CKEditor5ImageController.php
Same filename and directory in other branches
Namespace
Drupal\ckeditor5\ControllerFile
-
core/
modules/ ckeditor5/ src/ Controller/ CKEditor5ImageController.php
View source
<?php
declare (strict_types=1);
namespace Drupal\ckeditor5\Controller;
use Drupal\Component\Utility\Bytes;
use Drupal\Component\Utility\Crypt;
use Drupal\Component\Utility\Environment;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Controller\ControllerBase;
use Drupal\Core\File\Exception\FileException;
use Drupal\Core\File\FileSystemInterface;
use Drupal\Core\Lock\LockBackendInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\editor\Entity\Editor;
use Drupal\file\Upload\FileUploadHandler;
use Drupal\file\Upload\FormUploadedFile;
use Drupal\file\Validation\FileValidatorInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\HttpException;
use Symfony\Component\HttpKernel\Exception\UnprocessableEntityHttpException;
use Symfony\Component\Lock\Exception\LockAcquiringException;
use Symfony\Component\Mime\MimeTypeGuesserInterface;
use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
/**
* Returns response for CKEditor 5 Simple image upload adapter.
*
* @internal
* Controller classes are internal.
*/
class CKEditor5ImageController extends ControllerBase {
/**
* The default allowed image extensions.
*/
const DEFAULT_IMAGE_EXTENSIONS = 'gif png jpg jpeg';
/**
* The file system service.
*/
protected FileSystemInterface $fileSystem;
/**
* The lock.
*/
protected LockBackendInterface $lock;
/**
* The file upload handler.
*/
protected FileUploadHandler $fileUploadHandler;
/**
* Constructs a new CKEditor5ImageController.
*
* @param \Drupal\Core\File\FileSystemInterface $fileSystem
* The file upload handler.
* @param \Drupal\Core\Session\AccountInterface|\Drupal\file\Upload\FileUploadHandler $fileUploadHandler
* The currently authenticated user.
* @param \Symfony\Component\Mime\MimeTypeGuesserInterface|\Drupal\Core\Lock\LockBackendInterface $mime_type_guesser
* The MIME type guesser.
* @param \Drupal\Core\Lock\LockBackendInterface|null $lock
* The lock service.
* @param \Symfony\Contracts\EventDispatcher\EventDispatcherInterface|null $event_dispatcher
* The event dispatcher.
* @param \Drupal\file\Validation\FileValidatorInterface|null $file_validator
* The file validator.
*/
public function __construct(FileSystemInterface $fileSystem, AccountInterface|FileUploadHandler $fileUploadHandler, MimeTypeGuesserInterface|LockBackendInterface $mime_type_guesser, LockBackendInterface $lock = NULL, EventDispatcherInterface $event_dispatcher = NULL, FileValidatorInterface $file_validator = NULL) {
$this->fileSystem = $fileSystem;
if ($fileUploadHandler instanceof AccountInterface) {
@trigger_error('Calling ' . __METHOD__ . '() with the $current_user argument is deprecated in drupal:10.3.0 and is removed from drupal:11.0.0. See https://www.drupal.org/node/3388990', E_USER_DEPRECATED);
$fileUploadHandler = \Drupal::service('file.upload_handler');
}
$this->fileUploadHandler = $fileUploadHandler;
if ($mime_type_guesser instanceof MimeTypeGuesserInterface) {
@trigger_error('Calling ' . __METHOD__ . '() with the $mime_type_guesser argument is deprecated in drupal:10.3.0 and is replaced with $lock from drupal:11.0.0. See https://www.drupal.org/node/3388990', E_USER_DEPRECATED);
$mime_type_guesser = \Drupal::service('lock');
}
$this->lock = $mime_type_guesser;
if ($lock) {
@trigger_error('Calling ' . __METHOD__ . '() with the $lock argument in position 4 is deprecated in drupal:10.3.0 and is removed from drupal:11.0.0. See https://www.drupal.org/node/3388990', E_USER_DEPRECATED);
}
if ($event_dispatcher) {
@trigger_error('Calling ' . __METHOD__ . '() with the $event_dispatcher argument is deprecated in drupal:10.3.0 and is removed from drupal:11.0.0. See https://www.drupal.org/node/3388990', E_USER_DEPRECATED);
}
if ($file_validator) {
@trigger_error('Calling ' . __METHOD__ . '() with the $file_validator argument is deprecated in drupal:10.3.0 and is removed from drupal:11.0.0. See https://www.drupal.org/node/3388990', E_USER_DEPRECATED);
}
}
/**
* {@inheritdoc}
*/
public static function create(ContainerInterface $container) {
return new static($container->get('file_system'), $container->get('file.upload_handler'), $container->get('lock'));
}
/**
* Uploads and saves an image from a CKEditor 5 POST.
