CourseDriver::allow() - Code Metrics - Inspection of "Documents: Avoid to show ElFinder CourseDriver to..." - chamilo/chamilo-lms - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — BT18201 ( 2fe5aa )

by Angel Fernando Quiroz

created 2023-02-20 17:44 UTC

CourseDriver::allow() B

↳ Parent: CourseDriver

Complexity

Conditions	8
Paths	5

Size

Total Lines	29
Code Lines	15

Duplication

Lines	0
Ratio	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
eloc	15
c	1
b	0
f	0
dl	0
loc	29
rs	8.4444
cc	8
nc	5
nop	0

<?php
/* For licensing terms, see /license.txt */

namespace Chamilo\CoreBundle\Component\Editor\Driver;

use CourseHome;

/**
 * Class CourseDriver.
 *
 * @package Chamilo\CoreBundle\Component\Editor\Driver
 */
class CourseDriver extends Driver implements DriverInterface
{
    public $name = 'CourseDriver';
    public $visibleFiles = [];
    private $coursePath;

    /**
     * Setups the folder.
     */
    public function setup()
    {
        $userId = api_get_user_id();
        $userInfo = api_get_user_info();
        $sessionId = api_get_session_id();
        $courseInfo = $this->connector->course;

        if (!empty($courseInfo)) {
            $coursePath = api_get_path(SYS_COURSE_PATH);
            $courseDir = $courseInfo['directory'].'/document';
            $baseDir = $coursePath.$courseDir;
            $this->coursePath = $baseDir;

            // Creates shared folder
            if (!file_exists($baseDir.'/shared_folder')) {
                $title = get_lang('UserFolders');
                $folderName = '/shared_folder';
                //$groupId = 0;
                $visibility = 0;
                create_unexisting_directory(
                    $courseInfo,
                    $userId,
                    $sessionId,
                    0,
                    null,
                    $baseDir,
                    $folderName,
                    $title,
                    $visibility
                );
            }

            // Creates user-course folder
            if (!file_exists($baseDir.'/shared_folder/sf_user_'.$userId)) {
                $title = $userInfo['complete_name'];
                $folderName = '/shared_folder/sf_user_'.$userId;
                $visibility = 1;
                create_unexisting_directory(
                    $courseInfo,
                    $userId,
                    $sessionId,
                    0,
                    null,
                    $baseDir,
                    $folderName,
                    $title,
                    $visibility
                );
            }
        }
    }

    /**
     * {@inheritdoc}
     */
    public function getConfiguration()
    {
        if ($this->allow()) {
            //$translator = $this->connector->translator;
            //$code = $this->connector->course->getCode();
            $courseCode = $this->connector->course['code'];
            $alias = $courseCode.' '.get_lang('Documents');
            $userId = api_get_user_id();
            $config = [
                'driver' => 'CourseDriver',
                'path' => $this->getCourseDocumentSysPath(),
                'URL' => $this->getCourseDocumentRelativeWebPath(),
                'accessControl' => [$this, 'access'],
                'alias' => $alias,
                'attributes' => [
                    // Hide shared_folder
                    [
                        'pattern' => '/shared_folder/',
                        'read' => false,
                        'write' => false,
                        'hidden' => true,
                        'locked' => false,
                    ],
                    [
                        'pattern' => '/^\/index.html$/',
                        'read' => false,
                        'write' => false,
                        'hidden' => true,
                        'locked' => false,
                    ],
                ],
            ];

            // admin/teachers can create dirs from ckeditor
            if ($this->allowToEdit()) {
                $config['attributes'][] = [
                    'pattern' => '/^\/learning_path$/', // block delete learning_path
                    'read' => true,
                    'write' => false,
                    'hidden' => false,
                    'locked' => true,
                ];
                $config['attributes'][] = [
                    'pattern' => '/learning_path\/(.*)/', // allow edit/delete inside learning_path
                    'read' => true,
                    'write' => true,
                    'hidden' => false,
                    'locked' => false,
                ];

