diff options
Diffstat (limited to 'modules/update')
| -rw-r--r-- | modules/update/update.authorize.inc | 302 | ||||
| -rw-r--r-- | modules/update/update.css | 14 | ||||
| -rw-r--r-- | modules/update/update.info | 6 | ||||
| -rw-r--r-- | modules/update/update.manager.inc | 733 | ||||
| -rw-r--r-- | modules/update/update.module | 117 | ||||
| -rw-r--r-- | modules/update/update.report.inc | 4 | ||||
| -rw-r--r-- | modules/update/update.test | 1 |
7 files changed, 1163 insertions, 14 deletions
diff --git a/modules/update/update.authorize.inc b/modules/update/update.authorize.inc new file mode 100644 index 000000000..e0893e6a0 --- /dev/null +++ b/modules/update/update.authorize.inc @@ -0,0 +1,302 @@ +<?php +// $Id$ + +/** + * @file + * Callbacks and related functions invoked by authorize.php to update projects + * on the Drupal site. We use the Batch API to actually update each individual + * project on the site. All of the code in this file is run at a low bootstrap + * level (modules are not loaded), so these functions cannot assume access to + * the rest of the update module code. + */ + +/** + * Callback invoked by authorize.php to update existing projects. + * + * @param $filetransfer + * The FileTransfer object created by authorize.php for use during this + * operation. + * @param $projects + * A nested array of projects to install into the live webroot, keyed by + * project name. Each subarray contains the following keys: + * - 'project': The cannonical project short name. + * - 'updater_name': The name of the Updater class to use for this project. + * - 'local_url': The locally installed location of new code to update with. + */ +function update_authorize_run_update($filetransfer, $projects) { + global $base_url; + + $operations = array(); + foreach ($projects as $project => $project_info) { + $operations[] = array( + 'update_authorize_batch_copy_project', + array( + $project_info['project'], + $project_info['updater_name'], + $project_info['local_url'], + $filetransfer, + ), + ); + } + + $batch = array( + 'title' => t('Installing updates'), + 'init_message' => t('Preparing to update your site'), + 'operations' => $operations, + 'finished' => 'update_authorize_update_batch_finished', + 'file' => drupal_get_path('module', 'update') . '/update.authorize.inc', + ); + + batch_set($batch); + // Invoke the batch via authorize.php. + batch_process($base_url . '/authorize.php', $base_url . '/authorize.php?batch=1'); +} + +/** + * Callback invoked by authorize.php to install a new project. + * + * @param FileTransfer $filetransfer + * The FileTransfer object created by authorize.php for use during this + * operation. + * @param string $project + * The canonical project short name (e.g. {system}.name). + * @param string $updater_name + * The name of the Updater class to use for installing this project. + * @param string $local_url + * The URL to the locally installed temp directory where the project has + * already been downloaded and extracted into. + */ +function update_authorize_run_install($filetransfer, $project, $updater_name, $local_url) { + global $base_url; + + $operations[] = array( + 'update_authorize_batch_copy_project', + array( + $project, + $updater_name, + $local_url, + $filetransfer, + ), + ); + + // @todo Instantiate our Updater to set the human-readable title? + $batch = array( + 'title' => t('Installing %project', array('%project' => $project)), + 'init_message' => t('Preparing to install'), + 'operations' => $operations, + // @todo Use a different finished callback for different messages? + 'finished' => 'update_authorize_install_batch_finished', + 'file' => drupal_get_path('module', 'update') . '/update.authorize.inc', + ); + batch_set($batch); + + // Invoke the batch via authorize.php. + batch_process($base_url . '/authorize.php', $base_url . '/authorize.php?batch=1'); + +} + +/** + * Copy a project to its proper place when authorized with elevated privileges. + * + * @param string $project + * The cannonical short name of the project being installed. + * @param string $updater_name + * The name of the Updater class to use for installing this project. + * @param string $local_url + * The URL to the locally installed temp directory where the project has + * already been downloaded and extracted into. + * @param FileTransfer $filetransfer + * The FileTransfer object to use for performing this operation. + * @param array &$context + * Reference to an array used for BatchAPI storage. + */ +function update_authorize_batch_copy_project($project, $updater_name, $local_url, $filetransfer, &$context) { + + // Initialize some variables in the Batch API $context array. + if (!isset($context['results']['log'])) { + $context['results']['log'] = array(); + } + if (!isset($context['results']['log'][$project])) { + $context['results']['log'][$project] = array(); + } + + if (!isset($context['results']['tasks'])) { + $context['results']['tasks'] = array(); + } + + /** + * The batch API uses a session, and since all the arguments are serialized + * and unserialized between requests, although the FileTransfer object + * itself will be reconstructed, the connection pointer itself will be lost. + * However, the FileTransfer object will still have the connection variable, + * even though the connection itself is now gone. So, although it's ugly, we + * have to unset the connection variable at this point so that the + * FileTransfer object will re-initiate the actual connection. + */ + unset($filetransfer->connection); + + if (!empty($context['results']['log'][$project]['#abort'])) { + $context['#finished'] = 1; + return; + } + + $updater = new $updater_name($local_url); + + try { + if ($updater->isInstalled()) { + // This is an update. + $tasks = $updater->update($filetransfer); + } + else { + $tasks = $updater->install($filetransfer); + } + } + catch (UpdaterError $e) { + _update_batch_create_message($context['results']['log'][$project], t("Error installing / updating"), FALSE); + _update_batch_create_message($context['results']['log'][$project], $e->getMessage(), FALSE); + $context['results']['log'][$project]['#abort'] = TRUE; + return; + } + + _update_batch_create_message($context['results']['log'][$project], t('Installed %project_name successfully', array('%project_name' => $project))); + $context['results']['tasks'] += $tasks; + + // This particular operation is now complete, even though the batch might + // have other operations to perform. + $context['finished'] = 1; +} + +/** + * Batch callback for when the authorized update batch is finished. + * + * This processes the results and stashes them into SESSION such that + * authorize.php will render a report. Also responsible for putting the site + * back online and clearing the update status cache after a successful update. + */ +function update_authorize_update_batch_finished($success, $results) { + foreach ($results['log'] as $project => $messages) { + if (!empty($messages['#abort'])) { + $success = FALSE; + } + } + $offline = variable_get('site_offline', FALSE); + if ($success) { + // Now that the update completed, we need to clear the cache of available + // update data and recompute our status, so prevent show bogus results. + _update_authorize_clear_update_status(); + + if ($offline) { + variable_set('site_offline', FALSE); + $page_message = array( + 'message' => t('Update was completed successfully. Your site has been taken out of maintenance mode.'), + 'type' => 'status', + ); + } + else { + $page_message = array( + 'message' => t('Update was completed successfully.'), + 'type' => 'status', + ); + } + } + elseif (!$offline) { + $page_message = array( + 'message' => t('Update failed! See the log below for more information.'), + 'type' => 'error', + ); + } + else { + $page_message = array( + 'message' => t('Update failed! See the log below for more information. Your site is still in maintenance mode.'), + 'type' => 'error', + ); + } + + // Set all these values into the SESSION so authorize.php can display them. + $_SESSION['authorize_results']['success'] = $success; + $_SESSION['authorize_results']['page_message'] = $page_message; + $_SESSION['authorize_results']['messages'] = $results['log']; + $_SESSION['authorize_results']['tasks'] = $results['tasks']; +} + +/** + * Batch callback for when the authorized install batch is finished. + * + * This processes the results and stashes them into SESSION such that + * authorize.php will render a report. Also responsible for putting the site + * back online after a successful install if necessary. + */ +function update_authorize_install_batch_finished($success, $results) { + foreach ($results['log'] as $project => $messages) { + if (!empty($messages['#abort'])) { + $success = FALSE; + } + } + $offline = variable_get('site_offline', FALSE); + if ($success && $offline) { + variable_set('site_offline', FALSE); + $page_message = array( + 'message' => t('Installation was completed successfully. Your site has been taken out of maintenance mode.'), + 'type' => 'status', + ); + } + elseif ($success && !$offline) { + $page_message = array( + 'message' => t('Installation was completed successfully.'), + 'type' => 'status', + ); + } + elseif (!$success && !$offline) { + $page_message = array( + 'message' => t('Installation failed! See the log below for more information.'), + 'type' => 'error', + ); + } + else { + $page_message = array( + 'message' => t('Installation failed! See the log below for more information. Your site is still in maintenance mode.'), + 'type' => 'error', + ); + } + + // Set all these values into the SESSION so authorize.php can display them. + $_SESSION['authorize_results']['success'] = $success; + $_SESSION['authorize_results']['page_message'] = $page_message; + $_SESSION['authorize_results']['messages'] = $results['log']; + $_SESSION['authorize_results']['tasks'] = $results['tasks']; +} + +/** + * Helper function to create a structure of log messages. + * + * @param array $project_results + * @param string $message + * @param bool $success + */ +function _update_batch_create_message(&$project_results, $message, $success = TRUE) { + $project_results[] = array('message' => $message, 'success' => $success); +} + +/** + * Private helper function to clear cached available update status data. + * + * Since this function is run at such a low bootstrap level, update.module is + * not loaded. So, we can't just call _update_cache_clear(). However, the + * database is bootstrapped, so we can do a query ourselves to clear out what + * we want to clear. + * + * Note that we do not want to just truncate the table, since that would + * remove items related to currently pending fetch attempts. + * + * @see update_authorize_update_batch_finished() + * @see _update_cache_clear() + */ +function _update_authorize_clear_update_status() { + $query = db_delete('cache_update'); + $query->condition( + db_or() + ->condition('cid', 'update_project_%', 'LIKE') + ->condition('cid', 'available_releases::%', 'LIKE') + ); + $query->execute(); +} diff --git a/modules/update/update.css b/modules/update/update.css index ce0dcd6e1..3f46d6c39 100644 --- a/modules/update/update.css +++ b/modules/update/update.css @@ -108,3 +108,17 @@ table.update, .update .check-manually { padding-left: 1em; /* LTR */ } + +.update-major-version-warning { + color: #ff0000; +} + +table tbody tr.update-security, +table tbody tr.update-unsupported { + background: #fcc; +} + +th.update-project-name { + width: 50%; +} + diff --git a/modules/update/update.info b/modules/update/update.info index 36ea5d3cf..26d50366d 100644 --- a/modules/update/update.info +++ b/modules/update/update.info @@ -4,10 +4,12 @@ description = Checks the status of available updates for Drupal and your install version = VERSION package = Core core = 7.x -files[] = update.compare.inc -files[] = update.fetch.inc files[] = update.install files[] = update.module +files[] = update.authorize.inc +files[] = update.compare.inc +files[] = update.fetch.inc +files[] = update.manager.inc files[] = update.report.inc files[] = update.settings.inc files[] = update.test diff --git a/modules/update/update.manager.inc b/modules/update/update.manager.inc new file mode 100644 index 000000000..e65c7fde3 --- /dev/null +++ b/modules/update/update.manager.inc @@ -0,0 +1,733 @@ +<?php +// $Id$ + +/** + * @file + * Administrative screens and processing functions for the update manager. + * This allows site administrators with the 'administer software updates' + * permission to either upgrade existing projects, or download and install new + * ones, so long as the killswitch setting ('allow_authorize_operations') is + * still TRUE. + * + * To install new code, the administrator is prompted for either the URL of an + * archive file, or to directly upload the archive file. The archive is loaded + * into a temporary location, extracted, and verified. If everything is + * successful, the user is redirected to authorize.php to type in their file + * transfer credentials and authorize the installation to proceed with + * elevated privileges, such that the extracted files can be copied out of the + * temporary location and into the live web root. + * + * Updating existing code is a more elaborate process. The first step is a + * selection form where the user is presented with a table of installed + * projects that are missing newer releases. The user selects which projects + * they wish to upgrade, and presses the "Download updates" button to + * continue. This sets up a batch to fetch all the selected releases, and + * redirects to admin/update/download to display the batch progress bar as it + * runs. Each batch operation is responsible for downloading a single file, + * extracting the archive, and verifying the contents. If there are any + * errors, the user is redirected back to the first page with the error + * messages. If all downloads were extacted and verified, the user is instead + * redirected to admin/update/confirm, a landing page which reminds them to + * backup their database and asks if they want to put the site offline during + * the upgrade. Once the user presses the "Install updates" button, they are + * redirected to authorize.php to supply their web root file access + * credentials. The authorized operation (which lives in update.authorize.inc) + * sets up a batch to copy each extracted update from the temporary location + * into the live web root. + */ + +/** + * @defgroup update_manager_update Update manager for updating existing code. + * @{ + */ + +/** + * Build the form for the update manager page to update existing projects. + * + * This presents a table with all projects that have available updates with + * checkboxes to select which ones to upgrade. + * + * @param $form + * @param $form_state + * @param $context + * String representing the context from which we're trying to update, can be: + * 'module', 'theme' or 'report'. + * @return + * The form array for selecting which projects to update. + */ +function update_manager_update_form($form, $form_state = array(), $context) { + $form['#theme'] = 'update_manager_update_form'; + + $available = update_get_available(TRUE); + if (empty($available)) { + $form['message'] = array( + '#markup' => t('There was a problem getting update information. Please try again later.'), + ); + return $form; + } + + drupal_add_css('misc/ui/ui.all.css'); + drupal_add_css('misc/ui/ui.dialog.css'); + drupal_add_js('misc/ui/ui.core.js', array('weight' => JS_LIBRARY + 5)); + drupal_add_js('misc/ui/ui.dialog.js', array('weight' => JS_LIBRARY + 6)); + $form['#attached']['js'][] = drupal_get_path('module', 'update') . '/update.manager.js'; + $form['#attached']['css'][] = drupal_get_path('module', 'update') . '/update.css'; + + // This will be a nested array. The first key is the kind of project, which + // can be either 'enabled', 'disabled', 'manual-enabled' (enabled add-ons + // which require manual updates, such as core or -dev projects) or + // 'manual-disabled' (disabled add-ons that need a manual update). Then, + // each subarray is an array of projects of that type, indexed by project + // short name, and containing an array of data for cells in that project's + // row in the appropriate table. + $projects = array(); + + // This stores the actual download link we're going to update from for each + // project in the form, regardless of if it's enabled or disabled. + $form['project_downloads'] = array('#tree' => TRUE); + + module_load_include('inc', 'update', 'update.compare'); + $project_data = update_calculate_project_data($available); + foreach ($project_data as $name => $project) { + // Filter out projects which are up2date already. + if ($project['status'] == UPDATE_CURRENT) { + continue; + } + // The project name to display can vary based on the info we have. + if (!empty($project['title'])) { + if (!empty($project['link'])) { + $project_name = l($project['title'], $project['link']); + } + else { + $project_name = check_plain($project['title']); + } + } + elseif (!empty($project['info']['name'])) { + $project_name = check_plain($project['info']['name']); + } + else { + $project_name = check_plain($name); + } + if ($project['project_type'] == 'theme' || $project['project_type'] == 'theme-disabled') { + $project_name .