You are here

acquia_agent.module in Acquia Connector 6

Acquia Agent securely sends information to Acquia Network.

File

acquia_agent/acquia_agent.module
View source
<?php

/**
 * @file
 *   Acquia Agent securely sends information to Acquia Network.
 */

/**
 * XML-RPC errors defined by the Acquia Network.
 */
define('SUBSCRIPTION_NOT_FOUND', 1000);
define('SUBSCRIPTION_KEY_MISMATCH', 1100);
define('SUBSCRIPTION_EXPIRED', 1200);
define('SUBSCRIPTION_REPLAY_ATTACK', 1300);
define('SUBSCRIPTION_KEY_NOT_FOUND', 1400);
define('SUBSCRIPTION_MESSAGE_FUTURE', 1500);
define('SUBSCRIPTION_MESSAGE_EXPIRED', 1600);
define('SUBSCRIPTION_MESSAGE_INVALID', 1700);
define('SUBSCRIPTION_VALIDATION_ERROR', 1800);
define('SUBSCRIPTION_PROVISION_ERROR', 9000);

/**
 * Subscription message lifetime defined by the Acquia Network.
 */
define('SUBSCRIPTION_MESSAGE_LIFETIME', 15 * 60);

/**
 * Implementation of hook_menu().
 */
function acquia_agent_menu() {
  $items['admin/settings/acquia-agent'] = array(
    'title' => 'Acquia Network settings',
    'description' => 'Connect your site to the Acquia Network.',
    'page callback' => 'acquia_agent_settings_page',
    'file' => 'acquia_agent.pages.inc',
    'access arguments' => array(
      'administer site configuration',
    ),
  );
  $items['admin/settings/acquia-agent/refresh-status'] = array(
    'title' => 'Manual update check',
    'page callback' => 'acquia_agent_refresh_status',
    'access arguments' => array(
      'administer site configuration',
    ),
    'type' => MENU_CALLBACK,
  );
  return $items;
}

/**
 * Implementation of hook_init().
 */
function acquia_agent_init() {
  if (arg(2) != 'acquia-agent' && empty($_POST) && user_access('administer site configuration') && !acquia_agent_has_credentials()) {
    $message = t('Get a <a href="@acquia-free">free 30 day trial</a> of Drupal support, enhanced content search, comment spam blocking and more. If you have an Acquia Network subscription, <a href="@settings">connect now</a>.', array(
      '@acquia-free' => url('admin/settings/acquia-agent'),
      '@settings' => url('admin/settings/acquia-agent/connection'),
    ));
    if (arg(0) == 'admin') {
      $message .= '<br />' . t('To turn this message off, disable the Acquia Network Connector <a href="@admin-modules">modules</a>.', array(
        '@admin-modules' => url('admin/build/modules', array(
          'fragment' => 'system-modules',
        )),
      ));
    }
    drupal_set_message($message, 'warning', FALSE);
  }
}

/**
 * Implementation of hook_theme().
 */
function acquia_agent_theme() {
  return array(
    'acquia_agent_banner_form' => array(
      'arguments' => array(
        'form' => NULL,
      ),
      'file' => 'acquia_agent.pages.inc',
    ),
  );
}

/**
 * Get subscription status from the Acquia Network, and store the result.
 *
 * This check also sends a heartbeat to the Acquia Network unless
 * $params['no_heartbeat'] == 1.
 */
function acquia_agent_check_subscription($params = array()) {

  // Default return value is FALSE.
  $subscription = FALSE;
  if (!acquia_agent_has_credentials()) {

    // If there is not an identifier or key, delete any old subscription data.
    variable_del('acquia_subscription_data');
  }
  else {

    // There is an identifier and key, so attempt communication.
    // Include version number information.
    acquia_agent_load_versions();
    if (IS_ACQUIA_DRUPAL) {
      $params['version'] = ACQUIA_DRUPAL_VERSION;
      $params['series'] = ACQUIA_DRUPAL_SERIES;
      $params['branch'] = ACQUIA_DRUPAL_BRANCH;
      $params['revision'] = ACQUIA_DRUPAL_REVISION;
    }

