authorize.php 6.45 KB
Newer Older
1 2 3 4
<?php

/**
 * @file
5 6
 * Administrative script for running authorized file operations.
 *
7 8 9 10 11 12 13 14 15 16
 * Using this script, the site owner (the user actually owning the files on the
 * webserver) can authorize certain file-related operations to proceed with
 * elevated privileges, for example to deploy and upgrade modules or themes.
 * Users should not visit this page directly, but instead use an administrative
 * user interface which knows how to redirect the user to this script as part of
 * a multistep process. This script actually performs the selected operations
 * without loading all of Drupal, to be able to more gracefully recover from
 * errors. Access to the script is controlled by a global killswitch in
 * settings.php ('allow_authorize_operations') and via the 'administer software
 * updates' permission.
17
 *
18 19 20
 * There are helper functions for setting up an operation to run via this
 * system in modules/system/system.module. For more information, see:
 * @link authorize Authorized operation helper functions @endlink
21 22 23
 */

/**
24
 * Defines the root directory of the Drupal installation.
25 26 27 28
 */
define('DRUPAL_ROOT', getcwd());

/**
29 30 31 32 33 34
 * Global flag to identify update.php and authorize.php runs.
 *
 * Identifies update.php and authorize.php runs, avoiding unwanted operations
 * such as hook_init() and hook_exit() invokes, css/js preprocessing and
 * translation, and solves some theming issues. The flag is checked in other
 * places in Drupal code (not just authorize.php).
35 36 37 38
 */
define('MAINTENANCE_MODE', 'update');

/**
39
 * Renders a 403 access denied page for authorize.php.
40 41
 */
function authorize_access_denied_page() {
42
  drupal_add_http_header('Status', '403 Forbidden');
43 44
  watchdog('access denied', 'authorize.php', NULL, WATCHDOG_WARNING);
  drupal_set_title('Access denied');
45
  return t('You are not allowed to access this page.');
46 47 48
}

/**
49
 * Determines if the current user is allowed to run authorize.php.
50 51 52 53 54
 *
 * The killswitch in settings.php overrides all else, otherwise, the user must
 * have access to the 'administer software updates' permission.
 *
 * @return
55
 *   TRUE if the current user can run authorize.php, and FALSE if not.
56 57 58 59 60 61 62 63 64 65 66
 */
function authorize_access_allowed() {
  return variable_get('allow_authorize_operations', TRUE) && user_access('administer software updates');
}

// *** Real work of the script begins here. ***

require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
require_once DRUPAL_ROOT . '/includes/common.inc';
require_once DRUPAL_ROOT . '/includes/file.inc';
require_once DRUPAL_ROOT . '/includes/module.inc';
67
require_once DRUPAL_ROOT . '/includes/ajax.inc';
68 69 70 71 72 73 74 75 76

// We prepare only a minimal bootstrap. This includes the database and
// variables, however, so we have access to the class autoloader registry.
drupal_bootstrap(DRUPAL_BOOTSTRAP_SESSION);

// This must go after drupal_bootstrap(), which unsets globals!
global $conf;

// We have to enable the user and system modules, even to check access and
77
// display errors via the maintenance theme.
78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102
$module_list['system']['filename'] = 'modules/system/system.module';
$module_list['user']['filename'] = 'modules/user/user.module';
module_list(TRUE, FALSE, FALSE, $module_list);
drupal_load('module', 'system');
drupal_load('module', 'user');

// We also want to have the language system available, but we do *NOT* want to
// actually call drupal_bootstrap(DRUPAL_BOOTSTRAP_LANGUAGE), since that would
// also force us through the DRUPAL_BOOTSTRAP_PAGE_HEADER phase, which loads
// all the modules, and that's exactly what we're trying to avoid.
drupal_language_initialize();

// Initialize the maintenance theme for this administrative script.
drupal_maintenance_theme();

$output = '';
$show_messages = TRUE;

if (authorize_access_allowed()) {
  // Load both the Form API and Batch API.
  require_once DRUPAL_ROOT . '/includes/form.inc';
  require_once DRUPAL_ROOT . '/includes/batch.inc';
  // Load the code that drives the authorize process.
  require_once DRUPAL_ROOT . '/includes/authorize.inc';

103 104 105 106 107 108 109 110 111 112
  // For the sake of Batch API and a few other low-level functions, we need to
  // initialize the URL path into $_GET['q']. However, we do not want to raise
  // our bootstrap level, nor do we want to call drupal_initialize_path(),
  // since that is assuming that modules are loaded and invoking hooks.
  // However, all we really care is if we're in the middle of a batch, in which
  // case $_GET['q'] will already be set, we just initialize it to an empty
  // string if it's not already defined.
  if (!isset($_GET['q'])) {
    $_GET['q'] = '';
  }
113 114

  if (isset($_SESSION['authorize_operation']['page_title'])) {
115
    drupal_set_title($_SESSION['authorize_operation']['page_title']);
116 117 118 119 120 121 122 123 124 125 126
  }
  else {
    drupal_set_title(t('Authorize file system changes'));
  }

  // See if we've run the operation and need to display a report.
  if (isset($_SESSION['authorize_results']) && $results = $_SESSION['authorize_results']) {

    // Clear the session out.
    unset($_SESSION['authorize_results']);
    unset($_SESSION['authorize_operation']);
127
    unset($_SESSION['authorize_filetransfer_info']);
128 129

    if (!empty($results['page_title'])) {
130
      drupal_set_title($results['page_title']);
131 132 133 134 135 136
    }
    if (!empty($results['page_message'])) {
      drupal_set_message($results['page_message']['message'], $results['page_message']['type']);
    }

    $output = theme('authorize_report', array('messages' => $results['messages']));
137

138 139 140 141
    $links = array();
    if (is_array($results['tasks'])) {
      $links += $results['tasks'];
    }
142 143 144 145 146 147
    else {
      $links = array_merge($links, array(
        l(t('Administration pages'), 'admin'),
        l(t('Front page'), '<front>'),
      ));
    }
148

149
    $output .= theme('item_list', array('items' => $links, 'title' => t('Next steps')));
150 151 152 153 154 155
  }
  // If a batch is running, let it run.
  elseif (isset($_GET['batch'])) {
    $output = _batch_page();
  }
  else {
156
    if (empty($_SESSION['authorize_operation']) || empty($_SESSION['authorize_filetransfer_info'])) {
157
      $output = t('It appears you have reached this page in error.');
158 159 160
    }
    elseif (!$batch = batch_get()) {
      // We have a batch to process, show the filetransfer form.
161 162
      $elements = drupal_get_form('authorize_filetransfer_form');
      $output = drupal_render($elements);
163 164 165 166 167 168 169 170 171 172 173 174
    }
  }
  // We defer the display of messages until all operations are done.
  $show_messages = !(($batch = batch_get()) && isset($batch['running']));
}
else {
  $output = authorize_access_denied_page();
}

if (!empty($output)) {
  print theme('update_page', array('content' => $output, 'show_messages' => $show_messages));
}