Open Journal Systems  3.3.0
PKPTemporaryFilesHandler.inc.php
1 <?php
14 import('lib.pkp.classes.handler.APIHandler');
15 
16 class PKPTemporaryFilesHandler extends APIHandler {
20  public function __construct() {
21  $this->_handlerPath = 'temporaryFiles';
22  $roles = array(ROLE_ID_SITE_ADMIN, ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR, ROLE_ID_ASSISTANT);
23  $this->_endpoints = array(
24  'OPTIONS' => array(
25  array(
26  'pattern' => $this->getEndpointPattern(),
27  'handler' => array($this, 'getOptions'),
28  'roles' => $roles,
29  ),
30  ),
31  'POST' => array(
32  array(
33  'pattern' => $this->getEndpointPattern(),
34  'handler' => array($this, 'uploadFile'),
35  'roles' => $roles,
36  ),
37  ),
38  );
39 
40  parent::__construct();
41  }
42 
46  public function authorize($request, &$args, $roleAssignments) {
47  import('lib.pkp.classes.security.authorization.PolicySet');
48  $rolePolicy = new PolicySet(COMBINING_PERMIT_OVERRIDES);
49 
50  import('lib.pkp.classes.security.authorization.RoleBasedHandlerOperationPolicy');
51  foreach($roleAssignments as $role => $operations) {
52  $rolePolicy->addPolicy(new RoleBasedHandlerOperationPolicy($request, $role, $operations));
53  }
54  $this->addPolicy($rolePolicy);
55 
56  return parent::authorize($request, $args, $roleAssignments);
57  }
58 
66  private function getResponse($response) {
67  return $response->withHeader('Access-Control-Allow-Headers', 'Content-Type, X-Requested-With, X-PINGOTHER, X-File-Name, Cache-Control');
68  }
69 
78  public function uploadFile($slimRequest, $response, $args) {
79  $request = $this->getRequest();
80 
81  if (empty($_FILES)) {
82  return $response->withStatus(400)->withJsonError('api.temporaryFiles.400.noUpload');
83  }
84 
85  import('lib.pkp.classes.file.TemporaryFileManager');
86  $temporaryFileManager = new TemporaryFileManager();
87  $fileName = $temporaryFileManager->getFirstUploadedPostName();
88  $uploadedFile = $temporaryFileManager->handleUpload($fileName, $request->getUser()->getId());
89 
90  if ($uploadedFile === false) {
91  if ($temporaryFileManager->uploadError($fileName)) {
92  switch ($temporaryFileManager->getUploadErrorCode($fileName)) {
93  case UPLOAD_ERR_INI_SIZE:
94  case UPLOAD_ERR_FORM_SIZE:
95  return $response->withStatus(400)->withJsonError('api.temporaryFiles.400.fileSize', ['maxSize' => Application::getReadableMaxFileSize()]);
96  case UPLOAD_ERR_PARTIAL:
97  return $response->withStatus(400)->withJsonError('api.temporaryFiles.409.uploadFailed');
98  case UPLOAD_ERR_NO_FILE:
99  return $response->withStatus(400)->withJsonError('api.temporaryFiles.400.noUpload');
100  case UPLOAD_ERR_NO_TMP_DIR:
101  case UPLOAD_ERR_CANT_WRITE:
102  case UPLOAD_ERR_EXTENSION:
103  return $response->withStatus(400)->withJsonError('api.temporaryFiles.400.config');
104  }
105  }
106  return $response->withStatus(400)->withJsonError('api.temporaryFiles.409.uploadFailed');
107  }
108 
109  return $this->getResponse($response->withJson(['id' => $uploadedFile->getId()]));
110  }
111 
121  public function getOptions($slimRequest, $response, $args) {
122  return $this->getResponse($response);
123  }
124 }
TemporaryFileManager
Definition: TemporaryFileManager.inc.php:19
PKPTemporaryFilesHandler\uploadFile
uploadFile($slimRequest, $response, $args)
Definition: PKPTemporaryFilesHandler.inc.php:78
PKPTemporaryFilesHandler\authorize
authorize($request, &$args, $roleAssignments)
Definition: PKPTemporaryFilesHandler.inc.php:46
PKPTemporaryFilesHandler\__construct
__construct()
Definition: PKPTemporaryFilesHandler.inc.php:20
APIHandler
Base request API handler.
Definition: APIHandler.inc.php:22
PKPTemporaryFilesHandler
Handle API requests to upload a file and receive a temporary file ID.
Definition: PKPTemporaryFilesHandler.inc.php:16
PKPApplication\getReadableMaxFileSize
static getReadableMaxFileSize()
Definition: PKPApplication.inc.php:804
PKPTemporaryFilesHandler\getOptions
getOptions($slimRequest, $response, $args)
Definition: PKPTemporaryFilesHandler.inc.php:121
RoleBasedHandlerOperationPolicy
Class to control access to handler operations via role based access control.
Definition: RoleBasedHandlerOperationPolicy.inc.php:18
APIHandler\getRequest
getRequest()
Definition: APIHandler.inc.php:149
PKPHandler\addPolicy
addPolicy($authorizationPolicy, $addToTop=false)
Definition: PKPHandler.inc.php:157
APIHandler\getEndpointPattern
getEndpointPattern()
Definition: APIHandler.inc.php:186
PolicySet
An ordered list of policies. Policy sets can be added to decision managers like policies....
Definition: PolicySet.inc.php:26