[!!!][FEATURE] Introduce PSR-7-based Routing for Backend AJAX Requests
[Packages/TYPO3.CMS.git] / typo3 / sysext / backend / Classes / Form / Wizard / ImageManipulationWizard.php
1 <?php
2 namespace TYPO3\CMS\Backend\Form\Wizard;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Core\Resource\Exception\FileDoesNotExistException;
20 use TYPO3\CMS\Core\Resource\ResourceFactory;
21 use TYPO3\CMS\Core\Utility\GeneralUtility;
22 use TYPO3\CMS\Core\Utility\HttpUtility;
23 use TYPO3\CMS\Core\Utility\MathUtility;
24 use TYPO3\CMS\Fluid\View\StandaloneView;
25
26 /**
27 * Wizard for rendering image manipulation view
28 */
29 class ImageManipulationWizard {
30
31 /**
32 * @var string
33 */
34 protected $templatePath = 'EXT:backend/Resources/Private/Templates/';
35
36 /**
37 * Returns the HTML for the wizard inside the modal
38 *
39 * @param ServerRequestInterface $request
40 * @param ResponseInterface $response
41 * @return ResponseInterface $response
42 */
43 public function getWizardAction(ServerRequestInterface $request, ResponseInterface $response) {
44 if ($this->isValidToken($request)) {
45 $queryParams = $request->getQueryParams();
46 $fileUid = isset($request->getParsedBody()['file']) ? $request->getParsedBody()['file'] : $queryParams['file'];
47 $image = NULL;
48 if (MathUtility::canBeInterpretedAsInteger($fileUid)) {
49 try {
50 $image = ResourceFactory::getInstance()->getFileObject($fileUid);
51 } catch (FileDoesNotExistException $e) {}
52 }
53
54 $view = $this->getFluidTemplateObject($this->templatePath . 'Wizards/ImageManipulationWizard.html');
55 $view->assign('image', $image);
56 $view->assign('zoom', (bool)$queryParams['bool']);
57 $view->assign('ratios', $this->getAvailableRatios($request));
58 $content = $view->render();
59
60 $response->getBody()->write($content);
61 return $response;
62 } else {
63 return $response->withStatus(403);
64 }
65 }
66
67 /**
68 * Check if hmac token is correct
69 *
70 * @param ServerRequestInterface $request the request with the GET parameters
71 * @return bool
72 */
73 protected function isValidToken(ServerRequestInterface $request) {
74 $parameters = [
75 'zoom' => $request->getQueryParams()['zoom'] ? '1' : '0',
76 'ratios' => $request->getQueryParams()['ratios'] ?: ''
77 ];
78 if ($request->getQueryParams()['file']) {
79 $parameters['file'] = $request->getQueryParams()['file'];
80 }
81
82 $token = GeneralUtility::hmac(implode('|', $parameters), 'ImageManipulationWizard');
83 return $token === $request->getQueryParams()['token'];
84 }
85
86 /**
87 * Get available ratios
88 *
89 * @param ServerRequestInterface $request
90 * @return array
91 */
92 protected function getAvailableRatios(ServerRequestInterface $request) {
93 $ratios = json_decode($request->getQueryParams()['ratios']);
94 // Json transforms an array with string keys to an array,
95 // we need to transform this to an array for the fluid ForViewHelper
96 if (is_object($ratios)) {
97 $ratios = get_object_vars($ratios);
98 }
99 return $ratios;
100 }
101
102 /**
103 * Returns a new standalone view, shorthand function
104 *
105 * @param string $templatePathAndFileName optional the path to set the template path and filename
106 * @return StandaloneView
107 */
108 protected function getFluidTemplateObject($templatePathAndFileName = NULL) {
109 $view = GeneralUtility::makeInstance(StandaloneView::class);
110 if ($templatePathAndFileName) {
111 $view->setTemplatePathAndFilename(GeneralUtility::getFileAbsFileName($templatePathAndFileName));
112 }
113 return $view;
114 }
115 }