/mdeploy.php
PHP | 1574 lines | 811 code | 277 blank | 486 comment | 154 complexity | 18f94a54a784bafc000a5eade18a6ed7 MD5 | raw file
Possible License(s): GPL-3.0
Large files files are truncated, but you can click here to view the full file
- <?php
- // This file is part of Moodle - http://moodle.org/
- //
- // Moodle is free software: you can redistribute it and/or modify
- // it under the terms of the GNU General Public License as published by
- // the Free Software Foundation, either version 3 of the License, or
- // (at your option) any later version.
- //
- // Moodle is distributed in the hope that it will be useful,
- // but WITHOUT ANY WARRANTY; without even the implied warranty of
- // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- // GNU General Public License for more details.
- //
- // You should have received a copy of the GNU General Public License
- // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
- /**
- * Moodle deployment utility
- *
- * This script looks after deploying new add-ons and available updates for them
- * to the local Moodle site. It can operate via both HTTP and CLI mode.
- * Moodle itself calls this utility via the HTTP mode when the admin is about to
- * install or update an add-on. You can use the CLI mode in your custom deployment
- * shell scripts.
- *
- * CLI usage example:
- *
- * $ sudo -u apache php mdeploy.php --install \
- * --package=https://moodle.org/plugins/download.php/...zip \
- * --typeroot=/var/www/moodle/htdocs/blocks
- * --name=loancalc
- * --md5=...
- *
- * $ sudo -u apache php mdeploy.php --upgrade \
- * --package=https://moodle.org/plugins/download.php/...zip \
- * --typeroot=/var/www/moodle/htdocs/blocks
- * --name=loancalc
- * --md5=...
- *
- * When called via HTTP, additional parameters returnurl, passfile and password must be
- * provided. Optional proxy configuration can be passed using parameters proxy, proxytype
- * and proxyuserpwd.
- *
- * Changes
- *
- * 1.1 - Added support to install a new plugin from the Moodle Plugins directory.
- * 1.0 - Initial version used in Moodle 2.4 to deploy available updates.
- *
- * @package core
- * @subpackage mdeploy
- * @version 1.1
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- if (defined('MOODLE_INTERNAL')) {
- die('This is a standalone utility that should not be included by any other Moodle code.');
- }
- // This stops immediately at the beginning of lib/setup.php.
- define('ABORT_AFTER_CONFIG', true);
- if (PHP_SAPI === 'cli') {
- // Called from the CLI - we need to set CLI_SCRIPT to ensure that appropriate CLI checks are made in setup.php.
- define('CLI_SCRIPT', true);
- }
- require(__DIR__ . '/config.php');
- // Exceptions //////////////////////////////////////////////////////////////////
- class invalid_coding_exception extends Exception {}
- class missing_option_exception extends Exception {}
- class invalid_option_exception extends Exception {}
- class unauthorized_access_exception extends Exception {}
- class download_file_exception extends Exception {}
- class backup_folder_exception extends Exception {}
- class zip_exception extends Exception {}
- class filesystem_exception extends Exception {}
- class checksum_exception extends Exception {}
- class invalid_setting_exception extends Exception {}
- // Various support classes /////////////////////////////////////////////////////
- /**
- * Base class implementing the singleton pattern using late static binding feature.
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- abstract class singleton_pattern {
- /** @var array singleton_pattern instances */
- protected static $singletoninstances = array();
- /**
- * Factory method returning the singleton instance.
- *
- * Subclasses may want to override the {@link self::initialize()} method that is
- * called right after their instantiation.
- *
- * @return mixed the singleton instance
- */
- final public static function instance() {
- $class = get_called_class();
- if (!isset(static::$singletoninstances[$class])) {
- static::$singletoninstances[$class] = new static();
- static::$singletoninstances[$class]->initialize();
- }
- return static::$singletoninstances[$class];
- }
- /**
- * Optional post-instantiation code.
- */
- protected function initialize() {
- // Do nothing in this base class.
- }
- /**
- * Direct instantiation not allowed, use the factory method {@link instance()}
- */
- final protected function __construct() {
- }
- /**
- * Sorry, this is singleton.
- */
- final protected function __clone() {
- }
- }
- // User input handling /////////////////////////////////////////////////////////
- /**
- * Provides access to the script options.
- *
- * Implements the delegate pattern by dispatching the calls to appropriate
- * helper class (CLI or HTTP).
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- class input_manager extends singleton_pattern {
- const TYPE_FILE = 'file'; // File name
- const TYPE_FLAG = 'flag'; // No value, just a flag (switch)
- const TYPE_INT = 'int'; // Integer
- const TYPE_PATH = 'path'; // Full path to a file or a directory
- const TYPE_RAW = 'raw'; // Raw value, keep as is
- const TYPE_URL = 'url'; // URL to a file
- const TYPE_PLUGIN = 'plugin'; // Plugin name
- const TYPE_MD5 = 'md5'; // MD5 hash
- /** @var input_cli_provider|input_http_provider the provider of the input */
- protected $inputprovider = null;
- /**
- * Returns the value of an option passed to the script.
- *
- * If the caller passes just the $name, the requested argument is considered
- * required. The caller may specify the second argument which then
- * makes the argument optional with the given default value.
