xref: /plugin/diagrams/action/embed.php (revision 50c16f31eb7272ab441eb721895b0830622db302) 
1<?php
2
3use dokuwiki\plugin\diagrams\Diagrams;
4
5/**
6 * DokuWiki Plugin diagrams (Action Component)
7 *
8 * This handles loading and saving embedded diagrams
9 *
10 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
11 * @author  Innovakom + CosmoCode <dokuwiki@cosmocode.de>
12 */
13class action_plugin_diagrams_embed extends \dokuwiki\Extension\ActionPlugin
14{
15    /** @var helper_plugin_diagrams */
16    protected $helper;
17
18    /** @inheritDoc */
19    public function register(Doku_Event_Handler $controller)
20    {
21        // only register if embed mode is enabled
22        if (!($this->getConf('mode') & Diagrams::MODE_EMBED)) return;
23
24        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleLoad');
25        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handleSave');
26
27        $this->helper = plugin_load('helper', 'diagrams');
28    }
29
30    /**
31     * Load the SVG for an embedded diagram
32     *
33     * This locks the page for editing
34     *
35     * @param Doku_Event $event Event object AJAX_CALL_UNKNOWN
36     */
37    public function handleLoad(Doku_Event $event)
38    {
39        if ($event->data !== 'plugin_diagrams_embed_load') return;
40        $event->preventDefault();
41        $event->stopPropagation();
42
43        global $INPUT;
44
45        $id = $INPUT->str('id');
46        $pos = $INPUT->int('pos');
47        $len = $INPUT->int('len');
48
49        if (auth_quickaclcheck($id) < AUTH_READ) { // FIXME should we check for EDIT perms on read as well?
50            http_status(403);
51            return;
52        }
53
54        if (!page_exists($id)) {
55            http_status(404);
56            return;
57        }
58
59        if (checklock($id)) {
60            http_status(423, 'Page Locked');
61            return;
62        }
63
64        $svg = rawWiki($id);
65        if (!$this->helper->isDiagram($svg)) {
66            http_status(400);
67            return;
68        }
69
70        lock($id); // FIXME we probably need some periodic lock renewal while editing?
71        header('Content-Type: image/svg+xml');
72        echo substr($svg, $pos, $len);
73    }
74
75    /**
76     * Save a new embedded diagram
77     *
78     * @param Doku_Event $event AJAX_CALL_UNKNOWN
79     */
80    public function handleSave(Doku_Event $event)
81    {
82        if ($event->data !== 'plugin_diagrams_embed_save') return;
83        $event->preventDefault();
84        $event->stopPropagation();
85
86        global $INPUT;
87
88        $id = $INPUT->str('id');
89        $svg = $INPUT->str('svg');
90        $pos = $INPUT->int('pos');
91        $len = $INPUT->int('len');
92
93
94        if (auth_quickaclcheck($id) < AUTH_EDIT) {
95            http_status(403);
96            return;
97        }
98
99        if (!page_exists($id)) {
100            http_status(404);
101            return;
102        }
103
104        if (!checkSecurityToken()) {
105            http_status(403);
106            return;
107        }
108
109        if (empty($svg) || substr($svg, 0, 4) !== '<svg') {
110            http_status(400);
111            return;
112        }
113
114        if (!$this->helper->isDiagram($svg)) {
115            http_status(400);
116            return;
117        }
118
119        $original = rawWiki($id);
120        $new = substr($original, 0, $pos) . $svg . substr($original, $pos + $len);
121        saveWikiText($id, $new, $this->getLang('embedSaveSummary'));
122        unlock($id);
123        echo 'OK';
124    }
125
126}
127
128