Newer
Older
Angie Byron
committed
<?php
/**
* @file
* Adds bindings for client-side "text editors" to text formats.
*/
Alex Pott
committed
use Drupal\Component\Utility\Html;
Alex Pott
committed
use Drupal\Core\Entity\FieldableEntityInterface;
use Drupal\Core\Field\FieldDefinitionInterface;
Dries Buytaert
committed
use Drupal\Core\Form\FormStateInterface;
Angie Byron
committed
use Drupal\Core\Render\Element;
Angie Byron
committed
use Drupal\Core\Routing\RouteMatchInterface;
Angie Byron
committed
use Drupal\Component\Utility\NestedArray;
use Drupal\Core\Entity\EntityInterface;
use Drupal\filter\FilterFormatInterface;
use Drupal\filter\Plugin\FilterInterface;
Angie Byron
committed
/**
* Implements hook_help().
*/
Angie Byron
committed
function editor_help($route_name, RouteMatchInterface $route_match) {
switch ($route_name) {
case 'help.page.editor':
Angie Byron
committed
$output = '';
$output .= '<h3>' . t('About') . '</h3>';
Angie Byron
committed
$output .= '<p>' . t('The Text Editor module provides a framework that other modules (such as <a href="!ckeditor">CKEditor module</a>) can use to provide toolbars and other functionality that allow users to format text more easily than typing HTML tags directly. For more information, see the <a href="!documentation">online documentation for the Text Editor module</a>.', array('!documentation' => 'https://drupal.org/documentation/modules/editor', '!ckeditor' => \Drupal::url('help.page', array('name' => 'ckeditor')))) . '</p>';
Angie Byron
committed
$output .= '<h3>' . t('Uses') . '</h3>';
$output .= '<dl>';
Angie Byron
committed
$output .= '<dt>' . t('Installing text editors') . '</dt>';
Angie Byron
committed
$output .= '<dd>' . t('The Text Editor module provides a framework for managing editors. To use it, you also need to enable a text editor. This can either be the core <a href="!ckeditor">CKEditor module</a>, which can be enabled on the <a href="!extend">Extend page</a>, or a contributed module for any other text editor. When installing a contributed text editor module, be sure to check the installation instructions, because you will most likely need to download and install an external library as well as the Drupal module.', array('!ckeditor' => \Drupal::url('help.page', array('name' => 'ckeditor')), '!extend' => \Drupal::url('system.modules_list'))) . '</dd>';
Angie Byron
committed
$output .= '<dt>' . t('Enabling a text editor for a text format') . '</dt>';
Angie Byron
committed
$output .= '<dd>' . t('On the <a href="!formats">Text formats and editors page</a> you can see which text editor is associated with each text format. You can change this by clicking on the <em>Configure</em> link, and then choosing a text editor or <em>none</em> from the <em>Text editor</em> drop-down list. The text editor will then be displayed with any text field for which this text format is chosen.', array('!formats' => \Drupal::url('filter.admin_overview'))) . '</dd>';
Angie Byron
committed
$output .= '<dt>' . t('Configuring a text editor') . '</dt>';
$output .= '<dd>' . t('Once a text editor is associated with a text format, you can configure it by clicking on the <em>Configure</em> link for this format. Depending on the specific text editor, you can configure it for example by adding buttons to its toolbar. Typically these buttons provide formatting or editing tools, and they often insert HTML tags into the field source. For details, see the help page of the specific text editor.') . '</dd>';
$output .= '<dt>' . t('Using different text editors and formats') . '</dt>';
$output .= '<dd>' . t('If you change the text format on a text field, the text editor will change as well because the text editor configuration is associated with the individual text format. This allows the use of the same text editor with different options for different text formats. It also allows users to choose between text formats with different text editors if they are installed.') . '</dd>';
Angie Byron
committed
$output .= '</dl>';
return $output;
}
}
/**
* Implements hook_menu_links_discovered_alter().
Angie Byron
committed
*
* Rewrites the menu entries for filter module that relate to the configuration
* of text editors.
*/
function editor_menu_links_discovered_alter(array &$links) {
Angie Byron
committed
$links['filter.admin_overview']['title'] = 'Text formats and editors';
$links['filter.admin_overview']['description'] = 'Configure how user-contributed content is filtered and formatted, as well as the text editor user interface (WYSIWYGs or toolbars).';
Angie Byron
committed
}
/**
Angie Byron
committed
* Implements hook_element_info_alter().
Angie Byron
committed
*
* Extends the functionality of text_format elements (provided by Filter
* module), so that selecting a text format notifies a client-side text editor
* when it should be enabled or disabled.
