SpecialUploadStash.php

Go to the documentation of this file.

<?php
use MediaWiki\Http\HttpRequestFactory;
 
class SpecialUploadStash extends UnlistedSpecialPage {
    private $stash;
 
    private $localRepo;
 
    private $httpRequestFactory;
 
    private const MAX_SERVE_BYTES = 1048576; // 1 MiB
 
    public function __construct(
        RepoGroup $repoGroup,
        HttpRequestFactory $httpRequestFactory
    ) {
        parent::__construct( 'UploadStash', 'upload' );
        $this->localRepo = $repoGroup->getLocalRepo();
        $this->httpRequestFactory = $httpRequestFactory;
    }
 
    public function doesWrites() {
        return true;
    }
 
    public function execute( $subPage ) {
        $this->useTransactionalTimeLimit();
 
        // This is not set in constructor, because the context with the user is not safe to be set
        $this->stash = $this->localRepo->getUploadStash( $this->getUser() );
        $this->checkPermissions();
 
        if ( $subPage === null || $subPage === '' ) {
            $this->showUploads();
        } else {
            $this->showUpload( $subPage );
        }
    }
 
    public function showUpload( $key ) {
        // prevent callers from doing standard HTML output -- we'll take it from here
        $this->getOutput()->disable();
 
        try {
            $params = $this->parseKey( $key );
            if ( $params['type'] === 'thumb' ) {
                $this->outputThumbFromStash( $params['file'], $params['params'] );
            } else {
                $this->outputLocalFile( $params['file'] );
            }
            return;
        } catch ( UploadStashFileNotFoundException $e ) {
            $code = 404;
            $message = $e->getMessage();
        } catch ( Exception $e ) {
            $code = 500;
            $message = $e->getMessage();
        }
 
        throw new HttpError( $code, $message );
    }
 
    private function parseKey( $key ) {
        $type = strtok( $key, '/' );
 
        if ( $type !== 'file' && $type !== 'thumb' ) {
            throw new UploadStashBadPathException(
                $this->msg( 'uploadstash-bad-path-unknown-type', $type )
            );
        }
        $fileName = strtok( '/' );
        $thumbPart = strtok( '/' );
        $file = $this->stash->getFile( $fileName );
        if ( $type === 'thumb' ) {
            $srcNamePos = strrpos( $thumbPart, $fileName );
            if ( $srcNamePos === false || $srcNamePos < 1 ) {
                throw new UploadStashBadPathException(
                    $this->msg( 'uploadstash-bad-path-unrecognized-thumb-name' )
                );
            }
            $paramString = substr( $thumbPart, 0, $srcNamePos - 1 );
 
            $handler = $file->getHandler();
            if ( $handler ) {
                $params = $handler->parseParamString( $paramString );
 
                return [ 'file' => $file, 'type' => $type, 'params' => $params ];
            } else {
                throw new UploadStashBadPathException(
                    $this->msg( 'uploadstash-bad-path-no-handler', $file->getMimeType(), $file->getPath() )
                );
            }
        }
 
        return [ 'file' => $file, 'type' => $type ];
    }
 
    private function outputThumbFromStash( $file, $params ) {
        $flags = 0;
        // this config option, if it exists, points to a "scaler", as you might find in
        // the Wikimedia Foundation cluster. See outputRemoteScaledThumb(). This
        // is part of our horrible NFS-based system, we create a file on a mount
        // point here, but fetch the scaled file from somewhere else that
        // happens to share it over NFS.
        if ( $file->getRepo()->getThumbProxyUrl()
            || $this->getConfig()->get( 'UploadStashScalerBaseUrl' )
        ) {
            $this->outputRemoteScaledThumb( $file, $params, $flags );
        } else {
            $this->outputLocallyScaledThumb( $file, $params, $flags );
        }
    }
 
    private function outputLocallyScaledThumb( $file, $params, $flags ) {
        // n.b. this is stupid, we insist on re-transforming the file every time we are invoked. We rely
        // on HTTP caching to ensure this doesn't happen.
 
