diff --git a/core/modules/locale/locale.compare.inc b/core/modules/locale/locale.compare.inc index 0c53ec3..7f15654 100644 --- a/core/modules/locale/locale.compare.inc +++ b/core/modules/locale/locale.compare.inc @@ -138,7 +138,7 @@ function locale_translation_project_list() { $projects = &drupal_static(__FUNCTION__, array()); if (empty($projects)) { - module_load_include('compare.inc', 'update'); + $update_compare = \Drupal::service('update.compare'); $config = config('locale.settings'); $projects = array(); @@ -148,11 +148,11 @@ function locale_translation_project_list() { ); $module_data = _locale_translation_prepare_project_list(system_rebuild_module_data(), 'module'); $theme_data = _locale_translation_prepare_project_list(system_rebuild_theme_data(), 'theme'); - update_process_info_list($projects, $module_data, 'module', TRUE, $additional_whitelist); - update_process_info_list($projects, $theme_data, 'theme', TRUE, $additional_whitelist); + $update_compare->processInfoList($projects, $module_data, 'module', TRUE, $additional_whitelist); + $update_compare->processInfoList($projects, $theme_data, 'theme', TRUE, $additional_whitelist); if ($config->get('translation.check_disabled_modules')) { - update_process_info_list($projects, $module_data, 'module', FALSE, $additional_whitelist); - update_process_info_list($projects, $theme_data, 'theme', FALSE, $additional_whitelist); + $update_compare->processInfoList($projects, $module_data, 'module', FALSE, $additional_whitelist); + $update_compare->processInfoList($projects, $theme_data, 'theme', FALSE, $additional_whitelist); } // Allow other modules to alter projects before fetching and comparing. diff --git a/core/modules/update/lib/Drupal/update/Controller/UpdateController.php b/core/modules/update/lib/Drupal/update/Controller/UpdateController.php index a2a73c5..fbdb5dd 100644 --- a/core/modules/update/lib/Drupal/update/Controller/UpdateController.php +++ b/core/modules/update/lib/Drupal/update/Controller/UpdateController.php @@ -7,8 +7,8 @@ namespace Drupal\update\Controller; -use Drupal\Core\ControllerInterface; -use Drupal\Core\Extension\ModuleHandlerInterface; +use Drupal\Core\Controller\ControllerInterface; +use Drupal\update\UpdateCompareManager; use Symfony\Component\DependencyInjection\ContainerInterface; /** @@ -17,29 +17,27 @@ class UpdateController implements ControllerInterface { /** - * Module handler service. + * Update comparison service * - * @var \Drupal\Core\Extension\ModuleHandlerInterface + * @var \Drupal\update\UpdateCompareManager */ - protected $moduleHandler; + protected $updateCompareManager; /** * Constructs update status data. * - * @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler - * Module Handler Service. + * @param \Drupal\update\UpdateCompareManager $updateCompareManager + * Update Comparison Service. */ - public function __construct(ModuleHandlerInterface $module_handler) { - $this->moduleHandler = $module_handler; + public function __construct(UpdateCompareManager $updateCompareManager) { + $this->updateCompareManager = $updateCompareManager; } /** * {@inheritdoc} */ public static function create(ContainerInterface $container) { - return new static( - $container->get('module_handler') - ); + return new static($container->get('update.compare')); } /** @@ -53,8 +51,7 @@ public function updateStatus() { '#theme' => 'update_report' ); if ($available = update_get_available(TRUE)) { - $this->moduleHandler->loadInclude('update', 'compare.inc'); - $build['#data'] = update_calculate_project_data($available); + $build['#data'] = $this->updateCompareManager->calculateProjectData($available); } else { $build['#data'] = _update_no_data(); diff --git a/core/modules/update/lib/Drupal/update/Controller/UpdateFetchController.php b/core/modules/update/lib/Drupal/update/Controller/UpdateFetchController.php index 765b311..7c5e701 100644 --- a/core/modules/update/lib/Drupal/update/Controller/UpdateFetchController.php +++ b/core/modules/update/lib/Drupal/update/Controller/UpdateFetchController.php @@ -4,12 +4,12 @@ * @file * Contains \Drupal\update\Controller\UpdateFetchController. * - * Code required only when fetching information about available updates. */ namespace Drupal\update\Controller; use Drupal\Core\Controller\ControllerInterface; +use Drupal\update\UpdateFetchManager; use Symfony\Component\DependencyInjection\ContainerInterface; /** @@ -18,21 +18,38 @@ class UpdateFetchController implements ControllerInterface { /** + * Update fetch service + * + * @var \Drupal\update\UpdateFetchManager + */ + protected $updateFetchManager; + + /** * {@inheritdoc} */ public static function create(ContainerInterface $container) { - return new static(); + return new static($container->get('update.fetch')); + } + + /** + * Constructs a UpdateFetchController object. + * + * @param \Drupal\update\UpdateFetchManager $updateFetchManager + * Update Fetch Service. + */ + public function __construct(UpdateFetchManager $updateFetchManager) { + $this->updateFetchManager = $updateFetchManager; } /** - * Page callback: Checks for updates and displays the update status report. + * Checks for updates and displays the update status report. * * Manually checks the update status without the use of cron. * * @see update_menu() */ public function updateManualStatus() { - \Drupal::service('update.fetch')->refresh(); + $this->updateFetchManager->refresh(); $batch = array( 'operations' => array( array('\Drupal\update\Controller\UpdateFetchController::fetchDataBatch', array()), diff --git a/core/modules/update/lib/Drupal/update/Tests/UpdateContribTest.php b/core/modules/update/lib/Drupal/update/Tests/UpdateContribTest.php index 1fdd0b3..b9dc7cc 100644 --- a/core/modules/update/lib/Drupal/update/Tests/UpdateContribTest.php +++ b/core/modules/update/lib/Drupal/update/Tests/UpdateContribTest.php @@ -6,6 +6,7 @@ */ namespace Drupal\update\Tests; +use Drupal\update\UpdateCompareManager; /** * Tests behavior related to handling updates to contributed modules and themes. @@ -266,7 +267,7 @@ function testUpdateShowDisabledThemes() { * Tests updates with a hidden base theme. */ function testUpdateHiddenBaseTheme() { - module_load_include('compare.inc', 'update'); + $compareManager = new UpdateCompareManager($this->container->get('module_handler'), $this->container->get('keyvalue.expirable')); // Enable the subtheme. theme_enable(array('update_test_subtheme')); @@ -285,9 +286,9 @@ function testUpdateHiddenBaseTheme() { ), ); config('update_test.settings')->set('system_info', $system_info)->save(); - $projects = update_get_projects(); + $projects = $compareManager->getProjects(); $theme_data = system_rebuild_theme_data(); - update_process_info_list($projects, $theme_data, 'theme', TRUE); + $compareManager->processInfoList($projects, $theme_data, 'theme', TRUE); $this->assertTrue(!empty($projects['update_test_basetheme']), 'Valid base theme (update_test_basetheme) was found.'); } diff --git a/core/modules/update/lib/Drupal/update/Tests/UpdateCoreTest.php b/core/modules/update/lib/Drupal/update/Tests/UpdateCoreTest.php index 8c432dc..94d0538 100644 --- a/core/modules/update/lib/Drupal/update/Tests/UpdateCoreTest.php +++ b/core/modules/update/lib/Drupal/update/Tests/UpdateCoreTest.php @@ -6,7 +6,7 @@ */ namespace Drupal\update\Tests; -use Drupal\update\UpdateFetchManager; + /** * Tests behavior related to discovering and listing updates to Drupal core. @@ -196,14 +196,14 @@ function testServiceUnavailable() { * Tests that exactly one fetch task per project is created and not more. */ function testFetchTasks() { - $service = new UpdateFetchManager(); + $service = $this->container->get('update.fetch'); $projecta = array( 'name' => 'aaa_update_test', ); $projectb = array( 'name' => 'bbb_update_test', ); - $queue = \Drupal::queue('update_fetch_tasks'); + $queue = $this->container->get('queue')->get('update_fetch_tasks'); $this->assertEqual($queue->numberOfItems(), 0, 'Queue is empty'); $service->createFetchTask($projecta); $this->assertEqual($queue->numberOfItems(), 1, 'Queue contains one item'); @@ -215,7 +215,7 @@ function testFetchTasks() { // Clear storage and try again. update_storage_clear(); - drupal_static_reset('_update_create_fetch_task'); + $service->clearFetchTasks(); $service->createFetchTask($projecta); $this->assertEqual($queue->numberOfItems(), 2, 'Queue contains two items'); } diff --git a/core/modules/update/lib/Drupal/update/Tests/UpdateCoreUnitTest.php b/core/modules/update/lib/Drupal/update/Tests/UpdateCoreUnitTest.php index f9a285e..8655dac 100644 --- a/core/modules/update/lib/Drupal/update/Tests/UpdateCoreUnitTest.php +++ b/core/modules/update/lib/Drupal/update/Tests/UpdateCoreUnitTest.php @@ -7,14 +7,15 @@ namespace Drupal\update\Tests; -use Drupal\simpletest\UnitTestBase; +use Drupal\simpletest\DrupalUnitTestBase; +use Drupal\update\UpdateCompareManager; use Drupal\update\UpdateFetchManager; use Symfony\Component\DependencyInjection\ContainerInterface; /** * Tests update functionality unrelated to the database. */ -class UpdateCoreUnitTest extends UnitTestBase { +class UpdateCoreUnitTest extends DrupalUnitTestBase { /** * Modules to enable. @@ -26,20 +27,23 @@ class UpdateCoreUnitTest extends UnitTestBase { public static function getInfo() { return array( 'name' => "Unit tests", - 'description' => 'Test update funcionality unrelated to the database.', + 'description' => 'Test update functionality