*
* @see filter_element_info()
*/
Angie Byron
committed
function editor_element_info_alter(&$types) {
$types['text_format']['#pre_render'][] = 'element.editor:preRenderTextFormat';
Angie Byron
committed
}
/**
* Implements hook_form_FORM_ID_alter().
*/
Alex Pott
committed
function editor_form_filter_admin_overview_alter(&$form, FormStateInterface $form_state) {
Angie Byron
committed
// @todo Cleanup column injection: http://drupal.org/node/1876718
// Splice in the column for "Text editor" into the header.
$position = array_search('name', $form['formats']['#header']) + 1;
$start = array_splice($form['formats']['#header'], 0, $position, array('editor' => t('Text editor')));
$form['formats']['#header'] = array_merge($start, $form['formats']['#header']);
// Then splice in the name of each text editor for each text format.
$editors = \Drupal::service('plugin.manager.editor')->getDefinitions();
Angie Byron
committed
foreach (Element::children($form['formats']) as $format_id) {
Angie Byron
committed
$editor = editor_load($format_id);
Angie Byron
committed
$editor_name = ($editor && isset($editors[$editor->getEditor()])) ? $editors[$editor->getEditor()]['label'] : drupal_placeholder('—');
Angie Byron
committed
$editor_column['editor'] = array('#markup' => $editor_name);
$position = array_search('name', array_keys($form['formats'][$format_id])) + 1;
$start = array_splice($form['formats'][$format_id], 0, $position, $editor_column);
$form['formats'][$format_id] = array_merge($start, $form['formats'][$format_id]);
}
}
/**
* Implements hook_form_BASE_FORM_ID_alter() for 'filter_format_form'.
Angie Byron
committed
*/
Dries Buytaert
committed
function editor_form_filter_format_form_alter(&$form, FormStateInterface $form_state) {
Angie Byron
committed
if (!$editor = $form_state->get('editor')) {
$format_id = $form_state->getFormObject()->getEntity()->id();
Angie Byron
committed
$editor = editor_load($format_id);
$form_state->set('editor', $editor);
Angie Byron
committed
}
// Associate a text editor with this text format.
$manager = \Drupal::service('plugin.manager.editor');
Angie Byron
committed
$editor_options = $manager->listOptions();
$form['editor'] = array(
Dries Buytaert
committed
// Position the editor selection before the filter settings (weight of 0),
// but after the filter label and name (weight of -20).
'#weight' => -9,
);
$form['editor']['editor'] = array(
Angie Byron
committed
'#type' => 'select',
'#title' => t('Text editor'),
'#options' => $editor_options,
'#empty_option' => t('None'),
Angie Byron
committed
'#default_value' => $editor ? $editor->getEditor() : '',
Angie Byron
committed
'#ajax' => array(
'trigger_as' => array('name' => 'editor_configure'),
'callback' => 'editor_form_filter_admin_form_ajax',
'wrapper' => 'editor-settings-wrapper',
),
Dries Buytaert
committed
'#weight' => -10,
Angie Byron
committed
);
Dries Buytaert
committed
$form['editor']['configure'] = array(
Angie Byron
committed
'#type' => 'submit',
'#name' => 'editor_configure',
'#value' => t('Configure'),
'#limit_validation_errors' => array(array('editor')),
'#submit' => array('editor_form_filter_admin_format_editor_configure'),
'#ajax' => array(
'callback' => 'editor_form_filter_admin_form_ajax',
'wrapper' => 'editor-settings-wrapper',
),
Dries Buytaert
committed
'#weight' => -10,
Angie Byron
committed
'#attributes' => array('class' => array('js-hide')),
);
// If there aren't any options (other than "None"), disable the select list.
if (empty($editor_options)) {
Dries Buytaert
committed
$form['editor']['editor']['#disabled'] = TRUE;
$form['editor']['editor']['#description'] = t('This option is disabled because no modules that provide a text editor are currently enabled.');
Angie Byron
committed
}
Dries Buytaert
committed
$form['editor']['settings'] = array(
Angie Byron
committed
'#tree' => TRUE,
'#weight' => -8,
'#type' => 'container',
'#id' => 'editor-settings-wrapper',
Alex Pott
committed
'#attached' => array(
'library' => array(
'editor/drupal.editor.admin',
Alex Pott
committed
),
),
Angie Byron
committed
);
// Add editor-specific validation and submit handlers.
