/**
* This function overrides CRM_CorePage_File::run
* If we are trying to access a SecureFile offsite
* we run this function. If we determine that we
* aren't retrieving this file, fallback on the
* core run function: parent::run()
*
* It is used for Download/View and Delete
*
*/
public function run()
{
$id = CRM_Utils_Request::retrieve('id', 'Positive', $this, TRUE);
$eid = CRM_Utils_Request::retrieve('eid', 'Positive', $this, TRUE);
$runParent = true;
if (is_numeric($id)) {
$file = civicrm_api3('File', 'getsingle', array('id' => $id));
$details = json_decode($file['description']);
if ($details && property_exists($details, "source") && $details->source == "securefiles") {
$action = CRM_Utils_Request::retrieve('action', 'String', $this);
//Check Extension level permissions
CRM_Securefiles_Permission::checkFilePerms(CRM_Core_Action::ADD, $id, $eid);
$backendService = CRM_Securefiles_Backend::getBackendService();
if ($backendService) {
if (!($action & CRM_Core_Action::DELETE)) {
//Check backend service permissions
if ($backendService->checkPermissions(CRM_Core_Action::VIEW, $id, $eid) !== false) {
$content = $backendService->downloadFile($file['uri'], $eid);
CRM_Utils_System::download($file['uri'], $file['mime_type'], $content);
} else {
return null;
}
}
//Skip delegating back to the core file handler
$runParent = false;
}
}
}
if ($runParent) {
parent::run();
}
}
public function run()
{
$entityID = CRM_Utils_Request::retrieve('entityID', 'Positive', CRM_Core_DAO::$_nullObject, TRUE);
$fileID = CRM_Utils_Request::retrieve('fileID', 'Positive', CRM_Core_DAO::$_nullObject, TRUE);
$file = false;
if (is_numeric($fileID)) {
$file = civicrm_api3('File', 'getsingle', array('id' => $fileID));
}
try {
CRM_Core_BAO_File::deleteAttachment();
} catch (Exception $e) {
return null;
}
//Do the backend-service delete
if ($file && !empty($file['description'])) {
$details = json_decode($file['description']);
if ($details && property_exists($details, "source") && $details->source == "securefiles") {
//Check extension level permissions
CRM_Securefiles_Permission::checkFilePerms(CRM_Core_Action::DELETE, $fileID, $entityID);
$backendService = CRM_Securefiles_Backend::getBackendService();
if ($backendService) {
//Check backend service permissions
if ($backendService->checkPermissions(CRM_Core_Action::DELETE, $fileID, $entityID) !== false) {
$backendService->deleteFile($file['uri'], $entityID);
}
}
}
}
}
/**
* Implementation of hook_civicrm_permission.
*
* @param array $permissions Does not contain core perms -- only extension-defined perms.
*/
function securefiles_civicrm_permission(array &$permissions)
{
CRM_Securefiles_Permission::getSecurefilePermissions($permissions);
}
