/**
  * Process all incoming requests passed to this controller, checking
  * that the file exists and passing the file through if possible.
  */
 public function handleRequest(SS_HTTPRequest $request, DataModel $model)
 {
     $response = new SS_HTTPResponse();
     $filename = $request->getURL();
     if (strpos($filename, 'cdnassets') === 0) {
         $filename = 'assets/' . substr($filename, strlen('cdnassets/'));
     }
     $file = null;
     if (strpos($filename, '_resampled') !== false) {
         $file = ContentServiceAsset::get()->filter('Filename', $filename)->first();
     } else {
         if (strpos($filename, '/_versions/') !== false) {
             $file = FileVersion::get()->filter('Filename', "/" . $filename)->first();
         } else {
             $file = File::get()->filter('filename', $filename)->first();
         }
     }
     if ($file && $file->canView()) {
         if (!$file->CDNFile && !$file->FilePointer) {
             return $this->httpError(404);
         }
         // Permission passed redirect to file
         $redirectLink = '';
         if ($file->getViewType() != CDNFile::ANYONE_PERM) {
             if ($file->hasMethod('getSecureURL')) {
                 $redirectLink = $file->getSecureURL(180);
             }
             if (!strlen($redirectLink)) {
                 // can we stream it?
                 return $this->sendFile($file);
             }
         } else {
             $redirectLink = $file->getURL();
         }
         if ($redirectLink && trim($redirectLink, '/') != $request->getURL()) {
             $response->redirect($redirectLink);
         } else {
             return $this->httpError(404);
         }
     } else {
         if (class_exists('SecureFileController')) {
             $handoff = SecureFileController::create();
             return $handoff->handleRequest($request, $model);
         } elseif ($file instanceof File) {
             // Permission failure
             Security::permissionFailure($this, 'You are not authorised to access this resource. Please log in.');
         } else {
             // File doesn't exist
             $response = new SS_HTTPResponse('File Not Found', 404);
         }
     }
     return $response;
 }
 /**
  * For folders, will need to add or remove the htaccess rules
  * Assumptions:
  *  - the folder exists (after write!)
  *  - no one else is trying to put htaccess rules here
  *  - (follows from above) existing htaccess file was put there by this module
  * @todo Add better support for existing htaccess files
  */
 function onAfterWrite()
 {
     parent::onAfterWrite();
     if ($this->owner instanceof Folder) {
         $htaccess = $this->owner->getFullPath() . SecureFileController::get_access_filename();
         if ($this->owner->Secured && !file_exists($htaccess)) {
             file_put_contents($htaccess, $this->htaccessContent());
         } elseif (!$this->owner->Secured && file_exists($htaccess)) {
             unlink($htaccess);
         }
     }
 }
 function checkHasHtaccess($folder)
 {
     $htaccess_path = BASE_PATH . "/{$folder->Filename}" . SecureFileController::get_access_filename();
     if (!file_exists($htaccess_path)) {
         return false;
     }
     $content = file_get_contents($htaccess_path);
     return $content == singleton('File')->htaccessContent();
 }
 /**
  * Set a 'not found' message to replace the standard string
  * @param $message HTML body of 404 Not Found response
  * @param $i18n Reference to i18n path
  */
 static function set_not_found_text($message = "Not Found", $i18n = "SecureFiles.NOTFOUND")
 {
     self::$i18n_not_found = array($i18n, $message);
 }