unrelated to the database.', 'group' => 'Update', ); } - function setUp() { - parent::setUp(); - } - /** * Tests that _update_build_fetch_url() builds the URL correctly. */ function testUpdateBuildFetchUrl() { - $service = new UpdateFetchManager(); + $service = new UpdateFetchManager( + $this->container->get('config.factory'), + $this->container->get('queue'), + $this->container->get('keyvalue'), + $this->container->get('keyvalue.expirable'), + $this->container->get('state'), + new UpdateCompareManager($this->container->get('module_handler'), $this->container->get('keyvalue.expirable')) + ); //first test that we didn't break the trivial case $project['name'] = 'update_test'; $project['project_type'] = ''; @@ -48,7 +52,6 @@ function testUpdateBuildFetchUrl() { $project['includes'] = array('module1' => 'Module 1', 'module2' => 'Module 2'); $site_key = ''; $expected = 'http://www.example.com/' . $project['name'] . '/' . DRUPAL_CORE_COMPATIBILITY; - //$url = \Drupal::service('update.fetch')->buildFetchUrl($project, $site_key); $url = $service->buildFetchUrl($project, $site_key); $this->assertEqual($url, $expected, "'$url' when no site_key provided should be '$expected'."); @@ -56,7 +59,6 @@ function testUpdateBuildFetchUrl() { $site_key = 'site_key'; $project['project_type'] = 'disabled'; $expected = 'http://www.example.com/' . $project['name'] . '/' . DRUPAL_CORE_COMPATIBILITY; - //$url = \Drupal::service('update.fetch')->buildFetchUrl($project, $site_key); $url = $service->buildFetchUrl($project, $site_key); $this->assertEqual($url, $expected, "'$url' should be '$expected' for disabled projects."); @@ -65,7 +67,6 @@ function testUpdateBuildFetchUrl() { $expected = 'http://www.example.com/' . $project['name'] . '/' . DRUPAL_CORE_COMPATIBILITY; $expected .= '?site_key=site_key'; $expected .= '&list=' . rawurlencode('module1,module2'); - //$url = \Drupal::service('update.fetch')->buildFetchUrl($project, $site_key); $url = $service->buildFetchUrl($project, $site_key); $this->assertEqual($url, $expected, "When site_key provided, '$url' should be '$expected'."); @@ -75,9 +76,7 @@ function testUpdateBuildFetchUrl() { $expected = 'http://www.example.com/?project=/' . $project['name'] . '/' . DRUPAL_CORE_COMPATIBILITY; $expected .= '&site_key=site_key'; $expected .= '&list=' . rawurlencode('module1,module2'); - //$url = \Drupal::service('update.fetch')->buildFetchUrl($project, $site_key); $url = $service->buildFetchUrl($project, $site_key); $this->assertEqual($url, $expected, "When ? is present, '$url' should be '$expected'."); - } } diff --git a/core/modules/update/lib/Drupal/update/UpdateCompareManager.php b/core/modules/update/lib/Drupal/update/UpdateCompareManager.php index 8116893..1b7c9c3 100644 --- a/core/modules/update/lib/Drupal/update/UpdateCompareManager.php +++ b/core/modules/update/lib/Drupal/update/UpdateCompareManager.php @@ -2,20 +2,54 @@ /** * @file * Contains \Drupal\update\UpdateCompareManager. - * - * Code required only when comparing available updates to existing data. */ namespace Drupal\update; +use Drupal\Core\Extension\ModuleHandler; +use Drupal\Core\KeyValueStore\KeyValueExpirableFactory; use Symfony\Component\DependencyInjection\ContainerInterface; /** - * Update Compare Service. + * Update Comparison Service. */ class UpdateCompareManager { /** + * List of projects + * + * @var array + */ + protected $projects; + + /** + * Module Handler Service + * + * @var \Drupal\Core\Extension\ModuleHandler + */ + protected $moduleHandler; + + /** + * Key Value Expirable Factory + * + * @var \Drupal\Core\KeyValueStore\KeyValueExpirableFactory + */ + protected $keyValueExpirable; + + /** + * Constructs a UpdateCompareManager object. + * + * @param \Drupal\Core\Extension\ModuleHandler $moduleHandler + * Module Handler Service + * @param \Drupal\Core\KeyValueStore\KeyValueExpirableFactory + * Key Value Expirable Factory + */ + public function __construct(ModuleHandler $moduleHandler, KeyValueExpirableFactory $keyValueExpirable) { + $this->moduleHandler = $moduleHandler; + $this->keyValueExpirable = $keyValueExpirable; + } + + /** * Fetches an array of installed and enabled projects. * * This is only responsible for generating an array of projects (taking into @@ -33,7 +67,7 @@ class UpdateCompareManager { * module or theme but do not visit certain pages that automatically clear this * data. * - * @return + * @return array * An associative array of currently enabled projects keyed by the * machine-readable project short name. Each project contains: * - name: The machine-readable project short name. @@ -58,35 +92,522 @@ class UpdateCompareManager { * - base_themes: If the project is a theme it contains an associative array * of all base-themes. * - * @see update_process_project_info() - * @see update_calculate_project_data() - * @see update_project_storage() + * @see processProjectInfo() + * @see calculateProjectData() + * @see projectStorage() */ - function getProjects() { - $projects = &drupal_static(__FUNCTION__, array()); - if (empty($projects)) { + public function getProjects() { + if (empty($this->projects)) { // Retrieve the projects from storage, if present. - $projects = $this->projectStorage('update_project_projects'); - if (empty($projects)) { + $this->projects = $this->projectStorage('update_project_projects'); + if (empty($this->projects)) { // Still empty, so we have to rebuild. $module_data = system_rebuild_module_data(); $theme_data = system_rebuild_theme_data(); - $this->processInfoList($projects, $module_data, 'module', TRUE); - $this->processInfoList($projects, $theme_data, 'theme', TRUE); + $this->processInfoList($this->projects, $module_data, 'module', TRUE); + $this->processInfoList($this->projects, $theme_data, 'theme', TRUE); if (config('update.settings')->get('check.disabled_extensions')) { - $this->processInfoList($projects, $module_data, 'module', FALSE); - $this->processInfoList($projects, $theme_data, 'theme', FALSE); + $this->processInfoList($this->projects, $module_data, 'module', FALSE); + $this->processInfoList($this->projects, $theme_data, 'theme', FALSE); } // Allow other modules to alter projects before fetching and comparing. - drupal_alter('update_projects', $projects); + $this->moduleHandler->alter('update_projects', $this->projects); // Store the site's project data for at most 1 hour. - \Drupal::keyValueExpirable('update')->setWithExpire('update_project_projects', $projects, 3600); + $this->keyValueExpirable->get('update')->setWithExpire('update_project_projects', $this->projects, 3600); } } + return $this->projects; + } + + /** + * Determines version and type information for currently installed projects. + * + * Processes the list of projects on the system to figure out the currently + * installed versions, and other information that is required before we can + * compare against the available releases to produce the status report. + * + * @param $projects + * Array of project information from getProjects(). + */ + public function processProjectInfo(&$projects) { + foreach ($projects as $key => $project) { + // Assume an official release until we see otherwise. + $install_type = 'official'; + + $info = $project['info']; + + if (isset($info['version'])) { + // Check for development snapshots + if (preg_match('@(dev|HEAD)@', $info['version'])) { + $install_type = 'dev'; + } + + // Figure out what the currently installed major version is. We need + // to handle both contribution (e.g. "5.x-1.3", major = 1) and core + // (e.g. "5.1", major = 5) version strings. + $matches = array(); + if (preg_match('/^(\d+\.x-)?(\d+)\..*$/', $info['version'], $matches)) { + $info['major'] = $matches[2]; + } + elseif (!isset($info['major'])) { + // This would only happen for version strings that don't follow the + // drupal.org convention. We let contribs define "major" in their + // .info.yml in this case, and only if that's missing would we hit this. + $info['major'] = -1; + } + } + else { + // No version info available at all. + $install_type = 'unknown'; + $info['version'] = t('Unknown'); + $info['major'] = -1; + } + + // Finally, save the results we care about into the $projects array. + $projects[$key]['existing_version'] = $info['version']; + $projects[$key]['existing_major'] = $info['major']; + $projects[$key]['install_type'] = $install_type; + } + } + + /** + * Calculates the current update status of all projects on the site. + * + * The results of this function are expensive to compute, especially on sites + * with lots of modules or themes, since it involves a lot of comparisons and + * other operations. Therefore, we store the results. However, since this is not + * the data about available updates fetched from the network, it is ok to + * invalidate it somewhat quickly. If we keep this data for very long, site + * administrators are more likely to see incorrect results if they upgrade to a + * newer version of a module or theme but do not visit certain pages that + * automatically clear this. + * + * @param array $available + * Data about available project releases. + * + * @return array + * An array of installed projects with current update status information. + * + * @see update_get_available() + * @see getProjects() + * @see processProjectInfo() + * @see projectStorage() + */ + public function calculateProjectData($available) { + // Retrieve the projects from storage, if present. + $projects = $this->projectStorage('update_project_data'); + // If $projects is empty, then the data must be rebuilt. + // Otherwise, return the data and skip the rest of the function. + if (!empty($projects)) { + return $projects; + } + $projects = $this->getProjects(); + $this->processProjectInfo($projects); + foreach ($projects as $project => $project_info) { + if (isset($available[$project])) { + $this->calculateProjectUpdateStatus($projects[$project], $available[$project]); + } + else { + $projects[$project]['status'] = UPDATE_UNKNOWN; + $projects[$project]['reason'] = t('No available releases found'); + } + } + // Give other modules a chance to alter the status (for example, to allow a + // contrib module to provide fine-grained settings to ignore specific + // projects or releases). + $this->moduleHandler->alter('update_status', $projects); + + // Store the site's update status for at most 1 hour. + $this->keyValueExpirable->get('update')->setWithExpire('update_project_data', $projects, 3600); return $projects; } /** + * Calculates the current update status of a specific project. + * + * This function is the heart of the update status feature. For each project it + * is invoked with, it first checks if the project has been flagged with a + * special status like "unsupported" or "insecure", or if the project node + * itself has been unpublished. In any of those cases, the project is marked + * with an error and the next project is considered. + * + * If the project itself is valid, the function decides what major release + * series to consider. The project defines what the currently supported major + * versions are for each version of core, so the first step is to make sure the + * current version is still supported. If so, that's the target version. If the + * current version is unsupported, the project maintainer's recommended major + * version is used. There's also a check to make sure that this function never + * recommends an earlier release than the currently installed major version. + * + * Given a target major version, the available releases are scanned looking for + * the specific release to recommend (avoiding beta releases and development + * snapshots if possible). For the target major version, the highest patch level + * is found. If there is a release at that patch level with no extra ("beta", + * etc.), then the release at that patch level with the most recent release date + * is recommended. If every release at that patch level has extra (only betas), + * then the latest release from the previous patch level is recommended. For + * example: + * + * - 1.6-bugfix <-- recommended version because 1.6 already exists. + * - 1.6 + * + * or + * + * - 1.6-beta + * - 1.5 <-- recommended version because no 1.6 exists. + * - 1.4 + * + * Also, the latest release from the same major version is looked for, even beta + * releases, to display to the user as the "Latest version" option. + * Additionally, the latest official release from any higher major versions that + * have been released is searched for to provide a set of "Also available" + * options. + * + * Finally, and most importantly, the release history continues to be scanned + * until the currently installed release is reached, searching for anything + * marked as a security update. If any security updates have been found between + * the recommended release and the installed version, all of the releases that + * included a security fix are recorded so that the site administrator can be + * warned their site is insecure, and links pointing to the release notes for + * each security update can be included (which, in turn, will link to the + * official security announcements for each vulnerability). + * + * This function relies on the fact that the .xml release history data comes + * sorted based on major version and patch level, then finally by release date + * if there are multiple releases such as betas from the same major.patch + * version (e.g., 5.x-1.5-beta1, 5.x-1.5-beta2, and 5.x-1.5). Development + * snapshots for a given major version are always listed last. + * + * @param $project_data + * An array containing information about a specific project. + * @param $available + * Data about available project releases of a specific project. + */ + public function calculateProjectUpdateStatus(&$project_data, $available) { + foreach (array('title', 'link') as $attribute) { + if (!isset($project_data[$attribute]) && isset($available[$attribute])) { + $project_data[$attribute] = $available[$attribute]; + } + } + + // If the project status is marked as something bad, there's nothing else + // to consider. + if (isset($available['project_status'])) { + switch ($available['project_status']) { + case 'insecure': + $project_data['status'] = UPDATE_NOT_SECURE; + if (empty($project_data['extra'])) { + $project_data['extra'] = array(); + } + $project_data['extra'][] = array( + 'class' => array('project-not-secure'), + 'label' => t('Project not secure'), + 'data' => t('This project has been labeled insecure by the Drupal security team, and is no longer available for download. Immediately disabling everything included by this project is strongly recommended!'), + ); + break; + case 'unpublished': + case 'revoked': + $project_data['status'] = UPDATE_REVOKED; + if (empty($project_data['extra'])) { + $project_data['extra'] = array(); + } + $project_data['extra'][] = array( + 'class' => array('project-revoked'), + 'label' => t('Project revoked'), + 'data' => t('This project has been revoked, and is no longer available for download. Disabling everything included by this project is strongly recommended!'), + ); + break; + case 'unsupported': + $project_data['status'] = UPDATE_NOT_SUPPORTED; + if (empty($project_data['extra'])) { + $project_data['extra'] = array(); + } + $project_data['extra'][] = array( + 'class' => array('project-not-supported'), + 'label' => t('Project not supported'), + 'data' => t('This project is no longer supported, and is no longer available for download. Disabling everything included by this project is strongly recommended!'), + ); + break; + case 'not-fetched': + $project_data['status'] = UPDATE_NOT_FETCHED; + $project_data['reason'] = t('Failed to get available update data.'); + break; + + default: + // Assume anything else (e.g. 'published') is valid and we should + // perform the rest of the logic in this function. + break; + } + } + + if (!empty($project_data['status'])) { + // We already know the status for this project, so there's nothing else to + // compute. Record the project status into $project_data and we're done. + $project_data['project_status'] = $available['project_status']; + return; + } + + // Figure out the target major version. + $existing_major = $project_data['existing_major']; + $supported_majors = array(); + if (isset($available['supported_majors'])) { + $supported_majors = explode(',', $available['supported_majors']); + } + elseif (isset($available['default_major'])) { + // Older release history XML file without supported or recommended. + $supported_majors[] = $available['default_major']; + } + + if (in_array($existing_major, $supported_majors)) { + // Still supported, stay at the current major version. + $target_major = $existing_major; + } + elseif (isset($available['recommended_major'])) { + // Since 'recommended_major' is defined, we know this is the new XML + // format. Therefore, we know the current release is unsupported since + // its major version was not in the 'supported_majors' list. We should + // find the best release from the recommended major version. + $target_major = $available['recommended_major']; + $project_data['status'] = UPDATE_NOT_SUPPORTED; + } + elseif (isset($available['default_major'])) { + // Older release history XML file without recommended, so recommend + // the currently defined "default_major" version. + $target_major = $available['default_major']; + } + else { + // Malformed XML file? Stick with the current version. + $target_major = $existing_major; + } + + // Make sure we never tell the admin to downgrade. If we recommended an + // earlier version than the one they're running, they'd face an + // impossible data migration problem, since Drupal never supports a DB + // downgrade path. In the unfortunate case that what they're running is + // unsupported, and there's nothing newer for them to upgrade to, we + // can't print out a "Recommended version", but just have to tell them + // what they have is unsupported and let them figure it out. + $target_major = max($existing_major, $target_major); + + $release_patch_changed = ''; + $patch = ''; + + // If the project is marked as UPDATE_FETCH_PENDING, it means that the + // data we currently have (if any) is stale, and we've got a task queued + // up to (re)fetch the data. In that case, we mark it as such, merge in + // whatever data we have (e.g. project title and link), and move on. + if (!empty($available['fetch_status']) && $available['fetch_status'] == UPDATE_FETCH_PENDING) { + $project_data['status'] = UPDATE_FETCH_PENDING; + $project_data['reason'] = t('No available update data'); + $project_data['fetch_status'] = $available['fetch_status']; + return; + } + + // Defend ourselves from XML history files that contain no releases. + if (empty($available['releases'])) { + $project_data['status'] = UPDATE_UNKNOWN; + $project_data['reason'] = t('No available releases found'); + return; + } + foreach ($available['releases'] as $version => $release) { + // First, if this is the existing release, check a few conditions. + if ($project_data['existing_version'] === $version) { + if (isset($release['terms']['Release type']) && + in_array('Insecure', $release['terms']['Release type'])) { + $project_data['status'] = UPDATE_NOT_SECURE; + } + elseif ($release['status'] == 'unpublished') { + $project_data['status'] = UPDATE_REVOKED; + if (empty($project_data['extra'])) { + $project_data['extra'] = array(); + } + $project_data['extra'][] = array( + 'class' => array('release-revoked'), + 'label' => t('Release revoked'), + 'data' => t('Your currently installed release has been revoked, and is no longer available for download. Disabling everything included in this release or upgrading is strongly recommended!'), + ); + } + elseif (isset($release['terms']['Release type']) && + in_array('Unsupported', $release['terms']['Release type'])) { + $project_data['status'] = UPDATE_NOT_SUPPORTED; + if (empty($project_data['extra'])) { + $project_data['extra'] = array(); + } + $project_data['extra'][] = array( + 'class' => array('release-not-supported'), + 'label' => t('Release not supported'), + 'data' => t('Your currently installed release is now unsupported, and is no longer available for download. Disabling everything included in this release or upgrading is strongly recommended!'), + ); + } + } + + // Otherwise, ignore unpublished, insecure, or unsupported releases. + if ($release['status'] == 'unpublished' || + (isset($release['terms']['Release type']) && + (in_array('Insecure', $release['terms']['Release type']) || + in_array('Unsupported', $release['terms']['Release type'])))) { + continue; + } + + // See if this is a higher major version than our target and yet still + // supported. If so, record it as an "Also available" release. + // Note: Some projects have a HEAD release from CVS days, which could + // be one of those being compared. They would not have version_major + // set, so we must call isset first. + if (isset($release['version_major']) && $release['version_major'] > $target_major) { + if (in_array($release['version_major'], $supported_majors)) { + if (!isset($project_data['also'])) { + $project_data['also'] = array(); + } + if (!isset($project_data['also'][$release['version_major']])) { + $project_data['also'][$release['version_major']] = $version; + $project_data['releases'][$version] = $release; + } + } + // Otherwise, this release can't matter to us, since it's neither + // from the release series we're currently using nor the recommended + // release. We don't even care about security updates for this + // branch, since if a project maintainer puts out a security release + // at a higher major version and not at the lower major version, + // they must remove the lower version from the supported major + // versions at the same time, in which case we won't hit this code. + continue; + } + + // Look for the 'latest version' if we haven't found it yet. Latest is + // defined as the most recent version for the target major version. + if (!isset($project_data['latest_version']) + && $release['version_major'] == $target_major) { + $project_data['latest_version'] = $version; + $project_data['releases'][$version] = $release; + } + + // Look for the development snapshot release for this branch. + if (!isset($project_data['dev_version']) + && $release['version_major'] == $target_major + && isset($release['version_extra']) + && $release['version_extra'] == 'dev') { + $project_data['dev_version'] = $version; + $project_data['releases'][$version] = $release; + } + + // Look for the 'recommended' version if we haven't found it yet (see + // phpdoc at the top of this function for the definition). + if (!isset($project_data['recommended']) + && $release['version_major'] == $target_major + && isset($release['version_patch'])) { + if ($patch != $release['version_patch']) { + $patch = $release['version_patch']; + $release_patch_changed = $release; + } + if (empty($release['version_extra']) && $patch == $release['version_patch']) { + $project_data['recommended'] = $release_patch_changed['version']; + $project_data['releases'][$release_patch_changed['version']] = $release_patch_changed; + } + } + + // Stop searching once we hit the currently installed version. + if ($project_data['existing_version'] === $version) { + break; + } + + // If we're running a dev snapshot and have a timestamp, stop + // searching for security updates once we hit an official release + // older than what we've got. Allow 100 seconds of leeway to handle + // differences between the datestamp in the .info.yml file and the + // timestamp of the tarball itself (which are usually off by 1 or 2 + // seconds) so that we don't flag that as a new release. + if ($project_data['install_type'] == 'dev') { + if (empty($project_data['datestamp'])) { + // We don't have current timestamp info, so we can't know. + continue; + } + elseif (isset($release['date']) && ($project_data['datestamp'] + 100 > $release['date'])) { + // We're newer than this, so we can skip it. + continue; + } + } + + // See if this release is a security update. + if (isset($release['terms']['Release type']) + && in_array('Security update', $release['terms']['Release type'])) { + $project_data['security updates'][] = $release; + } + } + + // If we were unable to find a recommended version, then make the latest + // version the recommended version if possible. + if (!isset($project_data['recommended']) && isset($project_data['latest_version'])) { + $project_data['recommended'] = $project_data['latest_version']; + } + + // + // Check to see if we need an update or not. + // + + if (!empty($project_data['security updates'])) { + // If we found security updates, that always trumps any other status. + $project_data['status'] = UPDATE_NOT_SECURE; + } + + if (isset($project_data['status'])) { + // If we already know the status, we're done. + return; + } + + // If we don't know what to recommend, there's nothing we can report. + // Bail out early. + if (!isset($project_data['recommended'])) { + $project_data['status'] = UPDATE_UNKNOWN; + $project_data['reason'] = t('No available releases found'); + return; + } + + // If we're running a dev snapshot, compare the date of the dev snapshot + // with the latest official version, and record the absolute latest in + // 'latest_dev' so we can correctly decide if there's a newer release + // than our current snapshot. + if ($project_data['install_type'] == 'dev') { + if (isset($project_data['dev_version']) && $available['releases'][$project_data['dev_version']]['date'] > $available['releases'][$project_data['latest_version']]['date']) { + $project_data['latest_dev'] = $project_data['dev_version']; + } + else { + $project_data['latest_dev'] = $project_data['latest_version']; + } + } + + // Figure out the status, based on what we've seen and the install type. + switch ($project_data['install_type']) { + case 'official': + if ($project_data['existing_version'] === $project_data['recommended'] || $project_data['existing_version'] === $project_data['latest_version']) { + $project_data['status'] = UPDATE_CURRENT; + } + else { + $project_data['status'] = UPDATE_NOT_CURRENT; + } + break; + + case 'dev': + $latest = $available['releases'][$project_data['latest_dev']]; + if (empty($project_data['datestamp'])) { + $project_data['status'] = UPDATE_NOT_CHECKED; + $project_data['reason'] = t('Unknown release date'); + } + elseif (($project_data['datestamp'] + 100 > $latest['date'])) { + $project_data['status'] = UPDATE_CURRENT; + } + else { + $project_data['status'] = UPDATE_NOT_CURRENT; + } + break; + + default: + $project_data['status'] = UPDATE_UNKNOWN; + $project_data['reason'] = t('Invalid info'); + } + } + + /** * Retrieves update storage data or empties it. * * Two very expensive arrays computed by this module are the list of all @@ -108,12 +629,12 @@ function getProjects() { * The key of data to return. Valid options are 'update_project_data' and * 'update_project_projects'. * - * @return + * @return array * The stored value of the $projects array generated by - * update_calculate_project_data() or update_get_projects(), or an empty array + * calculateProjectData() or getProjects(), or an empty array * when the storage is cleared. */ - function projectStorage($key) { + public function projectStorage($key) { $projects = array(); // On certain paths, we should clear the data and recompute the projects for @@ -130,10 +651,10 @@ function projectStorage($key) { 'admin/reports/updates/check', ); if (in_array(current_path(), $paths)) { - \Drupal::keyValueExpirable('update')->delete($key); + $this->keyValueExpirable->get('update')->delete($key); } else { - $projects = \Drupal::keyValueExpirable('update')->get($key); + $projects = $this->keyValueExpirable->get('update')->get($key); } return $projects; } @@ -166,9 +687,9 @@ function projectStorage($key) { * (optional) Array of additional elements to be collected from the .info.yml * file. Defaults to array(). * - * @see update_get_projects() + * @see getProjects() */ - function processInfoList(&$projects, $list, $project_type, $status, $additional_whitelist = array()) { + public function processInfoList(&$projects, $list, $project_type, $status, $additional_whitelist = array()) { foreach ($list as $file) { // A disabled or hidden base theme of an enabled