                $defaultDisabled = $this->connector->getDefaultDriverSettings()['disabled'];
                $defaultDisabled = array_flip($defaultDisabled);
                unset($defaultDisabled['mkdir']);
                $defaultDisabled = array_flip($defaultDisabled);
                $config['disabled'] = $defaultDisabled;
            } else {
                $protectedFolders = \DocumentManager::getProtectedFolderFromStudent();
                foreach ($protectedFolders as $folder) {
                    $config['attributes'][] = [
                        'pattern' => $folder.'/',
                        'read' => false,
                        'write' => false,
                        'hidden' => true,
                        'locked' => false,
                    ];
                }
            }

            $foldersToHide = \DocumentManager::get_all_document_folders(
                $this->connector->course,
                null,
                false,
                true
            );

            // Teachers can see all files and folders see #1425
            if ($this->allowToEdit()) {
                $foldersToHide = [];
            }

            if (!empty($foldersToHide)) {
                foreach ($foldersToHide as $folder) {
                    $config['attributes'][] = [
                        'pattern' => '!'.$folder.'!',
                        'read' => false,
                        'write' => false,
                        'hidden' => true,
                        'locked' => false,
                    ];
                }
            }

            // Hide all groups folders
            $config['attributes'][] = [
                'pattern' => '!_groupdocs_!',
                'read' => false,
                'write' => false,
                'hidden' => true,
                'locked' => false,
            ];

            // Allow only the groups I have access
            $allGroups = \GroupManager::getAllGroupPerUserSubscription($userId);
            if (!empty($allGroups)) {
                foreach ($allGroups as $groupInfo) {
                    $groupId = $groupInfo['iid'];
                    if (\GroupManager::user_has_access(
                        $userId,
                        $groupId,
                        \GroupManager::GROUP_TOOL_DOCUMENTS
                    )) {
                        $config['attributes'][] = [
                            'pattern' => '!'.$groupInfo['secret_directory'].'!',
                            'read' => true,
                            'write' => false,
                            'hidden' => false,
                            'locked' => false,
                        ];
                    }
                }
            }

            return $config;
        }

        return [];
    }

    /**
     * This is the absolute document course path like
     * /var/www/portal/data/courses/XXX/document/.
     *
     * @return string
     */
    public function getCourseDocumentSysPath()
    {
        $url = '';
        if ($this->allow()) {
            $directory = $this->getCourseDirectory();
            $coursePath = $this->connector->paths['sys_course_path'];
            $url = $coursePath.$directory.'/document/';
        }

        return $url;
    }

    /**
     * @return string
     */
    public function getCourseDocumentRelativeWebPath()
    {
        $url = null;
        if ($this->allow()) {
            $directory = $this->getCourseDirectory();
            $url = api_get_path(REL_COURSE_PATH).$directory.'/document/';
        }

        return $url;
    }

    /**
     * @return string
     */
    public function getCourseDocumentWebPath()
    {
        $url = null;
        if ($this->allow()) {
            $directory = $this->getCourseDirectory();
            $url = api_get_path(WEB_COURSE_PATH).$directory.'/document/';
        }

        return $url;
    }

    /**
     * @return string
     */
    public function getCourseDirectory()
    {
        return $this->connector->course['directory'];
    }

    /**
     * {@inheritdoc}
     */
    public function upload($fp, $dst, $name, $tmpname, $hashes = [])
    {
        // Needed to load course information in elfinder
        $this->setConnectorFromPlugin();

        if ($this->allowToEdit()) {
            // upload file by elfinder.
            $size = filesize($tmpname);
            $maxSpace = \DocumentManager::get_course_quota($this->connector->course['code']);
            // Check if there is enough space to save the file.
            if (!\DocumentManager::enough_space($size, $maxSpace)) {
                return false;
            }

            $result = parent::upload($fp, $dst, $name, $tmpname);
            $name = $result['name'];
            $filtered = \URLify::filter($result['name'], 80, '', true);

            if (strcmp($name, $filtered) != 0) {
                $result = $this->customRename($result['hash'], $filtered);
            }

            $realPath = $this->realpath($result['hash']);
            if (!empty($realPath)) {
                // Getting file info
                //$info = $elFinder->exec('file', array('target' => $file['hash']));
                /** @var elFinderVolumeLocalFileSystem $volume */
                //$volume = $info['volume'];
                //$root = $volume->root();
                //var/www/chamilogits/data/courses/NEWONE/document
                $realPathRoot = $this->getCourseDocumentSysPath();