- *
- * If the type of the $name option is TYPE_FLAG (switch), this method returns
- * true if the flag has been passed or false if it was not. Specifying the
- * default value makes no sense in this case and leads to invalid coding exception.
- *
- * The array options are not supported.
- *
- * @example $filename = $input->get_option('f');
- * @example $filename = $input->get_option('filename');
- * @example if ($input->get_option('verbose')) { ... }
- * @param string $name
- * @return mixed
- */
- public function get_option($name, $default = 'provide_default_value_explicitly') {
- $this->validate_option_name($name);
- $info = $this->get_option_info($name);
- if ($info->type === input_manager::TYPE_FLAG) {
- return $this->inputprovider->has_option($name);
- }
- if (func_num_args() == 1) {
- return $this->get_required_option($name);
- } else {
- return $this->get_optional_option($name, $default);
- }
- }
- /**
- * Returns the meta-information about the given option.
- *
- * @param string|null $name short or long option name, defaults to returning the list of all
- * @return array|object|false array with all, object with the specific option meta-information or false of no such an option
- */
- public function get_option_info($name=null) {
- $supportedoptions = array(
- array('', 'passfile', input_manager::TYPE_FILE, 'File name of the passphrase file (HTTP access only)'),
- array('', 'password', input_manager::TYPE_RAW, 'Session passphrase (HTTP access only)'),
- array('', 'proxy', input_manager::TYPE_RAW, 'HTTP proxy host and port (e.g. \'our.proxy.edu:8888\')'),
- array('', 'proxytype', input_manager::TYPE_RAW, 'Proxy type (HTTP or SOCKS5)'),
- array('', 'proxyuserpwd', input_manager::TYPE_RAW, 'Proxy username and password (e.g. \'username:password\')'),
- array('', 'returnurl', input_manager::TYPE_URL, 'Return URL (HTTP access only)'),
- array('h', 'help', input_manager::TYPE_FLAG, 'Prints usage information'),
- array('i', 'install', input_manager::TYPE_FLAG, 'Installation mode'),
- array('m', 'md5', input_manager::TYPE_MD5, 'Expected MD5 hash of the ZIP package to deploy'),
- array('n', 'name', input_manager::TYPE_PLUGIN, 'Plugin name (the name of its folder)'),
- array('p', 'package', input_manager::TYPE_URL, 'URL to the ZIP package to deploy'),
- array('r', 'typeroot', input_manager::TYPE_PATH, 'Full path of the container for this plugin type'),
- array('u', 'upgrade', input_manager::TYPE_FLAG, 'Upgrade mode'),
- );
- if (is_null($name)) {
- $all = array();
- foreach ($supportedoptions as $optioninfo) {
- $info = new stdClass();
- $info->shortname = $optioninfo[0];
- $info->longname = $optioninfo[1];
- $info->type = $optioninfo[2];
- $info->desc = $optioninfo[3];
- $all[] = $info;
- }
- return $all;
- }
- $found = false;
- foreach ($supportedoptions as $optioninfo) {
- if (strlen($name) == 1) {
- // Search by the short option name
- if ($optioninfo[0] === $name) {
- $found = $optioninfo;
- break;
- }
- } else {
- // Search by the long option name
- if ($optioninfo[1] === $name) {
- $found = $optioninfo;
- break;
- }
- }
- }
- if (!$found) {
- return false;
- }
- $info = new stdClass();
- $info->shortname = $found[0];
- $info->longname = $found[1];
- $info->type = $found[2];
- $info->desc = $found[3];
- return $info;
- }
- /**
- * Casts the value to the given type.
- *
- * @param mixed $raw the raw value
- * @param string $type the expected value type, e.g. {@link input_manager::TYPE_INT}
- * @return mixed
- */
- public function cast_value($raw, $type) {
- if (is_array($raw)) {
- throw new invalid_coding_exception('Unsupported array option.');
- } else if (is_object($raw)) {
- throw new invalid_coding_exception('Unsupported object option.');
- }
- switch ($type) {
- case input_manager::TYPE_FILE:
- $raw = preg_replace('~[[:cntrl:]]|[&<>"`\|\':\\\\/]~u', '', $raw);
- $raw = preg_replace('~\.\.+~', '', $raw);
- if ($raw === '.') {
- $raw = '';
- }
- return $raw;
- case input_manager::TYPE_FLAG:
- return true;
- case input_manager::TYPE_INT:
- return (int)$raw;
- case input_manager::TYPE_PATH:
- if (strpos($raw, '~') !== false) {
- throw new invalid_option_exception('Using the tilde (~) character in paths is not supported');
- }
- $colonpos = strpos($raw, ':');
- if ($colonpos !== false) {
- if ($colonpos !== 1 or strrpos($raw, ':') !== 1) {
- throw new invalid_option_exception('Using the colon (:) character in paths is supported for Windows drive labels only.');
- }
- if (preg_match('/^[a-zA-Z]:/', $raw) !== 1) {
- throw new invalid_option_exception('Using the colon (:) character in paths is supported for Windows drive labels only.');
- }
- }
- $raw = str_replace('\\', '/', $raw);
- $raw = preg_replace('~[[:cntrl:]]|[&<>"`\|\']~u', '', $raw);
- $raw = preg_replace('~\.\.+~', '', $raw);
- $raw = preg_replace('~//+~', '/', $raw);
- $raw = preg_replace('~/(\./)+~', '/', $raw);