sub-theme still has all // of its code run by the sub-theme, so we include it in our "enabled" @@ -307,12 +828,12 @@ function processInfoList(&$projects, $list, $project_type, $status, $additional_ * @param $file * A file object as returned by system_get_files_database(). * - * @return + * @return string * The canonical project short name. * * @see system_get_files_database() */ - function getProjectName($file) { + public function getProjectName($file) { $project_name = ''; if (isset($file->info['project'])) { $project_name = $file->info['project']; @@ -332,12 +853,12 @@ function getProjectName($file) { * (optional) Array of additional elements to be collected from the .info.yml * file. Defaults to array(). * - * @return + * @return array * Array of .info.yml file data we need for the update manager. * - * @see update_process_info_list() + * @see processInfoList() */ - function filterProjectInfo($info, $additional_whitelist = array()) { + public function filterProjectInfo($info, $additional_whitelist = array()) { $whitelist = array( '_info_file_ctime', 'datestamp', diff --git a/core/modules/update/lib/Drupal/update/UpdateFetchManager.php b/core/modules/update/lib/Drupal/update/UpdateFetchManager.php index 1282a50..5c0269f 100644 --- a/core/modules/update/lib/Drupal/update/UpdateFetchManager.php +++ b/core/modules/update/lib/Drupal/update/UpdateFetchManager.php @@ -2,8 +2,6 @@ /** * @file * Contains \Drupal\update\UpdateFetchManager. - * - * Code required only when fetching information about available updates. */ namespace Drupal\update; @@ -11,6 +9,12 @@ use Symfony\Component\DependencyInjection\ContainerInterface; use Guzzle\Http\Exception\RequestException; use Drupal\Component\Utility\Crypt; +use Drupal\Core\Config\ConfigFactory; +use Drupal\Core\Queue\QueueFactory; +use Drupal\Core\KeyValueStore\KeyValueStoreInterface; +use Drupal\Core\KeyValueStore\KeyValueExpirableFactory; +use Drupal\Core\KeyValueStore\KeyValueFactory; +use Drupal\update\UpdateCompareManager; use SimpleXMLElement; use Exception; @@ -20,36 +24,114 @@ class UpdateFetchManager { /** + * Update fetch tasks + * + * @var array + */ + protected $fetchTasks; + + /** + * Config Service + * + * @var \Drupal\Core\Config\ConfigFactory + */ + protected $config; + + /** + * Queue Service + * + * @var \Drupal\Core\Queue\QueueFactory + */ + protected $queue; + + /** + * Key Value Service + * + * @var \Drupal\Core\KeyValueStore\KeyValueFactory + */ + protected $keyValue; + + /** + * Key Value Expirable Service + * + * @var \Drupal\Core\KeyValueStore\KeyValueExpirableFactory + */ + protected $keyValueExpirable; + + /** + * State Service + * + * @var \Drupal\Core\KeyValueStore\KeyValueStoreInterface + */ + protected $state; + + /** + * Update Comparison Service + * + * @var \Drupal\update\UpdateCompareManager + */ + protected $updateCompareManger; + + /** + * Constructs a UpdateFetchManager object. + * + * @param \Drupal\Core\Config\ConfigFactory + * Config Service + * @param \Drupal\Core\Queue\QueueFactory + * Queue Service + * @param \Drupal\Core\KeyValueStore\KeyValueFactory + * Key Value Factory + * @param \Drupal\Core\KeyValueStore\KeyValueExpirableFactory + * Key Value Expirable Factory + * @param \Drupal\Core\KeyValueStore\KeyValueStoreInterface + * State Service + * @param \Drupal\update\UpdateCompareManager + * Update Comparison Service + */ + public function __construct(ConfigFactory $config, QueueFactory $queue, KeyValueFactory $keyValue, KeyValueExpirableFactory $keyValueExpirable, KeyValueStoreInterface $state, UpdateCompareManager $updateCompareManager) { + $this->config = $config; + $this->queue = $queue; + $this->keyValue = $keyValue; + $this->keyValueExpirable = $keyValueExpirable; + $this->state = $state; + $this->updateCompareManger = $updateCompareManager; + } + + /** * Creates a new fetch task after loading the necessary include file. * * @param $project * Associative array of information about a project. See updateGetProjects() * for the keys used. * - * @see _update_create_fetch_task() + * @see processFetchTask() */ - function createFetchTask($project) { - $fetch_tasks = &drupal_static('_update_create_fetch_task', array()); - if (empty($fetch_tasks)) { - $fetch_tasks = \Drupal::service('keyvalue')->get('update_fetch_task')->getAll(); + public function createFetchTask($project) { + if (empty($this->fetchTasks)) { + $this->fetchTasks = $this->keyValue->get('update_fetch_task')->getAll(); } - if (empty($fetch_tasks[$project['name']])) { - $queue = \Drupal::queue('update_fetch_tasks'); - $queue->createItem($project); - \Drupal::service('keyvalue')->get('update_fetch_task')->set($project['name'], $project); - $fetch_tasks[$project['name']] = REQUEST_TIME; + if (empty($this->fetchTasks[$project['name']])) { + $this->queue->get('update_fetch_tasks')->createItem($project); + $this->keyValue->get('update_fetch_task')->set($project['name'], $project); + $this->fetchTasks[$project['name']] = REQUEST_TIME; } } /** + * Empties the fetchTasks property. + */ + public function clearFetchTasks() { + $this->fetchTasks = NULL; + } + + /** * Attempts to drain the queue of tasks for release history data to fetch. */ public function fetchData() { - $queue = \Drupal::queue('update_fetch_tasks'); - $end = time() + config('update.settings')->get('fetch.timeout'); - while (time() < $end && ($item = $queue->claimItem())) { + $end = time() + $this->config->get('update.settings')->get('fetch.timeout'); + while (time() < $end && ($item = $this->queue->get('update_fetch_tasks')->claimItem())) { $this->processFetchTask($item->data); - $queue->deleteItem($item); + $this->queue->get('update_fetch_tasks')->deleteItem($item); } } @@ -62,12 +144,12 @@ public function fetchData() { * @param $project * Associative array of information about the project to fetch data for. * - * @return + * @return bool * TRUE if we fetched parsable XML, otherwise FALSE. */ public function processFetchTask($project) { global $base_url; - $update_config = config('update.settings'); + $update_config = $this->config->get('update.settings'); $fail = &drupal_static(__FUNCTION__, array()); // This can be in the middle of a long-running batch, so REQUEST_TIME won't // necessarily be valid. @@ -75,7 +157,7 @@ public function processFetchTask($project) { if (empty($fail)) { // If we have valid data about release history XML servers that we have // failed to fetch from on previous attempts, load that. - $fail = \Drupal::keyValueExpirable('update')->get('fetch_failures'); + $fail = $this->keyValueExpirable->get('update')->get('fetch_failures'); } $max_fetch_attempts = $update_config->get('fetch.max_attempts'); @@ -119,19 +201,19 @@ public function processFetchTask($project) { $frequency = $update_config->get('check.interval_days'); $available['last_fetch'] = REQUEST_TIME + $request_time_difference; - \Drupal::keyValueExpirable('update_available_releases') + $this->keyValueExpirable->get('update_available_releases') ->setWithExpire($project_name, $available, $request_time_difference + (60 * 60 * 24 * $frequency)); // Stash the $fail data back in the DB for the next 5 minutes. - \Drupal::keyValueExpirable('update') + $this->keyValueExpirable->get('update') ->setWithExpire('fetch_failures', $fail, $request_time_difference + (60 * 5)); // Whether this worked or not, we did just (try to) check for updates. - \Drupal::state()->set('update.last_check', REQUEST_TIME + $request_time_difference); + $this->state->set('update.last_check', REQUEST_TIME + $request_time_difference); // Now that we processed the fetch task for this project, clear out the // record for this task so we're willing to fetch again. - \Drupal::service('keyvalue')->get('update_fetch_task')->delete($project_name); + $this->keyValue->get('update_fetch_task')->delete($project_name); return $success; } @@ -151,9 +233,9 @@ public function processFetchTask($project) { * @return string * The URL for fetching information about updates to the specified project. * - * @see update_fetch_data(updateFetchData - * @see _update_process_fetch_task() - * @see update_get_projects() + * @see fetchData() + * @see processFetchTask() + * @see getProjects() */ public function buildFetchUrl($project, $site_key = '') { $name = $project['name']; @@ -193,14 +275,14 @@ public function buildFetchUrl($project, $site_key = '') { * not include the path elements to specify a particular project, version, * site_key, etc. * - * @see _update_build_fetch_url() + * @see buildFetchUrl() */ public function getFetchUrlBase($project) { if (isset($project['info']['project status url'])) { $url = $project['info']['project status url']; } else { - $url = config('update.settings')->get('fetch.url'); + $url = $this->config->get('update.settings')->get('fetch.url'); if (empty($url)) { $url = UPDATE_DEFAULT_URL; } @@ -226,11 +308,11 @@ public function parseXml($raw_xml) { // SimpleXMLElement::__construct produces an E_WARNING error message for // each error found in the XML data and throws an exception if errors // were detected. Catch any exception and return failure (NULL). - return; + return NULL; } // If there is no valid project data, the XML is invalid, so return failure. if (!isset($xml->short_name)) { - return; + return NULL; } $short_name = (string) $xml->short_name; $data = array(); @@ -269,7 +351,7 @@ public function parseXml($raw_xml) { * @see update_requirements() */ public function cronNotify() { - $update_config = config('update.settings'); + $update_config = $this->config->get('update.settings'); module_load_install('update'); $status = update_requirements('runtime'); $params = array(); @@ -296,7 +378,7 @@ public function cronNotify() { // Track when the last mail was successfully sent to avoid sending // too many e-mails. if ($message['result']) { - state()->set('update.last_email_notification', REQUEST_TIME); + $this->state->set('update.last_email_notification', REQUEST_TIME); } } } @@ -312,17 +394,17 @@ public function refresh() { // of both the projects we care about, and the current update status of the // site. We do *not* want to clear the cache of available releases just yet, // since that data (even if it's stale) can be useful during - // updateGetProjects(); for example, to modules that implement + // getProjects() for example, to modules that implement // hook_system_info_alter() such as cvs_deploy. - \Drupal::keyValueExpirable('update')->delete('update_project_projects'); - \Drupal::keyValueExpirable('update')->delete('update_project_data'); + $this->keyValueExpirable->get('update')->delete('update_project_projects'); + $this->keyValueExpirable->get('update')->delete('update_project_data'); - $projects = \Drupal::service('update.compare')->getProjects(); + $projects = $this->updateCompareManger->getProjects(); // Now that we have the list of projects, we should also clear the available // release data, since even if we fail to fetch new data, we need to clear // out the stale data at this point. - \Drupal::keyValueExpirable('update_available_releases')->deleteAll(); + $this->keyValueExpirable->get('update_available_releases')->deleteAll(); foreach ($projects as $key => $project) { $this->createFetchTask($project); diff --git a/core/modules/update/update.compare.inc b/core/modules/update/update.compare.inc deleted file mode 100644 index 26bd09b..0000000 --- a/core/modules/update/update.compare.inc +++ /dev/null @@ -1,643 +0,0 @@ -getProjects(); -} - -/** - * Populates an array of project data. - * - * This iterates over a list of the installed modules or themes and groups - * them by project and status. A few parts of this function assume that - * enabled modules and themes are always processed first, and if disabled - * modules or themes are being processed (there is a setting to control if - * disabled code should be included in the Available updates report or not), - * those are only processed after $projects has been populated with - * information about the enabled code. 'Hidden' modules are always ignored. - * 'Hidden' themes are ignored only if they have no enabled sub-themes. - * This function also records the latest change time on the .info.yml - * files for each module or theme, which is important data which is used when - * deciding if the available update data should be invalidated. - * - * @param $projects - * Reference to the array of project data of what's installed on this site. - * @param $list - * Array of data to process to add the relevant info to the $projects array. - * @param $project_type - * The kind of data in the list. Can be 'module' or 'theme'. - * @param $status - * Boolean that controls what status (enabled or disabled) to process out of - * the $list and add to the $projects array. - * @param $additional_whitelist - * (optional) Array of additional elements to be collected from the .info.yml - * file. Defaults to array(). - * - * @see update_get_projects() - */ -function update_process_info_list(&$projects, $list, $project_type, $status, $additional_whitelist = array()) { - return \Drupal::service('update.compare')->processInfoList($projects, $list, $project_type, $status, $additional_whitelist); -} - -/** - * Determines what project a given file object belongs to. - * - * @param $file - * A file object as returned by system_get_files_database(). - * - * @return - * The canonical project short name. - * - * @see system_get_files_database() - */ -function update_get_project_name($file) { - return \Drupal::service('update.compare')->getProjectName($file); -} - -/** - * Determines version and type information for currently installed projects. - * - * Processes the list of projects on the system to figure out the currently - * installed versions, and other information that is required before we can - * compare against the available releases to produce the status report. - * - * @param $projects - * Array of project information from update_get_projects(). - */ -function update_process_project_info(&$projects) { - foreach ($projects as $key => $project) { - // Assume an official release until we see otherwise. - $install_type = 'official'; - - $info = $project['info']; - - if (isset($info['version'])) { - // Check for development snapshots - if (preg_match('@(dev|HEAD)@', $info['version'])) { - $install_type = 'dev'; - } - - // Figure out what the currently installed major version is. We need - // to handle both contribution (e.g. "5.x-1.3", major = 1) and core - // (e.g. "5.1", major = 5) version strings. - $matches = array(); - if (preg_match('/^(\d+\.x-)?(\d+)\..*$/', $info['version'], $matches)) { - $info['major'] = $matches[2]; - } - elseif (!isset($info['major'])) { - // This would only happen for version strings that don't follow the - // drupal.org convention. We let contribs define "major" in their - // .info.yml in this case, and only if that's missing would we hit this. - $info['major'] = -1; - } - } - else { - // No version info available at all. - $install_type = 'unknown'; - $info['version'] = t('Unknown'); - $info['major'] = -1; - } - - // Finally, save the results we care about into the $projects array. - $projects[$key]['existing_version'] = $info['version']; - $projects[$key]['existing_major'] = $info['major']; - $projects[$key]['install_type'] = $install_type; - } -} - -/** - * Calculates the current update status of all projects on the site. - * - * The results of this function are expensive to compute, especially on sites - * with lots of modules or themes, since it involves a lot of comparisons and - * other operations. Therefore, we store the results. However, since this is not - * the data about available updates fetched from the network, it is ok to - * invalidate it somewhat quickly. If we keep this data for very long, site - * administrators are more likely to see incorrect results if they upgrade to a - * newer version of a module or theme but do not visit certain pages that - * automatically clear this. - * - * @param array $available - * Data about available project releases. - * - * @return - * An array of installed projects with current update status information. - * - * @see update_get_available() - * @see update_get_projects() - * @see update_process_project_info() - * @see update_project_storage() - */ -function update_calculate_project_data($available) { - // Retrieve the projects from storage, if present. - $projects = update_project_storage('update_project_data'); - // If $projects is empty, then the data must be rebuilt. - // Otherwise, return the data and skip the rest of the function. - if (!empty($projects)) { - return $projects; - } - $projects = update_get_projects(); - update_process_project_info($projects); - foreach ($projects as $project => $project_info) { - if (isset($available[$project])) { - update_calculate_project_update_status($projects[$project], $available[$project]); - } - else { - $projects[$project]['status'] = UPDATE_UNKNOWN; - $projects[$project]['reason'] = t('No available releases found'); - } - } - // Give other modules a chance to alter the status (for example, to allow a - // contrib module to provide fine-grained settings to ignore specific - // projects or releases). - drupal_alter('update_status', $projects); - - // Store the site's update status for at most 1 hour. - Drupal::keyValueExpirable('update')->setWithExpire('update_project_data', $projects, 3600); - return $projects; -} - -/** - * Calculates the current update status of a specific project. - * - * This function is the heart of the update status feature. For each project it - * is invoked with, it first checks if the project has been flagged with a - * special status like "unsupported" or "insecure", or if the project node - * itself has been unpublished. In any of those cases, the project is marked - * with an error and the next project is considered. - * - * If the project itself is valid, the function decides what major release - * series to consider. The project defines what the currently supported major - * versions are for each version of core, so the first step is to make sure the - * current version is still supported. If so, that's the target version. If the - * current version is unsupported, the project maintainer's recommended major - * version is used. There's also a check to make sure that this function never - * recommends an earlier release than the currently installed major version. - * - * Given a target major version, the available releases are scanned looking for - * the specific release to recommend (avoiding beta releases and development - * snapshots if possible). For the target major version, the highest patch level - * is found. If there is a release at that patch level with no extra ("beta", - * etc.), then the release at that patch level with the most recent release date - * is recommended. If every release at that patch level has extra (only betas), - * then