Index: authorize.php =================================================================== RCS file: authorize.php diff -N authorize.php --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ authorize.php 15 Oct 2009 11:56:38 -0000 @@ -0,0 +1,161 @@ + $results['messages'])); + + $links = array(); + if (is_array($results['tasks'])) { + $links += $results['tasks']; + } + + $links = array_merge($links, array( + l(t('Administration pages'), 'admin'), + l(t('Front page'), ''), + )); + + $output .= theme('item_list', array('items' => $links)); + } + // If a batch is running, let it run. + elseif (isset($_GET['batch'])) { + $output = _batch_page(); + } + else { + if (empty($_SESSION['authorize_operation']) || empty($_SESSION['authorize_filetransfer_backends'])) { + $output = t("It appears you have reached this page in error."); + } + elseif (!$batch = batch_get()) { + // We have a batch to process, show the filetransfer form. + $output = drupal_render(drupal_get_form('authorize_filetransfer_form')); + } + } + // We defer the display of messages until all operations are done. + $show_messages = !(($batch = batch_get()) && isset($batch['running'])); +} +else { + $output = authorize_access_denied_page(); +} + +if (!empty($output)) { + print theme('update_page', array('content' => $output, 'show_messages' => $show_messages)); +} + cvs diff: Diffing includes Index: includes/authorize.inc =================================================================== RCS file: includes/authorize.inc diff -N includes/authorize.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ includes/authorize.inc 15 Oct 2009 11:56:44 -0000 @@ -0,0 +1,232 @@ + '

', + '#markup' => t('To continue please provide your server connection details'), + '#suffix' => '

', + ); + + $form['connection_settings']['#tree'] = TRUE; + $form['connection_settings']['authorize_filetransfer_default'] = array( + '#type' => 'select', + '#title' => t('Connection method'), + '#default_value' => $authorize_filetransfer_default, + '#weight' => -10, + ); + + /* + * Here we create two submit buttons. For a JS enabled client, they will + * only ever see submit_process. However, if a client doesn't have JS + * enabled, they will see submit_connection on the first form (whden picking + * what filetranfer type to use, and submit_process on the second one (which + * leads to the actual operation) + */ + $form['submit_connection'] = array( + '#prefix' => "
", + '#name' => 'enter_connection_settings', // This is later changed in JS. + '#type' => 'submit', + '#value' => t('Enter connetion settings'), // As is this. @see authorize.js. + '#weight' => 100, + ); + + $form['submit_process'] = array( + '#name' => 'process_updates', // This is later changed in JS. + '#type' => 'submit', + '#value' => t('Process Updates'), // As is this. @see authorize.js + '#weight' => 100, + '#attributes' => array('style' => 'display:none'), + ); + + // Build a hidden fieldset for each one. + foreach ($available_backends as $name => $backend) { + $form['connection_settings']['authorize_filetransfer_default']['#options'][$name] = $backend['title']; + $form['connection_settings'][$name] = array( + '#type' => 'fieldset', + '#attributes' => array('class' => "filetransfer-$name filetransfer"), + '#title' => t('@backend connection settings', array('@backend' => $backend['title'])), + ); + + $current_settings = variable_get("authorize_filetransfer_connection_settings_" . $name, array()); + $form['connection_settings'][$name] += system_get_filetransfer_settings_form($name, $current_settings); + + // Start non-JS code. + if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default']) && $form_state['values']['connection_settings']['authorize_filetransfer_default'] == $name) { + + // If the user switches from JS to non-JS, Drupal (and Batch API) will + // barf. This is a known bug: http://drupal.org/node/229825. + setcookie('has_js', '', time() - 3600, '/'); + unset($_COOKIE['has_js']); + + // Change the submit button to the submit_process one. + $form['submit_process']['#attributes'] = array(); + unset($form['submit_connection']); + + // Activate the proper filetransfer settings form. + $form['connection_settings'][$name]['#attributes']['style'] = 'display:block'; + // Disable the select box. + $form['connection_settings']['authorize_filetransfer_default']['#disabled'] = TRUE; + + // Create a button for changing the type of connection. + $form['connection_settings']['change_connection_type'] = array( + '#name' => 'change_connection_type', + '#type' => 'submit', + '#value' => t('Change connection type'), + '#weight' => -5, + '#attributes' => array('class' => 'filetransfer-change-connection-type'), + ); + } + // End non-JS code. + } + return $form; +} + +/** + * Validate callback for the filetransfer authorization form. + * + * @see authorize_filetransfer_form() + */ +function authorize_filetransfer_form_validate($form, &$form_state) { + if (isset($form_state['values']['connection_settings'])) { + $backend = $form_state['values']['connection_settings']['authorize_filetransfer_default']; + $filetransfer = authorize_get_filetransfer($backend, $form_state['values']['connection_settings'][$backend]); + try { + if (!$filetransfer) { + throw new Exception(t("Error, this type of connection protocol (%backend) doesn't exist.", array('%backend' => $backend))); + } + $filetransfer->connect(); + } + catch (Exception $e) { + form_set_error('connection_settings', $e->getMessage()); + } + } +} + +/** + * Submit callback when a file transfer is being authorized. + * + * @see authorize_filetransfer_form() + */ +function authorize_filetransfer_form_submit($form, &$form_state) { + global $base_url; + switch ($form_state['clicked_button']['#name']) { + case 'process_updates': + + // Save the connection settings to the DB. + $filetransfer_backend = $form_state['values']['connection_settings']['authorize_filetransfer_default']; + + // If the database is available then try to save our settings. We have + // to make sure it is available since this code could potentially (will + // likely) be called during the installation process, before the + // database is set up. + if (db_is_active()) { + $connection_settings = array(); + foreach ($form_state['values']['connection_settings'][$filetransfer_backend] as $key => $value) { + // We do *not* want to store passwords in the database, unless the + // backend explicitly says so via the magic #filetransfer_save form + // property. Otherwise, we store everything that's not explicitly + // marked with #filetransfer_save set to FALSE. + if (!isset($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save'])) { + if ($form['connection_settings'][$filetransfer_backend][$key]['#type'] != 'password') { + $connection_settings[$key] = $value; + } + } + // The attribute is defined, so only save if set to TRUE. + elseif ($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save']) { + $connection_settings[$key] = $value; + } + } + // Set this one as the default authorize method. + variable_set('authorize_filetransfer_default', $filetransfer_backend); + // Save the connection settings minus the password. + variable_set("authorize_filetransfer_connection_settings_" . $filetransfer_backend, $connection_settings); + + $filetransfer = authorize_get_filetransfer($filetransfer_backend, $form_state['values']['connection_settings'][$filetransfer_backend]); + + // Now run the operation. + authorize_run_operation($filetransfer); + } + break; + + case 'enter_connection_settings': + $form_state['rebuild'] = TRUE; + break; + + case 'change_connection_type': + $form_state['rebuild'] = TRUE; + unset($form_state['values']['connection_settings']['authorize_filetransfer_default']); + break; + } +} + +/** + * Run the operation specified in $_SESSION['authorize_operation'] + * + * @param $filetransfer + * The FileTransfer object to use for running the operation. + */ +function authorize_run_operation($filetransfer) { + $operation = $_SESSION['authorize_operation']; + unset($_SESSION['authorize_operation']); + + if (!empty($operation['page_title'])) { + drupal_set_title(check_plain($operation['page_title'])); + } + + require_once DRUPAL_ROOT . '/' . $operation['file']; + call_user_func_array($operation['callback'], array_merge(array($filetransfer), $operation['arguments'])); +} + +/** + * Get a FileTransfer class for a specific transfer method and settings. + * + * @param $backend + * The FileTransfer backend to get the class for. + * @param $settings + * Array of settings for the FileTransfer. + * @return + * An instantiated FileTransfer object for the requested method and settings, + * or FALSE if there was an error finding or instantiating it. + */ +function authorize_get_filetransfer($backend, $settings = array()) { + $filetransfer = FALSE; + if (!empty($_SESSION['authorize_filetransfer_backends'][$backend])) { + $filetransfer = call_user_func_array(array($_SESSION['authorize_filetransfer_backends'][$backend]['class'], 'factory'), array(DRUPAL_ROOT, $settings)); + } + return $filetransfer; +} + Index: includes/common.inc =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/includes/common.inc,v retrieving revision 1.1017 diff -u -p -r1.1017 common.inc --- includes/common.inc 13 Oct 2009 21:16:42 -0000 1.1017 +++ includes/common.inc 15 Oct 2009 11:56:44 -0000 @@ -4851,23 +4851,10 @@ function drupal_common_theme() { 'arguments' => array('page' => NULL), 'template' => 'page', ), - 'maintenance_page' => array( - 'arguments' => array('content' => NULL, 'show_messages' => TRUE), - 'template' => 'maintenance-page', - ), - 'update_page' => array( - 'arguments' => array('content' => NULL, 'show_messages' => TRUE), - ), - 'install_page' => array( - 'arguments' => array('content' => NULL), - ), 'region' => array( 'arguments' => array('elements' => NULL), 'template' => 'region', ), - 'task_list' => array( - 'arguments' => array('items' => NULL, 'active' => NULL), - ), 'status_messages' => array( 'arguments' => array('display' => NULL), ), @@ -4922,6 +4909,26 @@ function drupal_common_theme() { 'indentation' => array( 'arguments' => array('size' => 1), ), + // from theme.maintenance.inc + 'maintenance_page' => array( + 'arguments' => array('content' => NULL, 'show_messages' => TRUE), + 'template' => 'maintenance-page', + ), + 'update_page' => array( + 'arguments' => array('content' => NULL, 'show_messages' => TRUE), + ), + 'install_page' => array( + 'arguments' => array('content' => NULL), + ), + 'task_list' => array( + 'arguments' => array('items' => NULL, 'active' => NULL), + ), + 'authorize_message' => array( + 'arguments' => array('message' => NULL, 'success' => TRUE), + ), + 'authorize_report' => array( + 'arguments' => array('messages' => array()), + ), // from pager.inc 'pager' => array( 'arguments' => array('tags' => array(), 'element' => 0, 'parameters' => array(), 'quantity' => 9), @@ -5797,3 +5804,26 @@ function xmlrpc($url) { return call_user_func_array('_xmlrpc', $args); } +/** + * Drupal Updater registry. + * + * An Updater is a class that knows how to update various parts of the Drupal + * file system, for example to update modules that have newer releases, or to + * install a new theme. + * + * @return + * Returns the Drupal Updater class registry. + * + * @see hook_updater_info() + * @see hook_updater_info_alter() + */ +function drupal_get_updaters() { + $updaters = &drupal_static(__FUNCTION__); + if (!isset($updaters)) { + $updaters = module_invoke_all('updater_info'); + drupal_alter('updater_info', $updaters); + uasort($updaters, 'drupal_sort_weight'); + } + return $updaters; +} + Index: includes/theme.maintenance.inc =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/includes/theme.maintenance.inc,v retrieving revision 1.42 diff -u -p -r1.42 theme.maintenance.inc --- includes/theme.maintenance.inc 9 Oct 2009 00:59:54 -0000 1.42 +++ includes/theme.maintenance.inc 15 Oct 2009 11:56:44 -0000 @@ -202,3 +202,48 @@ function theme_update_page($variables) { return theme_render_template('themes/garland/maintenance-page.tpl.php', $variables); } + +/** + * Generate a report of the results from an operation run via authorize.php. + * + * @param array $variables + * - messages: An array of result messages. + */ +function theme_authorize_report($variables) { + $messages = $variables['messages']; + $output = ''; + if (!empty($messages)) { + $output .= '
'; + foreach ($messages as $heading => $logs) { + $output .= '