= ' ' . t('(Theme)'); + } + + if (empty($project['recommended'])) { + // If we don't know what to recommend they upgrade to, we should skip + // the project entirely. + continue; + } + + $recommended_release = $project['releases'][$project['recommended']]; + $recommended_version = $recommended_release['version'] . ' ' . l(t('(Release notes)'), $recommended_release['release_link'], array('attributes' => array('title' => t('Release notes for @project_name', array('@project_name' => $project_name))))); + if ($recommended_release['version_major'] != $project['existing_major']) { + $recommended_version .= '<div title="Major upgrade warning" class="update-major-version-warning">' . t('This update is a major version update which means that it may not be backwards compatible with your currently running version. It is recommended that you read the release notes and proceed at your own risk.') . '</div>'; + } + + // Create an entry for this project. + $entry = array( + 'title' => $project_name, + 'installed_version' => $project['existing_version'], + 'recommended_version' => $recommended_version, + ); + + switch ($project['status']) { + case UPDATE_NOT_SECURE: + case UPDATE_REVOKED: + $entry['title'] .= ' ' . t('(Security Update)'); + $entry['#weight'] = -2; + $type = 'security'; + break; + + case UPDATE_NOT_SUPPORTED: + $type = 'unsupported'; + $entry['title'] .= ' ' . t('(Unsupported)'); + $entry['#weight'] = -1; + break; + + case UPDATE_UNKNOWN: + case UPDATE_NOT_FETCHED: + case UPDATE_NOT_CHECKED: + case UPDATE_NOT_CURRENT: + $type = 'recommended'; + break; + + default: + // Jump out of the switch and onto the next project in foreach. + continue 2; + } + + $entry['#attributes'] = array('class' => array('update-' . $type)); + + // Drupal core and projects which are dev versions with no stable release + // need to be upgraded manually. + $needs_manual = $project['project_type'] == 'core' || ($project['install_type'] == 'dev' && $recommended_release['version_extra'] == 'dev'); + + if ($needs_manual) { + // Since it won't be tableselect, #weight will confuse the table if it's + // defined, so just unset it (since the order doesn't really matter that + // much in the manual updates table, anyway). + unset($entry['#weight']); + } + else { + $form['project_downloads'][$name] = array( + '#type' => 'value', + '#value' => $recommended_release['download_link'], + ); + } + + // Based on what kind of project this is, save the entry into the + // appropriate subarray. + switch ($project['project_type']) { + case 'core': + // Core is always enabled, but need manual updates at this time. + $projects['manual-enabled'][$name] = $entry; + break; + + case 'module': + case 'theme': + if ($needs_manual) { + $projects['manual-enabled'][$name] = $entry; + } + else { + $projects['enabled'][$name] = $entry; + } + break; + + case 'module-disabled': + case 'theme-disabled': + if ($needs_manual) { + $projects['manual-disabled'][$name] = $entry; + } + else { + $projects['disabled'][$name] = $entry; + } + break; + } + } + + if (empty($projects)) { + $form['message'] = array( + '#markup' => t('All of your projects are up to date.'), + ); + return $form; + } + + $headers = array( + 'title' => array( + 'data' => t('Name'), + 'class' => array('update-project-name'), + ), + 'installed_version' => t('Installed version'), + 'recommended_version' => t('Recommended version'), + ); + + if (!empty($projects['enabled'])) { + $form['projects'] = array( + '#type' => 'tableselect', + '#header' => $headers, + '#options' => $projects['enabled'], + ); + if (count($projects) > 1) { + $form['projects']['#prefix'] = '<h2>' . t('Enabled add-ons') . '</h2>'; + } + } + + if (!empty($projects['disabled'])) { + $form['disabled_projects'] = array( + '#type' => 'tableselect', + '#header' => $headers, + '#options' => $projects['disabled'], + '#weight' => 1, + ); + if (count($projects) > 1) { + $form['disabled_projects']['#prefix'] = '<h2>' . t('Disabled add-ons') . '</h2>'; + } + } + + // If either table has been printed yet, we need a submit button and to + // validate the checkboxes. + if (!empty($projects['enabled']) || !empty($projects['disabled'])) { + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Download these updates'), + '#weight' => 10, + ); + $form['#validate'][] = 'update_manager_update_form_validate'; + } + + if (!empty($projects['manual-enabled'])) { + $prefix = '<h2>' . t('Add-ons requiring manual updates') . '</h2>'; + $prefix .= '<p>' . t('Updates of Drupal core or development releases are not supported at this time.') . '</p>'; + $form['manual_updates'] = array( + '#type' => 'markup', + '#markup' => theme('table', array('header' => $headers, 'rows' => $projects['manual-enabled'])), + '#prefix' => $prefix, + '#weight' => 20, + ); + } + + if (!empty($projects['manual-disabled'])) { + $prefix = '<h2>' . t('Disabled add-ons requiring manual updates') . '</h2>'; + $prefix .= '<p>' . t('Updates of Drupal core or development releases are not supported at this time.') . '</p>'; + $form['manual_disabled'] = array( + '#type' => 'markup', + '#markup' => theme('table', array('header' => $headers, 'rows' => $projects['manual-disabled'])), + '#prefix' => $prefix, + '#weight' => 25, + ); + } + + return $form; +} + +/** + * Theme the first page in the update manager wizard to select projects. + * + * @param $variables + * form: The form + * + * @ingroup themeable + */ +function theme_update_manager_update_form($variables) { + $form = $variables['form']; + $last = variable_get('update_last_check', 0); + $output = theme('update_last_check', array('last' => $last)); + $output .