- return $raw;
- case input_manager::TYPE_RAW:
- return $raw;
- case input_manager::TYPE_URL:
- $regex = '^(https?|ftp)\:\/\/'; // protocol
- $regex .= '([a-z0-9+!*(),;?&=\$_.-]+(\:[a-z0-9+!*(),;?&=\$_.-]+)?@)?'; // optional user and password
- $regex .= '[a-z0-9+\$_-]+(\.[a-z0-9+\$_-]+)*'; // hostname or IP (one word like http://localhost/ allowed)
- $regex .= '(\:[0-9]{2,5})?'; // port (optional)
- $regex .= '(\/([a-z0-9+\$_-]\.?)+)*\/?'; // path to the file
- $regex .= '(\?[a-z+&\$_.-][a-z0-9;:@/&%=+\$_.-]*)?'; // HTTP params
- if (preg_match('#'.$regex.'#i', $raw)) {
- return $raw;
- } else {
- throw new invalid_option_exception('Not a valid URL');
- }
- case input_manager::TYPE_PLUGIN:
- if (!preg_match('/^[a-z][a-z0-9_]*[a-z0-9]$/', $raw)) {
- throw new invalid_option_exception('Invalid plugin name');
- }
- if (strpos($raw, '__') !== false) {
- throw new invalid_option_exception('Invalid plugin name');
- }
- return $raw;
- case input_manager::TYPE_MD5:
- if (!preg_match('/^[a-f0-9]{32}$/', $raw)) {
- throw new invalid_option_exception('Invalid MD5 hash format');
- }
- return $raw;
- default:
- throw new invalid_coding_exception('Unknown option type.');
- }
- }
- /**
- * Picks the appropriate helper class to delegate calls to.
- */
- protected function initialize() {
- if (PHP_SAPI === 'cli') {
- $this->inputprovider = input_cli_provider::instance();
- } else {
- $this->inputprovider = input_http_provider::instance();
- }
- }
- // End of external API
- /**
- * Validates the parameter name.
- *
- * @param string $name
- * @throws invalid_coding_exception
- */
- protected function validate_option_name($name) {
- if (empty($name)) {
- throw new invalid_coding_exception('Invalid empty option name.');
- }
- $meta = $this->get_option_info($name);
- if (empty($meta)) {
- throw new invalid_coding_exception('Invalid option name: '.$name);
- }
- }
- /**
- * Returns cleaned option value or throws exception.
- *
- * @param string $name the name of the parameter
- * @param string $type the parameter type, e.g. {@link input_manager::TYPE_INT}
- * @return mixed
- */
- protected function get_required_option($name) {
- if ($this->inputprovider->has_option($name)) {
- return $this->inputprovider->get_option($name);
- } else {
- throw new missing_option_exception('Missing required option: '.$name);
- }
- }
- /**
- * Returns cleaned option value or the default value
- *
- * @param string $name the name of the parameter
- * @param string $type the parameter type, e.g. {@link input_manager::TYPE_INT}
- * @param mixed $default the default value.
- * @return mixed
- */
- protected function get_optional_option($name, $default) {
- if ($this->inputprovider->has_option($name)) {
- return $this->inputprovider->get_option($name);
- } else {
- return $default;
- }
- }
- }
- /**
- * Base class for input providers.
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- abstract class input_provider extends singleton_pattern {
- /** @var array list of all passed valid options */
- protected $options = array();
- /**
- * Returns the casted value of the option.
- *
- * @param string $name option name
- * @throws invalid_coding_exception if the option has not been passed
- * @return mixed casted value of the option
- */
- public function get_option($name) {
- if (!$this->has_option($name)) {
- throw new invalid_coding_exception('Option not passed: '.$name);
- }
- return $this->options[$name];
- }
- /**
- * Was the given option passed?
- *
- * @param string $name optionname
- * @return bool
- */
- public function has_option($name) {
- return array_key_exists($name, $this->options);
- }
- /**
- * Initializes the input provider.
- */
- protected function initialize() {
- $this->populate_options();
- }
- // End of external API
- /**
- * Parses and validates all supported options passed to the script.
- */
- protected function populate_options() {
- $input = input_manager::instance();
- $raw = $this->parse_raw_options();
- $cooked = array();
- foreach ($raw as $k => $v) {
- if (is_array($v) or is_object($v)) {
- // Not supported.
- }
- $info = $input->get_option_info($k);
- if (!$info) {
- continue;
- }
- $casted = $input->cast_value($v, $info->type);
- if (!empty($info->shortname)) {
- $cooked[$info->shortname] = $casted;
- }
- if (!empty($info->longname)) {
- $cooked[$info->longname] = $casted;
- }
- }
- // Store the options.
- $this->options = $cooked;
- }
- }
- /**
- * Provides access to the script options passed via CLI.
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- class input_cli_provider extends input_provider {
- /**
- * Parses raw options passed to the script.
- *
- * @return array as returned by getopt()
- */
- protected function parse_raw_options() {
- $input = input_manager::instance();
- // Signatures of some in-built PHP functions are just crazy, aren't they.