' . check_plain($heading) . '

'; + foreach ($logs as $number => $log_message) { + if ($number === '#abort') { + continue; + } + $output .= theme('authorize_message', array('message' => $log_message['message'], 'success' => $log_message['success'])); + } + } + $output .= '
'; + } + return $output; +} + +/** + * Render a single log message from the authorize.php batch operation. + * + * @param $variables + * - message: The log message. + * - success: A boolean indicating failure or success. + */ +function theme_authorize_message($variables) { + $output = ''; + $message = $variables['message']; + $success = $variables['success']; + if ($success) { + $output .= '
  • ' . $message . '
    • '; + } + else { + $output .= '
  • ' . t('Failed') . ': ' . $message . '
    • '; + } + return $output; +} Index: includes/updater.inc =================================================================== RCS file: includes/updater.inc diff -N includes/updater.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ includes/updater.inc 15 Oct 2009 11:56:44 -0000 @@ -0,0 +1,415 @@ +source = $source; + $this->name = self::getProjectName($source); + $this->title = self::getProjectTitle($source); + } + + /** + * Return an Updater of the appropriate type depending on the source. + * + * If a directory is provided which contains a module, will return a + * ModuleUpdater. + * + * @param string $source + * Directory of a Drupal project. + * + * @return object Updater + */ + public static function factory($source) { + if (is_dir($source)) { + $updater = self::getUpdaterFromDirectory($source); + } + else { + throw new UpdaterException(t('Unable to determine the type of the source directory.')); + } + return new $updater($source); + } + + /** + * Determine which Updater class can operate on the given directory. + * + * @param string $directory + * Extracted Drupal project. + * @return string + * The class name which can work with this project type. + */ + public static function getUpdaterFromDirectory($directory) { + // Gets a list of possible implementing classes. + $updaters = drupal_get_updaters(); + foreach ($updaters as $updater) { + $class = $updater['class']; + if (call_user_func("{$class}::canUpdateDirectory", $directory)) { + return $class; + } + } + throw new UpdaterException(t('Cannot determine the type of project.')); + } + + /** + * Figure out what the most important (or only) info file is in a directory. + * + * Since there is no enforcement of which info file is the project's "main" + * info file, this will get one with the same name as the directory, or the + * first one it finds. Not ideal, but needs a larger solution. + * + * @param string $directory + * Directory to search in. + * @return string + * Path to the info file. + */ + public static function findInfoFile($directory) { + $info_files = file_scan_directory($directory, '/.*\.info/'); + if (!$info_files) { + return FALSE; + } + foreach ($info_files as $info_file) { + if (drupal_substr($info_file->filename, 0, -5) == basename($directory)) { + // Info file Has the same name as the directory, return it. + return $info_file->uri; + } + } + // Otherwise, return the first one. + $info_file = array_shift($info_files); + return $info_file->uri; + } + + /** + * Get the name of the project directory (basename). + * + * @todo: It would be nice, if projects contained an info file which could + * provide their canonical name. + * + * @param string $directory + * @return string + */ + public static function getProjectName($directory) { + return basename($directory); + } + + /** + * Return the project name from a Drupal info file. + * + * @param string $directory + * Directory to search for the info file. + * @return string + */ + public static function getProjectTitle($directory) { + $info_file = self::findInfoFile($directory); + $info = drupal_parse_info_file($info_file); + if (!$info) { + throw new UpdaterException(t('Unable to parse info file.')); + } + return $info['name']; + } + + /** + * Store the default parameters for the Updater. + * + * @param array $overrides + * An array of overrides for the default parameters. + * @return array + * An array of configuration parameters for an update or install operation. + */ + protected function getInstallArgs($overrides = array()) { + $args = array( + 'make_backup' => FALSE, + 'install_dir' => $this->getInstallDirectory(), + 'backup_dir' => $this->getBackupDir(), + ); + return array_merge($args, $overrides); + } + + /** + * Updates a Drupal project, returns a list of next actions. + * + * @param FileTransfer $filetransfer + * Object which is a child of FileTransfer. Used for moving files + * to the server. + * @param array $overrides + * An array of settings to override defaults + * @see self::getInstallArgs + * @return array + * An array of links which the user may need to complete the update + */ + public function update(&$filetransfer, $overrides = array()) { + try { + // Establish arguments with possible overrides. + $args = $this->getInstallArgs($overrides); + + // Take a Backup. + if ($args['make_backup']) { + $this->makeBackup($args['install_dir'], $args['backup_dir']); + } + + if (!$this->name) { + // This is bad, don't want to delete the install directory. + throw new UpdaterException(t('Fatal error in update, cowardly refusing to wipe out the install directory.')); + } + + // Make sure the installation parent directory exists and is writable. + $this->prepareInstallDirectory($filetransfer, $args['install_dir']); + + // Note: If the project is installed in sites/all, it will not be + // deleted. It will be installed in sites/default as that will override + // the sites/all reference and not break other sites which are using it. + if (is_dir($args['install_dir'] . '/' . $this->name)) { + // Remove the existing installed file. + $filetransfer->removeDirectory($args['install_dir'] . '/' . $this->name); + } + + // Copy the directory in place. + $filetransfer->copyDirectory($this->source, $args['install_dir']); + + // Make sure what we just installed is readable by the web server. + $this->makeWorldReadable($filetransfer, $args['install_dir'] . '/' . $this->name); + + // Run the updates. + // @TODO: decide if we want to implement this. + $this->postUpdate(); + + // For now, just return a list of links of things to do. + return $this->postUpdateTasks(); + } + catch (FileTransferException $e) { + throw new UpdaterFileTransferException(t('File Transfer failed, reason: !reason', array('!reason' => strtr($e->getMessage(), $e->arguments)))); + } + } + + /** + * Installs a Drupal project, returns a list of next actions. + * + * @param FileTransfer $filetransfer + * Object which is a child of FileTransfer. + * @param array $overrides + * An array of settings to override defaults. + * @see self::getInstallArgs + * @return array + * An array of links which the user may need to complete the install. + */ + public function install(&$filetransfer, $overrides = array()) { + try { + // Establish arguments with possible overrides. + $args = $this->getInstallArgs($overrides); + + // Make sure the installation parent directory exists and is writable. + $this->prepareInstallDirectory($filetransfer, $args['install_dir']); + + // Copy the directory in place. + $filetransfer->copyDirectory($this->source, $args['install_dir']); + + // Make sure what we just installed is readable by the web server. + $this->makeWorldReadable($filetransfer, $args['install_dir'] . '/' . $this->name); + + // Potentially enable something? + // @TODO: decide if we want to implement this. + $this->postInstall(); + // For now, just return a list of links of things to do. + return $this->postInstallTasks(); + } + catch (FileTransferException $e) { + throw new UpdaterFileTransferException(t('File Transfer failed, reason: !reason', array('!reason' => strtr($e->getMessage(), $e->arguments)))); + } + } + + /** + * Make sure the installation parent directory exists and is writable. + * + * @param FileTransfer $filetransfer + * Object which is a child of FileTransfer. + * @param string $directory + * The installation directory to prepare. + */ + public function prepareInstallDirectory(&$filetransfer, $directory) { + // Make the parent dir writable if need be and create the dir. + if (!is_dir($directory)) { + $parent_dir = dirname($directory); + if (!is_writable($parent_dir)) { + @chmod($parent_dir, 0755); + // It is expected that this will fail if the directory is owned by the + // FTP user. If the FTP user == web server, it will succeed. + try { + $filetransfer->createDirectory($directory); + $this->makeWorldReadable($filetransfer, $directory); + } + catch (FileTransferException $e) { + // Probably still not writable. Try to chmod and do it again. + // @todo: Make a new exception class so we can catch it differently. + try { + $old_perms = substr(sprintf('%o', fileperms($parent_dir)), -4); + $filetransfer->chmod($parent_dir, 0755); + $filetransfer->createDirectory($directory); + $this->makeWorldReadable($filetransfer, $directory); + // Put the permissions back. + $filetransfer->chmod($parent_dir, intval($old_perms, 8)); + } + catch (FileTransferException $e) { + $message = t($e->getMessage(), $e->arguments); + $throw_message = t('Unable to create %directory due to the following: %reason', array('%directory' => $install_location, '%reason' => $message)); + throw new UpdaterException($throw_message); + } + } + // Put the parent directory back. + @chmod($parent_dir, 0555); + } + } + } + + /** + * Ensure that a given directory is world readable. + * + * @param FileTransfer $filetransfer + * Object which is a child of FileTransfer. + * @param string $path + * The file path to make world readable. + * @param bool $recursive + * If the chmod should be applied recursively. + */ + public function makeWorldReadable(&$filetransfer, $path, $recursive = TRUE) { + if (!is_executable($path)) { + // Set it to read + execute. + $new_perms = substr(sprintf('%o', fileperms($path)), -4, -1) . "5"; + $filetransfer->chmod($path, intval($new_perms, 8), $recursive); + } + } + + /** + * Perform a backup. + * + * @todo Not implemented. + */ + public function makeBackup(&$filetransfer, $from, $to) { + } + + /** + * Return the full path to a directory where backups should be written. + */ + public function getBackupDir() { + return file_directory_path('temporary'); + } + + /** + * Perform actions after new code is updated. + */ + public function postUpdate() { + } + + /** + * Perform actions after installation. + */ + public function postInstall() { + } + + /** + * Return an array of links to pages that should be visited post operation. + * + * @return array + * Links which provide actions to take after the install is finished. + */ + public function postInstallTasks() { + return array(); + } + + /** + * Return an array of links to pages that should be visited post operation. + * + * @return array + * Links which provide actions to take after the update is finished. + */ + public function postUpdateTasks() { + return array(); + } +} + +/** + * Exception class for the Updater class hierarchy. + * + * This is identical to the base Exception class, we just give it a more + * specific name so that call sites that want to tell the difference can + * specifically catch these exceptions and treat them differently. + */ +class UpdaterException extends Exception { +} + +/** + * Child class of UpdaterException that indicates a FileTransfer exception. + * + * We have to catch FileTransfer exceptions and wrap those in t(), since + * FileTransfer is so low-level that it doesn't use any Drupal APIs and none + * of the strings are translated. + */ +class UpdaterFileTransferException extends UpdaterException { +} cvs diff: Diffing includes/database cvs diff: Diffing includes/database/mysql cvs diff: Diffing includes/database/pgsql cvs diff: Diffing includes/database/sqlite cvs diff: Diffing includes/filetransfer Index: includes/filetransfer/ftp.inc =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/includes/filetransfer/ftp.inc,v retrieving revision 1.6 diff -u -p -r1.6 ftp.inc --- includes/filetransfer/ftp.inc 28 Aug 2009 07:51:55 -0000 1.6 +++ includes/filetransfer/ftp.inc 14 Oct 2009 17:26:38 -0000 @@ -5,6 +5,15 @@ * Connection class using the FTP URL wrapper. */ class FileTransferFTPWrapper extends FileTransfer { + + public function __construct($jail, $username, $password, $hostname, $port) { + $this->username = $username; + $this->password = $password; + $this->hostname = $hostname; + $this->port = $port; + parent::__construct($jail); + } + function connect() { $this->connection = 'ftp://' . urlencode($this->username) . ':' . urlencode($this->password) . '@' . $this->hostname . ':' . $this->port . '/'; if (!is_dir($this->connection)) { @@ -19,29 +28,29 @@ class FileTransferFTPWrapper extends Fil } function createDirectoryJailed($directory) { - if (!@drupal_mkdir($directory)) { + if (!@drupal_mkdir($this->connection . $directory)) { $exception = new FileTransferException('Cannot create directory @directory.', NULL, array('@directory' => $directory)); throw $exception; } } function removeDirectoryJailed($directory) { - if (is_dir($directory)) { - $dh = opendir($directory); + if (is_dir($this->connection . $directory)) { + $dh = opendir($this->connection . $directory); while (($resource = readdir($dh)) !== FALSE) { if ($resource == '.' || $resource == '..') { continue; } $full_path = $directory . DIRECTORY_SEPARATOR . $resource; - if (is_file($full_path)) { + if (is_file($this->connection . $full_path)) { $this->removeFile($full_path); } - elseif (is_dir($full_path)) { + elseif (is_dir($this->connection . $full_path)) { $this->removeDirectory($full_path . '/'); } } closedir($dh); - if (!rmdir($directory)) { + if (!rmdir($this->connection . $directory)) { $exception = new FileTransferException('Cannot remove @directory.', NULL, array('@directory' => $directory)); throw $exception; } @@ -70,15 +79,18 @@ class FileTransferFTPWrapper extends Fil } /** - * This is impossible with the stream wrapper, - * So we cheat and use the other implementation + * This is impossible with the stream wrapper, so an exception is thrown. + * + * If the ftp extenstion is available, we will cheat and use it. * - * @staticvar FileTransferFTPExtension $ftp_ext_file_transfer * @param string $path * @param long $mode * @param bool $recursive */ function chmodJailed($path, $mode, $recursive) { + if (!function_exists('ftp_connect')) { + throw new FileTransferException('Unable to set permissions on @path. Change umask settings on server to be world executable.', array('@path' => $path)); + } static $ftp_ext_file_transfer; if (!$ftp_ext_file_transfer) { cvs diff: Diffing misc Index: misc/authorize.js =================================================================== RCS file: misc/authorize.js diff -N misc/authorize.js --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ misc/authorize.js 14 Oct 2009 17:26:38 -0000 @@ -0,0 +1,29 @@ +// $Id$ + +/** + * @file + * Conditionally hide or show the appropriate settings and saved defaults + * on the file transfer connection settings form used by authorize.php. + */ + +(function ($) { + +Drupal.behaviors.authorizeFileTransferForm = { + attach: function(context) { + $('#edit-connection-settings-authorize-filetransfer-default').change(function() { + $('.filetransfer').hide().filter('.filetransfer-' + $(this).val()).show(); + }); + $('.filetransfer').hide().filter('.filetransfer-' + $('#edit-connection-settings-authorize-filetransfer-default').val()).show(); + + // Removes the float on the select box (used for non-JS interface) + if($('.connection-settings-update-filetransfer-default-wrapper').length > 0) { + console.log($('.connection-settings-update-filetransfer-default-wrapper')); + $('.connection-settings-update-filetransfer-default-wrapper').css('float', 'none'); + } + // Hides the submit button for non-js users + $('#edit-submit-connection').hide(); + $('#edit-submit-process').show(); + } +} + +})(jQuery); cvs diff: Diffing misc/farbtastic cvs diff: Diffing misc/ui cvs diff: Diffing misc/ui/images cvs diff: Diffing modules/system Index: modules/system/maintenance.css =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/system/maintenance.css,v retrieving revision 1.1 diff -u -p -r1.1 maintenance.css --- modules/system/maintenance.css 30 Nov 2007 12:19:10 -0000 1.1 +++ modules/system/maintenance.css 15 Oct 2009 11:56:31 -0000 @@ -21,3 +21,18 @@ #update-results li.failure strong { color: #b63300; } + +/* authorize.php styles */ +.connection-settings-update-filetransfer-default-wrapper { + float: left; +} +#edit-submit-connection { + clear: both; +} +.filetransfer { + display: none; + clear: both; +} +#edit-connection-settings-change-connection-type { + margin: 2.6em 0.5em 0em 1em; +} Index: modules/system/system.info =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/system/system.info,v retrieving revision 1.16 diff -u -p -r1.16 system.info --- modules/system/system.info 31 Aug 2009 18:30:27 -0000 1.16 +++ modules/system/system.info 15 Oct 2009 11:56:31 -0000 @@ -12,5 +12,6 @@ files[] = system.install files[] = system.test files[] = system.tar.inc files[] = system.tokens.inc +files[] = system.updater.inc files[] = mail.sending.inc required = TRUE Index: modules/system/system.module =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/system/system.module,v retrieving revision 1.813 diff -u -p -r1.813 system.module --- modules/system/system.module 15 Oct 2009 12:27:34 -0000 1.813 +++ modules/system/system.module 15 Oct 2009 12:28:59 -0000 @@ -1408,6 +1408,70 @@ function _system_themes_access($theme) { } /** + * Invoke a given callback via authorize.php to run with elevated privileges. + * + * To use authorize.php, certain variables must be stashed into + * $_SESSION. This function sets up all the necessary $_SESSION variables, + * then redirects to authorize.php to initiate the workflow that will + * eventually lead to the callback being invoked. The callback will be invoked + * at a low bootstrap level, without all modules being invoked, so it needs to + * be careful not to assume any code exists. + * + * @param $callback + * The name of the function to invoke one the user authorizes the operation. + * @param $file + * The full path to the file where the callback function is implemented. + * @param $arguments + * Optional array of arguments to pass into the callback when it is invoked. + * Note that the first argument to the callback is always the FileTransfer + * object created by authorize.php when the user authorizes the operation. + * @param $page_title + * Optional string to use as the page title once redirected to authorize.php. + * @return + * Nothing. This function redirects to authorize.php and does not return. + */ +function system_run_authorized($callback, $file, $arguments = array(), $page_title = NULL) { + global $base_url; + + // First, figure out what file transfer backends the site supports, and put + // all of those in the SESSION so that authorize.php has access to all of + // them via the class autoloader, even without a full bootstrap. + $_SESSION['authorize_filetransfer_backends'] = module_invoke_all('filetransfer_backends'); + + // Now, define the callback to invoke. + $_SESSION['authorize_operation'] = array( + 'callback' => $callback, + 'file' => $file, + 'arguments' => $arguments, + ); + + if (isset($page_title)) { + $_SESSION['authorize_operation']['page_title'] = $page_title; + } + + // Finally, redirect to authorize.php. + drupal_goto($base_url . '/authorize.php'); +} + +/** + * Implement hook_updater_info(). + */ +function system_updater_info() { + return array( + 'module' => array( + 'class' => 'ModuleUpdater', + 'name' => t('Update modules'), + 'weight' => 0, + ), + 'theme' => array( + 'class' => 'ThemeUpdater', + 'name' => t('Update themes'), + 'weight' => 0, + ), + ); +} + +/** * Implement hook_filetransfer_backends(). */ function system_filetransfer_backends() { Index: modules/system/system.updater.inc =================================================================== RCS file: modules/system/system.updater.inc diff -N modules/system/system.updater.