the latest release from the previous patch level is recommended. For - * example: - * - * - 1.6-bugfix <-- recommended version because 1.6 already exists. - * - 1.6 - * - * or - * - * - 1.6-beta - * - 1.5 <-- recommended version because no 1.6 exists. - * - 1.4 - * - * Also, the latest release from the same major version is looked for, even beta - * releases, to display to the user as the "Latest version" option. - * Additionally, the latest official release from any higher major versions that - * have been released is searched for to provide a set of "Also available" - * options. - * - * Finally, and most importantly, the release history continues to be scanned - * until the currently installed release is reached, searching for anything - * marked as a security update. If any security updates have been found between - * the recommended release and the installed version, all of the releases that - * included a security fix are recorded so that the site administrator can be - * warned their site is insecure, and links pointing to the release notes for - * each security update can be included (which, in turn, will link to the - * official security announcements for each vulnerability). - * - * This function relies on the fact that the .xml release history data comes - * sorted based on major version and patch level, then finally by release date - * if there are multiple releases such as betas from the same major.patch - * version (e.g., 5.x-1.5-beta1, 5.x-1.5-beta2, and 5.x-1.5). Development - * snapshots for a given major version are always listed last. - * - * @param $project_data - * An array containing information about a specific project. - * @param $available - * Data about available project releases of a specific project. - */ -function update_calculate_project_update_status(&$project_data, $available) { - foreach (array('title', 'link') as $attribute) { - if (!isset($project_data[$attribute]) && isset($available[$attribute])) { - $project_data[$attribute] = $available[$attribute]; - } - } - - // If the project status is marked as something bad, there's nothing else - // to consider. - if (isset($available['project_status'])) { - switch ($available['project_status']) { - case 'insecure': - $project_data['status'] = UPDATE_NOT_SECURE; - if (empty($project_data['extra'])) { - $project_data['extra'] = array(); - } - $project_data['extra'][] = array( - 'class' => array('project-not-secure'), - 'label' => t('Project not secure'), - 'data' => t('This project has been labeled insecure by the Drupal security team, and is no longer available for download. Immediately disabling everything included by this project is strongly recommended!'), - ); - break; - case 'unpublished': - case 'revoked': - $project_data['status'] = UPDATE_REVOKED; - if (empty($project_data['extra'])) { - $project_data['extra'] = array(); - } - $project_data['extra'][] = array( - 'class' => array('project-revoked'), - 'label' => t('Project revoked'), - 'data' => t('This project has been revoked, and is no longer available for download. Disabling everything included by this project is strongly recommended!'), - ); - break; - case 'unsupported': - $project_data['status'] = UPDATE_NOT_SUPPORTED; - if (empty($project_data['extra'])) { - $project_data['extra'] = array(); - } - $project_data['extra'][] = array( - 'class' => array('project-not-supported'), - 'label' => t('Project not supported'), - 'data' => t('This project is no longer supported, and is no longer available for download. Disabling everything included by this project is strongly recommended!'), - ); - break; - case 'not-fetched': - $project_data['status'] = UPDATE_NOT_FETCHED; - $project_data['reason'] = t('Failed to get available update data.'); - break; - - default: - // Assume anything else (e.g. 'published') is valid and we should - // perform the rest of the logic in this function. - break; - } - } - - if (!empty($project_data['status'])) { - // We already know the status for this project, so there's nothing else to - // compute. Record the project status into $project_data and we're done. - $project_data['project_status'] = $available['project_status']; - return; - } - - // Figure out the target major version. - $existing_major = $project_data['existing_major']; - $supported_majors = array(); - if (isset($available['supported_majors'])) { - $supported_majors = explode(',', $available['supported_majors']); - } - elseif (isset($available['default_major'])) { - // Older release history XML file without supported or recommended. - $supported_majors[] = $available['default_major']; - } - - if (in_array($existing_major, $supported_majors)) { - // Still supported, stay at the current major version. - $target_major = $existing_major; - } - elseif (isset($available['recommended_major'])) { - // Since 'recommended_major' is defined, we know this is the new XML - // format. Therefore, we know the current release is unsupported since - // its major version was not in the 'supported_majors' list. We should - // find the best release from the recommended major version. - $target_major = $available['recommended_major']; - $project_data['status'] = UPDATE_NOT_SUPPORTED; - } - elseif (isset($available['default_major'])) { - // Older release history XML file without recommended, so recommend - // the currently defined "default_major" version. - $target_major = $available['default_major']; - } - else { - // Malformed XML file? Stick with the current version. - $target_major = $existing_major; - } - - // Make sure we never tell the admin to downgrade. If we recommended an - // earlier version than the one they're running, they'd face an - // impossible data migration problem, since Drupal never supports a DB - // downgrade path. In the unfortunate case that what they're running is - // unsupported, and there's nothing newer for them to upgrade to, we - // can't print out a "Recommended version", but just have to tell them - // what they have is unsupported and let them figure it out. - $target_major = max($existing_major, $target_major); - - $release_patch_changed = ''; - $patch = ''; - - // If the project is marked as UPDATE_FETCH_PENDING, it means that the - // data we currently have (if any) is stale, and we've got a task queued - // up to (re)fetch the data. In that case, we mark it as such, merge in - // whatever data we have (e.g. project title and link), and move on. - if (!empty($available['fetch_status']) && $available['fetch_status'] == UPDATE_FETCH_PENDING) { - $project_data['status'] = UPDATE_FETCH_PENDING; - $project_data['reason'] = t('No available update data'); - $project_data['fetch_status'] = $available['fetch_status']; - return; - } - - // Defend ourselves from XML history files that contain no releases. - if (empty($available['releases'])) { - $project_data['status'] = UPDATE_UNKNOWN; - $project_data['reason'] = t('No available releases found'); - return; - } - foreach ($available['releases'] as $version => $release) { - // First, if this is the existing release, check a few conditions. - if ($project_data['existing_version'] === $version) { - if (isset($release['terms']['Release type']) && - in_array('Insecure', $release['terms']['Release type'])) { - $project_data['status'] = UPDATE_NOT_SECURE; - } - elseif ($release['status'] == 'unpublished') { - $project_data['status'] = UPDATE_REVOKED; - if (empty($project_data['extra'])) { - $project_data['extra'] = array(); - } - $project_data['extra'][] = array( - 'class' => array('release-revoked'), - 'label' => t('Release revoked'), - 'data' => t('Your currently installed release has been revoked, and is no longer available for download. Disabling everything included in this release or upgrading is strongly recommended!'), - ); - } - elseif (isset($release['terms']['Release type']) && - in_array('Unsupported', $release['terms']['Release type'])) { - $project_data['status'] = UPDATE_NOT_SUPPORTED; - if (empty($project_data['extra'])) { - $project_data['extra'] = array(); - } - $project_data['extra'][] = array( - 'class' => array('release-not-supported'), - 'label' => t('Release not supported'), - 'data' => t('Your currently installed release is now unsupported, and is no longer available for download. Disabling everything included in this release or upgrading is strongly recommended!'), - ); - } - } - - // Otherwise, ignore unpublished, insecure, or unsupported releases. - if ($release['status'] == 'unpublished' || - (isset($release['terms']['Release type']) && - (in_array('Insecure', $release['terms']['Release type']) || - in_array('Unsupported', $release['terms']['Release type'])))) { - continue; - } - - // See if this is a higher major version than our target and yet still - // supported. If so, record it as an "Also available" release. - // Note: Some projects have a HEAD release from CVS days, which could - // be one of those being compared. They would not have version_major - // set, so we must call isset first. - if (isset($release['version_major']) && $release['version_major'] > $target_major) { - if (in_array($release['version_major'], $supported_majors)) { - if (!isset($project_data['also'])) { - $project_data['also'] = array(); - } - if (!isset($project_data['also'][$release['version_major']])) { - $project_data['also'][$release['version_major']] = $version; - $project_data['releases'][$version] = $release; - } - } - // Otherwise, this release can't