    // Include Acquia Search module version number.
    if (module_exists('acquia_search')) {
      $result = db_query("SELECT name, info FROM {system} WHERE name IN ('acquia_search', 'apachesolr')");
      while ($data = db_fetch_object($result)) {
        if ($info = unserialize($data->info)) {

          // Send the version, or at least the core compatibility as a fallback.
          $params['search_version'][$data->name] = isset($info['version']) ? (string) $info['version'] : (string) $info['core'];
        }
      }
    }
    $data = acquia_agent_call('acquia.agent.subscription', $params);
    $subscription['timestamp'] = time();
    if ($errno = xmlrpc_errno()) {
      switch ($errno) {
        case SUBSCRIPTION_NOT_FOUND:
        case SUBSCRIPTION_EXPIRED:
          variable_del('acquia_subscription_data');
          break;
      }
    }
    elseif (acquia_agent_valid_response($data)) {
      $subscription += $data['result']['body'];
      variable_set('acquia_subscription_data', $subscription);

      // use: acquia_agent_settings('acquia_subscription_data');
    }
    else {
      watchdog('acquia agent', 'HMAC validation error: <pre>@data</pre>', array(
        '@data' => print_r($data, TRUE),
      ), WATCHDOG_ERROR);
    }
  }
  return $subscription;
}
function acquia_agent_report_xmlrpc_error() {
  drupal_set_message(t('Error: @message (@errno)', array(
    '@message' => xmlrpc_error_msg(),
    '@errno' => xmlrpc_errno(),
  )), 'error');
}

/**
 * Implementation of hook_update_status_alter().
 *
 * This compares the array of computed information about projects that are
 * missing available updates with the saved settings. If the settings specify
 * that a particular project or release should be ignored, the status for that
 * project is altered to indicate it is ignored because of settings.
 *
 * @param $projects
 *   Reference to an array of information about available updates to each
 *   project installed on the system.
 *
 * @see update_calculate_project_data()
 */
function acquia_agent_update_status_alter(&$projects) {
  if (!($subscription = acquia_agent_has_update_service())) {

    // Get subscription data or return if the service is not enabled.
    return;
  }
  foreach ($projects as $project => $project_info) {
    if ($project == 'drupal') {
      if (isset($subscription['update'])) {
        $projects[$project]['status'] = $subscription['update']['status'];
        $projects[$project]['releases'] = $subscription['update']['releases'];
        $projects[$project]['recommended'] = $subscription['update']['recommended'];
        $projects[$project]['latest_version'] = $subscription['update']['latest_version'];

        // Security updates are a separate piece of data.  If we leave it, then core
        // security warnings from druapl.org will also be displayed on the update page.
        unset($projects[$project]['security updates']);
      }
      else {
        $projects[$project]['status'] = UPDATE_NOT_CHECKED;
        $projects[$project]['reason'] = t('No information available from the Acquia Network');
        unset($projects[$project]['releases']);
        unset($projects[$project]['recommended']);
      }
      $projects[$project]['link'] = 'http://acquia.com/products-services/acquia-drupal';
      $projects[$project]['title'] = 'Acquia Drupal';
      $projects[$project]['existing_version'] = ACQUIA_DRUPAL_VERSION;
      $projects[$project]['install_type'] = 'official';
      unset($projects[$project]['extra']);
    }
    elseif ($project_info['datestamp'] == 'acquia drupal') {
      $projects['drupal']['includes'][$project] = $project_info['title'];
      unset($projects[$project]);
    }
  }
}

/**
 * Implementation of hook_system_info_alter()
 */
function acquia_agent_system_info_alter(&$info) {
  if (!($subscription = acquia_agent_has_update_service())) {

    // Get subscription data or return if the service is not enabled.
    return;
  }
  if (isset($info['acquia'])) {