- $short = '';
- $long = array();
- foreach ($input->get_option_info() as $option) {
- if ($option->type === input_manager::TYPE_FLAG) {
- // No value expected for this option.
- $short .= $option->shortname;
- $long[] = $option->longname;
- } else {
- // A value expected for the option, all considered as optional.
- $short .= empty($option->shortname) ? '' : $option->shortname.'::';
- $long[] = empty($option->longname) ? '' : $option->longname.'::';
- }
- }
- return getopt($short, $long);
- }
- }
- /**
- * Provides access to the script options passed via HTTP request.
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- class input_http_provider extends input_provider {
- /**
- * Parses raw options passed to the script.
- *
- * @return array of raw values passed via HTTP request
- */
- protected function parse_raw_options() {
- return $_POST;
- }
- }
- // Output handling /////////////////////////////////////////////////////////////
- /**
- * Provides output operations.
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- class output_manager extends singleton_pattern {
- /** @var output_cli_provider|output_http_provider the provider of the output functionality */
- protected $outputprovider = null;
- /**
- * Magic method triggered when invoking an inaccessible method.
- *
- * @param string $name method name
- * @param array $arguments method arguments
- */
- public function __call($name, array $arguments = array()) {
- call_user_func_array(array($this->outputprovider, $name), $arguments);
- }
- /**
- * Picks the appropriate helper class to delegate calls to.
- */
- protected function initialize() {
- if (PHP_SAPI === 'cli') {
- $this->outputprovider = output_cli_provider::instance();
- } else {
- $this->outputprovider = output_http_provider::instance();
- }
- }
- }
- /**
- * Base class for all output providers.
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- abstract class output_provider extends singleton_pattern {
- }
- /**
- * Provides output to the command line.
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- class output_cli_provider extends output_provider {
- /**
- * Prints help information in CLI mode.
- */
- public function help() {
- $this->outln('mdeploy.php - Moodle (http://moodle.org) deployment utility');
- $this->outln();
- $this->outln('Usage: $ sudo -u apache php mdeploy.php [options]');
- $this->outln();
- $input = input_manager::instance();
- foreach($input->get_option_info() as $info) {
- $option = array();
- if (!empty($info->shortname)) {
- $option[] = '-'.$info->shortname;
- }
- if (!empty($info->longname)) {
- $option[] = '--'.$info->longname;
- }
- $this->outln(sprintf('%-20s %s', implode(', ', $option), $info->desc));
- }
- }
- // End of external API
- /**
- * Writes a text to the STDOUT followed by a new line character.
- *
- * @param string $text text to print
- */
- protected function outln($text='') {
- fputs(STDOUT, $text.PHP_EOL);
- }
- }
- /**
- * Provides HTML output as a part of HTTP response.
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- class output_http_provider extends output_provider {
- /**
- * Prints help on the script usage.
- */
- public function help() {
- // No help available via HTTP
- }
- /**
- * Display the information about uncaught exception
- *
- * @param Exception $e uncaught exception
- */
- public function exception(Exception $e) {
- $docslink = 'http://docs.moodle.org/en/admin/mdeploy/'.get_class($e);
- $this->start_output();
- echo('<h1>Oops! It did it again</h1>');
- echo('<p><strong>Moodle deployment utility had a trouble with your request.
- See <a href="'.$docslink.'">the docs page</a> and the debugging information for more details.</strong></p>');
- echo('<pre>');
- echo exception_handlers::format_exception_info($e);
- echo('</pre>');
- $this->end_output();
- }
- // End of external API
- /**
- * Produce the HTML page header
- */
- protected function start_output() {
- echo '<!doctype html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <style type="text/css">
- body {background-color:#666;font-family:"DejaVu Sans","Liberation Sans",Freesans,sans-serif;}
- h1 {text-align:center;}
- pre {white-space: pre-wrap;}
- #page {background-color:#eee;width:1024px;margin:5em auto;border:3px solid #333;border-radius: 15px;padding:1em;}
- </style>
- </head>
- <body>
- <div id="page">';
- }
- /**
- * Produce the HTML page footer
- */
- protected function end_output() {
- echo '</div></body></html>';
- }
- }
- // The main class providing all the functionality //////////////////////////////
- /**
- * The actual worker class implementing the main functionality of the script.
- *
- * @copyright 2012 David Mudrak <david@moodle.com>
- * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
- class worker extends singleton_pattern {
- const EXIT_OK = 0; // Success exit code.
- const EXIT_HELP = 1; // Explicit help required.
- const EXIT_UNKNOWN_ACTION = 127; // Neither -i nor -u provided.
- /** @var input_manager */
- protected $input = null;
- /** @var output_manager */
- protected $output = null;
- /** @var int the most recent cURL error number, zero for no error */
- private $curlerrno = null;
- /** @var string the most recent cURL error message, empty string for no error */
- private $curlerror = null;
- /** @var array|false the most recent cURL request info, if it was successful */
- private $curlinfo = null;
- /** @var string the full path to the log file */
- private $logfile = null;
- /** @var array the whitelisted config options which can be queried. */
- private $validconfigoptions = array(
- 'dirroot' => true,
- 'dataroot' => true,
- );
- /**
- * Main - the one that actually does something
- */
- public function execute() {
- $this->log('=== MDEPLOY EXECUTION START ===');
- // Authorize access. None in CLI. Passphrase in HTTP.