if ($editor) {
Angie Byron
committed
$plugin = $manager->createInstance($editor->getEditor());
Angie Byron
committed
$settings_form = array();
$settings_form['#element_validate'][] = array($plugin, 'settingsFormValidate');
Dries Buytaert
committed
$form['editor']['settings']['subform'] = $plugin->settingsForm($settings_form, $form_state, $editor);
$form['editor']['settings']['subform']['#parents'] = array('editor', 'settings');
$form['actions']['submit']['#submit'][] = array($plugin, 'settingsFormSubmit');
Angie Byron
committed
}
Alex Pott
committed
$form['#validate'][] = 'editor_form_filter_admin_format_validate';
$form['actions']['submit']['#submit'][] = 'editor_form_filter_admin_format_submit';
Angie Byron
committed
}
/**
* Button submit handler for filter_format_form()'s 'editor_configure' button.
Angie Byron
committed
*/
Dries Buytaert
committed
function editor_form_filter_admin_format_editor_configure($form, FormStateInterface $form_state) {
Angie Byron
committed
$editor = $form_state->get('editor');
Alex Pott
committed
if ($editor_value = $form_state->getValue(array('editor', 'editor'))) {
if ($editor_value === '') {
Angie Byron
committed
$form_state->set('editor', FALSE);
Angie Byron
committed
}
Alex Pott
committed
elseif (empty($editor) || $editor_value !== $editor->getEditor()) {
Angie Byron
committed
$editor = entity_create('editor', array(
'format' => $form_state->getFormObject()->getEntity()->id(),
Alex Pott
committed
'editor' => $editor_value,
Angie Byron
committed
));
Angie Byron
committed
$form_state->set('editor', $editor);
Angie Byron
committed
}
}
Angie Byron
committed
$form_state->setRebuild();
Angie Byron
committed
}
/**
* AJAX callback handler for filter_format_form().
Angie Byron
committed
*/
Dries Buytaert
committed
function editor_form_filter_admin_form_ajax($form, FormStateInterface $form_state) {
Dries Buytaert
committed
return $form['editor']['settings'];
Angie Byron
committed
}
Alex Pott
committed
/**
* Additional validate handler for filter_format_form().
Alex Pott
committed
*/
Dries Buytaert
committed
function editor_form_filter_admin_format_validate($form, FormStateInterface $form_state) {
Alex Pott
committed
// This validate handler is not applicable when using the 'Configure' button.
Angie Byron
committed
if ($form_state->getTriggeringElement()['#name'] === 'editor_configure') {
Alex Pott
committed
return;
}
// When using this form with JavaScript disabled in the browser, the the
// 'Configure' button won't be clicked automatically. So, when the user has
// selected a text editor and has then clicked 'Save configuration', we should
// point out that the user must still configure the text editor.
Angie Byron
committed
if ($form_state->getValue(['editor', 'editor']) !== '' && !$form_state->get('editor')) {
Alex Pott
committed
$form_state->setErrorByName('editor][editor', t('You must configure the selected text editor.'));
Alex Pott
committed
}
}
Angie Byron
committed
/**
* Additional submit handler for filter_format_form().
Angie Byron
committed
*/
Dries Buytaert
committed
function editor_form_filter_admin_format_submit($form, FormStateInterface $form_state) {
Angie Byron
committed
// Delete the existing editor if disabling or switching between editors.
$format_id = $form_state->getFormObject()->getEntity()->id();
Angie Byron
committed
$original_editor = editor_load($format_id);
Alex Pott
committed
if ($original_editor && $original_editor->getEditor() != $form_state->getValue('editor')) {
Angie Byron
committed
$original_editor->delete();
}
// Create a new editor or update the existing editor.
Angie Byron
committed
if ($editor = $form_state->get('editor')) {
// Ensure the text format is set: when creating a new text format, this
// would equal the empty string.
Angie Byron
committed
$editor->set('format', $format_id);
$editor->setSettings($form_state->getValue(['editor', 'settings']));
$editor->save();
Angie Byron
committed
}
}
/**
* Loads an individual configured text editor based on text format ID.
*
* @return \Drupal\editor\Entity\Editor|null
Dries Buytaert
committed
* A text editor object, or NULL.
Angie Byron
committed
*/
function editor_load($format_id) {
// Load all the editors at once here, assuming that either no editors or more
// than one editor will be needed on a page (such as having multiple text
// formats for administrators). Loading a small number of editors all at once
// is more efficient than loading multiple editors individually.
$editors = entity_load_multiple('editor');
Dries Buytaert
committed
return isset($editors[$format_id]) ? $editors[$format_id] : NULL;
Angie Byron
committed
}
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
/**
* Applies text editor XSS filtering.
*
* @param string $html
* The HTML string that will be passed to the text editor.