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ modules/system/system.updater.inc 15 Oct 2009 11:56:31 -0000 @@ -0,0 +1,116 @@ +name); + } + + public static function canUpdateDirectory($directory) { + if (file_scan_directory($directory, '/.*\.module/')) { + return TRUE; + } + return FALSE; + } + + public static function canUpdate($project_name) { + return (bool) drupal_get_path('module', $project_name); + } + + /** + * Return available database schema updates one a new version is installed. + */ + public function getSchemaUpdates() { + require_once './includes/install.inc'; + require_once './includes/update.inc'; + + if (_update_get_project_type($project) != 'module') { + return array(); + } + module_load_include('install', $project); + + if (!$updates = drupal_get_schema_versions($project)) { + return array(); + } + $updates_to_run = array(); + $modules_with_updates = update_get_update_list(); + if ($updates = $modules_with_updates[$project]) { + if ($updates['start']) { + return $updates['pending']; + } + } + return array(); + } + + public function postInstallTasks() { + return array( + l(t('Enable newly added modules in !project', array('!project' => $this->title)), 'admin/config/modules'), + ); + } + + public function postUpdateTasks() { + // @todo: If there are schema updates. + return array( + l(t('Run database updates for !project', array('!project' => $this->title)), 'update.php'), + ); + } + +} + +/** + * Class for updating themes using FileTransfer classes via authorize.php. + */ +class ThemeUpdater extends Updater implements DrupalUpdaterInterface { + + public static function getInstallDirectory() { + return DRUPAL_ROOT . '/' . conf_path() . '/themes'; + } + + public function isInstalled() { + return (bool) drupal_get_path('theme', $this->name); + } + + static function canUpdateDirectory($directory) { + // This is a lousy test, but don't know how else to confirm it is a theme. + if (file_scan_directory($directory, '/.*\.module/')) { + return FALSE; + } + return TRUE; + } + + public static function canUpdate($project_name) { + return (bool) drupal_get_path('theme', $project_name); + } + + public function postInstall() { + // Update the system table. + system_get_theme_data(); + + // Active the theme + db_update('system') + ->fields(array('status' => 1)) + ->condition('type', 'theme') + ->condition('name', $this->name) + ->execute(); + } + + public function postInstallTasks() { + return array( + l(t('Set the !project theme as default', array('!project' => $this->title)), 'admin/appearance'), + ); + } +} cvs diff: Diffing modules/update Index: modules/update/update.authorize.inc =================================================================== RCS file: modules/update/update.authorize.inc diff -N modules/update/update.authorize.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ modules/update/update.authorize.inc 15 Oct 2009 11:56:22 -0000 @@ -0,0 +1,302 @@ + $project_info) { + $operations[] = array( + 'update_authorize_batch_copy_project', + array( + $project_info['project'], + $project_info['updater_name'], + $project_info['local_url'], + $filetransfer, + ), + ); + } + + $batch = array( + 'title' => t('Installing updates'), + 'init_message' => t('Preparing to update your site'), + 'operations' => $operations, + 'finished' => 'update_authorize_update_batch_finished', + 'file' => drupal_get_path('module', 'update') . '/update.authorize.inc', + ); + + batch_set($batch); + // Invoke the batch via authorize.php. + batch_process($base_url . '/authorize.php', $base_url . '/authorize.php?batch=1'); +} + +/** + * Callback invoked by authorize.php to install a new project. + * + * @param FileTransfer $filetransfer + * The FileTransfer object created by authorize.php for use during this + * operation. + * @param string $project + * The canonical project short name (e.g. {system}.name). + * @param string $updater_name + * The name of the Updater class to use for installing this project. + * @param string $local_url + * The URL to the locally installed temp directory where the project has + * already been downloaded and extracted into. + */ +function update_authorize_run_install($filetransfer, $project, $updater_name, $local_url) { + global $base_url; + + $operations[] = array( + 'update_authorize_batch_copy_project', + array( + $project, + $updater_name, + $local_url, + $filetransfer, + ), + ); + + // @todo Instantiate our Updater to set the human-readable title? + $batch = array( + 'title' => t('Installing %project', array('%project' => $project)), + 'init_message' => t('Preparing to install'), + 'operations' => $operations, + // @todo Use a different finished callback for different messages? + 'finished' => 'update_authorize_install_batch_finished', + 'file' => drupal_get_path('module', 'update') . '/update.authorize.inc', + ); + batch_set($batch); + + // Invoke the batch via authorize.php. + batch_process($base_url . '/authorize.php', $base_url . '/authorize.php?batch=1'); + +} + +/** + * Copy a project to its proper place when authorized with elevated privileges. + * + * @param string $project + * The cannonical short name of the project being installed. + * @param string $updater_name + * The name of the Updater class to use for installing this project. + * @param string $local_url + * The URL to the locally installed temp directory where the project has + * already been downloaded and extracted into. + * @param FileTransfer $filetransfer + * The FileTransfer object to use for performing this operation. + * @param array &$context + * Reference to an array used for BatchAPI storage. + */ +function update_authorize_batch_copy_project($project, $updater_name, $local_url, $filetransfer, &$context) { + + // Initialize some variables in the Batch API $context array. + if (!isset($context['results']['log'])) { + $context['results']['log'] = array(); + } + if (!isset($context['results']['log'][$project])) { + $context['results']['log'][$project] = array(); + } + + if (!isset($context['results']['tasks'])) { + $context['results']['tasks'] = array(); + } + + /** + * The batch API uses a session, and since all the arguments are serialized + * and unserialized between requests, although the FileTransfer object + * itself will be reconstructed, the connection pointer itself will be lost. + * However, the FileTransfer object will still have the connection variable, + * even though the connection itself is now gone. So, although it's ugly, we + * have to unset the connection variable at this point so that the + * FileTransfer object will re-initiate the actual connection. + */ + unset($filetransfer->connection); + + if (!empty($context['results']['log'][$project]['#abort'])) { + $context['#finished'] = 1; + return; + } + + $updater = new $updater_name($local_url); + + try { + if ($updater->isInstalled()) { + // This is an update. + $tasks = $updater->update($filetransfer); + } + else { + $tasks = $updater->install($filetransfer); + } + } + catch (UpdaterError $e) { + _update_batch_create_message($context['results']['log'][$project], t("Error installing / updating"), FALSE); + _update_batch_create_message($context['results']['log'][$project], $e->getMessage(), FALSE); + $context['results']['log'][$project]['#abort'] = TRUE; + return; + } + + _update_batch_create_message($context['results']['log'][$project], t('Installed %project_name successfully', array('%project_name' => $project))); + $context['results']['tasks'] += $tasks; + + // This particular operation is now complete, even though the batch might + // have other operations to perform. + $context['finished'] = 1; +} + +/** + * Batch callback for when the authorized update batch is finished. + * + * This processes the results and stashes them into SESSION such that + * authorize.php will render a report. Also responsible for putting the site + * back online and clearing the update status cache after a successful update. + */ +function update_authorize_update_batch_finished($success, $results) { + foreach ($results['log'] as $project => $messages) { + if (!empty($messages['#abort'])) { + $success = FALSE; + } + } + $offline = variable_get('site_offline', FALSE); + if ($success) { + // Now that the update completed, we need to clear the cache of available + // update data and recompute our status, so prevent show bogus results. + _update_authorize_clear_update_status(); + + if ($offline) { + variable_set('site_offline', FALSE); + $page_message = array( + 'message' => t('Update was completed successfully. Your site has been taken out of maintenance mode.'), + 'type' => 'status', + ); + } + else { + $page_message = array( + 'message' => t('Update was completed successfully.'), + 'type' => 'status', + ); + } + } + elseif (!