        $flags |= File::RENDER_NOW;
 
        $thumbnailImage = $file->transform( $params, $flags );
        if ( !$thumbnailImage ) {
            throw new UploadStashFileNotFoundException(
                $this->msg( 'uploadstash-file-not-found-no-thumb' )
            );
        }
 
        // we should have just generated it locally
        if ( !$thumbnailImage->getStoragePath() ) {
            throw new UploadStashFileNotFoundException(
                $this->msg( 'uploadstash-file-not-found-no-local-path' )
            );
        }
 
        // now we should construct a File, so we can get MIME and other such info in a standard way
        // n.b. MIME type may be different from original (ogx original -> jpeg thumb)
        $thumbFile = new UnregisteredLocalFile( false,
            $this->stash->repo, $thumbnailImage->getStoragePath(), false );
 
        $this->outputLocalFile( $thumbFile );
    }
 
    private function outputRemoteScaledThumb( $file, $params, $flags ) {
        // We need to use generateThumbName() instead of thumbName(), because
        // the suffix needs to match the file name for the remote thumbnailer
        // to work
        $scalerThumbName = $file->generateThumbName( $file->getName(), $params );
 
        // If a thumb proxy is set up for the repo, we favor that, as that will
        // keep the request internal
        $thumbProxyUrl = $file->getRepo()->getThumbProxyUrl();
        if ( strlen( $thumbProxyUrl ) ) {
            $scalerThumbUrl = $thumbProxyUrl . 'temp/' . $file->getUrlRel() .
                '/' . rawurlencode( $scalerThumbName );
            $secret = $file->getRepo()->getThumbProxySecret();
        } else {
            // This option probably looks something like
            // '//upload.wikimedia.org/wikipedia/test/thumb/temp'. Do not use
            // trailing slash.
            $scalerBaseUrl = $this->getConfig()->get( 'UploadStashScalerBaseUrl' );
 
            if ( preg_match( '/^\/\//', $scalerBaseUrl ) ) {
                // this is apparently a protocol-relative URL, which makes no sense in this context,
                // since this is used for communication that's internal to the application.
                // default to http.
                $scalerBaseUrl = wfExpandUrl( $scalerBaseUrl, PROTO_CANONICAL );
            }
 
            $scalerThumbUrl = $scalerBaseUrl . '/' . $file->getUrlRel() .
                '/' . rawurlencode( $scalerThumbName );
            $secret = false;
        }
 
        // make an http request based on wgUploadStashScalerBaseUrl to lazy-create
        // a thumbnail
        $httpOptions = [
            'method' => 'GET',
            'timeout' => 5 // T90599 attempt to time out cleanly
        ];
        $req = $this->httpRequestFactory->create( $scalerThumbUrl, $httpOptions, __METHOD__ );
 
        // Pass a secret key shared with the proxied service if any
        if ( strlen( $secret ) ) {
            $req->setHeader( 'X-Swift-Secret', $secret );
        }
 
        $status = $req->execute();
        if ( !$status->isOK() ) {
            $errors = $status->getErrorsArray();
            throw new UploadStashFileNotFoundException(
                $this->msg(
                    'uploadstash-file-not-found-no-remote-thumb',
                    print_r( $errors, 1 ),
                    $scalerThumbUrl
                )
            );
        }
        $contentType = $req->getResponseHeader( "content-type" );
        if ( !$contentType ) {
            throw new UploadStashFileNotFoundException(
                $this->msg( 'uploadstash-file-not-found-missing-content-type' )
            );
        }
 
        $this->outputContents( $req->getContent(), $contentType );
    }
 
    private function outputLocalFile( File $file ) {
        if ( $file->getSize() > self::MAX_SERVE_BYTES ) {
            throw new SpecialUploadStashTooLargeException(
                $this->msg( 'uploadstash-file-too-large', self::MAX_SERVE_BYTES )
            );
        }
 
