUE; + $context['finished'] = 0; + return; + } + + // Assume failure until we make it to the bottom and succeed. + $context['success'] = FALSE; + + // Actually try to download the file. + if (!($local_cache = update_manager_file_get($url))) { + $context['results'][$project] = t('Failed to download %project from %url', array('%project' => $project, '%url' => $url)); + return; + } + + // Extract it. + $extract_directory = _update_manager_extract_directory(); + try { + update_manager_archive_extract($local_cache, $extract_directory); + } + catch (Exception $e) { + $context['results'][$project] = $e->getMessage(); + return; + } + + // Verify it. + try { + update_manager_archive_verify($project, $local_cache, $extract_directory); + } + catch (Exception $e) { + $context['results'][$project] = $e->getMessage(); + return; + } + + // Yay, success. + $context['success'] = TRUE; + $context['results'][$project] = $url; + $context['finished'] = 1; +} + +/** + * @} End of "defgroup update_manager_file". + */ Index: modules/update/update.module =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.module,v retrieving revision 1.49 diff -u -p -r1.49 update.module --- modules/update/update.module 13 Oct 2009 02:14:05 -0000 1.49 +++ modules/update/update.module 15 Oct 2009 00:47:58 -0000 @@ -77,11 +77,13 @@ define('UPDATE_MAX_FETCH_TIME', 5); function update_help($path, $arg) { switch ($path) { case 'admin/reports/updates': - global $base_url; - $output = '

    ' . t('Here you can find information about available updates for your installed modules and themes. Note that each module or theme is part of a "project", which may or may not have the same name, and might include multiple modules or themes within it.') . '

    '; - $output .= '

    ' . t('To extend the functionality or to change the look of your site, a number of contributed modules and themes are available.', array('@modules' => 'http://drupal.org/project/modules', '@themes' => 'http://drupal.org/project/themes')) . '

    '; - $output .= '

    ' . t('Each time Drupal core or a contributed module or theme is updated, it is important that update.php is run.', array('@update-php' => url($base_url . '/update.php', array('external' => TRUE)))) . '

    '; - return $output; + return '

    ' . t('Here you can find information about available updates for your installed modules and themes. Note that each module or theme is part of a "project", which may or may not have the same name, and might include multiple modules or themes within it.') . '

    '; + + case 'admin/appearance/install': + case 'admin/config/modules/install': + case 'admin/reports/updates/install': + return '

    ' . t('To install a new module or theme, either upload the .tar.gz file that you have downloaded, or paste the URL of a .tar.gz you wish to install. You can find modules and themes at http://drupal.org.', array('@module_url' => 'http://drupal.org/project/modules', '@theme_url' => 'http://drupal.org/project/themes', '@drupal_org_url' => 'http://drupal.org')) . '