- $this->authorize();
- // Asking for help in the CLI mode.
- if ($this->input->get_option('help')) {
- $this->output->help();
- $this->done(self::EXIT_HELP);
- }
- if ($this->input->get_option('upgrade')) {
- $this->log('Plugin upgrade requested');
- // Fetch the ZIP file into a temporary location.
- $source = $this->input->get_option('package');
- $target = $this->target_location($source);
- $this->log('Downloading package '.$source);
- if ($this->download_file($source, $target)) {
- $this->log('Package downloaded into '.$target);
- } else {
- $this->log('cURL error ' . $this->curlerrno . ' ' . $this->curlerror);
- $this->log('Unable to download the file from ' . $source . ' into ' . $target);
- throw new download_file_exception('Unable to download the package');
- }
- // Compare MD5 checksum of the ZIP file
- $md5remote = $this->input->get_option('md5');
- $md5local = md5_file($target);
- if ($md5local !== $md5remote) {
- $this->log('MD5 checksum failed. Expected: '.$md5remote.' Got: '.$md5local);
- throw new checksum_exception('MD5 checksum failed');
- }
- $this->log('MD5 checksum ok');
- // Check that the specified typeroot is within the current site's dirroot.
- $plugintyperoot = $this->input->get_option('typeroot');
- if (strpos(realpath($plugintyperoot), realpath($this->get_env('dirroot'))) !== 0) {
- throw new backup_folder_exception('Unable to backup the current version of the plugin (typeroot is invalid)');
- }
- // Backup the current version of the plugin
- $pluginname = $this->input->get_option('name');
- $sourcelocation = $plugintyperoot.'/'.$pluginname;
- $backuplocation = $this->backup_location($sourcelocation);
- $this->log('Current plugin code location: '.$sourcelocation);
- $this->log('Moving the current code into archive: '.$backuplocation);
- if (file_exists($sourcelocation)) {
- // We don't want to touch files unless we are pretty sure it would be all ok.
- if (!$this->move_directory_source_precheck($sourcelocation)) {
- throw new backup_folder_exception('Unable to backup the current version of the plugin (source precheck failed)');
- }
- if (!$this->move_directory_target_precheck($backuplocation)) {
- throw new backup_folder_exception('Unable to backup the current version of the plugin (backup precheck failed)');
- }
- // Looking good, let's try it.
- if (!$this->move_directory($sourcelocation, $backuplocation, true)) {
- throw new backup_folder_exception('Unable to backup the current version of the plugin (moving failed)');
- }
- } else {
- // Upgrading missing plugin - this happens often during upgrades.
- if (!$this->create_directory_precheck($sourcelocation)) {
- throw new filesystem_exception('Unable to prepare the plugin location (cannot create new directory)');
- }
- }
- // Unzip the plugin package file into the target location.
- $this->unzip_plugin($target, $plugintyperoot, $sourcelocation, $backuplocation);
- $this->log('Package successfully extracted');
- // Redirect to the given URL (in HTTP) or exit (in CLI).
- $this->done();
- } else if ($this->input->get_option('install')) {
- $this->log('Plugin installation requested');
- $plugintyperoot = $this->input->get_option('typeroot');
- $pluginname = $this->input->get_option('name');
- $source = $this->input->get_option('package');
- $md5remote = $this->input->get_option('md5');
- if (strpos(realpath($plugintyperoot), realpath($this->get_env('dirroot'))) !== 0) {
- throw new backup_folder_exception('Unable to prepare the plugin location (typeroot is invalid)');
- }
- // Check if the plugin location if available for us.
- $pluginlocation = $plugintyperoot.'/'.$pluginname;
- $this->log('New plugin code location: '.$pluginlocation);
- if (file_exists($pluginlocation)) {
- throw new filesystem_exception('Unable to prepare the plugin location (directory already exists)');
- }
- if (!$this->create_directory_precheck($pluginlocation)) {
- throw new filesystem_exception('Unable to prepare the plugin location (cannot create new directory)');
- }
- // Fetch the ZIP file into a temporary location.
- $target = $this->target_location($source);
- $this->log('Downloading package '.$source);
- if ($this->download_file($source, $target)) {
- $this->log('Package downloaded into '.$target);
- } else {
- $this->log('cURL error ' . $this->curlerrno . ' ' . $this->curlerror);
- $this->log('Unable to download the file');
- throw new download_file_exception('Unable to download the package');
- }
- // Compare MD5 checksum of the ZIP file
- $md5local = md5_file($target);
- if ($md5local !== $md5remote) {
- $this->log('MD5 checksum failed. Expected: '.$md5remote.' Got: '.$md5local);
- throw new checksum_exception('MD5 checksum failed');
- }
- $this->log('MD5 checksum ok');
- // Unzip the plugin package file into the plugin location.
- $this->unzip_plugin($target, $plugintyperoot, $pluginlocation, false);
- $this->log('Package successfully extracted');
- // Redirect to the given URL (in HTTP) or exit (in CLI).
- $this->done();
- }
- // Print help in CLI by default.
