You are here

Home » API reference » Backup and Migrate Dropbox 7.3 » destinations.dropbox.inc » backup_migrate_destination_dropbox

function backup_migrate_destination_dropbox::edit_form in Backup and Migrate Dropbox 7.3

Same name and namespace in other branches
  1. 6.2 destinations.dropbox.inc \backup_migrate_destination_dropbox::edit_form()
  2. 6 destinations.dropbox.inc \backup_migrate_destination_dropbox::edit_form()
  3. 7 destinations.dropbox.inc \backup_migrate_destination_dropbox::edit_form()
  4. 7.2 destinations.dropbox.inc \backup_migrate_destination_dropbox::edit_form()

Get the form for the settings for this filter.

Settings specific for a Dropbox destination:

The user should authorize this App to access (an app folder on) its account file system on Dropbox. We do so using the oauth2 protocol. As our app is open source not backed up by a "redirect" server that stores tokens or codes on behalf of the users we cannot securely store the app secret. Therefore we use oauth extended with PKCE, see {@link https://dropbox.tech/developers/pkce--what-and-why-}.

To let the user authorize this app, we provide a button that directs the user to an authorization URL on the dropbox.com site. Dropbox asks the user if (s)he want to give permission to this App and, if so, displays a (short lived) access code that the user should enter in this form.

Upon form submission, the entered access code is used to obtain the first (short lived) bearer token and a long lived refresh token. The bearer token is used as authorization token for the API calls. When it expires, subsequent (also short lived) bearer tokens can be get with the refresh token.

Furthermore, the user can specify a sub folder on the App folder to store the back-ups from this destination. this can be useful, when there are multiple destinations (possibly from different sites) backing up to this Dropbox account.

So this app should store: 1 The refresh token: in the settings. 2 The sub folder to write the back-ups to: as part of the dest_url. 3 The actual (still valid) bearer token (expired ones can be disposed): the settings property of a destination is less suited to constantly changing values, so we store this in a variable of our own.

Return value

array[] Drupal form definition for the destination settings form of this module.

Throws

Exception

File

./destinations.dropbox.inc, line 67
destinations.dropbox.inc

Class

backup_migrate_destination_dropbox
A destination for sending database backups to a Dropbox account.

Code

function edit_form() {
  $form = parent::edit_form();

  // Upgrade warning.
  if ($this
    ->settings('token') !== NULL) {
    $app_console_link = l('your App console on Dropbox', 'https://www.dropbox.com/developers/apps', [
      'attributes' => [
        'target' => '_blank',
      ],
    ]);
    $app_name = $this
      ->settings('app_name') ? $this
      ->settings('app_name') . ' ' : '';
    drupal_set_message(t("It seems you are updating from the previous version. Please do not forget to visit !app_console_link and delete the %app_nameapp you created back then.", [
      '!app_console_link' => $app_console_link,
      '%app_name' => $app_name,
    ]), 'warning');
  }
  $form['name']['#description'] = t('Enter a "friendly" name for this destination. Only appears as a descriptor in the Backup and Migrate administration screens.');
  $form['scheme'] = [
    '#type' => 'value',
    '#value' => 'https',
  ];
  $form['host'] = [
    '#type' => 'value',
    '#value' => 'www.dropbox.com',
  ];
  $form['user'] = [
    '#type' => 'value',
    '#value' => '',
  ];
  $form['old_password'] = [
    '#type' => 'value',
    '#value' => '',
  ];
  $form['pass'] = [
    '#type' => 'value',
    '#value' => '',
  ];

  // A code verifier is a disposable secret. So we create a new one every time
  // this forms gets rendered.
  // - It should stay on the server: we use a for item of #type = 'value'.
  // - It is needed on form submission: we need to cache the form:  we set a
  //   '#cache' flag to communicate to our own hook_form_FORM_ID_alter() to
  //   set form caching to true (as we don't have access here to the
  //   $form_state). This #cache key does not have any meaning to Drupal
  //   itself.
  $code_verifier = $this
    ->get_dropbox_api()
    ->create_code_verifier();
  $form['code_verifier'] = [
    '#type' => 'value',
    '#value' => $code_verifier,
  ];
  $form['#cache'] = TRUE;
  $refresh_token_known = $this
    ->settings('refresh_token') !== NULL;
  $authorize_help = t('You need to give this app access to your Dropbox folders. ' . 'The only rights this app will be asking for is to be able to read and write to its own sub folder. ' . 'Note: by default, all apps need basic read access to your account details, so that will be asked for too.');
  $authorize_instructions = t('By clicking on the button below, which opens in a new tab, ' . 'you will be directed to the Dropbox site where you can authorize this app to access your Dropbox folders. ' . 'Dropbox will give you an authorization code that you need to copy and paste into the field below the button.');
  $authorize_url = $this
    ->get_dropbox_api()
    ->get_authorize_url($code_verifier);
  $authorize_text = $refresh_token_known ? t('Get a new authorization code on') : t('Get an authorization code on');
  $path = drupal_get_path('module', 'backup_migrate_dropbox');
  $path_logo = file_create_url($path . '/dropbox_logo.svg');
  $path_word_mark = file_create_url($path . '/dropbox_wordmark.svg');
  $form['authorize_link'] = [
    '#type' => 'markup',
    '#markup' => "<p>{$authorize_help}</p><p>{$authorize_instructions}</p>" . "<p><a id='authorize_link' href='{$authorize_url}' target='_blank' class='button'><span>{$authorize_text}</span> " . "<img src='{$path_logo}' alt='Dropbox logo'> <img src='{$path_word_mark}' alt='Dropbox word mark'></a></p>",
    '#weight' => 12,
    '#attached' => [
      'css' => [
        [
          'data' => '#authorize_link {display: inline-block; height: 32px}
               #authorize_link span {position: relative; top:-10px}
               #authorize_link img {height: 32px}',
          'type' => 'inline',
        ],
      ],
    ],
  ];
  $form['access_code'] = [
    '#type' => 'textfield',
    '#title' => t('Dropbox Access Code'),
    '#required' => !$refresh_token_known,
    "#default_value" => '',
    '#description' => t('Paste the access code you obtained from Dropbox.'),
    '#weight' => 13,
  ];
  if ($refresh_token_known) {

    // We have a refresh token, so renewing the authorization is optional.
    $form['access_code']['#attributes'] = [
      'placeholder' => '****************************************',
    ];
    $authorize_note = t('<strong>Please note that you have already authorized this app</strong> and you do not have to do so again. ' . 'However, in the following cases you should obtain a new access code and <strong>revoke the former authorization in your app console on Dropbox</strong>:');
    $authorize_note_li1 = 'If you suspect that the data this app stores has been compromised.';
    $authorize_note_li2 = 'If you want to back-up to another Dropbox account.';
    $form['access_code']['#description'] .= "<p>{$authorize_note}</p><ul><li>{$authorize_note_li1}</li><li>{$authorize_note_li2}</li></ul>";
  }

  // Position the settings part on the form.
  $form['settings']['#weight'] = 15;

  // (Note: path: #weight = 20.)
  $form['path']['#field_prefix'] = 'apps/DrupalBackup/';
  $form['path']['#description'] = t('Your back-ups will be stored in the folder "apps/DrupalBackup".
      If you want to arrange your back-ups in a sub folder, e.g. because you have back-ups from multiple sites or multiple destinations, you can specify so here.
      Upon saving, the module will create the path in your Dropbox App folder. You should not use slashes before or after the path.');
  $form['path']['#required'] = FALSE;
  return $form;
}