-
Notifications
You must be signed in to change notification settings - Fork 5
/
dgi_fixity.module
349 lines (320 loc) · 12.8 KB
/
dgi_fixity.module
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
<?php
/**
* @file
* General hook implementations.
*/
use Drupal\Core\Cache\Cache;
use Drupal\Core\Config\FileStorage;
use Drupal\Core\Config\InstallStorage;
use Drupal\Core\Config\StorageInterface;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\Field\WidgetInterface;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Mail\MailFormatHelper;
use Drupal\Core\Render\Element;
use Drupal\Core\Routing\RouteMatchInterface;
use Drupal\Core\Url;
use Drupal\dgi_fixity\FixityCheckServiceInterface;
use Drupal\dgi_fixity\Form\SettingsForm;
use Drupal\file\Plugin\Field\FieldWidget\FileWidget;
use Drupal\user\Entity\User;
/**
* Implements hook_modules_installed().
*/
function dgi_fixity_modules_installed($modules) {
// Install optional configuration for islandora / action.
// This section is only entered when this module is installed prior to either
// of these optional dependencies installation.
// In particular the optional view:
// - views.view.fixity_check_source_islandora
// Which requires the following fields:
// - field.storage.media.field_media_use
// - field.storage.taxonomy_term.field_external_uri
// Which are typically provided by `islandora_core_feature`.
// All other optional configuration is for the `action` module.
if (in_array('islandora_core_feature', $modules) || in_array('action', $modules)) {
$optional_install_path = \Drupal::moduleHandler()
->getModule('dgi_fixity')
->getPath() . '/' . InstallStorage::CONFIG_OPTIONAL_DIRECTORY;
/** @var \Drupal\Core\Config\ConfigInstallerInterface $config_installer */
$config_installer = \Drupal::service('config.installer');
$storage = new FileStorage($optional_install_path, StorageInterface::DEFAULT_COLLECTION);
// This will not overwrite the existing optional configuration if already
// installed.
$config_installer->installOptionalConfig($storage);
}
}
/**
* Implements hook_mail().
*/
function dgi_fixity_mail($key, &$message, $params) {
switch ($key) {
case 'notify':
$config = \Drupal::config(SettingsForm::CONFIG_NAME);
$last = \Drupal::state()->get(SettingsForm::STATE_LAST_NOTIFICATION);
if ($last !== NULL) {
// If enough time has not elapsed since the last notification do not
// send again.
$threshold = strtotime($config->get(SettingsForm::NOTIFY_USER_THRESHOLD));
if ($last > $threshold) {
$message['send'] = FALSE;
return;
}
}
// Check if the configuration has enabled notifications.
$notify_status = $config->get(SettingsForm::NOTIFY_STATUS);
if ($notify_status === SettingsForm::NOTIFY_STATUS_NEVER) {
$message['send'] = FALSE;
return;
}
/** @var \Drupal\dgi_fixity\FixityCheckServiceInterface $fixity */
$fixity = \Drupal::service('dgi_fixity.fixity_check');
$stats = $fixity->stats();
// Only notify if an error has occurred.
if ($notify_status == SettingsForm::NOTIFY_STATUS_ERROR && $stats['failed'] === FALSE) {
$message['send'] = FALSE;
return;
}
$options = ['langcode' => $message['langcode']];
$now = \Drupal::time()->getRequestTime();
$subject = \t('Fixity Check Report - @now', ['@now' => date(DATE_RFC7231, $now)], $options)->render();
$body = $fixity->summary($stats, $options);
if ($stats['failed'] !== 0) {
$body[] = \t(
'There are failed checks which require your attention please review the current state of checks <a href="@site">here</a>.',
['@site' => Url::fromRoute('entity.fixity_check.collection', [], ['absolute' => TRUE])->toString()],
$options
)->render();
}
$message['subject'] = $subject;
foreach ($body as $line) {
$message['body'][] = MailFormatHelper::htmlToText($line);
}
// Track when the last message was sent.
\Drupal::state()->set(SettingsForm::STATE_LAST_NOTIFICATION, $now);
break;
}
}
/**
* Implements hook_cron().
*/
function dgi_fixity_cron() {
$queued = \Drupal::time()->getRequestTime();
$settings = \Drupal::config(SettingsForm::CONFIG_NAME);
$threshold = strtotime($settings->get(SettingsForm::THRESHOLD));
$sources = $settings->get(SettingsForm::SOURCES);
// Update enabled periodic checks.
