0a257e99a57e3e0558553a8f63339e5bb32fe97a
[Packages/TYPO3.CMS.git] / typo3 / sysext / form / Classes / Mvc / Property / TypeConverter / UploadedFileReferenceConverter.php
1 <?php
2 declare(strict_types=1);
3 namespace TYPO3\CMS\Form\Mvc\Property\TypeConverter;
4
5 /*
6 * This file is part of the TYPO3 CMS project.
7 *
8 * It is free software; you can redistribute it and/or modify it under
9 * the terms of the GNU General Public License, either version 2
10 * of the License, or any later version.
11 *
12 * For the full copyright and license information, please read the
13 * LICENSE.txt file that was distributed with this source code.
14 *
15 * The TYPO3 project - inspiring people to share!
16 */
17
18 use TYPO3\CMS\Core\Resource\File as File;
19 use TYPO3\CMS\Core\Resource\FileReference as CoreFileReference;
20 use TYPO3\CMS\Core\Utility\GeneralUtility;
21 use TYPO3\CMS\Extbase\Domain\Model\AbstractFileFolder;
22 use TYPO3\CMS\Extbase\Domain\Model\FileReference as ExtbaseFileReference;
23 use TYPO3\CMS\Extbase\Error\Error;
24 use TYPO3\CMS\Extbase\Property\Exception\TypeConverterException;
25 use TYPO3\CMS\Extbase\Property\PropertyMappingConfigurationInterface;
26 use TYPO3\CMS\Extbase\Property\TypeConverter\AbstractTypeConverter;
27 use TYPO3\CMS\Extbase\Validation\Validator\AbstractValidator;
28
29 /**
30 * Class UploadedFileReferenceConverter
31 *
32 * Scope: frontend
33 * @internal
34 */
35 class UploadedFileReferenceConverter extends AbstractTypeConverter
36 {
37
38 /**
39 * Folder where the file upload should go to (including storage).
40 */
41 const CONFIGURATION_UPLOAD_FOLDER = 1;
42
43 /**
44 * How to handle a upload when the name of the uploaded file conflicts.
45 */
46 const CONFIGURATION_UPLOAD_CONFLICT_MODE = 2;
47
48 /**
49 * Validator for file types
50 */
51 const CONFIGURATION_FILE_VALIDATORS = 4;
52
53 /**
54 * @var string
55 */
56 protected $defaultUploadFolder = '1:/user_upload/';
57
58 /**
59 * One of 'cancel', 'replace', 'rename'
60 *
61 * @var string
62 */
63 protected $defaultConflictMode = 'rename';
64
65 /**
66 * @var array
67 */
68 protected $sourceTypes = ['array'];
69
70 /**
71 * @var string
72 */
73 protected $targetType = ExtbaseFileReference::class;
74
75 /**
76 * Take precedence over the available FileReferenceConverter
77 *
78 * @var int
79 */
80 protected $priority = 12;
81
82 /**
83 * @var \TYPO3\CMS\Core\Resource\FileInterface[]
84 */
85 protected $convertedResources = [];
86
87 /**
88 * @var \TYPO3\CMS\Core\Resource\ResourceFactory
89 */
90 protected $resourceFactory;
91
92 /**
93 * @var \TYPO3\CMS\Extbase\Security\Cryptography\HashService
94 */
95 protected $hashService;
96
97 /**
98 * @var \TYPO3\CMS\Extbase\Persistence\PersistenceManagerInterface
99 */
100 protected $persistenceManager;
101
102 /**
103 * @param \TYPO3\CMS\Core\Resource\ResourceFactory $resourceFactory
104 * @internal
105 */
106 public function injectResourceFactory(\TYPO3\CMS\Core\Resource\ResourceFactory $resourceFactory)
107 {
108 $this->resourceFactory = $resourceFactory;
109 }
110
111 /**
112 * @param \TYPO3\CMS\Extbase\Security\Cryptography\HashService $hashService
113 * @internal
114 */
115 public function injectHashService(\TYPO3\CMS\Extbase\Security\Cryptography\HashService $hashService)
116 {
117 $this->hashService = $hashService;
118 }
119
120 /**
121 * @param \TYPO3\CMS\Extbase\Persistence\PersistenceManagerInterface $persistenceManager
122 * @internal
123 */
124 public function injectPersistenceManager(\TYPO3\CMS\Extbase\Persistence\PersistenceManagerInterface $persistenceManager)
125 {
126 $this->persistenceManager = $persistenceManager;
127 }
128
129 /**
130 * Actually convert from $source to $targetType, taking into account the fully
131 * built $convertedChildProperties and $configuration.
132 *
133 * @param string|int $source
134 * @param string $targetType
135 * @param array $convertedChildProperties
136 * @param PropertyMappingConfigurationInterface $configuration
137 * @return AbstractFileFolder
138 * @internal
139 */
140 public function convertFrom($source, $targetType, array $convertedChildProperties = [], PropertyMappingConfigurationInterface $configuration = null)
141 {
142 if (!isset($source['error']) || $source['error'] === \UPLOAD_ERR_NO_FILE) {
143 if (isset($source['submittedFile']['resourcePointer'])) {
144 try {
145 $resourcePointer = $this->hashService->validateAndStripHmac($source['submittedFile']['resourcePointer']);
146 if (strpos($resourcePointer, 'file:') === 0) {
147 $fileUid = substr($resourcePointer, 5);
148 return $this->createFileReferenceFromFalFileObject($this->resourceFactory->getFileObject($fileUid));
149 } else {
150 return $this->createFileReferenceFromFalFileReferenceObject($this->resourceFactory->getFileReferenceObject($resourcePointer), $resourcePointer);
151 }
152 } catch (\InvalidArgumentException $e) {
153 // Nothing to do. No file is uploaded and resource pointer is invalid. Discard!
