public static function setAccess($access)
{
if (!empty($access) && is_array($access)) {
self::$access = $access;
}
return;
}
/**
* Triggers download action for a paste's attachment
*
* @param string $urlkey
* @param string $hash
* @return \Illuminate\Support\Facades\View
*/
public function getAttachment($urlkey, $hash = '')
{
$paste = Paste::where('urlkey', $urlkey)->first();
// Paste and/or attachment was not found
if (is_null($paste)) {
App::abort(404);
// Not found
}
// Check if the logged in user is the owner of the paste
$owner = Auth::access($paste->author_id);
// We do not make password prompt mandatory for owners
if (!$owner) {
// Require hash to be passed for private pastes
if ($paste->private and $paste->hash != $hash) {
App::abort(401);
// Unauthorized
}
// Check if paste is password protected and user hasn't entered
// the password yet
if ($paste->password and !Session::has('paste.password' . $paste->id)) {
return View::make('site/password', array());
}
}
// Find the attachment, and process the download
if ($paste->attachment) {
$pathToFile = storage_path() . "/uploads/{$paste->urlkey}";
if (File::exists($pathToFile)) {
return Response::download($pathToFile);
}
}
// If we are here, the attachment wasn't found
App::abort(404);
}
