vendor/pimcore/pimcore/bundles/CoreBundle/Controller/PublicServicesController.php line 213

Open in your IDE?
  1. <?php
  3. /**
  4. * Pimcore
  5. *
  6. * This source file is available under two different licenses:
  7. * - GNU General Public License version 3 (GPLv3)
  8. * - Pimcore Commercial License (PCL)
  9. * Full copyright and license information is available in
  10. * LICENSE.md which is distributed with this source code.
  11. *
  12. * @copyright Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  13. * @license http://www.pimcore.org/license GPLv3 and PCL
  14. */
  16. namespace Pimcore\Bundle\CoreBundle\Controller;
  18. use function date;
  19. use Pimcore\Config;
  20. use Pimcore\Controller\Controller;
  21. use Pimcore\File;
  22. use Pimcore\Logger;
  23. use Pimcore\Model\Asset;
  24. use Pimcore\Model\Site;
  25. use Pimcore\Model\Tool\TmpStore;
  26. use Pimcore\Tool\Storage;
  27. use Symfony\Component\HttpFoundation\Cookie;
  28. use Symfony\Component\HttpFoundation\RedirectResponse;
  29. use Symfony\Component\HttpFoundation\Request;
  30. use Symfony\Component\HttpFoundation\Response;
  31. use Symfony\Component\HttpFoundation\StreamedResponse;
  32. use Symfony\Component\HttpKernel\EventListener\AbstractSessionListener;
  33. use function time;
  35. /**
  36. * @internal
  37. */
  38. class PublicServicesController extends Controller
  39. {
  40. /**
  41. * @param Request $request
  42. *
  43. * @return RedirectResponse|StreamedResponse
  44. */
  45. public function thumbnailAction(Request $request)
  46. {
  47. $storage = Storage::get('thumbnail');
  49. $assetId = (int) $request->get('assetId');
  50. $thumbnailName = $request->get('thumbnailName');
  51. $thumbnailType = $request->get('type');
  52. $filename = $request->get('filename');
  53. $requestedFileExtension = strtolower(File::getFileExtension($filename));
  54. $asset = Asset::getById($assetId);
  56. if ($asset) {
  57. $prefix = preg_replace('@^cache-buster\-[\d]+\/@', '', $request->get('prefix'));
  58. $prefix = preg_replace('@' . $asset->getId() . '/$@', '', $prefix);
  59. if ($asset->getPath() === ('/' . $prefix)) {
  60. // we need to check the path as well, this is important in the case you have restricted the public access to
  61. // assets via rewrite rules
  63. try {
  64. $thumbnail = null;
  65. $thumbnailStream = null;
  67. // just check if the thumbnail exists -> throws exception otherwise
  68. $thumbnailConfigClass = 'Pimcore\\Model\\Asset\\' . ucfirst($thumbnailType) . '\\Thumbnail\Config';
  69. $thumbnailConfig = $thumbnailConfigClass::getByName($thumbnailName);
  71. if (!$thumbnailConfig) {
  72. // check if there's an item in the TmpStore
  73. // remove an eventually existing cache-buster prefix first (eg. when using with a CDN)
  74. $pathInfo = preg_replace('@^/cache-buster\-[\d]+@', '', $request->getPathInfo());
  75. $deferredConfigId = 'thumb_' . $assetId . '__' . md5(urldecode($pathInfo));
  76. if ($thumbnailConfigItem = TmpStore::get($deferredConfigId)) {
  77. $thumbnailConfig = $thumbnailConfigItem->getData();
  78. TmpStore::delete($deferredConfigId);
  80. if (!$thumbnailConfig instanceof $thumbnailConfigClass) {
  81. throw new \Exception('Deferred thumbnail config file doesn\'t contain a valid '.$thumbnailConfigClass.' object');
  82. }
  83. } elseif ($this->getParameter('pimcore.config')['assets'][$thumbnailType]['thumbnails']['status_cache']) {
  84. // Delete Thumbnail Name from Cache so the next call can generate a new TmpStore entry