* @param \Drupal\filter\FilterFormatInterface $format
* The text format whose text editor will be used.
* @param \Drupal\filter\FilterFormatInterface $original_format|null
* (optional) The original text format (i.e. when switching text formats,
* $format is the text format that is going to be used, $original_format is
* the one that was being used initially, the one that is stored in the
* database when editing).
*
* @return string|false
* FALSE when no XSS filtering needs to be applied (either because no text
* editor is associated with the text format, or because the text editor is
* safe from XSS attacks, or because the text format does not use any XSS
* protection filters), otherwise the XSS filtered string.
*
* @see https://drupal.org/node/2099741
*/
function editor_filter_xss($html, FilterFormatInterface $format, FilterFormatInterface $original_format = NULL) {
$editor = editor_load($format->id());
// If no text editor is associated with this text format, then we don't need
// text editor XSS filtering either.
if (!isset($editor)) {
return FALSE;
}
// If the text editor associated with this text format guarantees security,
// then we also don't need text editor XSS filtering.
Angie Byron
committed
$definition = \Drupal::service('plugin.manager.editor')->getDefinition($editor->getEditor());
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
if ($definition['is_xss_safe'] === TRUE) {
return FALSE;
}
// If there is no filter preventing XSS attacks in the text format being used,
// then no text editor XSS filtering is needed either. (Because then the
// editing user can already be attacked by merely viewing the content.)
// e.g.: an admin user creates content in Full HTML and then edits it, no text
// format switching happens; in this case, no text editor XSS filtering is
// desirable, because it would strip style attributes, amongst others.
$current_filter_types = $format->getFilterTypes();
if (!in_array(FilterInterface::TYPE_HTML_RESTRICTOR, $current_filter_types, TRUE)) {
if ($original_format === NULL) {
return FALSE;
}
// Unless we are switching from another text format, in which case we must
// first check whether a filter preventing XSS attacks is used in that text
// format, and if so, we must still apply XSS filtering.
// e.g.: an anonymous user creates content in Restricted HTML, an admin user
// edits it (then no XSS filtering is applied because no text editor is
// used), and switches to Full HTML (for which a text editor is used). Then
// we must apply XSS filtering to protect the admin user.
else {
$original_filter_types = $original_format->getFilterTypes();
if (!in_array(FilterInterface::TYPE_HTML_RESTRICTOR, $original_filter_types, TRUE)) {
return FALSE;
}
}
}
// Otherwise, apply the text editor XSS filter. We use the default one unless
// a module tells us to use a different one.
$editor_xss_filter_class = '\Drupal\editor\EditorXssFilter\Standard';
\Drupal::moduleHandler()->alter('editor_xss_filter', $editor_xss_filter_class, $format, $original_format);
return call_user_func($editor_xss_filter_class . '::filterXss', $html, $format, $original_format);
}
/**
* Implements hook_entity_insert().
*/
function editor_entity_insert(EntityInterface $entity) {
// Only act on content entities.
Alex Pott
committed
if (!($entity instanceof FieldableEntityInterface)) {
return;
}
$referenced_files_by_field = _editor_get_file_uuids_by_field($entity);
foreach ($referenced_files_by_field as $field => $uuids) {
_editor_record_file_usage($uuids, $entity);
}
}
/**
* Implements hook_entity_update().
*/
function editor_entity_update(EntityInterface $entity) {
// Only act on content entities.
Alex Pott
committed
if (!($entity instanceof FieldableEntityInterface)) {
return;
}
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
// On new revisions, all files are considered to be a new usage and no
// deletion of previous file usages are necessary.
if (!empty($entity->original) && $entity->getRevisionId() != $entity->original->getRevisionId()) {
$referenced_files_by_field = _editor_get_file_uuids_by_field($entity);
foreach ($referenced_files_by_field as $field => $uuids) {
_editor_record_file_usage($uuids, $entity);
}
}
// On modified revisions, detect which file references have been added (and
// record their usage) and which ones have been removed (delete their usage).
// File references that existed both in the previous version of the revision
// and in the new one don't need their usage to be updated.
else {
$original_uuids_by_field = _editor_get_file_uuids_by_field($entity->original);
$uuids_by_field = _editor_get_file_uuids_by_field($entity);
// Detect file usages that should be incremented.
foreach ($uuids_by_field as $field => $uuids) {
$added_files = array_diff($uuids_by_field[$field], $original_uuids_by_field[$field]);
_editor_record_file_usage($added_files, $entity);
}
// Detect file usages that should be decremented.
foreach ($original_uuids_by_field as $field => $uuids) {
$removed_files = array_diff($original_uuids_by_field[$field], $uuids_by_field[$field]);
_editor_delete_file_usage($removed_files, $entity, 1);
}
}
}
/**
* Implements hook_entity_delete().