    // Slight hack - the datestamp field is carried thourgh by update.module.
    $info['datestamp'] = 'acquia drupal';
  }
}

/**
 * Returns the stored subscription data if update service is enabled or FALSE otherwise.
 */
function acquia_agent_has_update_service() {

  // Include version number information.
  acquia_agent_load_versions();
  $subscription = acquia_agent_settings('acquia_subscription_data');
  if (!IS_ACQUIA_DRUPAL || empty($subscription['active']) || isset($subscription['update_service']) && empty($subscription['update_service'])) {

    // We don't have update service if (1) this is not Acquia Drupal, (2) there
    // is no subscription or (3) the update service was disabled on acquia.com.
    // Requiring the update_service key and checking its value separately is
    // important for backwards compatibility. Isset & empty tells us
    // that the web service willingly told us to not do update notifications.
    return FALSE;
  }
  return $subscription;
}

/**
 * Implemetation of hook_menu_alter()
 */
function acquia_agent_menu_alter(&$items) {
  if (isset($items['admin/reports/updates/check'])) {
    $items['admin/reports/updates/check']['page callback'] = 'acquia_agent_manual_status';
  }
}

/**
 * Menu callback for 'admin/settings/acquia-agent/refresh-status'.
 */
function acquia_agent_refresh_status() {

  // Refresh subscription information, so we are sure about our update status.
  if (module_exists('acquia_spi')) {
    acquia_spi_send_profile_info();
  }

  // We send a heartbeat here so that all of our status information gets
  // updated locally via the return data.
  acquia_agent_check_subscription();

  // Return to the setting page (or destination)
  drupal_goto('admin/settings/acquia-agent');
}

/**
 * Substituted menu callback for 'admin/reports/updates/check'.
 */
function acquia_agent_manual_status() {

  // Refresh subscription information, so we are sure about our update status.
  if (module_exists('acquia_spi')) {
    acquia_spi_send_profile_info();
  }

  // We send a heartbeat here so that all of our status information gets
  // updated locally via the return data.
  acquia_agent_check_subscription();

  // This callback will only ever be available if update module is active.
  update_manual_status();
}

/**
 * Implementation of hook_cron().
 */
function acquia_agent_cron() {

  // Check subscription and send a heartbeat to Acquia Network via XML-RPC.
  acquia_agent_check_subscription();
}

/**
 * Implementation of hook_watchdog().
 */
function acquia_agent_watchdog($log_entry) {

  // Make sure that even when cron failures prevent hook_cron() from being
  // called, we still send out a heartbeat.
  $cron_failure_messages = array(
    'Cron has been running for more than an hour and is most likely stuck.',
    'Attempting to re-run cron while it is already running.',
  );
  if (in_array($log_entry['message'], $cron_failure_messages, TRUE)) {
    acquia_agent_check_subscription();
  }
}

/**
 * @defgroup acquia_admin_menu Alter or add to the administration menu.
 * @{
 * The admin_menu module is enabled by default - we alter it to add our icon and
 * subscription information.
 */

/**
 * Implementation of hook_admin_menu().
 */
function acquia_agent_admin_menu() {

  // Add link to show current subscription status
  $links[] = array(
    'title' => 'acquia_subscription_status',
    'path' => 'http://acquia.com',
    'weight' => -80,
    'parent_path' => '<root>',
    'options' => array(
      'extra class' => 'admin-menu-action acquia-subscription-status',
      'html' => TRUE,
    ),
  );
  return $links;
}