        $file->getRepo()->streamFileWithStatus( $file->getPath(),
            [ 'Content-Transfer-Encoding: binary',
                'Expires: Sun, 17-Jan-2038 19:14:07 GMT' ]
        );
    }
 
    private function outputContents( $content, $contentType ) {
        $size = strlen( $content );
        if ( $size > self::MAX_SERVE_BYTES ) {
            throw new SpecialUploadStashTooLargeException(
                $this->msg( 'uploadstash-file-too-large', self::MAX_SERVE_BYTES )
            );
        }
        // Cancel output buffering and gzipping if set
        wfResetOutputBuffers();
        self::outputFileHeaders( $contentType, $size );
        print $content;
    }
 
    private static function outputFileHeaders( $contentType, $size ) {
        header( "Content-Type: $contentType", true );
        header( 'Content-Transfer-Encoding: binary', true );
        header( 'Expires: Sun, 17-Jan-2038 19:14:07 GMT', true );
        // T55032 - It shouldn't be a problem here, but let's be safe and not cache
        header( 'Cache-Control: private' );
        header( "Content-Length: $size", true );
    }
 
    private function showUploads() {
        // sets the title, etc.
        $this->setHeaders();
        $this->outputHeader();
 
        // create the form, which will also be used to execute a callback to process incoming form data
        // this design is extremely dubious, but supposedly HTMLForm is our standard now?
 
        $context = new DerivativeContext( $this->getContext() );
        $context->setTitle( $this->getPageTitle() ); // Remove subpage
        $form = HTMLForm::factory( 'ooui', [
            'Clear' => [
                'type' => 'hidden',
                'default' => true,
                'name' => 'clear',
            ]
        ], $context, 'clearStashedUploads' );
        $form->setSubmitDestructive();
        $form->setSubmitCallback( function ( $formData, $form ) {
            if ( isset( $formData['Clear'] ) ) {
                wfDebug( 'stash has: ' . print_r( $this->stash->listFiles(), true ) );
 
                if ( !$this->stash->clear() ) {
                    return Status::newFatal( 'uploadstash-errclear' );
                }
            }
 
            return Status::newGood();
        } );
        $form->setSubmitTextMsg( 'uploadstash-clear' );
 
        $form->prepareForm();
        $formResult = $form->tryAuthorizedSubmit();
 
        // show the files + form, if there are any, or just say there are none
        $refreshHtml = Html::element( 'a',
            [ 'href' => $this->getPageTitle()->getLocalURL() ],
            $this->msg( 'uploadstash-refresh' )->text() );
        $files = $this->stash->listFiles();
        if ( $files && count( $files ) ) {
            sort( $files );
            $fileListItemsHtml = '';
            $linkRenderer = $this->getLinkRenderer();
            foreach ( $files as $file ) {
                $itemHtml = $linkRenderer->makeKnownLink(
                    $this->getPageTitle( "file/$file" ),
                    $file
                );
                try {
                    $fileObj = $this->stash->getFile( $file );
                    $thumb = $fileObj->generateThumbName( $file, [ 'width' => 220 ] );
                    $itemHtml .=
                        $this->msg( 'word-separator' )->escaped() .
                        $this->msg( 'parentheses' )->rawParams(
                            $linkRenderer->makeKnownLink(
                                $this->getPageTitle( "thumb/$file/$thumb" ),
                                $this->msg( 'uploadstash-thumbnail' )->text()
                            )
                        )->escaped();
                } catch ( Exception $e ) {
                }
                $fileListItemsHtml .= Html::rawElement( 'li', [], $itemHtml );
            }
            $this->getOutput()->addHTML( Html::rawElement( 'ul', [], $fileListItemsHtml ) );
            $form->displayForm( $formResult );
            $this->getOutput()->addHTML( Html::rawElement( 'p', [], $refreshHtml ) );
        } else {
            $this->getOutput()->addHTML( Html::rawElement( 'p', [],
                Html::element( 'span', [], $this->msg( 'uploadstash-nofiles' )->text() )
                . ' '
                . $refreshHtml
            ) );
        }
    }
}