$queue = \Drupal::queue('dgi_fixity.process_source');
foreach ($sources as $source) {
// It safe to have queue processing a source multiple times,
// they will steal work from each other but will not conflict.
$queue->createItem($source);
}
/** @var \Drupal\dgi_fixity\FixityCheckStorageInterface $storage */
$storage = \Drupal::entityTypeManager()->getStorage('fixity_check');
// Queue items that exceed the current threshold.
$storage->queue($queued, $threshold, 100);
// Dequeued items after 6 hours assuming the check has failed.
// They will be re-queued if appropriate on the next cron run.
$storage->dequeue($queued - (3600 * 6));
// Send notification if appropriate.
$uid = $settings->get(SettingsForm::NOTIFY_USER);
$user = User::load($uid);
if ($user) {
\Drupal::service('plugin.manager.mail')->mail('dgi_fixity', 'notify', $user->getEmail(), $user->getPreferredLangcode(TRUE));
}
}
/**
* Implements hook_entity_type_alter().
*/
function dgi_fixity_entity_type_alter(array &$entity_types) {
// XXX: Cannot reference dgi_fixity.fixity_check:fromEntityTypes() due to
// circular dependencies, as dgi_fixity.fixity_check makes use of the
// entity_type.manager that we are in the middle of trying to build.
foreach (FixityCheckServiceInterface::ENTITY_TYPES as $entity_type_id) {
$entity_type = &$entity_types[$entity_type_id];
$entity_type->setLinkTemplate('fixity-audit', "/fixity/$entity_type_id/{{$entity_type_id}}");
$entity_type->setLinkTemplate('fixity-check', "/fixity/$entity_type_id/{{$entity_type_id}}/check");
$entity_type->setFormClass('fixity-check', 'Drupal\dgi_fixity\Form\CheckForm');
}
unset($entity_type);
}
/**
* Implements hook_entity_operation().
*/
function dgi_fixity_entity_operation(EntityInterface $entity) {
$current_user = \Drupal::service('current_user');
$operations = [];
if ($entity->hasLinkTemplate('fixity-audit') && $current_user->hasPermission('view fixity checks')) {
$operations['fixity-audit'] = [
'title' => \t('Audit'),
'weight' => 10,
'url' => $entity->toUrl('fixity-audit'),
];
if ($entity->hasLinkTemplate('fixity-check') && $current_user->hasPermission('administer fixity checks')) {
$operations['fixity-check'] = [
'title' => \t('Check'),
'weight' => 13,
'url' => $entity->toUrl('fixity-check', ['query' => \Drupal::service('redirect.destination')->getAsArray()]),
];
}
}
return $operations;
}
/**
* Implements hook_ENTITY_TYPE_insert().
*/
function dgi_fixity_file_insert(EntityInterface $entity) {
// Make sure the fixity_check table contains a row for every file.
\Drupal::entityTypeManager()
->getStorage('fixity_check')
->create([
'file' => $entity->id(),
])
->save();
}
/**
* Implements hook_ENTITY_TYPE_delete().
*/
function dgi_fixity_file_delete(EntityInterface $entity) {
/** @var \Drupal\dgi_fixity\FixityCheckStorageInterface $storage */
$storage = \Drupal::entityTypeManager()->getStorage('fixity_check');
$checks = $storage->loadByProperties([
'file' => $entity->id(),
]);
// Remove checks for non-existent files.
$storage->delete($checks);
}
/**
* Implements hook_ENTITY_TYPE_revision_create().
*/
function dgi_fixity_fixity_check_revision_create(EntityInterface $entity) {
/** @var \Drupal\dgi_fixity\FixityCheckInterface $entity*/
Cache::invalidateTags($entity->getAuditCacheTags());
}
/**
* Implements hook_ENTITY_TYPE_revision_delete().
*/
function dgi_fixity_fixity_check_revision_delete(EntityInterface $entity) {
/** @var \Drupal\dgi_fixity\FixityCheckInterface $entity*/
Cache::invalidateTags($entity->getAuditCacheTags());
}
/**
* Implements hook_help().