= drupal_render_children($form); + return $output; +} + +/** + * Validation callback to ensure that at least one project is selected. + */ +function update_manager_update_form_validate($form, &$form_state) { + if (!empty($form_state['values']['projects'])) { + $enabled = array_filter($form_state['values']['projects']); + } + if (!empty($form_state['values']['disabled_projects'])) { + $disabled = array_filter($form_state['values']['disabled_projects']); + } + if (empty($enabled) && empty($disabled)) { + form_set_error('projects', t('You must select at least one project to update.')); + } +} + +/** + * Submit function for the main update form. + * + * This sets up a batch to download, extract and verify the selected releases + * + * @see update_manager_update_form() + */ +function update_manager_update_form_submit($form, &$form_state) { + $projects = array(); + foreach (array('projects', 'disabled_projects') as $type) { + if (!empty($form_state['values'][$type])) { + $projects = array_merge($projects, array_keys(array_filter($form_state['values'][$type]))); + } + } + $operations = array(); + foreach ($projects as $project) { + $operations[] = array( + 'update_manager_batch_project_get', + array( + $project, + $form_state['values']['project_downloads'][$project], + ), + ); + } + $batch = array( + 'title' => t('Downloading updates'), + 'init_message' => t('Preparing to download selected updates'), + 'operations' => $operations, + 'finished' => 'update_manager_download_batch_finished', + 'file' => drupal_get_path('module', 'update') . '/update.manager.inc', + ); + batch_set($batch); +} + +/** + * Batch callback invoked when the download batch is completed. + */ +function update_manager_download_batch_finished($success, $results) { + if ($success) { + $_SESSION['update_manager_update_projects'] = $results; + drupal_goto('admin/update/confirm'); + } + else { + foreach($results as $project => $message) { + drupal_set_message($message, 'error'); + } + } +} + +function update_manager_confirm_update_form($form, &$form_state) { + $form['information']['#weight'] = -100; + $form['information']['backup_header'] = array( + '#prefix' => '<h3>', + '#markup' => t('Step 1: Backup your site'), + '#suffix' => '</h3>', + ); + + $form['information']['backup_message'] = array( + '#prefix' => '<p>', + '#markup' => t('We do not currently have a web based backup tool. <a href="@backup_url">Learn more about how to take a backup</a>.', array('@backup_url' => url('http://drupal.org/node/22281'))), + '#suffix' => '</p>', + ); + + $form['information']['maint_header'] = array( + '#prefix' => '<h3>', + '#markup' => t('Step 2: Enter maintenance mode'), + '#suffix' => '</h3>', + ); + + $form['information']['maint_message'] = array( + '#prefix' => '<p>', + '#markup' => t('It is strongly recommended that you put your site into maintenance mode while performing an update.'), + '#suffix' => '</p>', + ); + + $form['information']['site_offline'] = array( + '#title' => t('Perform updates with site in maintenance mode'), + '#type' => 'checkbox', + '#default_value' => TRUE, + ); + + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Install updates'), + '#weight' => 100, + ); + + return $form; +} + +function update_manager_confirm_update_form_submit($form, &$form_state) { + if ($form_state['values']['site_offline'] == TRUE) { + variable_set('site_offline', TRUE); + } + + if (!empty($_SESSION['update_manager_update_projects'])) { + // Make sure the Updater registry is loaded. + drupal_get_updaters(); + + $updates = array(); + $directory = _update_manager_extract_directory(); + + $projects = $_SESSION['update_manager_update_projects']; + unset($_SESSION['update_manager_update_projects']); + + foreach ($projects as $project => $url) { + $project_location = $directory . '/' . $project; + $updater = Updater::factory($project_location); + $updates[] = array( + 'project' => $project, + 'updater_name' => get_class($updater), + 'local_url' => drupal_realpath($project_location), + ); + } + + system_run_authorized('update_authorize_run_update', drupal_get_path('module', 'update') . '/update.authorize.inc', array($updates)); + } +} + +/** + * @} End of "defgroup update_manager_update". + */ + +/** + * @defgroup update_manager_install Update manager for installing new code. + * @{ + */ + +function update_manager_install_form(&$form_state) { + $form = array(); + + $form['project_url'] = array( + '#type' => 'textfield', + '#title' => t('URL'), + '#description' => t('Paste the URL to a Drupal module or theme archive (.tar.gz) to install it. (e.g http://ftp.drupal.org/files/projects/projectname.tar.gz)'), + ); + + $form['information'] = array( + '#prefix' => '<strong>', + '#markup' => t('Or'), + '#suffix' => '</strong>', + ); + + $form['project_upload'] = array( + '#type' => 'file', + '#title' => t('Upload a module or theme'), + '#description' => t('Upload a Drupal module or theme (in .tar.gz format) to install it.'), + ); + + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Install'), + ); + + return $form; +} + +/** + * Validate the form for installing a new project via the update manager. + */ +function update_manager_install_form_validate($form, &$form_state) { + if (!