1<?php
2/*
3 * Plugin to embed bpmn-js based viewer and modeler to website.
4 * CAUTION: This plugin requires you to add the mime type "bpmn" to your mime.local.conf file.
5 * The added line should look like this:
6 * "bpmn    !application/xml"
7 *  @author peterfromearth <coder@peterfromearth>
8 */
9
10
11class action_plugin_bpmnioeditor_bpmnioeditor extends DokuWiki_Action_Plugin {
12
13    function register(Doku_Event_Handler $controller)
14    {
15        // methods required for the diagram
16        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'ajax_save');
17        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'ajax_checkPermissions');
18
19        // methods required for the Toolbar
20        $controller->register_hook('TOOLBAR_DEFINE', 'AFTER', $this, 'addElementToToolbar', array());
21    }
22
23    function handle_internalmedia(Doku_Event $event, $param) {
24		$data = $event->data;
25		$data['link']['class'] = '';
26
27        return;
28    }
29
30
31/* Begin of toolbar section */
32
33    public function addElementToToolbar(Doku_Event $event, $param){
34        $event->data[] = array(
35          'type'=>'format',
36          'title'=>$this->getLang('toolbar_name'),
37          'icon'=>'../../plugins/bpmnioeditor/images/bpmn-file.png',
38          'name'=>'bpmn_directory_chooser',
39          'open'=>'{{',
40          'close'=>'.bpmn}}',
41          'block'=>'false',
42        );
43    }
44
45
46/* End of toolbar section */
47
48    public function ajax_checkPermissions(Doku_Event $event, $param){
49        if($event->data !== 'bpmnio_permission'){
50            return;
51        }
52        $event->stopPropagation();
53        $event->preventDefault();
54
55        $result = $this->_checkFilePermissions();
56
57        echo json_encode(['access'=>$result]);
58    }
59
60    public function ajax_save(Doku_Event $event, $param){
61        if($event->data !== 'bpmnio_editor'){
62            return;
63        }
64
65        $event->stopPropagation();
66        $event->preventDefault();
67
68        $result = [];
69        if($this->_checkFilePermissions(true)){
70
71            $this->_saveProcess();
72            $result['success'] = true;
73        } else {
74            $result['success'] = false;
75        }
76
77        echo json_encode($result);
78    }
79
80    protected function _checkFilePermissions($secure = false){
81        global $INPUT;
82
83        if($this->getConf('treat_as_pages') == 1){
84            $authLookup = array(
85                    'view'=>AUTH_READ,
86                    'edit'=>AUTH_EDIT,
87                    'create'=>AUTH_CREATE,
88            );
89        } else {
90            $authLookup = array(
91                    'view'=>AUTH_READ,
92                    'edit'=>AUTH_DELETE,
93                    'create'=>AUTH_UPLOAD,
94            );
95        }
96
97        $result = false;
98
99        if($secure){
100            //part to be requested for saving
101            if(file_exists(mediaFN($INPUT->str('name')))){
102                $checkFor = $authLookup['edit'];
103            } else {
104                $checkFor = $authLookup['create'];
105            }
106
107            if(strlen($INPUT->str('name')) > 0){
108                if(auth_quickaclcheck(cleanID(substr($INPUT->str('name'), 0, -5))) >= $checkFor){
109                    $result = true;
110                }
111            }
112        } else {
113            //part for non critical requests
114            if(strlen($INPUT->str('name')) > 0 && strlen($INPUT->str('type')) > 0 && array_key_exists($INPUT->str('type'), $authLookup)){
115                if(auth_quickaclcheck(cleanID(substr($INPUT->str('name'), 0, -5))) >= $authLookup[$INPUT->str('type')]){
116                    $result = true;
117                }
118            }
119        }
120        return $result;
121    }
122
123    protected function _saveProcess(){
124        global $INPUT;
125        global $conf;
126        global $ID;
127        $ID = cleanID($INPUT->str('name'));
128
129        $tmpFilename = uniqid($ID);
130        $tmpFilename = str_replace(':', '_', $tmpFilename);
131
132        file_put_contents($conf['tmpdir'].'/'.$tmpFilename, $INPUT->str('newXML'));
133
134        $newFile = [
135            'name' => $INPUT->str('name'),
136            'id' => $ID,
137            'type' => 'application/xml',
138            'tmp_name' => $conf['tmpdir'].'/'.$tmpFilename,
139            'error' => UPLOAD_ERR_OK,
140            'size' => filesize($conf['tmpdir'].'/'.$tmpFilename),
141            'mime' => 'application/xml',
142            'ext' => 'bpmn'
143       ];
144
145        //the rename parameter is used to trick the move_uploaded_file" call
146        $result = media_upload_finish($newFile['tmp_name'], mediaFN($newFile['id']), $newFile['id'], $newFile['mime'], true, 'rename');
147
148        @unlink($newFile['tmp_name']);
149    }
150}
151