  85. $asset->getDao()->deleteFromThumbnailCache($thumbnailName);
  86. }
  87. }
  89. if (!$thumbnailConfig) {
  90. throw $this->createNotFoundException("Thumbnail '" . $thumbnailName . "' file doesn't exist");
  91. }
  93. if ($thumbnailType == 'image' && strcasecmp($thumbnailConfig->getFormat(), 'SOURCE') === 0) {
  94. $formatOverride = $requestedFileExtension;
  95. if (in_array($requestedFileExtension, ['jpg', 'jpeg'])) {
  96. $formatOverride = 'pjpeg';
  97. }
  98. $thumbnailConfig->setFormat($formatOverride);
  99. }
  101. if ($asset instanceof Asset\Video) {
  102. if ($thumbnailType == 'video') {
  103. $thumbnail = $asset->getThumbnail($thumbnailName, [$requestedFileExtension]);
  104. $storagePath = urldecode($thumbnail['formats'][$requestedFileExtension]);
  106. if ($storage->fileExists($storagePath)) {
  107. $thumbnailStream = $storage->readStream($storagePath);
  108. }
  109. } else {
  110. $time = 1;
  111. if (preg_match("|~\-~time\-(\d+)\.|", $filename, $matchesThumbs)) {
  112. $time = (int)$matchesThumbs[1];
  113. }
  115. $thumbnail = $asset->getImageThumbnail($thumbnailConfig, $time);
  116. $thumbnailStream = $thumbnail->getStream();
  117. }
  118. } elseif ($asset instanceof Asset\Document) {
  119. $page = 1;
  120. if (preg_match("|~\-~page\-(\d+)(@[0-9.]+x)?\.|", $filename, $matchesThumbs)) {
  121. $page = (int)$matchesThumbs[1];
  122. }
  124. $thumbnailConfig->setName(preg_replace("/\-[\d]+/", '', $thumbnailConfig->getName()));
  125. $thumbnailConfig->setName(str_replace('document_', '', $thumbnailConfig->getName()));
  127. $thumbnail = $asset->getImageThumbnail($thumbnailConfig, $page);
  128. $thumbnailStream = $thumbnail->getStream();
  129. } elseif ($asset instanceof Asset\Image) {
  130. //check if high res image is called
  132. preg_match("@([^\@]+)(\@[0-9.]+x)?\.([a-zA-Z]{2,5})@", $filename, $matches);
  134. if (empty($matches) || !isset($matches[1])) {
  135. throw $this->createNotFoundException('Requested asset does not exist');
  136. }
  137. if (array_key_exists(2, $matches) && $matches[2]) {
  138. $highResFactor = (float)str_replace(['@', 'x'], '', $matches[2]);
  139. $thumbnailConfig->setHighResolution($highResFactor);
  140. }
  142. // check if a media query thumbnail was requested
  143. if (preg_match("#~\-~media\-\-(.*)\-\-query#", $matches[1], $mediaQueryResult)) {
  144. $thumbnailConfig->selectMedia($mediaQueryResult[1]);
  145. }
  147. $thumbnail = $asset->getThumbnail($thumbnailConfig);
  148. $thumbnailStream = $thumbnail->getStream();
  149. }
  151. if ($thumbnail && $thumbnailStream) {
  152. if ($thumbnailType == 'image') {
  153. $mime = $thumbnail->getMimeType();
  154. $fileSize = $thumbnail->getFileSize();
  155. $pathReference = $thumbnail->getPathReference();
  156. $actualFileExtension = File::getFileExtension($pathReference['src']);
  158. if ($actualFileExtension !== $requestedFileExtension) {
  159. // create a copy/symlink to the file with the original file extension
  160. // this can be e.g. the case when the thumbnail is called as foo.png but the thumbnail config
  161. // is set to auto-optimized format so the resulting thumbnail can be jpeg
  162. $requestedFile = preg_replace('/\.' . $actualFileExtension . '$/', '.' . $requestedFileExtension, $pathReference['src']);
  164. //Only copy the file if not exists yet
  165. if (!$storage->fileExists($requestedFile)) {
  166. $storage->writeStream($requestedFile, $thumbnailStream);
  167. }
  169. //Stream can be closed by writeStream and needs to be reloaded.