- $this->output->help();
- $this->done(self::EXIT_UNKNOWN_ACTION);
- }
- /**
- * Attempts to log a thrown exception
- *
- * @param Exception $e uncaught exception
- */
- public function log_exception(Exception $e) {
- $this->log($e->__toString());
- }
- /**
- * Initialize the worker class.
- */
- protected function initialize() {
- $this->input = input_manager::instance();
- $this->output = output_manager::instance();
- }
- // End of external API
- /**
- * Finish this script execution.
- *
- * @param int $exitcode
- */
- protected function done($exitcode = self::EXIT_OK) {
- if (PHP_SAPI === 'cli') {
- exit($exitcode);
- } else {
- $returnurl = $this->input->get_option('returnurl');
- $this->redirect($returnurl);
- exit($exitcode);
- }
- }
- /**
- * Authorize access to the script.
- *
- * In CLI mode, the access is automatically authorized. In HTTP mode, the
- * passphrase submitted via the request params must match the contents of the
- * file, the name of which is passed in another parameter.
- *
- * @throws unauthorized_access_exception
- */
- protected function authorize() {
- if (PHP_SAPI === 'cli') {
- $this->log('Successfully authorized using the CLI SAPI');
- return;
- }
- $passfile = $this->input->get_option('passfile');
- $password = $this->input->get_option('password');
- $passpath = $this->get_env('dataroot') . '/mdeploy/auth/' . $passfile;
- if (!is_readable($passpath)) {
- throw new unauthorized_access_exception('Unable to read the passphrase file.');
- }
- $stored = file($passpath, FILE_IGNORE_NEW_LINES);
- // "This message will self-destruct in five seconds." -- Mission Commander Swanbeck, Mission: Impossible II
- unlink($passpath);
- if (is_readable($passpath)) {
- throw new unauthorized_access_exception('Unable to remove the passphrase file.');
- }
- if (count($stored) < 2) {
- throw new unauthorized_access_exception('Invalid format of the passphrase file.');
- }
- if (time() - (int)$stored[1] > 30 * 60) {
- throw new unauthorized_access_exception('Passphrase timeout.');
- }
- if (strlen($stored[0]) < 24) {
- throw new unauthorized_access_exception('Session passphrase not long enough.');
- }
- if ($password !== $stored[0]) {
- throw new unauthorized_access_exception('Session passphrase does not match the stored one.');
- }
- $this->log('Successfully authorized using the passphrase file');
- }
- /**
- * Returns the full path to the log file.
- *
- * @return string
- */
- protected function log_location() {
- if (!is_null($this->logfile)) {
- return $this->logfile;
- }
- $dataroot = $this->get_env('dataroot');
- if (empty($dataroot)) {
- $this->logfile = false;
- return $this->logfile;
- }
- $myroot = $dataroot.'/mdeploy';
- if (!is_dir($myroot)) {
- mkdir($myroot, 02777, true);
- }
- $this->logfile = $myroot.'/mdeploy.log';
- return $this->logfile;
- }
- /**
- * Choose the target location for the given ZIP's URL.
- *
- * @param string $source URL
- * @return string
- */
- protected function target_location($source) {
- $dataroot = $this->get_env('dataroot');
- $pool = $dataroot.'/mdeploy/var';
- if (!is_dir($pool)) {
- mkdir($pool, 02777, true);
- }
- $target = $pool.'/'.md5($source);
- $suffix = 0;
- while (file_exists($target.'.'.$suffix.'.zip')) {
- $suffix++;
- }
- return $target.'.'.$suffix.'.zip';
- }
- /**
- * Choose the location of the current plugin folder backup
- *
- * @param string $path full path to the current folder
- * @return string
- */
- protected function backup_location($path) {
- $dataroot = $this->get_env('dataroot');
- $pool = $dataroot.'/mdeploy/archive';
- if (!is_dir($pool)) {
- mkdir($pool, 02777, true);
- }
- $target = $pool.'/'.basename($path).'_'.time();
- $suffix = 0;
- while (file_exists($target.'.'.$suffix)) {
- $suffix++;
- }
- return $target.'.'.$suffix;
- }
- /**
- * Downloads the given file into the given destination.
- *
- * This is basically a simplified version of {@link download_file_content()} from
- * Moodle itself, tuned for fetching files from moodle.org servers.
- *
- * @param string $source file url starting with http(s)://
- * @param string $target store the downloaded content to this file (full path)
- * @return bool true on success, false otherwise
- * @throws download_file_exception
- */
- protected function download_file($source, $target) {
- $newlines = array("\r", "\n");
- $source = str_replace($newlines, '', $source);
- if (!preg_match('|^https?://|i', $source)) {
- throw new download_file_exception('Unsupported transport protocol.');
- }
- if (!$ch = curl_init($source)) {
- $this->log('Unable to init cURL.');
- return false;
- }
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); // verify the peer's certificate
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); // check the existence of a common name and also verify that it matches the hostname provided
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // return the transfer as a string
- curl_setopt($ch, CURLOPT_HEADER, false); // don't include the header in the output
- curl_setopt($ch, CURLOPT_TIMEOUT, 3600);
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 20); // nah, moodle.org is never unavailable! :-p
- curl_setopt($ch, CURLOPT_URL, $source);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // Allow redirection, we trust in ssl.
- curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
- if ($cacertfile = $this->get_cacert()) {
- // Do not use CA certs provided by the operating system. Instead,
- // use this CA cert to verify the ZIP provider.
- $this->log('Using custom CA certificate '.$cacertfile);
- curl_setopt($ch, CURLOPT_CAINFO, $cacertfile);
- } else {
- $this->log('Using operating system CA certificates.');
- }
- $proxy = $this->input->get_option('proxy', false);
- if (!empty($proxy)) {
- curl_setopt($ch, CURLOPT_PROXY, $proxy);
- $proxytype = $this->input->get_option('proxytype', false);
- if (strtoupper($proxytype) === 'SOCKS5') {
- $this->log('Using SOCKS5 proxy');
- curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
- } else if (!empty($proxytype)) {
- $this->log('Using HTTP proxy');
- curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
- curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, false);
- }
- $proxyuserpwd = $this->input->get_option('proxyuserpwd', false);
- if (!empty($proxyuserpwd)) {
- curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyuserpwd);
- curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_BASIC | CURLAUTH_NTLM);
- }
- }
- $targetfile = fopen($target, 'w');
- if (!$targetfile) {
- throw new download_file_exception('Unable to create local file '.$target);
- }
- curl_setopt($ch, CURLOPT_FILE, $targetfile);
- $result = curl_exec($ch);
- // try to detect encoding problems
- if ((curl_errno($ch) == 23 or curl_errno($ch) == 61) and defined('CURLOPT_ENCODING')) {
- curl_setopt($ch, CURLOPT_ENCODING, 'none');
- $result = curl_exec($ch);
- }
- fclose($targetfile);
- $this->curlerrno = curl_errno($ch);
- $this->curlerror = curl_error($ch);
- $this->curlinfo = curl_getinfo($ch);
- if (!$result or $this->curlerrno) {
- $this->log('Curl Error.');
- return false;
- } else if (is_array($this->curlinfo) and (empty($this->curlinfo['http_code']) or ($this->curlinfo['http_code'] != 200))) {
- $this->log('Curl remote error.');
- $this->log(print_r($this->curlinfo,true));
- return false;
- }
- return true;
- }
- /**
- * Fetch environment settings.
- *
- * @param string $key The key to fetch
- * @return mixed The value of the key if found.
- * @throws invalid_setting_exception if the option is not set, or is invalid.
- */
- protected function get_env($key) {
- global $CFG;
- if (array_key_exists($key, $this->validconfigoptions)) {
- if (isset($CFG->$key)) {
- return $CFG->$key;
- }
- throw new invalid_setting_exception("Requested environment setting '{$key}' is not currently set.");
- } else {
- throw new invalid_setting_exception("Requested environment setting '{$key}' is invalid.");
- }
- }
- /**
- * Get the location of ca certificates.
- * @return string absolute file path or empty if default used
- */
- protected function get_cacert() {
- $dataroot = $this->get_env('dataroot');
- // Bundle in dataroot always wins.
- if (is_readable($dataroot.'/moodleorgca.crt')) {
- return realpath($dataroot.'/moodleorgca.crt');
- }
- // Next comes the default from php.ini
- $cacert = ini_get('curl.cainfo');
- if (!empty($cacert) and is_readable($cacert)) {
- return realpath($cacert);
- }
- // Windows PHP does not have any certs, we need to use something.
- if (stristr(PHP_OS, 'win') && !stristr(PHP_OS, 'darwin')) {
- if (is_readable(__DIR__.'/lib/cacert.pem')) {
- return realpath(__DIR__.'/lib/cacert.pem');
- }
- }
- // Use default, this should work fine on all properly configured *nix systems.
- return null;
- }
- /**
- * Log a message
- *
- * @param string $message
- */
- protected function log($message) {
- $logpath = $this->log_location();
- if (empty($logpath)) {
- // no logging available
- return;
- }
- $f = fopen($logpath, 'ab');
- if ($f === false) {
- throw new filesystem_exception('Unable to open the log file for appending');
- }
- $message = $this->format_log_message($message);
- fwrite($f, $message);
- fclose($f);
- }
- /**
- * Prepares the log message for writing into the file
- *
- * @param string $msg
- * @return string
- */
- protected function format_log_message($msg) {
- $msg = trim($msg);
- $timestamp = date("Y-m-d H:i:s");
- return $timestamp . ' '. $msg . PHP_EOL;
- }
- /**
- * Checks to see if the given source could be safely moved into a new location
- *
- * @param string $source full path to the existing directory
- * @return bool
- */
- protected function move_directory_source_precheck($source) {
- if (!is_writable($source)) {
- return false;
- }
- if (is_dir($source)) {
- $handle = opendir($source);
- } else {
- return false;
- }
- $result = true;
- while ($filename = readdir($handle)) {
- $sourcepath = $source.'/'.$filename;
- if ($filename === '.' or $filename === '..') {
- continue;
- }
- if (is_dir($sourcepath)) {
- $result = $result && $this->move_directory_source_precheck($sourcepath);
- } else {
- $result = $result && is_writable($sourcepath);
- }
- }
- closedir($handle);
- return $result;
- }
- /**
- * Checks to see if a source folder could be safely moved into the given new location
- *
- * @param string $destination full path to the new expected location of a folder
- * @return bool
- */
- protected function move_directory_target_precheck($target) {
- // Check if the target folder does not exist yet, can be created
- // and removed again.
