Drupal investigation

update.authorize.inc 13KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371
  1. <?php
  2. /**
  3. * @file
  4. * Callbacks and related functions invoked by authorize.php to update projects.
  5. *
  6. * We use the Batch API to actually update each individual project on the site.
  7. * All of the code in this file is run at a low bootstrap level (modules are not
  8. * loaded), so these functions cannot assume access to the rest of the code of
  9. * the Update Manager module.
  10. */
  11. use Drupal\Core\Updater\UpdaterException;
  12. use Drupal\Core\Url;
  13. /**
  14. * Updates existing projects when invoked by authorize.php.
  15. *
  16. * Callback for system_authorized_init() in
  17. * update_manager_update_ready_form_submit().
  18. *
  19. * @param $filetransfer
  20. * The FileTransfer object created by authorize.php for use during this
  21. * operation.
  22. * @param $projects
  23. * A nested array of projects to install into the live webroot, keyed by
  24. * project name. Each subarray contains the following keys:
  25. * - project: The canonical project short name.
  26. * - updater_name: The name of the Drupal\Core\Updater\Updater class to use
  27. * for this project.
  28. * - local_url: The locally installed location of new code to update with.
  29. *
  30. * @return \Symfony\Component\HttpFoundation\Response|null
  31. * The result of processing the batch that updates the projects. If this is
  32. * an instance of \Symfony\Component\HttpFoundation\Response the calling code
  33. * should use that response for the current page request.
  34. */
  35. function update_authorize_run_update($filetransfer, $projects) {
  36. $operations = [];
  37. foreach ($projects as $project_info) {
  38. $operations[] = [
  39. 'update_authorize_batch_copy_project',
  40. [
  41. $project_info['project'],
  42. $project_info['updater_name'],
  43. $project_info['local_url'],
  44. $filetransfer,
  45. ],
  46. ];
  47. }
  48. $batch = [
  49. 'init_message' => t('Preparing to update your site'),
  50. 'operations' => $operations,
  51. 'finished' => 'update_authorize_update_batch_finished',
  52. 'file' => drupal_get_path('module', 'update') . '/update.authorize.inc',
  53. ];
  54. batch_set($batch);
  55. // Since authorize.php has its own method for setting the page title, set it
  56. // manually here rather than passing it in to batch_set() as would normally
  57. // be done.
  58. $_SESSION['authorize_page_title'] = t('Installing updates');
  59. // Invoke the batch via authorize.php.
  60. return system_authorized_batch_process();
  61. }
  62. /**
  63. * Installs a new project when invoked by authorize.php.
  64. *
  65. * Callback for system_authorized_init() in
  66. * update_manager_install_form_submit().
  67. *
  68. * @param FileTransfer $filetransfer
  69. * The FileTransfer object created by authorize.php for use during this
  70. * operation.
  71. * @param string $project
  72. * The canonical project short name; i.e., the name of the module, theme, or
  73. * profile.
  74. * @param string $updater_name
  75. * The name of the Drupal\Core\Updater\Updater class to use for installing
  76. * this project.
  77. * @param string $local_url
  78. * The URL to the locally installed temp directory where the project has
  79. * already been downloaded and extracted into.
  80. *
  81. * @return \Symfony\Component\HttpFoundation\Response|null
  82. * The result of processing the batch that installs the project. If this is
  83. * an instance of \Symfony\Component\HttpFoundation\Response the calling code
  84. * should use that response for the current page request.
  85. */
  86. function update_authorize_run_install($filetransfer, $project, $updater_name, $local_url) {
  87. $operations[] = [
  88. 'update_authorize_batch_copy_project',
  89. [
  90. $project,
  91. $updater_name,
  92. $local_url,
  93. $filetransfer,
  94. ],
  95. ];
  96. // @todo Instantiate our Updater to set the human-readable title?
  97. $batch = [
  98. 'init_message' => t('Preparing to install'),
  99. 'operations' => $operations,
  100. // @todo Use a different finished callback for different messages?
  101. 'finished' => 'update_authorize_install_batch_finished',
  102. 'file' => drupal_get_path('module', 'update') . '/update.authorize.inc',
  103. ];
  104. batch_set($batch);
  105. // Since authorize.php has its own method for setting the page title, set it
  106. // manually here rather than passing it in to batch_set() as would normally
  107. // be done.
  108. $_SESSION['authorize_page_title'] = t('Installing %project', ['%project' => $project]);
  109. // Invoke the batch via authorize.php.
  110. return system_authorized_batch_process();
  111. }
  112. /**
  113. * Implements callback_batch_operation().
  114. *
  115. * Copies project to its proper place when authorized to do so.
  116. *
  117. * @param string $project
  118. * The canonical short name of the project being installed.