matter to us, since it's neither - // from the release series we're currently using nor the recommended - // release. We don't even care about security updates for this - // branch, since if a project maintainer puts out a security release - // at a higher major version and not at the lower major version, - // they must remove the lower version from the supported major - // versions at the same time, in which case we won't hit this code. - continue; - } - - // Look for the 'latest version' if we haven't found it yet. Latest is - // defined as the most recent version for the target major version. - if (!isset($project_data['latest_version']) - && $release['version_major'] == $target_major) { - $project_data['latest_version'] = $version; - $project_data['releases'][$version] = $release; - } - - // Look for the development snapshot release for this branch. - if (!isset($project_data['dev_version']) - && $release['version_major'] == $target_major - && isset($release['version_extra']) - && $release['version_extra'] == 'dev') { - $project_data['dev_version'] = $version; - $project_data['releases'][$version] = $release; - } - - // Look for the 'recommended' version if we haven't found it yet (see - // phpdoc at the top of this function for the definition). - if (!isset($project_data['recommended']) - && $release['version_major'] == $target_major - && isset($release['version_patch'])) { - if ($patch != $release['version_patch']) { - $patch = $release['version_patch']; - $release_patch_changed = $release; - } - if (empty($release['version_extra']) && $patch == $release['version_patch']) { - $project_data['recommended'] = $release_patch_changed['version']; - $project_data['releases'][$release_patch_changed['version']] = $release_patch_changed; - } - } - - // Stop searching once we hit the currently installed version. - if ($project_data['existing_version'] === $version) { - break; - } - - // If we're running a dev snapshot and have a timestamp, stop - // searching for security updates once we hit an official release - // older than what we've got. Allow 100 seconds of leeway to handle - // differences between the datestamp in the .info.yml file and the - // timestamp of the tarball itself (which are usually off by 1 or 2 - // seconds) so that we don't flag that as a new release. - if ($project_data['install_type'] == 'dev') { - if (empty($project_data['datestamp'])) { - // We don't have current timestamp info, so we can't know. - continue; - } - elseif (isset($release['date']) && ($project_data['datestamp'] + 100 > $release['date'])) { - // We're newer than this, so we can skip it. - continue; - } - } - - // See if this release is a security update. - if (isset($release['terms']['Release type']) - && in_array('Security update', $release['terms']['Release type'])) { - $project_data['security updates'][] = $release; - } - } - - // If we were unable to find a recommended version, then make the latest - // version the recommended version if possible. - if (!isset($project_data['recommended']) && isset($project_data['latest_version'])) { - $project_data['recommended'] = $project_data['latest_version']; - } - - // - // Check to see if we need an update or not. - // - - if (!empty($project_data['security updates'])) { - // If we found security updates, that always trumps any other status. - $project_data['status'] = UPDATE_NOT_SECURE; - } - - if (isset($project_data['status'])) { - // If we already know the status, we're done. - return; - } - - // If we don't know what to recommend, there's nothing we can report. - // Bail out early. - if (!isset($project_data['recommended'])) { - $project_data['status'] = UPDATE_UNKNOWN; - $project_data['reason'] = t('No available releases found'); - return; - } - - // If we're running a dev snapshot, compare the date of the dev snapshot - // with the latest official version, and record the absolute latest in - // 'latest_dev' so we can correctly decide if there's a newer release - // than our current snapshot. - if ($project_data['install_type'] == 'dev') { - if (isset($project_data['dev_version']) && $available['releases'][$project_data['dev_version']]['date'] > $available['releases'][$project_data['latest_version']]['date']) { - $project_data['latest_dev'] = $project_data['dev_version']; - } - else { - $project_data['latest_dev'] = $project_data['latest_version']; - } - } - - // Figure out the status, based on what we've seen and the install type. - switch ($project_data['install_type']) { - case 'official': - if ($project_data['existing_version'] === $project_data['recommended'] || $project_data['existing_version'] === $project_data['latest_version']) { - $project_data['status'] = UPDATE_CURRENT; - } - else { - $project_data['status'] = UPDATE_NOT_CURRENT; - } - break; - - case 'dev': - $latest = $available['releases'][$project_data['latest_dev']]; - if (empty($project_data['datestamp'])) { - $project_data['status'] = UPDATE_NOT_CHECKED; - $project_data['reason'] = t('Unknown release date'); - } - elseif (($project_data['datestamp'] + 100 > $latest['date'])) { - $project_data['status'] = UPDATE_CURRENT; - } - else { - $project_data['status'] = UPDATE_NOT_CURRENT; - } - break; - - default: - $project_data['status'] = UPDATE_UNKNOWN; - $project_data['reason'] = t('Invalid info'); - } -} - -/** - * Retrieves update storage data or empties it. - * - * Two very expensive arrays computed by this module are the list of all - * installed modules and themes (and .info.yml data, project associations, etc), and - * the current status of the site relative to the currently available releases. - * These two arrays are stored and used whenever possible. The data is cleared - * whenever the administrator visits the status report, available updates - * report, or the module or theme administration pages, since we should always - * recompute the most current values on any of those pages. - * - * Note: while both of these arrays are expensive to compute (in terms of disk - * I/O and some fairly heavy CPU processing), neither of these is the actual - * data about available updates that we have to fetch over the network from - * updates.drupal.org. That information is stored in the - * 'update_available_releases' collection -- it needs to persist longer than 1 - * hour and never get invalidated just by visiting a page on the site. - * - * @param $key - * The key of data to return. Valid options are 'update_project_data' and - * 'update_project_projects'. - * - * @return - * The stored value of the $projects array generated by - * update_calculate_project_data() or update_get_projects(), or an empty array - * when the storage is cleared. - */ -function update_project_storage($key) { - return \Drupal::service('update.compare')->projectStorage($key); -} - -/** - * Filters the project .info.yml data to only save attributes we need. - * - * @param array $info - * Array of .info.yml file data as returned by drupal_parse_info_file(). - * @param $additional_whitelist - * (optional) Array of additional elements to be collected from the .info.yml - * file. Defaults to array(). - * - * @return - * Array of .info.yml file data we need for the update manager. - * - * @see update_process_info_list() - */ -function update_filter_project_info($info, $additional_whitelist = array()) { - return \Drupal::service('update.compare')->filterProjectInfo($info, $additional_whitelist); -} diff --git a/core/modules/update/update.install b/core/modules/update/update.install index 3037c84..27490cc 100644 --- a/core/modules/update/update.install +++ b/core/modules/update/update.install @@ -29,8 +29,7 @@ function update_requirements($phase) { $requirements = array(); if ($phase == 'runtime') { if ($available = update_get_available(FALSE)) { - module_load_include('inc', 'update', 'update.compare'); - $data = update_calculate_project_data($available); + $data = \Drupal::service('update.compare')->calculateProjectData($available); // First, populate the requirements for core: $requirements['update_core'] = _update_requirement_check($data['drupal'], 'core'); // We don't want to check drupal a second time. diff --git a/core/modules/update/update.manager.inc b/core/modules/update/update.manager.inc index c7502a2..7438c18 100644 --- a/core/modules/update/update.manager.inc +++ b/core/modules/update/update.manager.inc @@ -90,8 +90,7 @@ function update_manager_update_form($form, $form_state = array(), $context) { // project in the form, regardless of if it's enabled or disabled. $form['project_downloads'] = array('#tree' => TRUE); - module_load_include('inc', 'update', 'update.compare'); - $project_data = update_calculate_project_data($available); + $project_data = \Drupal::service('update.compare')->calculateProjectData($available); foreach ($project_data as $name => $project) { // Filter out projects which are up to date already. if ($project['status'] == UPDATE_CURRENT) { diff --git a/core/modules/update/update.services.yml b/core/modules/update/update.services.yml index a60f412..725ccfd 100644 --- a/core/modules/update/update.services.yml +++ b/core/modules/update/update.services.yml @@ -1,5 +1,7 @@ services: update.fetch: class: Drupal\update\UpdateFetchManager + arguments: ['@config.factory', '@queue', '@keyvalue', '@keyvalue.expirable', '@state', '@update.compare'] update.compare: class: Drupal\update\UpdateCompareManager + arguments: ['@module_handler', '@keyvalue.expirable']