($form_state['values']['project_url'] XOR !empty($_FILES['files']['name']['project_upload']))) { + form_set_error('project_url', t('You must either provide a URL or upload an archive file to install.')); + } +} + +/** + * Handle form submission when installing new projects via the update manager. + * + * Either downloads the file specified in the URL to a temporary cache, or + * uploads the file attached to the form, then attempts to extract the archive + * into a temporary location and verify it. Instantiate the appropriate + * Updater class for this project and make sure it is not already installed in + * the live webroot. If everything is successful, setup an operation to run + * via authorize.php which will copy the extracted files from the temporary + * location into the live site. + */ +function update_manager_install_form_submit($form, &$form_state) { + if ($form_state['values']['project_url']) { + $field = 'project_url'; + $local_cache = update_manager_file_get($form_state['values']['project_url']); + if (!$local_cache) { + form_set_error($field, t('Unable to retreive Drupal project from %url.', array('%url' => $form_state['values']['project_url']))); + return; + } + } + elseif ($_FILES['files']['name']['project_upload']) { + $field = 'project_upload'; + // @todo: add some validators here. + $finfo = file_save_upload($field, array(), NULL, FILE_EXISTS_REPLACE); + // @todo: find out if the module is already instealled, if so, throw an error. + $local_cache = $finfo->uri; + } + + $directory = _update_manager_extract_directory(); + try { + $archive = update_manager_archive_extract($local_cache, $directory); + } + catch (Exception $e) { + form_set_error($field, $e->getMessage()); + return; + } + + $files = $archive->listContent(); + if (!$files) { + form_set_error($field, t('Provided archive contains no files.')); + return; + } + // Unfortunately, we can only use the directory name for this. :( + $project = drupal_substr($files[0]['filename'], 0, -1); + + try { + update_manager_archive_verify($project, $local_cache, $directory); + } + catch (Exception $e) { + form_set_error($field, $e->getMessage()); + return; + } + + // Make sure the Updater registry is loaded. + drupal_get_updaters(); + + $project_location = $directory . '/' . $project; + $updater = Updater::factory($project_location); + $project_title = Updater::getProjectTitle($project_location); + + if (!$project_title) { + form_set_error($field, t('Unable to determine %project name.', array('%project' => $project))); + } + + if ($updater->isInstalled()) { + form_set_error($field, t('%project is already installed.', array('%project' => $project_title))); + return; + } + + $arguments = array( + 'project' => $project, + 'updater_name' => get_class($updater), + 'local_url' => drupal_realpath($project_location), + ); + + return system_run_authorized('update_authorize_run_install', drupal_get_path('module', 'update') . '/update.authorize.inc', $arguments); +} + +/** + * @} End of "defgroup update_manager_install". + */ + +/** + * @defgroup update_manager_file Update manager file management functions. + * @{ + */ + +/** + * Return the directory where update archive files should be extracted. + * + * If the directory does not already exist, attempt to create it. + * + * @return + * The full path to the temporary directory where update file archives + * should be extracted. + */ +function _update_manager_extract_directory() { + $directory = &drupal_static(__FUNCTION__, ''); + if (empty($directory)) { + $directory = DRUPAL_ROOT . '/' . file_directory_path('temporary') . '/update-extraction'; + if (!file_exists($directory)) { + mkdir($directory); + } + } + return $directory; +} + +/** + * Unpack a downloaded archive file. + * + * @param string $project + * The short name of the project to download. + * @param string $file + * The filename of the archive you wish to extract. + * @param string $directory + * The directory you wish to extract the archive info. + * + * @return + * The Archive_Tar class used to extract the archive. + * @throws Exception on failure. + * + * @todo Currently, this is hard-coded to only support .tar.gz. This is an API + * bug, and should be fixed. See http://drupal.org/node/604618. + */ +function update_manager_archive_extract($file, $directory) { + $archive_tar = new Archive_Tar(drupal_realpath($file)); + if (!$archive_tar->extract($directory)) { + throw new Exception(t('Unable to extract %file', array('%file' => $file))); + } + return $archive_tar; +} + +/** + * Verify an archive after it has been downloaded and extracted. + * + * This function is responsible for invoking hook_verify_update_archive(). + * + * @param string $project + * The short name of the project to download. + * @param string $archive_file + * The filename of the unextracted archive. + * @param string $directory + * The directory that the archive was extracted into. + * + * @return void + * @throws Exception on failure. + * + */ +function update_manager_archive_verify($project, $archive_file, $directory) { + $failures = module_invoke_all('verify_update_archive', $project, $archive_file, $directory); + if (!empty($failures)) { + throw new Exception(t('Unable to extact %file', array('%file' => $file))); + } +} + +/** + * Copies a file from $url to the temporary directory for updates. + * + * If the file has already been downloaded, returns the the local path. + * + * @param $url + * The URL of the file on the server. + * + * @return string + * Path to local file. + */ +function update_manager_file_get($url) { + $parsed_url = parse_url($url); + $remote_schemes = array('http', 'https', 'ftp', 'ftps', 'smb', 'nfs'); + if (!in_array($parsed_url['scheme'], $remote_schemes)) { + // This is a local file, just return the