$offline) { + $page_message = array( + 'message' => t('Update failed! See the log below for more information.'), + 'type' => 'error', + ); + } + else { + $page_message = array( + 'message' => t('Update failed! See the log below for more information. Your site is still in maintenance mode.'), + 'type' => 'error', + ); + } + + // Set all these values into the SESSION so authorize.php can display them. + $_SESSION['authorize_results']['success'] = $success; + $_SESSION['authorize_results']['page_message'] = $page_message; + $_SESSION['authorize_results']['messages'] = $results['log']; + $_SESSION['authorize_results']['tasks'] = $results['tasks']; +} + +/** + * Batch callback for when the authorized install batch is finished. + * + * This processes the results and stashes them into SESSION such that + * authorize.php will render a report. Also responsible for putting the site + * back online after a successful install if necessary. + */ +function update_authorize_install_batch_finished($success, $results) { + foreach ($results['log'] as $project => $messages) { + if (!empty($messages['#abort'])) { + $success = FALSE; + } + } + $offline = variable_get('site_offline', FALSE); + if ($success && $offline) { + variable_set('site_offline', FALSE); + $page_message = array( + 'message' => t('Installation was completed successfully. Your site has been taken out of maintenance mode.'), + 'type' => 'status', + ); + } + elseif ($success && !$offline) { + $page_message = array( + 'message' => t('Installation was completed successfully.'), + 'type' => 'status', + ); + } + elseif (!$success && !$offline) { + $page_message = array( + 'message' => t('Installation failed! See the log below for more information.'), + 'type' => 'error', + ); + } + else { + $page_message = array( + 'message' => t('Installation failed! See the log below for more information. Your site is still in maintenance mode.'), + 'type' => 'error', + ); + } + + // Set all these values into the SESSION so authorize.php can display them. + $_SESSION['authorize_results']['success'] = $success; + $_SESSION['authorize_results']['page_message'] = $page_message; + $_SESSION['authorize_results']['messages'] = $results['log']; + $_SESSION['authorize_results']['tasks'] = $results['tasks']; +} + +/** + * Helper function to create a structure of log messages. + * + * @param array $project_results + * @param string $message + * @param bool $success + */ +function _update_batch_create_message(&$project_results, $message, $success = TRUE) { + $project_results[] = array('message' => $message, 'success' => $success); +} + +/** + * Private helper function to clear cached available update status data. + * + * Since this function is run at such a low bootstrap level, update.module is + * not loaded. So, we can't just call _update_cache_clear(). However, the + * database is bootstrapped, so we can do a query ourselves to clear out what + * we want to clear. + * + * Note that we do not want to just truncate the table, since that would + * remove items related to currently pending fetch attempts. + * + * @see update_authorize_update_batch_finished() + * @see _update_cache_clear() + */ +function _update_authorize_clear_update_status() { + $query = db_delete('cache_update'); + $query->condition( + db_or() + ->condition('cid', 'update_project_%', 'LIKE') + ->condition('cid', 'available_releases::%', 'LIKE') + ); + $query->execute(); +} Index: modules/update/update.css =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.css,v retrieving revision 1.5 diff -u -p -r1.5 update.css --- modules/update/update.css 29 Apr 2009 03:57:21 -0000 1.5 +++ modules/update/update.css 15 Oct 2009 11:56:22 -0000 @@ -108,3 +108,17 @@ table.update, .update .check-manually { padding-left: 1em; /* LTR */ } + +.update-major-version-warning { + color: #ff0000; +} + +table tbody tr.update-security, +table tbody tr.update-unsupported { + background: #fcc; +} + +th.update-project-name { + width: 50%; +} + Index: modules/update/update.info =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.info,v retrieving revision 1.6 diff -u -p -r1.6 update.info --- modules/update/update.info 26 Sep 2009 17:03:13 -0000 1.6 +++ modules/update/update.info 15 Oct 2009 11:56:22 -0000 @@ -4,10 +4,12 @@ description = Checks the status of avail version = VERSION package = Core core = 7.x -files[] = update.compare.inc -files[] = update.fetch.inc files[] = update.install files[] = update.module +files[] = update.authorize.inc +files[] = update.compare.inc +files[] = update.fetch.inc +files[] = update.manager.inc files[] = update.report.inc files[] = update.settings.inc files[] = update.test Index: modules/update/update.manager.inc =================================================================== RCS file: modules/update/update.manager.inc diff -N modules/update/update.manager.inc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ modules/update/update.manager.inc 15 Oct 2009 11:56:22 -0000 @@ -0,0 +1,733 @@ + t('There was a problem getting update information. Please try again later.'), + ); + return $form; + } + + drupal_add_css('misc/ui/ui.all.css'); + drupal_add_css('misc/ui/ui.dialog.css'); + drupal_add_js('misc/ui/ui.core.js', array('weight' => JS_LIBRARY + 5)); + drupal_add_js('misc/ui/ui.dialog.js', array('weight' => JS_LIBRARY + 6)); + $form['#attached']['js'][] = drupal_get_path('module', 'update') . '/update.manager.js'; + $form['#attached']['css'][] = drupal_get_path('module', 'update') . '/update.css'; + + // This will be a nested array. The first key is the kind of project, which + // can be either 'enabled', 'disabled', 'manual-enabled' (enabled add-ons + // which require manual updates, such as core or -dev projects) or + // 'manual-disabled' (disabled add-ons that need a manual update). Then, + // each subarray is an array of projects of that type, indexed by project + // short name, and containing an array of data for cells in that project's + // row in the appropriate table. + $projects = array(); + + // This stores the actual download link we're going to update from for each + // project in the form, regardless of if it's enabled or disabled. + $form['project_downloads'] = array('#tree' => TRUE); + + module_load_include('inc', 'update', 'update.compare'); + $project_data = update_calculate_project_data($available); + foreach ($project_data as $name => $project) { + // Filter out projects which are up2date already. + if ($project['status'] == UPDATE_CURRENT) { + continue; + } + // The project name to display can vary based on the info we have. + if (!empty($project['title'])) { + if (!empty($project['link'])) { + $project_name = l($project['title'], $project['link']); + } + else { + $project_name = check_plain($project['title']); + } + } + elseif (!empty($project['info']['name'])) { + $project_name = check_plain($project['info']['name']); + } + else { + $project_name = check_plain($name); + } + if ($project['project_type'] == 'theme' || $project['project_type'] == 'theme-disabled') { + $project_name .= ' ' . t('(Theme)'); + } + + if (empty($project['recommended'])) { + // If we don't know what to recommend they upgrade to, we should skip + // the project entirely. + continue; + } + + $recommended_release = $project['releases'][$project['recommended']]; + $recommended_version = $recommended_release['version'] . ' ' . l(t('(Release notes)'), $recommended_release['release_link'], array('attributes' => array('title' => t('Release notes for @project_name', array('@project_name' => $project_name))))); + if ($recommended_release['version_major'] != $project['existing_major']) { + $recommended_version .= '
    ' . t('This update is a major version update which means that it may not be backwards compatible with your currently running version. It is recommended that you read the release notes and proceed at your own risk.') . '
    '; + } + + // Create an entry for this project. + $entry = array( + 'title' => $project_name, + 'installed_version' => $project['existing_version'], + 'recommended_version' => $recommended_version, + ); + + switch ($project['status']) { + case UPDATE_NOT_SECURE: + case UPDATE_REVOKED: + $entry['title'] .= ' ' . t('(Security Update)'); + $entry['#weight'] = -2; + $type = 'security'; + break; + + case UPDATE_NOT_SUPPORTED: + $type = 'unsupported'; + $entry['title'] .= ' ' . t('(Unsupported)'); + $entry['#weight'] = -1; + break; + + case UPDATE_UNKNOWN: + case UPDATE_NOT_FETCHED: + case UPDATE_NOT_CHECKED: + case UPDATE_NOT_CURRENT: + $type = 'recommended'; + break; + + default: + // Jump out of the switch and onto the next project in foreach. + continue 2; + } + + $entry['#attributes'] = array('class' => array('update-' . $type)); + + // Drupal core and projects which are dev versions with no stable release + // need to be upgraded manually. + $needs_manual = $project['project_type'] == 'core' || ($project['install_type'] == 'dev' && $recommended_release['version_extra'] == 'dev'); + + if ($needs_manual) { + // Since it won't be tableselect, #weight will confuse the table if it's + // defined, so just unset it (since the order doesn't really matter that + // much in the manual updates table, anyway). + unset($entry['#weight']); + } + else { + $form['project_downloads'][$name] = array( + '#type' => 'value', + '#value' => $recommended_release['download_link'], + ); + } + + // Based on what kind of project this is, save the entry into the + // appropriate subarray. + switch ($project['project_type']) { + case 'core': + // Core is always enabled, but need manual updates at this time. + $projects['manual-enabled'][$name] = $entry; + break; + + case 'module': + case 'theme': + if ($needs_manual) { + $projects['manual-enabled'][$name] = $entry; + } + else { + $projects['enabled'][$name] = $entry; + } + break; + + case 'module-disabled': + case 'theme-disabled': + if ($needs_manual) { + $projects['manual-disabled'][$name] = $entry; + } + else { + $projects['disabled'][$name] = $entry; + } + break; + } + } + + if (empty($projects)) { + $form['message'] = array( + '#markup' => t('All of your projects are up to date.'), + ); + return $form; + } + + $headers = array( + 'title' => array( + 'data' => t('Name'), + 'class' => array('update-project-name'), + ), + 'installed_version' => t('Installed version'), + 'recommended_version' => t('Recommended version'), + ); + + if (!empty($projects['enabled'])) { + $form['projects'] = array( + '#type' => 'tableselect', + '#header' => $headers, + '#options' => $projects['enabled'], + ); + if (count($projects) > 1) { + $form['projects']['#prefix'] = '