                // Removing course path
                $realPath = str_replace($realPathRoot, '/', $realPath);
                add_document(
                    $this->connector->course,
                    $realPath,
                    'file',
                    (int) $result['size'],
                    $result['name']
                );
            }

            return $result;
        }

        return false;
    }

    /**
     * {@inheritdoc}
     */
    public function rm($hash)
    {
        // elfinder does not delete the file
        //parent::rm($hash);
        $this->setConnectorFromPlugin();

        if ($this->allowToEdit()) {
            $path = $this->decode($hash);
            $stat = $this->stat($path);
            $stat['realpath'] = $path;
            $this->removed[] = $stat;

            $realFilePath = $path;
            $coursePath = $this->getCourseDocumentSysPath();
            $filePath = str_replace($coursePath, '/', $realFilePath);

            \DocumentManager::delete_document(
                $this->connector->course,
                $filePath,
                $coursePath
            );

            return true;
        }

        return false;
    }

    /**
     * @return bool
     */
    public function allow()
    {
        //if ($this->connector->security->isGranted('ROLE_ADMIN')) {
        if (api_is_anonymous()) {
            return false;
        }

        $isAllowedToEdit = api_is_allowed_to_edit();

        $block = api_get_configuration_value('block_editor_file_manager_for_students');
        if ($block && !$isAllowedToEdit) {
            return false;
        }

        if (isset($this->connector->course) && !empty($this->connector->course)) {
            $isDocumentsToolVisible = CourseHome::getToolVisibility(
                TOOL_DOCUMENT,
                api_get_course_int_id(),
                api_get_session_id()
            );

            if (!$isDocumentsToolVisible && !$isAllowedToEdit) {
                return false;
            }

            return true;
        }

        return false;
    }

    /**
     * Allow to upload/delete folder or files.
     *
     * @return bool
     */
    public function allowToEdit()
    {
        $allow = $this->allow();

        return $allow && api_is_allowed_to_edit(null, true);
    }

    /**
     * {@inheritdoc}
     */
    public function mkdir($path, $name)
    {
        // Needed to load course information in elfinder
        $this->setConnectorFromPlugin();

        if ($this->allowToEdit() === false) {
            return false;
        }

        $result = parent::mkdir($path, $name);

        if ($result && isset($result['hash'])) {
            $_course = $this->connector->course;
            $realPathRoot = $this->getCourseDocumentSysPath();
            $realPath = $this->realpath($result['hash']);

            // Removing course path
            $newPath = str_replace($realPathRoot, '/', $realPath);
            $documentId = add_document(
                $_course,
                $newPath,
                'folder',
                0,
                $name,
                null,
                0,
                true,
                api_get_group_id(),
                api_get_session_id(),
                api_get_user_id()
            );

            if (empty($documentId)) {
                $this->rm($result['hash']);

                return false;
            }

            return $result;
        }

        return false;
    }

    /**
     * @param string $attr
     * @param string $path
     * @param $data
     * @param CourseDriver $volume
     */
    /*public function access($attr, $path, $data, $volume)
    {
        error_log($path);
        return true;
        if ($path == $this->coursePath) {

            return true;
        }

        $allowToEdit = $this->allowToEdit();
        if ($allowToEdit) {
            return true;
        }

        $path = str_replace($this->coursePath, '', $path);
        $documentId = \DocumentManager::get_document_id($this->connector->course, $path);

        if ($documentId) {

            $result = \DocumentManager::is_visible_by_id(
                $documentId,
                $this->connector->course,
                api_get_session_id(),
                api_get_user_id()
            );
            return false;
        }