path. + return drupal_realpath($url); + } + + // Check the cache and download the file if needed. + $local = 'temporary://update-cache/' . basename($parsed_url['path']); + $cache_directory = DRUPAL_ROOT . '/' . file_directory_path('temporary') . '/update-cache/'; + + if (!file_exists($cache_directory)) { + mkdir($cache_directory); + } + + if (!file_exists($local)) { + return system_retrieve_file($url, $local); + } + else { + return $local; + } +} + +/** + * Batch operation: download, unpack, and verify a project. + * + * This function assumes that the provided URL points to a file archive of + * some sort. The URL can have any scheme that we have a file stream wrapper + * to support. The file is downloaded to a local cache. + * + * @param string $project + * The short name of the project to download. + * @param string $url + * The URL to download a specific project release archive file. + * @param array &$context + * Reference to an array used for BatchAPI storage. + * + * @see update_manager_download_page() + */ +function update_manager_batch_project_get($project, $url, &$context) { + // This is here to show the user that we are in the process of downloading. + if (!isset($context['sandbox']['started'])) { + $context['sandbox']['started'] = TRUE; + $context['message'] = t('Downloading %project', array('%project' => $project)); + $context['success'] = TRUE; + $context['finished'] = 0; + return; + } + + // Assume failure until we make it to the bottom and succeed. + $context['success'] = FALSE; + + // Actually try to download the file. + if (!($local_cache = update_manager_file_get($url))) { + $context['results'][$project] = t('Failed to download %project from %url', array('%project' => $project, '%url' => $url)); + return; + } + + // Extract it. + $extract_directory = _update_manager_extract_directory(); + try { + update_manager_archive_extract($local_cache, $extract_directory); + } + catch (Exception $e) { + $context['results'][$project] = $e->getMessage(); + return; + } + + // Verify it. + try { + update_manager_archive_verify($project, $local_cache, $extract_directory); + } + catch (Exception $e) { + $context['results'][$project] = $e->getMessage(); + return; + } + + // Yay, success. + $context['success'] = TRUE; + $context['results'][$project] = $url; + $context['finished'] = 1; +} + +/** + * @} End of "defgroup update_manager_file". + */ diff --git a/modules/update/update.module b/modules/update/update.module index c488ebb62..3d2c7ee32 100644 --- a/modules/update/update.module +++ b/modules/update/update.module @@ -77,11 +77,13 @@ define('UPDATE_MAX_FETCH_TIME', 5); function update_help($path, $arg) { switch ($path) { case 'admin/reports/updates': - global $base_url; - $output = '<p>' . t('Here you can find information about available updates for your installed modules and themes. Note that each module or theme is part of a "project", which may or may not have the same name, and might include multiple modules or themes within it.') . '</p>'; - $output .= '<p>' . t('To extend the functionality or to change the look of your site, a number of contributed <a href="@modules">modules</a> and <a href="@themes">themes</a> are available.', array('@modules' => 'http://drupal.org/project/modules', '@themes' => 'http://drupal.org/project/themes')) . '</p>'; - $output .= '<p>' . t('Each time Drupal core or a contributed module or theme is updated, it is important that <a href="@update-php">update.php</a> is run.', array('@update-php' => url($base_url . '/update.php', array('external' => TRUE)))) . '</p>'; - return $output; + return '<p>' . t('Here you can find information about available updates for your installed modules and themes. Note that each module or theme is part of a "project", which may or may not have the same name, and might include multiple modules or themes within it.') . '</p>'; + + case 'admin/appearance/install': + case 'admin/config/modules/install': + case 'admin/reports/updates/install': + return '<p>' . t('To install a new module or theme, either upload the .tar.gz file that you have downloaded, or paste the URL of a .tar.gz you wish to install. You can find <a href="@module_url">modules</a> and <a href="@theme_url">themes</a> at <a href="@drupal_org_url">http://drupal.org</a>.', array('@module_url' => 'http://drupal.org/project/modules', '@theme_url' => 'http://drupal.org/project/themes', '@drupal_org_url' => 'http://drupal.org')) . '</p>'; + case 'admin/appearance': case 'admin/config/modules': include_once DRUPAL_ROOT . '/includes/install.inc'; @@ -98,9 +100,13 @@ function update_help($path, $arg) { } } + case 'admin/appearance/update': + case 'admin/config/modules/update': + case 'admin/reports/updates/update': case 'admin/reports/updates/settings': case 'admin/reports/status': - // These two pages don't need additional nagging. + case 'admin/update/confirm': + // These pages don't need additional nagging. break; case 'admin/help#update': @@ -156,6 +162,7 @@ function update_menu() { 'access arguments' => array('administer site configuration'), 'file' => 'update.settings.inc', 'type' => MENU_LOCAL_TASK, + 'weight' => 50, ); $items['admin/reports/updates/check'] = array( 'title' => 'Manual update check', @@ -165,16 +172,84 @@ function update_menu() { 'file' => 'update.fetch.inc', ); + // We want action links for updating projects at a few different locations: + // both the module and theme administration pages, and on the available + // updates report itself. The menu items will be mostly identical, except the + // paths and titles, so we just define them in a loop. We pass in a string + // indicating what context we're entering