    '; + case 'admin/appearance': case 'admin/config/modules': include_once DRUPAL_ROOT . '/includes/install.inc'; @@ -98,9 +100,13 @@ function update_help($path, $arg) { } } + case 'admin/appearance/update': + case 'admin/config/modules/update': + case 'admin/reports/updates/update': case 'admin/reports/updates/settings': case 'admin/reports/status': - // These two pages don't need additional nagging. + case 'admin/update/confirm': + // These pages don't need additional nagging. break; case 'admin/help#update': @@ -156,6 +162,7 @@ function update_menu() { 'access arguments' => array('administer site configuration'), 'file' => 'update.settings.inc', 'type' => MENU_LOCAL_TASK, + 'weight' => 50, ); $items['admin/reports/updates/check'] = array( 'title' => 'Manual update check', @@ -165,16 +172,81 @@ function update_menu() { 'file' => 'update.fetch.inc', ); + // We want action links for updating projects at a few different locations: + // both the module and theme administration pages, and on the available + // updates report itself. The menu items will be identical, except for their + // paths, so we just define them in a loop. We pass in a string indicating + // what context we're entering the action from, so that we can customize the + // appearance as needed. + $paths = array( + 'report' => 'admin/reports/updates', + 'module' => 'admin/config/modules', + 'theme' => 'admin/appearance', + ); + foreach ($paths as $context => $path) { + $items[$path . '/install'] = array( + 'title' => 'Install', + 'description' => 'Install new modules and themes', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('update_manager_install_form', $context), + 'access callback' => 'update_manager_access', + 'access arguments' => array(), + 'weight' => 25, + 'type' => MENU_LOCAL_ACTION, + 'file' => 'update.manager.inc', + ); + $items[$path . '/update'] = array( + 'title' => 'Update', + 'description' => 'Update your installed modules and themes', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('update_manager_update_form', $context), + 'access callback' => 'update_manager_access', + 'access arguments' => array(), + 'weight' => 20, + 'type' => MENU_LOCAL_ACTION, + 'file' => 'update.manager.inc', + ); + } + + // Menu callback used for the confirmation page after all the releases + // have been downloaded, asking you to backup before installing updates. + $items['admin/update/confirm'] = array( + 'title' => 'Confirm update', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('update_manager_confirm_update_form'), + 'access callback' => 'update_manager_access', + 'access arguments' => array(), + 'type' => MENU_CALLBACK, + 'file' => 'update.manager.inc', + ); + return $items; } /** - * Implement the hook_theme() registry. + * Determine if the current user can access the updater menu items. + * + * This is used as a menu system access callback. It both enforces the + * 'administer software updates' permission and the global killswitch for the + * authorize.php script. + * + * @see update_menu() + */ +function update_manager_access() { + return variable_get('allow_authorize_operations', TRUE) && user_access('administer software updates'); +} + +/** + * Implement hook_theme(). */ function update_theme() { return array( - 'update_settings' => array( + 'update_manager_update_form' => array( 'arguments' => array('form' => NULL), + 'file' => 'update.manager.inc', + ), + 'update_last_check' => array( + 'arguments' => array('last' => NULL), ), 'update_report' => array( 'arguments' => array('data' => NULL), @@ -390,6 +462,8 @@ function update_get_available($refresh = // Grab whatever data we currently have cached in the DB. $available = _update_get_cached_available_releases(); + $num_avail = count($available); + $projects = update_get_projects(); foreach ($projects as $key => $project) { // If there's no data at all, we clearly need to fetch some. @@ -618,6 +692,30 @@ function _update_project_status_sort($a, } /** + * Render the HTML to display the last time we checked for update data. + * + * In addition to properly formating the given timestamp, this function also + * provides a "Check manually" link that refreshes the available update and + * redirects back to the same page. + * + * @param $variables + * 'last': The timestamp when the site last checked for available updates. + * + * @see theme_update_report() + * @see theme_update_available_updates_form() + * + * @ingroup themeable + */ +function theme_update_last_check($variables) { + $last = $variables['last']; + $output = '
    '; + $output .= $last ? t('Last checked: @time ago', array('@time' => format_interval(REQUEST_TIME - $last))) : t('Last checked: never'); + $output .= ' (' . l(t('Check manually'), 'admin/reports/updates/check', array('query' => drupal_get_destination())) . ')'; + $output .= "
    \n"; + return $output; +} + +/** * @defgroup update_status_cache Private update status cache system * @{ * Index: modules/update/update.report.inc =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.report.inc,v retrieving revision 1.25 diff -u -p -r1.25 update.report.inc --- modules/update/update.report.inc 13 Oct 2009 02:14:05 -0000 1.25 +++ modules/update/update.report.inc 14 Oct 2009 17:44:42 -0000 @@ -29,9 +29,7 @@ function theme_update_report($variables) $data = $variables['data']; $last = variable_get('update_last_check', 0); - $output = '
    ' . ($last ? t('Last checked: @timestamp (@time ago)', array('@time' => format_interval(REQUEST_TIME - $last), '@timestamp' => format_date($last))) : t('Last checked: never')); - $output .= ' (' . l(t('Check manually'), 'admin/reports/updates/check') . ')'; - $output .= "
    \n"; + $output = theme('update_last_check', array('last' => $last)); if (!is_array($data)) { $output .= '

    ' . $data . '

    '; Index: modules/update/update.test =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.test,v retrieving revision 1.9 diff -u -p -r1.9 update.test --- modules/update/update.test 13 Oct 2009 08:02:49 -0000 1.9 +++ modules/update/update.test 14 Oct 2009 17:26:38 -0000 @@ -45,7 +45,6 @@ class UpdateTestHelper extends DrupalWeb */ protected function standardTests() { $this->assertRaw('

    ' . t('Drupal core') . '

    '); - $this->assertRaw(l(t('Check manually'), 'admin/reports/updates/check'), t('Link to check available updates manually appears.')); $this->assertRaw(l(t('Drupal'), 'http://example.com/project/drupal'), t('Link to the Drupal project appears.')); $this->assertNoText(t('No available releases found')); } cvs diff: Diffing modules/update/tests