154 }
155 }
156 return null;
157 }
158
159 if ($source['error'] !== \UPLOAD_ERR_OK) {
160 return $this->objectManager->get(Error::class, $this->getUploadErrorMessage($source['error']), 1471715915);
161 }
162
163 if (isset($this->convertedResources[$source['tmp_name']])) {
164 return $this->convertedResources[$source['tmp_name']];
165 }
166
167 try {
168 $resource = $this->importUploadedResource($source, $configuration);
169 } catch (\Exception $e) {
170 return $this->objectManager->get(Error::class, $e->getMessage(), $e->getCode());
171 }
172
173 $this->convertedResources[$source['tmp_name']] = $resource;
174 return $resource;
175 }
176
177 /**
178 * Import a resource and respect configuration given for properties
179 *
180 * @param array $uploadInfo
181 * @param PropertyMappingConfigurationInterface $configuration
182 * @return ExtbaseFileReference
183 * @throws TypeConverterException
184 */
185 protected function importUploadedResource(
186 array $uploadInfo,
187 PropertyMappingConfigurationInterface $configuration
188 ): ExtbaseFileReference {
189 if (!GeneralUtility::verifyFilenameAgainstDenyPattern($uploadInfo['name'])) {
190 throw new TypeConverterException('Uploading files with PHP file extensions is not allowed!', 1471710357);
191 }
192
193 $uploadFolderId = $configuration->getConfigurationValue(self::class, self::CONFIGURATION_UPLOAD_FOLDER) ?: $this->defaultUploadFolder;
194 $conflictMode = $configuration->getConfigurationValue(self::class, self::CONFIGURATION_UPLOAD_CONFLICT_MODE) ?: $this->defaultConflictMode;
195
196 $uploadFolder = $this->resourceFactory->retrieveFileOrFolderObject($uploadFolderId);
197 $uploadedFile = $uploadFolder->addUploadedFile($uploadInfo, $conflictMode);
198
199 $validators = $configuration->getConfigurationValue(self::class, self::CONFIGURATION_FILE_VALIDATORS);
200 if (is_array($validators)) {
201 foreach ($validators as $validator) {
202 if ($validator instanceof AbstractValidator) {
203 $validationResult = $validator->validate($uploadedFile);
204 if ($validationResult->hasErrors()) {
205 $uploadedFile->getStorage()->deleteFile($uploadedFile);
206 throw new TypeConverterException($validationResult->getErrors()[0]->getMessage(), 1471708999);
207 }
208 }
209 }
210 }
211
212 $resourcePointer = isset($uploadInfo['submittedFile']['resourcePointer']) && strpos($uploadInfo['submittedFile']['resourcePointer'], 'file:') === false
213 ? $this->hashService->validateAndStripHmac($uploadInfo['submittedFile']['resourcePointer'])
214 : null;
215
216 $fileReferenceModel = $this->createFileReferenceFromFalFileObject($uploadedFile, $resourcePointer);
217
218 return $fileReferenceModel;
219 }
220
221 /**
222 * @param File $file
223 * @param int $resourcePointer
224 * @return ExtbaseFileReference
225 */
226 protected function createFileReferenceFromFalFileObject(
227 File $file,
228 int $resourcePointer = null
229 ): ExtbaseFileReference {
230 $fileReference = $this->resourceFactory->createFileReferenceObject(
231 [
232 'uid_local' => $file->getUid(),
233 'uid_foreign' => uniqid('NEW_'),
234 'uid' => uniqid('NEW_'),
235 'crop' => null,
236 ]
237 );
238 return $this->createFileReferenceFromFalFileReferenceObject($fileReference, $resourcePointer);
239 }
240
241 /**
242 * @param CoreFileReference $falFileReference
243 * @param int $resourcePointer
244 * @return ExtbaseFileReference
245 */
246 protected function createFileReferenceFromFalFileReferenceObject(
247 CoreFileReference $falFileReference,
248 int $resourcePointer = null
249 ): ExtbaseFileReference {
250 if ($resourcePointer === null) {
251 $fileReference = $this->objectManager->get(ExtbaseFileReference::class);
252 } else {
253 $fileReference = $this->persistenceManager->getObjectByIdentifier($resourcePointer, ExtbaseFileReference::class, false);
254 }
255
256 $fileReference->setOriginalResource($falFileReference);
257 return $fileReference;
258 }
259
260 /**
261 * Returns a human-readable message for the given PHP file upload error
262 * constant.
263 *
264 * @param int $errorCode
265 * @return string
266 */
267 protected function getUploadErrorMessage(int $errorCode): string
268 {
269 switch ($errorCode) {
270 case \UPLOAD_ERR_INI_SIZE:
271 return 'The uploaded file exceeds the upload_max_filesize directive in php.ini';
272 case \UPLOAD_ERR_FORM_SIZE:
273 return 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form';
274 case \UPLOAD_ERR_PARTIAL:
275 return 'The uploaded file was only partially uploaded';
276 case \UPLOAD_ERR_NO_FILE:
277 return 'No file was uploaded';
278 case \UPLOAD_ERR_NO_TMP_DIR:
279 return 'Missing a temporary folder';
280 case \UPLOAD_ERR_CANT_WRITE:
281 return 'Failed to write file to disk';
282 case \UPLOAD_ERR_EXTENSION:
283 return 'File upload stopped by extension';
284 default:
285 return 'Unknown upload error';
286 }
287 }
288 }