/**
 * Implementation of hook_translated_menu_link_alter().
 *
 * Here is where we make changes to links that need dynamic information such
 * as the current page path or the number of users.
 */
function acquia_agent_translated_menu_link_alter(&$item, $map) {
  global $user;
  if (empty($user->uid) || $item['module'] != 'admin_menu') {
    return;
  }
  if ($item['title'] == 'acquia_subscription_status') {
    if (acquia_agent_subscription_is_active()) {
      $subscription = acquia_agent_settings('acquia_subscription_data');
      $icon = '<img src="' . base_path() . 'misc/watchdog-ok.png" height="10" alt="ok" />';
      $item['title'] = t("!icon Subscription active (expires !date)", array(
        '!icon' => $icon,
        '!date' => format_date(strtotime($subscription['expiration_date']['value']), 'small'),
      ));
      $item['localized_options']['extra class'] .= " acquia-active-subscription";
      $item['localized_options']['attributes']['title'] = $subscription['product']['view'];
      $item['href'] = $subscription['href'];
    }
    else {
      $icon = '<img src="' . base_path() . 'misc/watchdog-error.png" height="10" alt="error" />';
      $item['title'] = t("!icon Subscription not active", array(
        '!icon' => $icon,
      ));
      $item['localized_options']['extra class'] .= " acquia-inactive-subscription";
      $item['href'] = 'http://acquia.com/network';
    }
  }
}

/**
 * Implementation of hook_theme_registry_alter().
 */
function acquia_agent_theme_registry_alter(&$theme_registry) {
  if (isset($theme_registry['admin_menu_icon'])) {
    $theme_registry['admin_menu_icon']['function'] = 'acquia_agent_menu_icon';
  }
}

/**
 * Render an icon to display in the Administration Menu.
 */
function acquia_agent_menu_icon() {
  return '<img class="admin-menu-icon" src="' . base_path() . drupal_get_path('module', 'acquia_agent') . '/acquia_drupal.ico" height = "16" alt="" />';
}

/**
 * @} End of "acquia_admin_menu".
 */

/**
 * Validate identifier/key pair via XML-RPC call to Acquia Network address.
 *
 * This is generaly only useful when actually entering the values in the form.
 * Normally, use acquia_agent_check_subscription() since it also validates
 * the response.
 */
function acquia_agent_valid_credentials($identifier, $key, $acquia_network_address = NULL) {
  $data = acquia_agent_call('acquia.agent.validate', array(), $identifier, $key, $acquia_network_address);
  return (bool) $data['result'];
}

/**
 * Prepare and send a XML-RPC request to Acquia Network with an authenticator.
 *
 */
function acquia_agent_call($method, $params, $identifier = NULL, $key = NULL, $acquia_network_address = NULL) {
  $path = drupal_get_path('module', 'acquia_agent');
  require_once $path . '/acquia_agent_streams.inc';
  $acquia_network_address = acquia_agent_network_address($acquia_network_address);
  $host = isset($_SERVER["SERVER_ADDR"]) ? $_SERVER["SERVER_ADDR"] : '';
  $data = array(
    'authenticator' => _acquia_agent_authenticator($params, $identifier, $key),
    'host' => $host,
    'body' => $params,
  );
  $data['result'] = _acquia_agent_request($acquia_network_address, $method, $data);
  return $data;
}

/**
 * Returns an error message for the most recent (failed) attempt to connect
 * to the Acquia Network during the current page request. If there were no
 * failed attempts, returns FALSE.
 *
 * This function assumes that the most recent XML-RPC error came from the
 * Acquia Network; otherwise, it will not work correctly.
 */
function acquia_agent_connection_error_message() {
  $errno = xmlrpc_errno();
  if ($errno) {
    switch ($errno) {
      case SUBSCRIPTION_NOT_FOUND:
        return t('The identifier you have provided does not exist in the Acquia Network or is expired. Please make sure you have used the correct value and try again.');
        break;
      case SUBSCRIPTION_EXPIRED:
        return t('Your Acquia Network subscription has expired. Please renew your subscription so that you can resume using Acquia Network services.');
        break;
      case SUBSCRIPTION_MESSAGE_FUTURE:
        return t('Your server is unable to communicate with the Acquia Network due to a problem with your clock settings. For security reasons, we reject messages that are more than @time ahead of the actual time recorded by our servers. Please fix the clock on your server and try again.', array(
          '@time' => format_interval(SUBSCRIPTION_MESSAGE_LIFETIME),
        ));
        break;
      case SUBSCRIPTION_MESSAGE_EXPIRED:
        return t('Your server is unable to communicate with the Acquia Network due to a problem with your clock settings. For security reasons, we reject messages that are more than @time older than the actual time recorded by our servers. Please fix the clock on your server and try again.', array(
          '@time' => format_interval(SUBSCRIPTION_MESSAGE_LIFETIME),
        ));
        break;
      case SUBSCRIPTION_VALIDATION_ERROR:
        return t('The identifier and key you have provided for the Acquia Network do not match. Please make sure you have used the correct values and try again.');
        break;
      default:
        return t('There is an error communicating with the Acquia Network at this time. Please check your identifier and key and try again.');
        break;
    }
  }
  return FALSE;
}