        return false;
    }*/
}


1			<?php
2			/* For licensing terms, see /license.txt */
3
4			namespace Chamilo\CoreBundle\Component\Editor\Driver;
5
6			use CourseHome;
7
8			/**
9			* Class CourseDriver.
10			*
11			* @package Chamilo\CoreBundle\Component\Editor\Driver
12			*/
13			class CourseDriver extends Driver implements DriverInterface
14			{
15			public $name = 'CourseDriver';
16			public $visibleFiles = [];
17			private $coursePath;
18
19			/**
20			* Setups the folder.
21			*/
22			public function setup()
23			{
24			$userId = api_get_user_id();
25			$userInfo = api_get_user_info();
26			$sessionId = api_get_session_id();
27			$courseInfo = $this->connector->course;
28
29			if (!empty($courseInfo)) {
30			$coursePath = api_get_path(SYS_COURSE_PATH);
31			$courseDir = $courseInfo['directory'].'/document';
32			$baseDir = $coursePath.$courseDir;
33			$this->coursePath = $baseDir;
34
35			// Creates shared folder
36			if (!file_exists($baseDir.'/shared_folder')) {
37			$title = get_lang('UserFolders');
38			$folderName = '/shared_folder';
39			//$groupId = 0;
40			$visibility = 0;
41			create_unexisting_directory(
42			$courseInfo,
43			$userId,
44			$sessionId,
45			0,
46			null,
47			$baseDir,
48			$folderName,
49			$title,
50			$visibility
51			);
52			}
53
54			// Creates user-course folder
55			if (!file_exists($baseDir.'/shared_folder/sf_user_'.$userId)) {
56			$title = $userInfo['complete_name'];
57			$folderName = '/shared_folder/sf_user_'.$userId;
58			$visibility = 1;
59			create_unexisting_directory(
60			$courseInfo,
61			$userId,
62			$sessionId,
63			0,
64			null,
65			$baseDir,
66			$folderName,
67			$title,
68			$visibility
69			);
70			}
71			}
72			}
73
74			/**
75			* {@inheritdoc}
76			*/
77			public function getConfiguration()
78			{
79			if ($this->allow()) {
80			//$translator = $this->connector->translator;
81			//$code = $this->connector->course->getCode();
82			$courseCode = $this->connector->course['code'];
83			$alias = $courseCode.' '.get_lang('Documents');
84			$userId = api_get_user_id();
85			$config = [
86			'driver' => 'CourseDriver',
87			'path' => $this->getCourseDocumentSysPath(),
88			'URL' => $this->getCourseDocumentRelativeWebPath(),
89			'accessControl' => [$this, 'access'],
90			'alias' => $alias,
91			'attributes' => [
92			// Hide shared_folder
93			[
94			'pattern' => '/shared_folder/',
95			'read' => false,
96			'write' => false,
97			'hidden' => true,
98			'locked' => false,
99			],
100			[
101			'pattern' => '/^\/index.html$/',
102			'read' => false,
103			'write' => false,
104			'hidden' => true,
105			'locked' => false,
106			],
107			],
108			];
109
110			// admin/teachers can create dirs from ckeditor
111			if ($this->allowToEdit()) {
112			$config['attributes'][] = [
113			'pattern' => '/^\/learning_path$/', // block delete learning_path
114			'read' => true,
115			'write' => false,
116			'hidden' => false,
117			'locked' => true,
118			];
119			$config['attributes'][] = [
120			'pattern' => '/learning_path\/(.*)/', // allow edit/delete inside learning_path
121			'read' => true,
122			'write' => true,
123			'hidden' => false,
124			'locked' => false,
125			];
126
127			$defaultDisabled = $this->connector->getDefaultDriverSettings()['disabled'];
128			$defaultDisabled = array_flip($defaultDisabled);
129			unset($defaultDisabled['mkdir']);
130			$defaultDisabled = array_flip($defaultDisabled);
131			$config['disabled'] = $defaultDisabled;
132			} else {
133			$protectedFolders = \DocumentManager::getProtectedFolderFromStudent();
134			foreach ($protectedFolders as $folder) {
135			$config['attributes'][] = [
136			'pattern' => $folder.'/',
137			'read' => false,
138			'write' => false,
139			'hidden' => true,
140			'locked' => false,
141			];
142			}
143			}
144
145			$foldersToHide = \DocumentManager::get_all_document_folders(
146			$this->connector->course,
147			null,
148			false,