  119. * @param string $updater_name
  120. * The name of the Drupal\Core\Updater\Updater class to use for installing
  121. * this project.
  122. * @param string $local_url
  123. * The URL to the locally installed temp directory where the project has
  124. * already been downloaded and extracted into.
  125. * @param FileTransfer $filetransfer
  126. * The FileTransfer object to use for performing this operation.
  127. * @param array $context
  128. * Reference to an array used for Batch API storage.
  129. */
  130. function update_authorize_batch_copy_project($project, $updater_name, $local_url, $filetransfer, &$context) {
  131. // Initialize some variables in the Batch API $context array.
  132. if (!isset($context['results']['log'])) {
  133. $context['results']['log'] = [];
  134. }
  135. if (!isset($context['results']['log'][$project])) {
  136. $context['results']['log'][$project] = [];
  137. }
  138. if (!isset($context['results']['tasks'])) {
  139. $context['results']['tasks'] = [];
  140. }
  141. // The batch API uses a session, and since all the arguments are serialized
  142. // and unserialized between requests, although the FileTransfer object itself
  143. // will be reconstructed, the connection pointer itself will be lost. However,
  144. // the FileTransfer object will still have the connection variable, even
  145. // though the connection itself is now gone. So, although it's ugly, we have
  146. // to unset the connection variable at this point so that the FileTransfer
  147. // object will re-initiate the actual connection.
  148. unset($filetransfer->connection);
  149. if (!empty($context['results']['log'][$project]['#abort'])) {
  150. $context['finished'] = 1;
  151. return;
  152. }
  153. $updater = new $updater_name($local_url, \Drupal::getContainer()->get('update.root'));
  154. try {
  155. if ($updater->isInstalled()) {
  156. // This is an update.
  157. $tasks = $updater->update($filetransfer);
  158. }
  159. else {
  160. $tasks = $updater->install($filetransfer);
  161. }
  162. }
  163. catch (UpdaterException $e) {
  164. _update_batch_create_message($context['results']['log'][$project], t('Error installing / updating'), FALSE);
  165. _update_batch_create_message($context['results']['log'][$project], $e->getMessage(), FALSE);
  166. $context['results']['log'][$project]['#abort'] = TRUE;
  167. return;
  168. }
  169. _update_batch_create_message($context['results']['log'][$project], t('Installed %project_name successfully', ['%project_name' => $project]));
  170. if (!empty($tasks)) {
  171. $context['results']['tasks'] += $tasks;
  172. }
  173. // This particular operation is now complete, even though the batch might
  174. // have other operations to perform.
  175. $context['finished'] = 1;
  176. }
  177. /**
  178. * Batch callback: Performs actions when the authorized update batch is done.
  179. *
  180. * This processes the results and stashes them into SESSION such that
  181. * authorize.php will render a report. Also responsible for putting the site
  182. * back online and clearing the update status storage after a successful update.
  183. *
  184. * @param $success
  185. * TRUE if the batch operation was successful; FALSE if there were errors.
  186. * @param $results
  187. * An associative array of results from the batch operation.
  188. */
  189. function update_authorize_update_batch_finished($success, $results) {
  190. foreach ($results['log'] as $messages) {
  191. if (!empty($messages['#abort'])) {
  192. $success = FALSE;
  193. }
  194. }
  195. $offline = \Drupal::state()->get('system.maintenance_mode');
  196. if ($success) {
  197. // Now that the update completed, we need to clear the available update data
  198. // and recompute our status, so prevent show bogus results.
  199. _update_authorize_clear_update_status();
  200. // Take the site out of maintenance mode if it was previously that way.
  201. if ($offline && isset($_SESSION['maintenance_mode']) && $_SESSION['maintenance_mode'] == FALSE) {
  202. \Drupal::state()->set('system.maintenance_mode', FALSE);
  203. $page_message = [
  204. 'message' => t('Update was completed successfully. Your site has been taken out of maintenance mode.'),
  205. 'type' => 'status',
  206. ];
  207. }
  208. else {
  209. $page_message = [
  210. 'message' => t('Update was completed successfully.'),
  211. 'type' => 'status',
  212. ];
  213. }
  214. }
  215. elseif (!$offline) {
  216. $page_message = [
  217. 'message' => t('Update failed! See the log below for more information.'),
  218. 'type' => 'error',
  219. ];
  220. }
  221. else {
  222. $page_message = [
  223. 'message' => t('Update failed! See the log below for more information. Your site is still in maintenance mode.'),
  224. 'type' => 'error',
  225. ];
  226. }
  227. // Since we're doing an update of existing code, always add a task for
  228. // running update.php.