*/
function editor_entity_delete(EntityInterface $entity) {
// Only act on content entities.
Alex Pott
committed
if (!($entity instanceof FieldableEntityInterface)) {
return;
}
$referenced_files_by_field = _editor_get_file_uuids_by_field($entity);
foreach ($referenced_files_by_field as $field => $uuids) {
_editor_delete_file_usage($uuids, $entity, 0);
}
}
/**
* Implements hook_entity_revision_delete().
*/
function editor_entity_revision_delete(EntityInterface $entity) {
// Only act on content entities.
Alex Pott
committed
if (!($entity instanceof FieldableEntityInterface)) {
return;
}
$referenced_files_by_field = _editor_get_file_uuids_by_field($entity);
foreach ($referenced_files_by_field as $field => $uuids) {
_editor_delete_file_usage($uuids, $entity, 1);
}
}
/**
* Records file usage of files referenced by formatted text fields.
*
* Every referenced file that does not yet have the FILE_STATUS_PERMANENT state,
* will be given that state.
*
* @param array $uuids
* An array of file entity UUIDs.
* @param EntityInterface $entity
* An entity whose fields to inspect for file references.
*/
function _editor_record_file_usage(array $uuids, EntityInterface $entity) {
foreach ($uuids as $uuid) {
Alex Pott
committed
if ($file = entity_load_by_uuid('file', $uuid)) {
if ($file->status !== FILE_STATUS_PERMANENT) {
$file->status = FILE_STATUS_PERMANENT;
$file->save();
}
\Drupal::service('file.usage')->add($file, 'editor', $entity->getEntityTypeId(), $entity->id());
}
}
}
/**
* Deletes file usage of files referenced by formatted text fields.
*
* @param array $uuids
* An array of file entity UUIDs.
* @param EntityInterface $entity
* An entity whose fields to inspect for file references.
* @param $count
* The number of references to delete. Should be 1 when deleting a single
* revision and 0 when deleting an entity entirely.
*
Alex Pott
committed
* @see \Drupal\file\FileUsage\FileUsageInterface::delete()
*/
function _editor_delete_file_usage(array $uuids, EntityInterface $entity, $count) {
foreach ($uuids as $uuid) {
Alex Pott
committed
if ($file = entity_load_by_uuid('file', $uuid)) {
\Drupal::service('file.usage')->delete($file, 'editor', $entity->getEntityTypeId(), $entity->id(), $count);
}
}
}
/**
* Finds all files referenced (data-editor-file-uuid) by formatted text fields.
*
* @param EntityInterface $entity
* An entity whose fields to analyze.
*
* @return array
* An array of file entity UUIDs.
*/
function _editor_get_file_uuids_by_field(EntityInterface $entity) {
$uuids = array();
$formatted_text_fields = _editor_get_formatted_text_fields($entity);
foreach ($formatted_text_fields as $formatted_text_field) {
$text = $entity->get($formatted_text_field)->value;
$uuids[$formatted_text_field] = _editor_parse_file_uuids($text);
}
return $uuids;
}
/**
* Determines the formatted text fields on an entity.
*
Alex Pott
committed
* @param \Drupal\Core\Entity\FieldableEntityInterface $entity
* An entity whose fields to analyze.
*
* @return array
* The names of the fields on this entity that support formatted text.
*/
Alex Pott
committed
function _editor_get_formatted_text_fields(FieldableEntityInterface $entity) {
$field_definitions = $entity->getFieldDefinitions();
if (empty($field_definitions)) {
return array();
}
// Only return formatted text fields.
return array_keys(array_filter($field_definitions, function (FieldDefinitionInterface $definition) {
return in_array($definition->getType(), array('text', 'text_long', 'text_with_summary'), TRUE);
Alex Pott
committed
}));
}
/**
* Parse an HTML snippet for any data-editor-file-uuid attributes.
*
* @param string $text
* The partial (X)HTML snippet to load. Invalid markup will be corrected on
* import.
*
* @return array
* An array of all found UUIDs.
*/
function _editor_parse_file_uuids($text) {
Alex Pott
committed
$dom = Html::load($text);
$xpath = new \DOMXPath($dom);
$uuids = array();
foreach ($xpath->query('//*[@data-editor-file-uuid]') as $node) {
$uuids[] = $node->getAttribute('data-editor-file-uuid');
}
return $uuids;
}