- $result = $this->create_directory_precheck($target);
- // At the moment, it seems to be enough to check. We may want to add
- // more steps in the future.
- return $result;
- }
- /**
- * Make sure the given directory can be created (and removed)
- *
- * @param string $path full path to the folder
- * @return bool
- */
- protected function create_directory_precheck($path) {
- if (file_exists($path)) {
- return false;
- }
- $result = mkdir($path, 02777) && rmdir($path);
- return $result;
- }
- /**
- * Moves the given source into a new location recursively
- *
- * The target location can not exist.
- *
- * @param string $source full path to the existing directory
- * @param string $destination full path to the new location of the folder
- * @param bool $keepsourceroot should the root of the $source be kept or removed at the end
- * @return bool
- */
- protected function move_directory($source, $target, $keepsourceroot = false) {
- if (file_exists($target)) {
- throw new filesystem_exception('Unable to move the directory - target location already exists');
- }
- return $this->move_directory_into($source, $target, $keepsourceroot);
- }
- /**
- * Moves the given source into a new location recursively
- *
- * If the target already exists, files are moved into it. The target is created otherwise.
- *
- * @param string $source full path to the existing directory
- * @param string $destination full path to the new location of the folder
- * @param bool $keepsourceroot should the root of the $source be kept or removed at the end
- * @return bool
- */
- protected function move_directory_into($source, $target, $keepsourceroot = false) {
- if (is_dir($source)) {
- $handle = opendir($source);
- } else {
- throw new filesystem_exception('Source location is not a directory');
- }
- if (is_dir($target)) {
- $result = true;
- } else {
- $result = mkdir($target, 02777);
- }
- while ($filename = readdir($handle)) {
- $sourcepath = $source.'/'.$filename;
- $targetpath = $target.'/'.$filename;
- if ($filename === '.' or $filename === '..') {
- continue;
- }
- if (is_dir($sourcepath)) {
- $result = $result && $this->move_directory($sourcepath, $targetpath, false);
- } else {
- $result = $result && rename($sourcepath, $targetpath);
- }
- }
- closedir($handle);
- if (!$keepsourceroot) {
- $result = $result && rmdir($source);
- }
- clearstatcache();
- return $result;
- }
- /**
- * Deletes the given directory recursively
- *
- * @param string $path full path to the directory
- * @param bool $keeppathroot should the root of the $path be kept (i.e. remove the content only) or removed too
- * @return bool
- */
- protected function remove_directory($path, $keeppathroot = false) {
- $result = true;
- if (!file_exists($path)) {
- return $result;
- }
- if (is_dir($path)) {
- $handle = opendir($path);
- } else {
- throw new filesystem_exception('Given path is not a directory');
- }
- while ($filename = readdir($handle)) {
- $filepath = $path.'/'.$filename;
- if ($filename === '.' or $filename === '..') {
- continue;
- }
- if (is_dir($filepath)) {
- $result = $result && $this->remove_directory($filepath, false);
- } else {
- $result = $result && unlink($filepath);
- }
- }
- closedir($handle);
- if (!$keeppathroot) {
- $result = $result && rmdir($path);
- }
- clearstatcache();
- return $result;
- }
- /**
- * Unzip the file obtained from the Plugins directory to this site
- *
- * @param string $ziplocation full path to the ZIP file
- * @param string $plugintyperoot full path to the plugin's type location
- * @param string $expectedlocation expected full path to the plugin after it is extracted
- * @param string|bool $backuplocation location of the previous version of the plugin or false for no backup
- */
- protected function unzip_plugin($ziplocation, $plugintyperoot, $expectedlocation, $backuplocation) {
- $zip = new ZipArchive();
- $result = $zip->open($ziplocation);
- if ($result !== true) {
- if ($backuplocation !== false) {
- $this->move_directory($backuplocation, $expectedlocation);
- }
- throw new zip_exception('Unable to open the zip package');
- }
- // Make sure that the ZIP has expected structure
- $pluginname = basename($expectedlocation);
- for ($i = 0; $i < $zip->numFiles; $i++) {
- $stat = $zip->statIndex($i);
- $filename = $stat['name'];
- $filename = explode('/', $filename);
- if ($filename[0] !== $pluginname) {
- $zip->close();
- throw new zip_exception('Invalid structure of the zip package');
- }
- }
- if (!$zip->extractTo($plugintyperoot)) {
- $zip->close();
- $this->remove_directory($expectedlocation, true); // just in case something was created
- if ($backuplocation !== false) {
- $this->move_directory_into($backuplocation, $expectedlocation);
- }
- throw new zip_exception('Unable to extract the zip package');
- }
- $zip->close();
- unlink($ziplocation);
- }
- /**
- * Redirect the browser
- *
- * @todo check if there has been some output yet
- * @param string $url
- */
- protected function redirect($url) {
- header('Location: '.$url);
- }
- }
- /**
- * Provides exception handlers for this script
- */
- class exception_handlers {
- /**
- * Sets the exception handler
- *
- *
- * @param string $handler name
- */
- public static function set_handler($handler) {
- if…
Large files files are truncated, but you can click here to view the full file