the action from, so that can + // customize the appearance as needed. + $paths = array( + 'report' => 'admin/reports/updates', + 'module' => 'admin/config/modules', + 'theme' => 'admin/appearance', + ); + foreach ($paths as $context => $path) { + $items[$path . '/install'] = array( + 'page callback' => 'drupal_get_form', + 'page arguments' => array('update_manager_install_form', $context), + 'access callback' => 'update_manager_access', + 'access arguments' => array(), + 'weight' => 25, + 'type' => MENU_LOCAL_ACTION, + 'file' => 'update.manager.inc', + ); + $items[$path . '/update'] = array( + 'page callback' => 'drupal_get_form', + 'page arguments' => array('update_manager_update_form', $context), + 'access callback' => 'update_manager_access', + 'access arguments' => array(), + 'weight' => 20, + 'type' => MENU_LOCAL_ACTION, + 'file' => 'update.manager.inc', + ); + } + // Customize the titles of the action links depending on where they appear. + $items['admin/reports/updates/install']['title'] = 'Install new module or theme'; + $items['admin/reports/updates/update']['title'] = 'Update existing modules and themes'; + $items['admin/config/modules/install']['title'] = 'Install new module'; + $items['admin/config/modules/update']['title'] = 'Update existing modules'; + $items['admin/appearance/install']['title'] = 'Install new theme'; + $items['admin/appearance/update']['title'] = 'Update existing themes'; + + // Menu callback used for the confirmation page after all the releases + // have been downloaded, asking you to backup before installing updates. + $items['admin/update/confirm'] = array( + 'title' => 'Confirm update', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('update_manager_confirm_update_form'), + 'access callback' => 'update_manager_access', + 'access arguments' => array(), + 'type' => MENU_CALLBACK, + 'file' => 'update.manager.inc', + ); + return $items; } /** - * Implement the hook_theme() registry. + * Determine if the current user can access the updater menu items. + * + * This is used as a menu system access callback. It both enforces the + * 'administer software updates' permission and the global killswitch for the + * authorize.php script. + * + * @see update_menu() + */ +function update_manager_access() { + return variable_get('allow_authorize_operations', TRUE) && user_access('administer software updates'); +} + +/** + * Implement hook_theme(). */ function update_theme() { return array( - 'update_settings' => array( + 'update_manager_update_form' => array( 'arguments' => array('form' => NULL), + 'file' => 'update.manager.inc', + ), + 'update_last_check' => array( + 'arguments' => array('last' => NULL), ), 'update_report' => array( 'arguments' => array('data' => NULL), @@ -390,6 +465,8 @@ function update_get_available($refresh = FALSE) { // Grab whatever data we currently have cached in the DB. $available = _update_get_cached_available_releases(); + $num_avail = count($available); + $projects = update_get_projects(); foreach ($projects as $key => $project) { // If there's no data at all, we clearly need to fetch some. @@ -618,6 +695,30 @@ function _update_project_status_sort($a, $b) { } /** + * Render the HTML to display the last time we checked for update data. + * + * In addition to properly formating the given timestamp, this function also + * provides a "Check manually" link that refreshes the available update and + * redirects back to the same page. + * + * @param $variables + * 'last': The timestamp when the site last checked for available updates. + * + * @see theme_update_report() + * @see theme_update_available_updates_form() + * + * @ingroup themeable + */ +function theme_update_last_check($variables) { + $last = $variables['last']; + $output = '<div class="update checked">'; + $output .= $last ? t('Last checked: @time ago', array('@time' => format_interval(REQUEST_TIME - $last))) : t('Last checked: never'); + $output .= ' <span class="check-manually">(' . l(t('Check manually'), 'admin/reports/updates/check', array('query' => drupal_get_destination())) . ')</span>'; + $output .= "</div>\n"; + return $output; +} + +/** * @defgroup update_status_cache Private update status cache system * @{ * diff --git a/modules/update/update.report.inc b/modules/update/update.report.inc index 88e1cc986..f143bccbb 100644 --- a/modules/update/update.report.inc +++ b/modules/update/update.report.inc @@ -29,9 +29,7 @@ function theme_update_report($variables) { $data = $variables['data']; $last = variable_get('update_last_check', 0); - $output = '<div class="update checked">' . ($last ? t('Last checked: @timestamp (@time ago)', array('@time' => format_interval(REQUEST_TIME - $last), '@timestamp' => format_date($last))) : t('Last checked: never')); - $output .= ' <span class="check-manually">(' . l(t('Check manually'), 'admin/reports/updates/check') . ')</span>'; - $output .= "</div>\n"; + $output = theme('update_last_check', array('last' => $last)); if (!is_array($data)) { $output .= '<p>' . $data . '</p>'; diff --git a/modules/update/update.test b/modules/update/update.test index dd07b5723..da40502ed 100644 --- a/modules/update/update.test +++ b/modules/update/update.test @@ -45,7 +45,6 @@ class UpdateTestHelper extends DrupalWebTestCase { */ protected function standardTests() { $this->assertRaw('<h3>' . t('Drupal core') . '</h3>'); - $this->assertRaw(l(t('Check manually'), 'admin/reports/updates/check'), t('Link to check available updates manually appears.')); $this->assertRaw(l(t('Drupal'), 'http://example.com/project/drupal'), t('Link to the Drupal project appears.')); $this->assertNoText(t('No available releases found')); } |