  170. $thumbnailStream = $storage->readStream($requestedFile);
  171. }
  172. } elseif ($thumbnailType =='video' && isset($storagePath)) {
  173. $mime = $storage->mimeType($storagePath);
  174. $fileSize = $storage->fileSize($storagePath);
  175. } else {
  176. throw new \Exception('Cannot determine mime type and file size of '.$thumbnailType.' thumbnail, see logs for details.');
  177. }
  178. // set appropriate caching headers
  179. // see also: https://github.com/pimcore/pimcore/blob/1931860f0aea27de57e79313b2eb212dcf69ef13/.htaccess#L86-L86
  180. $lifetime = 86400 * 7; // 1 week lifetime, same as direct delivery in .htaccess
  182. $headers = [
  183. 'Cache-Control' => 'public, max-age=' . $lifetime,
  184. 'Expires' => date('D, d M Y H:i:s T', time() + $lifetime),
  185. 'Content-Type' => $mime,
  186. 'Content-Length' => $fileSize,
  187. ];
  189. $headers[AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER] = true;
  191. return new StreamedResponse(function () use ($thumbnailStream) {
  192. fpassthru($thumbnailStream);
  193. }, 200, $headers);
  194. }
  196. throw new \Exception('Unable to generate '.$thumbnailType.' thumbnail, see logs for details.');
  197. } catch (\Exception $e) {
  198. Logger::error($e->getMessage());
  200. return new RedirectResponse('/bundles/pimcoreadmin/img/filetype-not-supported.svg');
  201. }
  202. }
  203. }
  205. throw $this->createNotFoundException('Asset not found');
  206. }
  208. /**
  209. * @param Request $request
  210. *
  211. * @return Response
  212. */
  213. public function robotsTxtAction(Request $request)
  214. {
  215. // check for site
  216. $domain = \Pimcore\Tool::getHostname();
  217. $site = Site::getByDomain($domain);
  219. $config = Config::getRobotsConfig()->toArray();
  221. $siteId = 'default';
  222. if ($site instanceof Site) {
  223. $siteId = $site->getId();
  224. }
  226. // send correct headers
  227. header('Content-Type: text/plain; charset=utf8');
  228. while (@ob_end_flush()) ;
  230. // check for configured robots.txt in pimcore
  231. $content = '';
  232. if (array_key_exists($siteId, $config)) {
  233. $content = $config[$siteId];
  234. }
  236. if (empty($content)) {
  237. // default behavior, allow robots to index everything
  238. $content = "User-agent: *\nDisallow:";
  239. }
  241. return new Response($content, Response::HTTP_OK, [
  242. 'Content-Type' => 'text/plain',
  243. ]);
  244. }
  246. /**
  247. * @param Request $request
  248. *
  249. * @return Response
  250. */
  251. public function commonFilesAction(Request $request)
  252. {
  253. return new Response("HTTP/1.1 404 Not Found\nFiltered by common files filter", 404);
  254. }
  256. /**
  257. * @param Request $request
  258. *
  259. * @return RedirectResponse
  260. */
  261. public function customAdminEntryPointAction(Request $request)
  262. {
  263. $params = $request->query->all();
  265. $url = match (true) {
  266. isset($params['token']) => $this->generateUrl('pimcore_admin_login_check', $params),
  267. isset($params['deeplink']) => $this->generateUrl('pimcore_admin_login_deeplink', $params),
  268. default => $this->generateUrl('pimcore_admin_login', $params)
  269. };
  271. $redirect = new RedirectResponse($url);
  273. $customAdminPathIdentifier = $this->getParameter('pimcore_admin.custom_admin_path_identifier');
  274. if (!empty($customAdminPathIdentifier) && $request->cookies->get('pimcore_custom_admin') != $customAdminPathIdentifier) {
  275. $redirect->headers->setCookie(new Cookie('pimcore_custom_admin', $customAdminPathIdentifier, strtotime('+1 year')));
  276. }
  278. return $redirect;
  279. }
  280. }