    ' . t('Enabled add-ons') . '

    '; + } + } + + if (!empty($projects['disabled'])) { + $form['disabled_projects'] = array( + '#type' => 'tableselect', + '#header' => $headers, + '#options' => $projects['disabled'], + '#weight' => 1, + ); + if (count($projects) > 1) { + $form['disabled_projects']['#prefix'] = '

    ' . t('Disabled add-ons') . '

    '; + } + } + + // If either table has been printed yet, we need a submit button and to + // validate the checkboxes. + if (!empty($projects['enabled']) || !empty($projects['disabled'])) { + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Download these updates'), + '#weight' => 10, + ); + $form['#validate'][] = 'update_manager_update_form_validate'; + } + + if (!empty($projects['manual-enabled'])) { + $prefix = '

    ' . t('Add-ons requiring manual updates') . '

    '; + $prefix .= '

    ' . t('Updates of Drupal core or development releases are not supported at this time.') . '

    '; + $form['manual_updates'] = array( + '#type' => 'markup', + '#markup' => theme('table', array('header' => $headers, 'rows' => $projects['manual-enabled'])), + '#prefix' => $prefix, + '#weight' => 20, + ); + } + + if (!empty($projects['manual-disabled'])) { + $prefix = '

    ' . t('Disabled add-ons requiring manual updates') . '

    '; + $prefix .= '

    ' . t('Updates of Drupal core or development releases are not supported at this time.') . '

    '; + $form['manual_disabled'] = array( + '#type' => 'markup', + '#markup' => theme('table', array('header' => $headers, 'rows' => $projects['manual-disabled'])), + '#prefix' => $prefix, + '#weight' => 25, + ); + } + + return $form; +} + +/** + * Theme the first page in the update manager wizard to select projects. + * + * @param $variables + * form: The form + * + * @ingroup themeable + */ +function theme_update_manager_update_form($variables) { + $form = $variables['form']; + $last = variable_get('update_last_check', 0); + $output = theme('update_last_check', array('last' => $last)); + $output .= drupal_render_children($form); + return $output; +} + +/** + * Validation callback to ensure that at least one project is selected. + */ +function update_manager_update_form_validate($form, &$form_state) { + if (!empty($form_state['values']['projects'])) { + $enabled = array_filter($form_state['values']['projects']); + } + if (!empty($form_state['values']['disabled_projects'])) { + $disabled = array_filter($form_state['values']['disabled_projects']); + } + if (empty($enabled) && empty($disabled)) { + form_set_error('projects', t('You must select at least one project to update.')); + } +} + +/** + * Submit function for the main update form. + * + * This sets up a batch to download, extract and verify the selected releases + * + * @see update_manager_update_form() + */ +function update_manager_update_form_submit($form, &$form_state) { + $projects = array(); + foreach (array('projects', 'disabled_projects') as $type) { + if (!empty($form_state['values'][$type])) { + $projects = array_merge($projects, array_keys(array_filter($form_state['values'][$type]))); + } + } + $operations = array(); + foreach ($projects as $project) { + $operations[] = array( + 'update_manager_batch_project_get', + array( + $project, + $form_state['values']['project_downloads'][$project], + ), + ); + } + $batch = array( + 'title' => t('Downloading updates'), + 'init_message' => t('Preparing to download selected updates'), + 'operations' => $operations, + 'finished' => 'update_manager_download_batch_finished', + 'file' => drupal_get_path('module', 'update') . '/update.manager.inc', + ); + batch_set($batch); +} + +/** + * Batch callback invoked when the download batch is completed. + */ +function update_manager_download_batch_finished($success, $results) { + if ($success) { + $_SESSION['update_manager_update_projects'] = $results; + drupal_goto('admin/update/confirm'); + } + else { + foreach($results as $project => $message) { + drupal_set_message($message, 'error'); + } + } +} + +function update_manager_confirm_update_form($form, &$form_state) { + $form['information']['#weight'] = -100; + $form['information']['backup_header'] = array( + '#prefix' => '

    ', + '#markup' => t('Step 1: Backup your site'), + '#suffix' => '

    ', + ); + + $form['information']['backup_message'] = array( + '#prefix' => '

    ', + '#markup' => t('We do not currently have a web based backup tool. Learn more about how to take a backup.', array('@backup_url' => url('http://drupal.org/node/22281'))), + '#suffix' => '

    ', + ); + + $form['information']['maint_header'] = array( + '#prefix' => '

    ', + '#markup' => t('Step 2: Enter maintenance mode'), + '#suffix' => '

    ', + ); + + $form['information']['maint_message'] = array( + '#prefix' => '

    ', + '#markup' => t('It is strongly recommended that you put your site into maintenance mode while performing an update.'), + '#suffix' => '