*
* @param \Symfony\Component\HttpFoundation\Request $request
* The current request object.
*
* @return \Symfony\Component\HttpFoundation\JsonResponse
* A JSON object including the file URL.
*
* @throws \Symfony\Component\HttpKernel\Exception\HttpException
* Thrown when file system errors occur.
* @throws \Symfony\Component\HttpKernel\Exception\UnprocessableEntityHttpException
* Thrown when validation errors occur.
*/
public function upload(Request $request) : Response {
// Getting the UploadedFile directly from the request.
/** @var \Symfony\Component\HttpFoundation\File\UploadedFile $upload */
$upload = $request->files
->get('upload');
$filename = $upload->getClientOriginalName();
/** @var \Drupal\editor\EditorInterface $editor */
$editor = $request->attributes
->get('editor');
$settings = $editor->getImageUploadSettings();
$destination = $settings['scheme'] . '://' . $settings['directory'];
// Check the destination file path is writable.
if (!$this->fileSystem
->prepareDirectory($destination, FileSystemInterface::CREATE_DIRECTORY)) {
throw new HttpException(500, 'Destination file path is not writable');
}
$validators = $this->getImageUploadValidators($settings);
$file_uri = "{$destination}/{$filename}";
$file_uri = $this->fileSystem
->getDestinationFilename($file_uri, FileSystemInterface::EXISTS_RENAME);
// Lock based on the prepared file URI.
$lock_id = $this->generateLockIdFromFileUri($file_uri);
if (!$this->lock
->acquire($lock_id)) {
throw new HttpException(503, sprintf('File "%s" is already locked for writing.', $file_uri), NULL, [
'Retry-After' => 1,
]);
}
try {
$uploadedFile = new FormUploadedFile($upload);
$uploadResult = $this->fileUploadHandler
->handleFileUpload($uploadedFile, $validators, $destination, FileSystemInterface::EXISTS_RENAME, FALSE);
if ($uploadResult->hasViolations()) {
throw new UnprocessableEntityHttpException((string) $uploadResult->getViolations());
}
} catch (FileException $e) {
throw new HttpException(500, 'File could not be saved');
} catch (LockAcquiringException $e) {
throw new HttpException(503, sprintf('File "%s" is already locked for writing.', $upload->getClientOriginalName()), NULL, [
'Retry-After' => 1,
]);
}
$this->lock
->release($lock_id);
$file = $uploadResult->getFile();
return new JsonResponse([
'url' => $file->createFileUrl(),
'uuid' => $file->uuid(),
'entity_type' => $file->getEntityTypeId(),
], 201);
}
/**
* Gets the image upload validators.
*/
protected function getImageUploadValidators(array $settings) : array {
$max_filesize = $settings['max_size'] ? Bytes::toNumber($settings['max_size']) : Environment::getUploadMaxSize();
$max_dimensions = 0;
if (!empty($settings['max_dimensions']['width']) || !empty($settings['max_dimensions']['height'])) {
$max_dimensions = $settings['max_dimensions']['width'] . 'x' . $settings['max_dimensions']['height'];
}
return [
'FileExtension' => [
'extensions' => self::DEFAULT_IMAGE_EXTENSIONS,
],
'FileSizeLimit' => [
'fileLimit' => $max_filesize,
],
'FileImageDimensions' => [
'maxDimensions' => $max_dimensions,
],
];
}
/**
* Access check based on whether image upload is enabled or not.
*
* @param \Drupal\editor\Entity\Editor $editor
* The text editor for which an image upload is occurring.
*
* @return \Drupal\Core\Access\AccessResultInterface
* The access result.
*/
public function imageUploadEnabledAccess(Editor $editor) {
if ($editor->getEditor() !== 'ckeditor5') {
return AccessResult::forbidden();
}
if ($editor->getImageUploadSettings()['status'] !== TRUE) {
return AccessResult::forbidden();
}
return AccessResult::allowed();
}
/**
* Generates a lock ID based on the file URI.
*
* @param string $file_uri
* The file URI.
*
* @return string
* The generated lock ID.
*/
protected static function generateLockIdFromFileUri($file_uri) {
return 'file:ckeditor5:' . Crypt::hashBase64($file_uri);
}
}
Classes
Title | Deprecated | Summary |
---|---|---|
CKEditor5ImageController | Returns response for CKEditor 5 Simple image upload adapter. |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.