media.install 6.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165
  1. <?php
  2. /**
  3. * @file
  4. * Install, uninstall and update hooks for Media module.
  5. */
  6. use Drupal\Core\Url;
  7. use Drupal\media\MediaTypeInterface;
  8. use Drupal\media\Plugin\media\Source\OEmbedInterface;
  9. use Drupal\user\RoleInterface;
  10. use Drupal\user\Entity\Role;
  11. /**
  12. * Implements hook_install().
  13. */
  14. function media_install() {
  15. $source = drupal_get_path('module', 'media') . '/images/icons';
  16. $destination = \Drupal::config('media.settings')->get('icon_base_uri');
  17. file_prepare_directory($destination, FILE_CREATE_DIRECTORY | FILE_MODIFY_PERMISSIONS);
  18. $files = file_scan_directory($source, '/.*\.(svg|png|jpg|jpeg|gif)$/');
  19. foreach ($files as $file) {
  20. // When reinstalling the media module we don't want to copy the icons when
  21. // they already exist. The icons could be replaced (by a contrib module or
  22. // manually), so we don't want to replace the existing files. Removing the
  23. // files when we uninstall could also be a problem if the files are
  24. // referenced somewhere else. Since showing an error that it was not
  25. // possible to copy the files is also confusing, we silently do nothing.
  26. if (!file_exists($destination . DIRECTORY_SEPARATOR . $file->filename)) {
  27. file_unmanaged_copy($file->uri, $destination, FILE_EXISTS_ERROR);
  28. }
  29. }
  30. // Grant the "view media" permission to all users by default.
  31. if (\Drupal::moduleHandler()->moduleExists('user')) {
  32. user_role_grant_permissions(RoleInterface::ANONYMOUS_ID, ['view media']);
  33. user_role_grant_permissions(RoleInterface::AUTHENTICATED_ID, ['view media']);
  34. }
  35. }
  36. /**
  37. * Implements hook_requirements().
  38. */
  39. function media_requirements($phase) {
  40. $requirements = [];
  41. if ($phase == 'install') {
  42. $destination = 'public://media-icons/generic';
  43. file_prepare_directory($destination, FILE_CREATE_DIRECTORY | FILE_MODIFY_PERMISSIONS);
  44. $is_writable = is_writable($destination);
  45. $is_directory = is_dir($destination);
  46. if (!$is_writable || !$is_directory) {
  47. if (!$is_directory) {
  48. $error = t('The directory %directory does not exist.', ['%directory' => $destination]);
  49. }
  50. else {
  51. $error = t('The directory %directory is not writable.', ['%directory' => $destination]);
  52. }
  53. $description = t('An automated attempt to create this directory failed, possibly due to a permissions problem. To proceed with the installation, either create the directory and modify its permissions manually or ensure that the installer has the permissions to create it automatically. For more information, see INSTALL.txt or the <a href=":handbook_url">online handbook</a>.', [':handbook_url' => 'https://www.drupal.org/server-permissions']);
  54. if (!empty($error)) {
  55. $description = $error . ' ' . $description;
  56. $requirements['media']['description'] = $description;
  57. $requirements['media']['severity'] = REQUIREMENT_ERROR;
  58. }
  59. }
  60. // Prevent installation if the 1.x branch of the contrib module is enabled.
  61. if (\Drupal::moduleHandler()->moduleExists('media_entity')) {
  62. $info = system_get_info('module', 'media_entity');
  63. if (version_compare($info['version'], '8.x-2') < 0) {
  64. $requirements['media_module_incompatibility'] = [
  65. 'title' => t('Media'),
  66. 'description' => t('The Media module is not compatible with contrib <a href=":url">Media Entity</a> 1.x branch. Please check the 2.x branch of that module for an upgrade path.', [
  67. ':url' => 'https://drupal.org/project/media_entity',
  68. ]),
  69. 'severity' => REQUIREMENT_ERROR,
  70. ];
  71. }
  72. }
  73. }
  74. elseif ($phase === 'runtime') {
  75. // Check that oEmbed content is served in an iframe on a different domain,
  76. // and complain if it isn't.
  77. $domain = \Drupal::config('media.settings')->get('iframe_domain');
  78. if (!\Drupal::service('media.oembed.iframe_url_helper')->isSecure($domain)) {
  79. // Find all media types which use a source plugin that implements
  80. // OEmbedInterface.
  81. $media_types = \Drupal::entityTypeManager()
  82. ->getStorage('media_type')
  83. ->loadMultiple();
  84. $oembed_types = array_filter($media_types, function (MediaTypeInterface $media_type) {
  85. return $media_type->getSource() instanceof OEmbedInterface;
  86. });
  87. if ($oembed_types) {
  88. // @todo Potentially allow site administrators to suppress this warning
  89. // permanently. See https://www.drupal.org/project/drupal/issues/2962753
  90. // for more information.
  91. $requirements['media_insecure_iframe'] = [
  92. 'title' => t('Media'),
  93. 'description' => t('It is potentially insecure to display oEmbed content in a frame that is served from the same domain as your main Drupal site, as this may allow execution of third-party code. <a href=":url">You can specify a different domain for serving oEmbed content here</a>.', [
  94. ':url' => Url::fromRoute('media.settings')->setAbsolute()->toString(),
  95. ]),
  96. 'severity' => REQUIREMENT_WARNING,
  97. ];
  98. }
  99. }
  100. }
  101. return $requirements;
  102. }
  103. /**
  104. * Introduce per-bundle permissions.
  105. */
  106. function media_update_8500() {
  107. $media_types = \Drupal::entityQuery('media_type')->execute();
  108. /** @var \Drupal\user\RoleInterface $role */
  109. foreach (Role::loadMultiple() as $role) {
  110. if ($role->hasPermission('update media')) {
  111. foreach ($media_types as $media_type) {
  112. $role->grantPermission("edit own $media_type media");
  113. }
  114. }
  115. if ($role->hasPermission('update any media')) {
  116. foreach ($media_types as $media_type) {
  117. $role->grantPermission("edit any $media_type media");
  118. }
  119. }
  120. if ($role->hasPermission('delete media')) {
  121. foreach ($media_types as $media_type) {
  122. $role->grantPermission("delete own $media_type media");
  123. }
  124. }
  125. if ($role->hasPermission('delete any media')) {
  126. foreach ($media_types as $media_type) {
  127. $role->grantPermission("delete any $media_type media");
  128. }
  129. }
  130. if ($role->hasPermission('create media')) {
  131. foreach ($media_types as $media_type) {
  132. $role->grantPermission("create $media_type media");
  133. }
  134. }
  135. $role->save();
  136. }
  137. }
  138. /**
  139. * Updates media.settings to support OEmbed.
  140. */
  141. function media_update_8600() {
  142. \Drupal::configFactory()->getEditable('media.settings')
  143. ->set('iframe_domain', '')
  144. ->set('oembed_providers_url', 'https://oembed.com/providers.json')
  145. ->save(TRUE);
  146. }