/**
 * Helper function to build the xmlrpc target address.
 */
function acquia_agent_network_address($acquia_network_address = NULL) {
  if (empty($acquia_network_address)) {
    $acquia_network_address = acquia_agent_settings('acquia_network_address');
  }

  // Strip protocol (scheme) from Network address
  $uri = parse_url($acquia_network_address);
  $port = isset($uri['port']) ? ':' . $uri['port'] : '';
  $path = isset($uri['path']) ? $uri['path'] : '';
  $acquia_network_address = $uri['host'] . $port . $path;

  // Add a scheme based on PHP's capacity.
  if (in_array('ssl', stream_get_transports(), TRUE) && !defined('ACQUIA_DEVELOPMENT_NOSSL')) {

    // OpenSSL is available in PHP
    $acquia_network_address = 'https://' . $acquia_network_address;
  }
  else {
    $acquia_network_address = 'http://' . $acquia_network_address;
  }
  $acquia_network_address .= '/xmlrpc.php';
  return $acquia_network_address;
}

/**
 * Helper function to check if an identifer and key exist.
 */
function acquia_agent_has_credentials() {
  return (bool) (variable_get('acquia_identifier', FALSE) && variable_get('acquia_key', FALSE));
}

/**
 * Helper function to check if the site has an active subscription.
 */
function acquia_agent_subscription_is_active() {
  $active = FALSE;

  // Subscription cannot be active if we have no credentials.
  if (acquia_agent_has_credentials()) {
    $subscription = acquia_agent_settings('acquia_subscription_data');

    // Make sure we have data at least once per day.
    if (isset($subscription['timestamp']) && time() - $subscription['timestamp'] > 60 * 60 * 24) {
      $subscription = acquia_agent_check_subscription(array(
        'no_heartbeat' => 1,
      ));
    }
    $active = !empty($subscription['active']);
  }
  return $active;
}

/**
 * Helper function so that we don't need to repeat defaults.
 */
function acquia_agent_settings($variable_name) {
  switch ($variable_name) {
    case 'acquia_identifier':
      return variable_get('acquia_identifier', '');
    case 'acquia_key':
      return variable_get('acquia_key', '');
    case 'acquia_network_address':
      return variable_get('acquia_network_address', 'https://rpc.acquia.com');
    case 'acquia_subscription_data':
      return variable_get('acquia_subscription_data', array(
        'active' => FALSE,
      ));
  }
}

/**
 * Returns a string of highly randomized bytes (over the full 8-bit range).
 *
 * This function is better than simply calling mt_rand) or any other built-in
 * PHP function because it can return a long string of bytes (compared to < 4
 * bytes normally from mt_rand)) and uses the best available pseudo-random source.
 *
 * @param $count
 *   The number of characters (bytes) to return in the string.
 */
function acquia_agent_random_bytes($count) {
  static $random_state;

  // We initialize with the somewhat random PHP process ID on the first call.
  if (empty($random_state)) {
    $random_state = getmypid();
  }
  $output = '';

