public function actionFile($id)
{
$model = File::findOne(['id' => $id]);
if ($model === NULL) {
throw new HttpException(403, 'You are not allowed to perform this action.');
}
if (file_exists($model->filepath)) {
//Check to see if the user has permissions
$ffgs = FileFileGroup::find()->where(['file_id' => $id])->all();
$ffgs_list = [];
$found = 0;
foreach ($ffgs as $f) {
$ufg = UserFileGroup::find()->where(['file_group_id' => $f->group_id, 'user_id' => \Yii::$app->user->identity->id]);
if ($ufg !== NULL) {
$found = 1;
break;
}
}
if ($found == 1) {
$user = User::findOne(['id' => \Yii::$app->user->identity->id]);
$dl = new DownloadLog();
$dl->username = $user->username;
$dl->email = $user->email;
$dl->filepath = $model->filepath;
$dl->download_time = date("Y-m-d H:i:s");
$dl->filename = $model->filename;
$dl->user_id = $user->id;
$dl->save();
return \Yii::$app->response->sendFile($model->filepath);
} else {
throw new HttpException(403, 'You are not allowed to perform this action.');
}
} else {
return $this->redirect(['/site/error']);
}
}
/**
* Permissions to files from roles
*/
public function actionPermission($id)
{
if (!Yii::$app->user->can("admin")) {
throw new HttpException(403, 'You are not allowed to perform this action.');
}
$file = File::findOne($id);
$fg = FileGroup::find()->where(['is_deleted' => 0])->all();
$sufg = FileFileGroup::find()->where(['file_id' => $id])->all();
if (Yii::$app->request->post()) {
$post = Yii::$app->request->post();
FileFileGroup::deleteAll(['file_id' => $id]);
if (isset($post['Post']['permission'])) {
foreach ($post['Post']['permission'] as $perm) {
$ffg = new FileFileGroup();
$ffg->group_id = $perm;
$ffg->file_id = $id;
$ffg->save();
}
}
return $this->redirect(['file/view', 'id' => $id]);
} else {
return $this->render('permission', ['filemodel' => $file, 'filegroups' => $fg, 'selectedfg' => $sufg]);
}
}
public function actionVerifyapprove($request_id, $file_id, $user_id, $group)
{
if (!Yii::$app->user->can("admin")) {
throw new HttpException(403, 'You are not allowed to perform this action.');
}
$response = ['status' => 'fail'];
// If we get a numeric group, then we are using an existing group
if (is_numeric($group)) {
// First check to see if a record exists because the
// stupid front end is not very good at figuring this out
$ufg = UserFileGroup::find()->where(['user_id' => $user_id])->andWhere(['file_group_id' => $group])->one();
//var_dump($ufg);
//exit;
// If nothing is found, create the new entry
if ($ufg === NULL) {
// Now assign the user to this filegroup
$ufg = new UserFileGroup();
$ufg->user_id = $user_id;
$ufg->file_group_id = $group;
if ($ufg->save()) {
$rqf = RequestFile::find()->where(['request_id' => $request_id, 'file_id' => $file_id])->one();
$rqf->granted = 1;
if ($rqf->save()) {
$this->commitRequest($request_id);
$response = ['status' => 'success', 'message' => ''];
} else {
$response = ['status' => 'fail', 'message' => 'Error saving request file'];
}
} else {
$response = ['status' => 'fail', 'message' => 'Error saving request file'];
}
} else {
$response = ['status' => 'fail', 'message' => 'Record already exists'];
$rqf = RequestFile::find()->where(['request_id' => $request_id, 'file_id' => $file_id])->one();
$rqf->granted = 1;
if ($rqf->save()) {
$this->commitRequest($request_id);
$response = ['status' => 'success', 'message' => ''];
}
}
} else {
// Need to create new the group and assign the file id
$fg = new FileGroup();
$fg->group_name = $group;
$fg->description = "Auto Generated through Permission Tool, please provide a more descriptive group name if you want.";
$fg->status = 'active';
$fg->is_deleted = 0;
if ($fg->save()) {
// Associate the file group with this file
$ffg = new FileFileGroup();
$ffg->file_id = $file_id;
$ffg->group_id = $fg->id;
if ($ffg->save()) {
// Now assign the user to this filegroup
$ufg = new UserFileGroup();
$ufg->user_id = $user_id;
$ufg->file_group_id = $fg->id;
if ($ufg->save()) {
$rqf = RequestFile::find()->where(['request_id' => $request_id, 'file_id' => $file_id])->one();
$rqf->granted = 1;
if ($rqf->save()) {
$response = ['status' => 'success'];
$this->commitRequest($request_id);
} else {
$response = ['status' => 'fail'];
}
} else {
$response = ['status' => 'fail'];
}
} else {
$response = ['status' => 'fail'];
}
} else {
$response = ['status' => 'fail'];
}
}
\Yii::$app->response->format = 'json';
return $response;
}
/**
* Deletes an existing File model.
* If deletion is successful, the browser will be redirected to the 'index' page.
* @param integer $id
* @return mixed
*/
public function actionDelete($id)
{
if (!Yii::$app->user->can("admin")) {
throw new HttpException(403, 'You are not allowed to perform this action.');
}
FileFileGroup::deleteAll(['file_id' => $id]);
$this->findModel($id)->delete();
return $this->redirect(['index']);
}