149			true
150			);
151
152			// Teachers can see all files and folders see #1425
153			if ($this->allowToEdit()) {
154			$foldersToHide = [];
155			}
156
157			if (!empty($foldersToHide)) {
158			foreach ($foldersToHide as $folder) {
159			$config['attributes'][] = [
160			'pattern' => '!'.$folder.'!',
161			'read' => false,
162			'write' => false,
163			'hidden' => true,
164			'locked' => false,
165			];
166			}
167			}
168
169			// Hide all groups folders
170			$config['attributes'][] = [
171			'pattern' => '!_groupdocs_!',
172			'read' => false,
173			'write' => false,
174			'hidden' => true,
175			'locked' => false,
176			];
177
178			// Allow only the groups I have access
179			$allGroups = \GroupManager::getAllGroupPerUserSubscription($userId);
180			if (!empty($allGroups)) {
181			foreach ($allGroups as $groupInfo) {
182			$groupId = $groupInfo['iid'];
183			if (\GroupManager::user_has_access(
184			$userId,
185			$groupId,
186			\GroupManager::GROUP_TOOL_DOCUMENTS
187			)) {
188			$config['attributes'][] = [
189			'pattern' => '!'.$groupInfo['secret_directory'].'!',
190			'read' => true,
191			'write' => false,
192			'hidden' => false,
193			'locked' => false,
194			];
195			}
196			}
197			}
198
199			return $config;
200			}
201
202			return [];
203			}
204
205			/**
206			* This is the absolute document course path like
207			* /var/www/portal/data/courses/XXX/document/.
208			*
209			* @return string
210			*/
211			public function getCourseDocumentSysPath()
212			{
213			$url = '';
214			if ($this->allow()) {
215			$directory = $this->getCourseDirectory();
216			$coursePath = $this->connector->paths['sys_course_path'];
217			$url = $coursePath.$directory.'/document/';
218			}
219
220			return $url;
221			}
222
223			/**
224			* @return string
225			*/
226			public function getCourseDocumentRelativeWebPath()
227			{
228			$url = null;
229			if ($this->allow()) {
230			$directory = $this->getCourseDirectory();
231			$url = api_get_path(REL_COURSE_PATH).$directory.'/document/';
232			}
233
234			return $url;
235			}
236
237			/**
238			* @return string
239			*/
240			public function getCourseDocumentWebPath()
241			{
242			$url = null;
243			if ($this->allow()) {
244			$directory = $this->getCourseDirectory();
245			$url = api_get_path(WEB_COURSE_PATH).$directory.'/document/';
246			}
247
248			return $url;
249			}
250
251			/**
252			* @return string
253			*/
254			public function getCourseDirectory()
255			{
256			return $this->connector->course['directory'];
257			}
258
259			/**
260			* {@inheritdoc}
261			*/
262			public function upload($fp, $dst, $name, $tmpname, $hashes = [])
263			{
264			// Needed to load course information in elfinder
265			$this->setConnectorFromPlugin();
266
267			if ($this->allowToEdit()) {
268			// upload file by elfinder.
269			$size = filesize($tmpname);
270			$maxSpace = \DocumentManager::get_course_quota($this->connector->course['code']);
271			// Check if there is enough space to save the file.
272			if (!\DocumentManager::enough_space($size, $maxSpace)) {
273			return false;
274			}
275
276			$result = parent::upload($fp, $dst, $name, $tmpname);
277			$name = $result['name'];
278			$filtered = \URLify::filter($result['name'], 80, '', true);
279
280			if (strcmp($name, $filtered) != 0) {
281			$result = $this->customRename($result['hash'], $filtered);
282			}
283
284			$realPath = $this->realpath($result['hash']);
285			if (!empty($realPath)) {
286			// Getting file info
287			//$info = $elFinder->exec('file', array('target' => $file['hash']));
288			/** @var elFinderVolumeLocalFileSystem $volume */
289			//$volume = $info['volume'];
290			//$root = $volume->root();
291			//var/www/chamilogits/data/courses/NEWONE/document
292			$realPathRoot = $this->getCourseDocumentSysPath();
293
294			// Removing course path
295			$realPath = str_replace($realPathRoot, '/', $realPath);
296			add_document(