  // /dev/urandom is available on many *nix systems and is considered the best
  // commonly available pseudo-random source.
  if ($fh = @fopen('/dev/urandom', 'rb')) {
    $output = fread($fh, $count);
    fclose($fh);
  }

  // If /dev/urandom is not available or returns no bytes, this loop will
  // generate a good set of pseudo-random bytes on any system.
  while (strlen($output) < $count) {
    $random_state = md5(microtime() . mt_rand() . $random_state);
    $output .= pack('H*', md5(mt_rand() . $random_state));
  }
  return substr($output, 0, $count);
}

/**
 * API function used by others to ensure version information is loaded.
 *
 * Saves us some cycles to not load it each time, when it is actually
 * not needed. We store this in a separate file, so that the Acquia
 * build process only needs to alter that file instead of the main
 * module file.
 */
function acquia_agent_load_versions() {

  // Include version number information.
  include_once 'acquia_agent_drupal_version.inc';
}

/**
 * Implementation of hook_form_[form_id]_alter()..
 */
function acquia_agent_form_system_modules_alter(&$form, &$form_state) {
  if (isset($form['description']['acquia_search'])) {
    $subscription = acquia_agent_settings('acquia_subscription_data');
    if (!module_exists('acquia_search') && empty($subscription['active'])) {
      $form['status']['#disabled_modules'][] = 'acquia_search';
      $text = 'Acquia Search requires an <a href="@network-url">Acquia Network subscription</a>';
      $message = t($text, array(
        '@network-url' => 'http://acquia.com/products-services/acquia-search',
      ));
      $form['description']['acquia_search']['#value'] = '<div style="padding-left:5px; margin:8px 0px" class="messages warning" id="acquia-agent-no-search">' . $message . '</div>' . $form['description']['acquia_search']['#value'];
    }
  }
}

Functions

Namesort descending Description
acquia_agent_admin_menu Implementation of hook_admin_menu().
acquia_agent_call Prepare and send a XML-RPC request to Acquia Network with an authenticator.
acquia_agent_check_subscription Get subscription status from the Acquia Network, and store the result.
acquia_agent_connection_error_message Returns an error message for the most recent (failed) attempt to connect to the Acquia Network during the current page request. If there were no failed attempts, returns FALSE.
acquia_agent_cron Implementation of hook_cron().
acquia_agent_form_system_modules_alter Implementation of hook_form_[form_id]_alter()..
acquia_agent_has_credentials Helper function to check if an identifer and key exist.
acquia_agent_has_update_service Returns the stored subscription data if update service is enabled or FALSE otherwise.
acquia_agent_init Implementation of hook_init().
acquia_agent_load_versions API function used by others to ensure version information is loaded.
acquia_agent_manual_status Substituted menu callback for 'admin/reports/updates/check'.
acquia_agent_menu Implementation of hook_menu().
acquia_agent_menu_alter Implemetation of hook_menu_alter()
acquia_agent_menu_icon Render an icon to display in the Administration Menu.
acquia_agent_network_address Helper function to build the xmlrpc target address.
acquia_agent_random_bytes Returns a string of highly randomized bytes (over the full 8-bit range).
acquia_agent_refresh_status Menu callback for 'admin/settings/acquia-agent/refresh-status'.
acquia_agent_report_xmlrpc_error
acquia_agent_settings Helper function so that we don't need to repeat defaults.
acquia_agent_subscription_is_active Helper function to check if the site has an active subscription.
acquia_agent_system_info_alter Implementation of hook_system_info_alter()
acquia_agent_theme Implementation of hook_theme().
acquia_agent_theme_registry_alter Implementation of hook_theme_registry_alter().
acquia_agent_translated_menu_link_alter Implementation of hook_translated_menu_link_alter().
acquia_agent_update_status_alter Implementation of hook_update_status_alter().
acquia_agent_valid_credentials Validate identifier/key pair via XML-RPC call to Acquia Network address.
acquia_agent_watchdog Implementation of hook_watchdog().

Constants