  229. $url = Url::fromRoute('system.db_update');
  230. $results['tasks'][] = t('Your modules have been downloaded and updated.');
  231. $results['tasks'][] = [
  232. '#type' => 'link',
  233. '#url' => $url,
  234. '#title' => t('Run database updates'),
  235. // Since this is being called outsite of the primary front controller,
  236. // the base_url needs to be set explicitly to ensure that links are
  237. // relative to the site root.
  238. // @todo Simplify with https://www.drupal.org/node/2548095
  239. '#options' => [
  240. 'absolute' => TRUE,
  241. 'base_url' => $GLOBALS['base_url'],
  242. ],
  243. '#access' => $url->access(\Drupal::currentUser())
  244. ];
  245. // Unset the variable since it is no longer needed.
  246. unset($_SESSION['maintenance_mode']);
  247. // Set all these values into the SESSION so authorize.php can display them.
  248. $_SESSION['authorize_results']['success'] = $success;
  249. $_SESSION['authorize_results']['page_message'] = $page_message;
  250. $_SESSION['authorize_results']['messages'] = $results['log'];
  251. $_SESSION['authorize_results']['tasks'] = $results['tasks'];
  252. $_SESSION['authorize_page_title'] = t('Update manager');
  253. }
  254. /**
  255. * Implements callback_batch_finished().
  256. *
  257. * Performs actions when the authorized install batch is done.
  258. *
  259. * This processes the results and stashes them into SESSION such that
  260. * authorize.php will render a report. Also responsible for putting the site
  261. * back online after a successful install if necessary.
  262. *
  263. * @param $success
  264. * TRUE if the batch operation was a success; FALSE if there were errors.
  265. * @param $results
  266. * An associative array of results from the batch operation.
  267. */
  268. function update_authorize_install_batch_finished($success, $results) {
  269. foreach ($results['log'] as $messages) {
  270. if (!empty($messages['#abort'])) {
  271. $success = FALSE;
  272. }
  273. }
  274. $offline = \Drupal::state()->get('system.maintenance_mode');
  275. if ($success) {
  276. // Take the site out of maintenance mode if it was previously that way.
  277. if ($offline && isset($_SESSION['maintenance_mode']) && $_SESSION['maintenance_mode'] == FALSE) {
  278. \Drupal::state()->set('system.maintenance_mode', FALSE);
  279. $page_message = [
  280. 'message' => t('Installation was completed successfully. Your site has been taken out of maintenance mode.'),
  281. 'type' => 'status',
  282. ];
  283. }
  284. else {
  285. $page_message = [
  286. 'message' => t('Installation was completed successfully.'),
  287. 'type' => 'status',
  288. ];
  289. }
  290. }
  291. elseif (!$success && !$offline) {
  292. $page_message = [
  293. 'message' => t('Installation failed! See the log below for more information.'),
  294. 'type' => 'error',
  295. ];
  296. }
  297. else {
  298. $page_message = [
  299. 'message' => t('Installation failed! See the log below for more information. Your site is still in maintenance mode.'),
  300. 'type' => 'error',
  301. ];
  302. }
  303. // Unset the variable since it is no longer needed.
  304. unset($_SESSION['maintenance_mode']);
  305. // Set all these values into the SESSION so authorize.php can display them.
  306. $_SESSION['authorize_results']['success'] = $success;
  307. $_SESSION['authorize_results']['page_message'] = $page_message;
  308. $_SESSION['authorize_results']['messages'] = $results['log'];
  309. $_SESSION['authorize_results']['tasks'] = $results['tasks'];
  310. $_SESSION['authorize_page_title'] = t('Update manager');
  311. }
  312. /**
  313. * Creates a structure of log messages.
  314. *
  315. * @param array $project_results
  316. * An associative array of results from the batch operation.
  317. * @param string $message
  318. * A string containing a log message.
  319. * @param bool $success
  320. * (optional) TRUE if the operation the message is about was a success, FALSE
  321. * if there were errors. Defaults to TRUE.
  322. */
  323. function _update_batch_create_message(&$project_results, $message, $success = TRUE) {
  324. $project_results[] = ['message' => $message, 'success' => $success];
  325. }
  326. /**
  327. * Clears available update status data.
  328. *
  329. * Since this function is run at such a low bootstrap level, the Update Manager
  330. * module is not loaded. So, we can't just call update_storage_clear(). However,
  331. * the key-value backend is available, so we just call that.
  332. *
  333. * Note that we do not want to delete items related to currently pending fetch
  334. * attempts.
  335. *
  336. * @see update_authorize_update_batch_finished()
  337. * @see update_storage_clear()
  338. */
  339. function _update_authorize_clear_update_status() {
  340. \Drupal::keyValueExpirable('update')->deleteAll();
  341. \Drupal::keyValueExpirable('update_available_release')->deleteAll();
  342. }