297			$this->connector->course,
298			$realPath,
299			'file',
300			(int) $result['size'],
301			$result['name']
302			);
303			}
304
305			return $result;
306			}
307
308			return false;
309			}
310
311			/**
312			* {@inheritdoc}
313			*/
314			public function rm($hash)
315			{
316			// elfinder does not delete the file
317			//parent::rm($hash);
318			$this->setConnectorFromPlugin();
319
320			if ($this->allowToEdit()) {
321			$path = $this->decode($hash);
322			$stat = $this->stat($path);
323			$stat['realpath'] = $path;
324			$this->removed[] = $stat;
325
326			$realFilePath = $path;
327			$coursePath = $this->getCourseDocumentSysPath();
328			$filePath = str_replace($coursePath, '/', $realFilePath);
329
330			\DocumentManager::delete_document(
331			$this->connector->course,
332			$filePath,
333			$coursePath
334			);
335
336			return true;
337			}
338
339			return false;
340			}
341
342			/**
343			* @return bool
344			*/
345			public function allow()
346			{
347			//if ($this->connector->security->isGranted('ROLE_ADMIN')) {
348			if (api_is_anonymous()) {
349			return false;
350			}
351
352			$isAllowedToEdit = api_is_allowed_to_edit();
353
354			$block = api_get_configuration_value('block_editor_file_manager_for_students');
355			if ($block && !$isAllowedToEdit) {
356			return false;
357			}
358
359			if (isset($this->connector->course) && !empty($this->connector->course)) {
360			$isDocumentsToolVisible = CourseHome::getToolVisibility(
361			TOOL_DOCUMENT,
362			api_get_course_int_id(),
363			api_get_session_id()
364			);
365
366			if (!$isDocumentsToolVisible && !$isAllowedToEdit) {
367			return false;
368			}
369
370			return true;
371			}
372
373			return false;
374			}
375
376			/**
377			* Allow to upload/delete folder or files.
378			*
379			* @return bool
380			*/
381			public function allowToEdit()
382			{
383			$allow = $this->allow();
384
385			return $allow && api_is_allowed_to_edit(null, true);
386			}
387
388			/**
389			* {@inheritdoc}
390			*/
391			public function mkdir($path, $name)
392			{
393			// Needed to load course information in elfinder
394			$this->setConnectorFromPlugin();
395
396			if ($this->allowToEdit() === false) {
397			return false;
398			}
399
400			$result = parent::mkdir($path, $name);
401
402			if ($result && isset($result['hash'])) {
403			$_course = $this->connector->course;
404			$realPathRoot = $this->getCourseDocumentSysPath();
405			$realPath = $this->realpath($result['hash']);
406
407			// Removing course path
408			$newPath = str_replace($realPathRoot, '/', $realPath);
409			$documentId = add_document(
410			$_course,
411			$newPath,
412			'folder',
413			0,
414			$name,
415			null,
416			0,
417			true,
418			api_get_group_id(),
419			api_get_session_id(),
420			api_get_user_id()
421			);
422
423			if (empty($documentId)) {
424			$this->rm($result['hash']);
425
426			return false;
427			}
428
429			return $result;
430			}
431
432			return false;
433			}
434
435			/**
436			* @param string $attr
437			* @param string $path
438			* @param $data
439			* @param CourseDriver $volume
440			*/
441			/*public function access($attr, $path, $data, $volume)
442			{
443			error_log($path);
444			return true;
445			if ($path == $this->coursePath) {
446
447			return true;
448			}
449
450			$allowToEdit = $this->allowToEdit();
451			if ($allowToEdit) {
452			return true;
453			}
454
455			$path = str_replace($this->coursePath, '', $path);
456			$documentId = \DocumentManager::get_document_id($this->connector->course, $path);
457
458			if ($documentId) {
459
460			$result = \DocumentManager::is_visible_by_id(
461			$documentId,
462			$this->connector->course,
463			api_get_session_id(),
464			api_get_user_id()
465			);
466			return false;
467			}
468
469			return false;
470			}*/
471			}
472

chamilo / chamilo-lms

Push — BT18201 ( 2fe5aa )

CourseDriver::allow() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like