$author = $file->get('author');
$group = $file->get('group');
if (!empty($author) && !empty($group)) {
if ($USER->can_view_artefact($file)) {
$artefactok = true;
}
}
// The user may be trying to download a file that's not in the view, but which has
// been attached to public feedback on the view
if ($commentid = param_integer('comment', null)) {
if (!record_exists('artefact_attachment', 'artefact', $commentid, 'attachment', $fileid)) {
throw new AccessDeniedException('');
}
safe_require('artefact', 'comment');
$comment = new ArtefactTypeComment($commentid);
if (!$comment->viewable_in($viewid)) {
throw new AccessDeniedException('');
}
} else {
if ($artefactok == false) {
throw new AccessDeniedException('');
}
}
if (!can_view_view($viewid)) {
throw new AccessDeniedException('');
}
if (!$file instanceof ArtefactTypeFile) {
throw new NotFoundException();
}
} else {
// We just have a file ID
