private function setContextDataFlavorAssets($flavorTags)
{
$flavorParamsIds = null;
$flavorParamsNotIn = false;
if (!$this->isAdmin) {
foreach ($this->contextDataResult->getActions() as $action) {
if ($action->getType() == RuleActionType::BLOCK) {
//in case of block action do not set the list of flavors
return;
}
if ($action->getType() == RuleActionType::LIMIT_FLAVORS) {
/* @var $action kAccessControlLimitFlavorsAction */
$flavorParamsIds = explode(',', $action->getFlavorParamsIds());
$flavorParamsNotIn = $action->getIsBlockedList();
}
}
}
$flavorAssets = array();
if (is_null($this->asset)) {
if (count($flavorParamsIds)) {
$flavorAssets = assetPeer::retrieveReadyByEntryIdAndFlavorParams($this->entry->getId(), $flavorParamsIds, $flavorParamsNotIn);
} else {
$flavorAssets = assetPeer::retrieveFlavorsByEntryIdAndStatus($this->entry->getId(), null, array(flavorAsset::ASSET_STATUS_READY));
}
} else {
$flavorAllowed = true;
if (count($flavorParamsIds)) {
$flavorAllowed = $this->isFlavorAllowed($this->asset->getFlavorParamsId(), $flavorParamsIds, $flavorParamsNotIn);
}
if ($flavorAllowed) {
$flavorAssets[] = $this->asset;
}
}
$this->filterFlavorAssetsByTags($flavorAssets, $flavorTags);
}
private function setContextDataFlavorAssets($flavorTags)
{
if ($this->entry->getType() == entryType::PLAYLIST && $this->entry->getMediaType() == entry::ENTRY_MEDIA_TYPE_TEXT) {
list($entryIds, $durations, $mediaEntry) = myPlaylistUtils::executeStitchedPlaylist($this->entry);
if (!$mediaEntry) {
return;
}
$mediaEntryId = $mediaEntry->getId();
$this->msDuration = array_sum($durations);
} else {
$mediaEntryId = $this->entry->getId();
$this->msDuration = $this->entry->getLengthInMsecs();
}
$flavorParamsIds = null;
$flavorParamsNotIn = false;
if (!$this->isAdmin) {
foreach ($this->contextDataResult->getActions() as $action) {
if ($action->getType() == RuleActionType::BLOCK) {
//in case of block action do not set the list of flavors
return;
}
if ($action->getType() == RuleActionType::LIMIT_FLAVORS) {
/* @var $action kAccessControlLimitFlavorsAction */
$flavorParamsIds = explode(',', $action->getFlavorParamsIds());
$flavorParamsNotIn = $action->getIsBlockedList();
}
}
}
$flavorAssets = array();
if (is_null($this->asset)) {
if (count($flavorParamsIds)) {
$flavorAssets = assetPeer::retrieveReadyByEntryIdAndFlavorParams($mediaEntryId, $flavorParamsIds, $flavorParamsNotIn);
} else {
$flavorAssets = assetPeer::retrieveFlavorsByEntryIdAndStatus($mediaEntryId, null, array(flavorAsset::ASSET_STATUS_READY));
}
if ($mediaEntryId != $this->entry->getId()) {
// hack: setting the entry id of the flavors to the original playlist id
// since the player uses it in the playManifest url
foreach ($flavorAssets as $flavorAsset) {
$flavorAsset->setEntryId($this->entry->getId());
}
}
} else {
$flavorAllowed = true;
if (count($flavorParamsIds)) {
$flavorAllowed = $this->isFlavorAllowed($this->asset->getFlavorParamsId(), $flavorParamsIds, $flavorParamsNotIn);
}
if ($flavorAllowed) {
$flavorAssets[] = $this->asset;
}
}
$this->filterFlavorAssetsByTags($flavorAssets, $flavorTags);
}
/**
* Ensure the request for media arrived in a way approved by the partner.
* this may include restricting to a specific cdn, enforcing token usage etc..
* Die in case of a breach.
*
* @param entry $entry
* @param asset $asset
*/
public static function enforceDelivery($entry, $asset = null)
{
// block inactive partner
$partnerId = $entry->getPartnerId();
self::blockInactivePartner($partnerId);
// validate serve access control
$flavorParamsId = $asset ? $asset->getFlavorParamsId() : null;
$secureEntryHelper = new KSecureEntryHelper($entry, null, null, ContextType::SERVE);
$secureEntryHelper->validateForServe($flavorParamsId);
// enforce delivery
$partner = PartnerPeer::retrieveByPK($partnerId);
// Note: Partner was already loaded by blockInactivePartner, no need to check for null
$restricted = DeliveryProfilePeer::isRequestRestricted($partner);
if ($restricted) {
KalturaLog::log("DELIVERY_METHOD_NOT_ALLOWED partner [{$partnerId}]");
KExternalErrors::dieError(KExternalErrors::DELIVERY_METHOD_NOT_ALLOWED);
}
}
public function isAssetAllowed(asset $asset)
{
if ($this->ks && $this->ks->verifyPrivileges(ks::PRIVILEGE_DOWNLOAD_ASSET, $asset->getId())) {
return true;
}
return $this->isFlavorParamsAllowed($asset->getFlavorParamsId());
}