    ', + ); + + $form['information']['site_offline'] = array( + '#title' => t('Perform updates with site in maintenance mode'), + '#type' => 'checkbox', + '#default_value' => TRUE, + ); + + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Install updates'), + '#weight' => 100, + ); + + return $form; +} + +function update_manager_confirm_update_form_submit($form, &$form_state) { + if ($form_state['values']['site_offline'] == TRUE) { + variable_set('site_offline', TRUE); + } + + if (!empty($_SESSION['update_manager_update_projects'])) { + // Make sure the Updater registry is loaded. + drupal_get_updaters(); + + $updates = array(); + $directory = _update_manager_extract_directory(); + + $projects = $_SESSION['update_manager_update_projects']; + unset($_SESSION['update_manager_update_projects']); + + foreach ($projects as $project => $url) { + $project_location = $directory . '/' . $project; + $updater = Updater::factory($project_location); + $updates[] = array( + 'project' => $project, + 'updater_name' => get_class($updater), + 'local_url' => drupal_realpath($project_location), + ); + } + + system_run_authorized('update_authorize_run_update', drupal_get_path('module', 'update') . '/update.authorize.inc', array($updates)); + } +} + +/** + * @} End of "defgroup update_manager_update". + */ + +/** + * @defgroup update_manager_install Update manager for installing new code. + * @{ + */ + +function update_manager_install_form(&$form_state) { + $form = array(); + + $form['project_url'] = array( + '#type' => 'textfield', + '#title' => t('URL'), + '#description' => t('Paste the URL to a Drupal module or theme archive (.tar.gz) to install it. (e.g http://ftp.drupal.org/files/projects/projectname.tar.gz)'), + ); + + $form['information'] = array( + '#prefix' => '', + '#markup' => t('Or'), + '#suffix' => '', + ); + + $form['project_upload'] = array( + '#type' => 'file', + '#title' => t('Upload a module or theme'), + '#description' => t('Upload a Drupal module or theme (in .tar.gz format) to install it.'), + ); + + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Install'), + ); + + return $form; +} + +/** + * Validate the form for installing a new project via the update manager. + */ +function update_manager_install_form_validate($form, &$form_state) { + if (!($form_state['values']['project_url'] XOR !empty($_FILES['files']['name']['project_upload']))) { + form_set_error('project_url', t('You must either provide a URL or upload an archive file to install.')); + } +} + +/** + * Handle form submission when installing new projects via the update manager. + * + * Either downloads the file specified in the URL to a temporary cache, or + * uploads the file attached to the form, then attempts to extract the archive + * into a temporary location and verify it. Instantiate the appropriate + * Updater class for this project and make sure it is not already installed in + * the live webroot. If everything is successful, setup an operation to run + * via authorize.php which will copy the extracted files from the temporary + * location into the live site. + */ +function update_manager_install_form_submit($form, &$form_state) { + if ($form_state['values']['project_url']) { + $field = 'project_url'; + $local_cache = update_manager_file_get($form_state['values']['project_url']); + if (!$local_cache) { + form_set_error($field, t('Unable to retreive Drupal project from %url.', array('%url' => $form_state['values']['project_url']))); + return; + } + } + elseif ($_FILES['files']['name']['project_upload']) { + $field = 'project_upload'; + // @todo: add some validators here. + $finfo = file_save_upload($field, array(), NULL, FILE_EXISTS_REPLACE); + // @todo: find out if the module is already instealled, if so, throw an error. + $local_cache = $finfo->uri; + } + + $directory = _update_manager_extract_directory(); + try { + $archive = update_manager_archive_extract($local_cache, $directory); + } + catch (Exception $e) { + form_set_error($field, $e->getMessage()); + return; + } + + $files = $archive->listContent(); + if (!$files) { + form_set_error($field, t('Provided archive contains no files.')); + return; + } + // Unfortunately, we can only use the directory name for this. :( + $project = drupal_substr($files[0]['filename'], 0, -1); + + try { + update_manager_archive_verify($project, $local_cache, $directory); + } + catch (Exception $e) { + form_set_error($field, $e->getMessage()); + return; + } + + // Make sure the Updater registry is loaded. + drupal_get_updaters(); + + $project_location = $directory . '/' . $project; + $updater = Updater::factory($project_location); + $project_title = Updater::getProjectTitle($project_location); + + if (!$project_title) { + form_set_error($field, t('Unable to determine %project name.', array('%project' => $project))); + } + + if ($updater->isInstalled()) { + form_set_error($field, t('%project is already installed.', array('%project' => $project_title))); + return; + } + + $arguments = array( + 'project' => $project, + 'updater_name' => get_class($updater), + 'local_url' => drupal_realpath($project_location), + ); + + return system_run_authorized('update_authorize_run_install', drupal_get_path('module', 'update') . '/update.authorize.inc', $arguments); +} + +/** + * @} End of "defgroup update_manager_install". + */ + +/** + * @defgroup update_manager_file Update manager file management functions. + * @{ + */ + +/** + * Return the directory where update archive files should be extracted. + * + * If the directory does not already exist, attempt to create it. + * + * @return + * The full path to the temporary directory where update file archives + * should be extracted. + */ +function _update_manager_extract_directory() { + $directory = &drupal_static(__FUNCTION__, ''); + if (empty($directory)) { + $directory = DRUPAL_ROOT . '/' . file_directory_path('temporary') . '/update-extraction'; + if (!file_exists($directory)) { + mkdir($directory); + } + } + return $directory; +} + +/** + * Unpack a downloaded archive file. + * + * @param string $project + * The short name of the project to download. + * @param string $file + * The filename of the archive you wish to extract. + * @param string $directory + * The directory you wish to extract the archive info. + * + * @return + * The Archive_Tar class used to extract the archive. + * @throws Exception on failure. + * + * @todo Currently, this is hard-coded to only support .tar.gz. This is an API + * bug, and should be fixed. See http://drupal.org/node/604618. + */ +function update_manager_archive_extract($file, $directory) { + $archive_tar = new Archive_Tar(drupal_realpath($file)); + if (!$archive_tar->extract($directory)) { + throw new Exception(t('Unable to extract %file', array('%file' => $file))); + } + return $archive_tar; +} + +/** + * Verify an archive after it has been downloaded and extracted. + * + * This function is responsible for invoking hook_verify_update_archive(). + * + * @param string $project + * The short name of the project to download. + * @param string $archive_file + * The filename of the unextracted archive. + * @param string $directory + * The directory that the archive was extracted into. + * + * @return void + * @throws Exception on failure. + * + */ +function update_manager_archive_verify($project, $archive_file, $directory) { + $failures = module_invoke_all('verify_update_archive', $project, $archive_file, $directory); + if (!empty($failures)) { + throw new Exception(t('Unable to extact %file', array('%file' => $file))); + } +} + +/** + * Copies a file from $url to the temporary directory for updates. + * + * If the file has already been downloaded, returns the the local path. + * + * @param $url + * The URL of the file on the server. + * + * @return string + * Path to local file. + */ +function update_manager_file_get($url) { + $parsed_url = parse_url($url); + $remote_schemes = array('http', 'https', 'ftp', 'ftps', 'smb', 'nfs'); + if (!in_array($parsed_url['scheme'], $remote_schemes)) { + // This is a local file, just return the path. + return drupal_realpath($url); + } + + // Check the cache and download the file if needed. + $local = 'temporary://update-cache/' . basename($parsed_url['path']); + $cache_directory = DRUPAL_ROOT . '/' . file_directory_path('temporary') . '/update-cache/'; + + if (!file_exists($cache_directory)) { + mkdir($cache_directory); + } + + if (!file_exists($local)) { + return system_retrieve_file($url, $local); + } + else { + return $local; + } +} + +/** + * Batch operation: download, unpack, and verify a project. + * + * This function assumes that the provided URL points to a file archive of + * some sort. The URL can have any scheme that we have a file stream wrapper + * to support. The file is downloaded to a local cache. + * + * @param string $project + * The short name of the project to download. + * @param string $url + * The URL to download a specific project release archive file. + * @param array &$context + * Reference to an array used for BatchAPI storage. + * + * @see update_manager_download_page() + */ +function update_manager_batch_project_get($project, $url, &$context) { + // This is here to show the user that we are in the process of downloading. + if (!isset($context['sandbox']['started'])) { + $context['sandbox']['started'] = TRUE; + $context['message'] = t('Downloading %project', array('%project' => $project)); + $context['success'] = TRUE; + $context['finished'] = 0; + return; + } + + // Assume failure until we make it to the bottom and succeed. + $context['success'] = FALSE; + + // Actually try to download the file. + if (!($local_cache = update_manager_file_get($url))) { + $context['results'][$project] = t('Failed to download %project from %url', array('%project' => $project, '%url' => $url)); + return; + } + + // Extract it. + $extract_directory = _update_manager_extract_directory(); + try { + update_manager_archive_extract($local_cache, $extract_directory); + } + catch (Exception $e) { + $context['results'][$project] = $e->getMessage(); + return; + } + + // Verify it. + try { + update_manager_archive_verify($project, $local_cache, $extract_directory); + } + catch (Exception $e) { + $context['results'][$project] = $e->getMessage(); + return; + } + + // Yay, success. + $context['success'] = TRUE; + $context['results'][$project] = $url; + $context['finished'] = 1; +} + +/** + * @} End of "defgroup update_manager_file". + */ Index: modules/update/update.module =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.module,v retrieving revision 1.49 diff -u -p -r1.49 update.module --- modules/update/update.module 13 Oct 2009 02:14:05 -0000 1.49 +++ modules/update/update.module 15 Oct 2009 11:56:22 -0000 @@ -77,11 +77,13 @@ define('UPDATE_MAX_FETCH_TIME', 5); function update_help($path, $arg) { switch ($path) { case 'admin/reports/updates': - global $base_url; - $output = '