*/
function dgi_fixity_help($route_name, RouteMatchInterface $route_match) {
switch ($route_name) {
case 'help.page.dgi_fixity':
case 'dgi_fixity.settings':
$output = array_fill(0, 2, ['#type' => 'html_tag', '#tag' => 'p']);
$output[0]['#value'] = \t(
'The Fixity module validates selected files by generating hashes and comparing it against stored values produced by the <a href="@file_hash">File Hash module</a> for selected files uploaded to the site.',
['@file_hash' => URL::fromRoute('help.page', ['name' => 'filehash'])->toString()],
);
return $output;
}
}
/**
* Gets dgi_fixity file widget settings.
*/
function _dgi_fixity_file_widget_validate_settings(FileWidget $plugin) {
return [
'validate' => $plugin->getThirdPartySetting('dgi_fixity', 'validate', FALSE),
'validate_require' => $plugin->getThirdPartySetting('dgi_fixity', 'validate_require', FALSE),
];
}
/**
* Implements hook_field_widget_third_party_settings_form().
*/
function dgi_fixity_field_widget_third_party_settings_form(WidgetInterface $plugin, FieldDefinitionInterface $field_definition, $form_mode, $form, FormStateInterface $form_state) {
$element = [];
if ($plugin instanceof FileWidget) {
$settings = _dgi_fixity_file_widget_validate_settings($plugin);
$element['validate'] = [
'#type' => 'checkbox',
'#title' => \t('Show Validate Upload Elements'),
'#description' => \t('Displays a field for each enabled <em>filehash</em> algorithm, allowing the user to validate the uploaded file(s).'),
'#default_value' => $settings['validate'],
];
$element['validate_require'] = [
'#type' => 'checkbox',
'#title' => \t('Require Checksums'),
'#description' => \t('User is prevented from submitting the form unless all enabled <em>filehash</em> algorithms match the user provided values.'),
'#default_value' => $settings['validate_require'],
'#states' => [
'visible' => [
":input[name=\"fields[{$field_definition->getName()}][settings_edit_form][third_party_settings][dgi_fixity][validate]\"]" => ['checked' => TRUE],
],
],
];
}
return $element;
}
/**
* Implements hook_field_widget_single_element_form_alter().
*/
function dgi_fixity_field_widget_single_element_form_alter(&$element, FormStateInterface $form_state, $context) {
// Set a message if this is for the form displayed to set default value for
// the field.
$plugin = $context['widget'] ?? NULL;
if ($plugin instanceof FileWidget) {
$settings = _dgi_fixity_file_widget_validate_settings($plugin);
if ($settings['validate']) {
/** @var \Drupal\filehash\FileHashInterface $filehash */
$filehash = \Drupal::service('filehash');
$labels = $filehash->labels();
$descriptions = $filehash->descriptions();
$element['#process'][] = '_dgi_fixity_file_widget_process';
$element['#element_validate'][] = '_dgi_fixity_file_widget_validate';
$element['algorithms'] = [
'#title' => \t('Validate Upload'),
'#type' => 'details',
'#weight' => 100,
];
foreach ($filehash->columns() as $column) {
$element['algorithms'][$column] = [
'#type' => 'textfield',
'#title' => $labels[$column],
'#description' => $descriptions[$column],
'#column' => $column,
'#required' => $settings['validate_require'],
];
}
}
}
}
/**
* Sets default values for checksums if none provided.
*
* Done in the process step as the FileWidget process step is responsible for
* loading the file entity from which the default is derived.
*/
function _dgi_fixity_file_widget_process(&$element, FormStateInterface $form_state, &$complete_form) {
$file = reset($element['#files']);
$element['algorithms']['#access'] = $file != FALSE;
foreach (Element::children($element['algorithms']) as $column) {
$default_value = $element['#value']['algorithms'][$column] ?? $file->{$column}->value ?? NULL;
$element['algorithms'][$column]['#default_value'] = $default_value;
}
return $element;
}
/**
* Validate user provided value against the value calculated by filehash.
*/
function _dgi_fixity_file_widget_validate($element, FormStateInterface $form_state) {
$file = reset($element['#files']);
foreach (Element::children($element['algorithms']) as $column) {
$algorithm = &$element['algorithms'][$column];
$provided = $algorithm['#value'];
$expected = $file->{$column}->value;
// If not required and no value given skip validation.
$ignore = !$algorithm['#required'] && empty($provided);
if (!$ignore && $provided !== $expected) {
$form_state->setError($algorithm, \t(
'Provided value "@provided" did not match expected value "@expected".',
['@provided' => $provided, '@expected' => $expected]
));
}
}
}