}
$bypass_auth = false;
if ($params['id'] && $action == 'show') {
// owner can always see his file
$owner = File::GetAttrib($params['id'], 'owner');
$bypass_auth = $owner && $owner == User::GetAuthenticatedID();
}
if ($action && $ACTIONS[$action]) {
check_perms($ACTIONS[$action]);
} else {
// index
check_perms(User::HasPermissions($CONTROLLER_PERMS) || $bypass_auth);
}
if ($action == 'show') {
$id = $params['id'];
$args['fileinfo'] = File::GetAttribs($id);
if (!$args['fileinfo']) {
Error::generate('notice', 'Invalid file ID in action show.');
header("Location: {$PAGE_REL_URL}");
} else {
foreach ($args['fileinfo'] as $key => $param) {
switch (strtolower($param[0])) {
case 'path':
$path = $param[1];
$link = $ACTIONS['get']->getLink(array('id' => $id));
$args['fileinfo'][$key][1] = "<a href=\"{$link}\">{$path}</a>";
break;
default:
}
}
include "views/show.view.php";