    ' . t('Here you can find information about available updates for your installed modules and themes. Note that each module or theme is part of a "project", which may or may not have the same name, and might include multiple modules or themes within it.') . '

    '; - $output .= '

    ' . t('To extend the functionality or to change the look of your site, a number of contributed modules and themes are available.', array('@modules' => 'http://drupal.org/project/modules', '@themes' => 'http://drupal.org/project/themes')) . '

    '; - $output .= '

    ' . t('Each time Drupal core or a contributed module or theme is updated, it is important that update.php is run.', array('@update-php' => url($base_url . '/update.php', array('external' => TRUE)))) . '

    '; - return $output; + return '

    ' . t('Here you can find information about available updates for your installed modules and themes. Note that each module or theme is part of a "project", which may or may not have the same name, and might include multiple modules or themes within it.') . '

    '; + + case 'admin/appearance/install': + case 'admin/config/modules/install': + case 'admin/reports/updates/install': + return '

    ' . t('To install a new module or theme, either upload the .tar.gz file that you have downloaded, or paste the URL of a .tar.gz you wish to install. You can find modules and themes at http://drupal.org.', array('@module_url' => 'http://drupal.org/project/modules', '@theme_url' => 'http://drupal.org/project/themes', '@drupal_org_url' => 'http://drupal.org')) . '

    '; + case 'admin/appearance': case 'admin/config/modules': include_once DRUPAL_ROOT . '/includes/install.inc'; @@ -98,9 +100,13 @@ function update_help($path, $arg) { } } + case 'admin/appearance/update': + case 'admin/config/modules/update': + case 'admin/reports/updates/update': case 'admin/reports/updates/settings': case 'admin/reports/status': - // These two pages don't need additional nagging. + case 'admin/update/confirm': + // These pages don't need additional nagging. break; case 'admin/help#update': @@ -156,6 +162,7 @@ function update_menu() { 'access arguments' => array('administer site configuration'), 'file' => 'update.settings.inc', 'type' => MENU_LOCAL_TASK, + 'weight' => 50, ); $items['admin/reports/updates/check'] = array( 'title' => 'Manual update check', @@ -165,16 +172,84 @@ function update_menu() { 'file' => 'update.fetch.inc', ); + // We want action links for updating projects at a few different locations: + // both the module and theme administration pages, and on the available + // updates report itself. The menu items will be mostly identical, except the + // paths and titles, so we just define them in a loop. We pass in a string + // indicating what context we're entering the action from, so that can + // customize the appearance as needed. + $paths = array( + 'report' => 'admin/reports/updates', + 'module' => 'admin/config/modules', + 'theme' => 'admin/appearance', + ); + foreach ($paths as $context => $path) { + $items[$path . '/install'] = array( + 'page callback' => 'drupal_get_form', + 'page arguments' => array('update_manager_install_form', $context), + 'access callback' => 'update_manager_access', + 'access arguments' => array(), + 'weight' => 25, + 'type' => MENU_LOCAL_ACTION, + 'file' => 'update.manager.inc', + ); + $items[$path . '/update'] = array( + 'page callback' => 'drupal_get_form', + 'page arguments' => array('update_manager_update_form', $context), + 'access callback' => 'update_manager_access', + 'access arguments' => array(), + 'weight' => 20, + 'type' => MENU_LOCAL_ACTION, + 'file' => 'update.manager.inc', + ); + } + // Customize the titles of the action links depending on where they appear. + $items['admin/reports/updates/install']['title'] = 'Install new module or theme'; + $items['admin/reports/updates/update']['title'] = 'Update existing modules and themes'; + $items['admin/config/modules/install']['title'] = 'Install new module'; + $items['admin/config/modules/update']['title'] = 'Update existing modules'; + $items['admin/appearance/install']['title'] = 'Install new theme'; + $items['admin/appearance/update']['title'] = 'Update existing themes'; + + // Menu callback used for the confirmation page after all the releases + // have been downloaded, asking you to backup before installing updates. + $items['admin/update/confirm'] = array( + 'title' => 'Confirm update', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('update_manager_confirm_update_form'), + 'access callback' => 'update_manager_access', + 'access arguments' => array(), + 'type' => MENU_CALLBACK, + 'file' => 'update.manager.inc', + ); + return $items; } /** - * Implement the hook_theme() registry. + * Determine if the current user can access the updater menu items. + * + * This is used as a menu system access callback. It both enforces the + * 'administer software updates' permission and the global killswitch for the + * authorize.php script. + * + * @see update_menu() + */ +function update_manager_access() { + return variable_get('allow_authorize_operations', TRUE) && user_access('administer software updates'); +} + +/** + * Implement hook_theme(). */ function update_theme() { return array( - 'update_settings' => array( + 'update_manager_update_form' => array( 'arguments' => array('form' => NULL), + 'file' => 'update.manager.inc', + ), + 'update_last_check' => array( + 'arguments' => array('last' => NULL), ), 'update_report' => array( 'arguments' => array('data' => NULL), @@ -390,6 +465,8 @@ function update_get_available($refresh = // Grab whatever data we currently have cached in the DB. $available = _update_get_cached_available_releases(); + $num_avail = count($available); + $projects = update_get_projects(); foreach ($projects as $key => $project) { // If there's no data at all, we clearly need to fetch some. @@ -618,6 +695,30 @@ function _update_project_status_sort($a, } /** + * Render the HTML to display the last time we checked for update data. + * + * In addition to properly formating the given timestamp, this function also + * provides a "Check manually" link that refreshes the available update and + * redirects back to the same page. + * + * @param $variables + * 'last': The timestamp when the site last checked for available updates. + * + * @see theme_update_report() + * @see theme_update_available_updates_form() + * + * @ingroup themeable + */ +function theme_update_last_check($variables) { + $last = $variables['last']; + $output = '
    '; + $output .= $last ? t('Last checked: @time ago', array('@time' => format_interval(REQUEST_TIME - $last))) : t('Last checked: never'); + $output .= ' (' . l(t('Check manually'), 'admin/reports/updates/check', array('query' => drupal_get_destination())) . ')'; + $output .= "
    \n"; + return $output; +} + +/** * @defgroup update_status_cache Private update status cache system * @{ * Index: modules/update/update.report.inc =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.report.inc,v retrieving revision 1.25 diff -u -p -r1.25 update.report.inc --- modules/update/update.report.inc 13 Oct 2009 02:14:05 -0000 1.25 +++ modules/update/update.report.inc 15 Oct 2009 11:56:22 -0000 @@ -29,9 +29,7 @@ function theme_update_report($variables) $data = $variables['data']; $last = variable_get('update_last_check', 0); - $output = '
    ' . ($last ? t('Last checked: @timestamp (@time ago)', array('@time' => format_interval(REQUEST_TIME - $last), '@timestamp' => format_date($last))) : t('Last checked: never')); - $output .= ' (' . l(t('Check manually'), 'admin/reports/updates/check') . ')'; - $output .= "
    \n"; + $output = theme('update_last_check', array('last' => $last)); if (!is_array($data)) { $output .= '

    ' . $data . '

    '; Index: modules/update/update.test =================================================================== RCS file: /Users/wright/drupal/local_repo/drupal/modules/update/update.test,v retrieving revision 1.9 diff -u -p -r1.9 update.test --- modules/update/update.test 13 Oct 2009 08:02:49 -0000 1.9 +++ modules/update/update.test 15 Oct 2009 11:56:22 -0000 @@ -45,7 +45,6 @@ class UpdateTestHelper extends DrupalWeb */ protected function standardTests() { $this->assertRaw('

    ' . t('Drupal core') . '

    '); - $this->assertRaw(l(t('Check manually'), 'admin/reports/updates/check'), t('Link to check available updates manually appears.')); $this->assertRaw(l(t('Drupal'), 'http://example.com/project/drupal'), t('Link to the Drupal project appears.')); $this->assertNoText(t('No available releases found')); } cvs diff: Diffing modules/update/tests