public function Execute($db, $asset) { $headrequest = stripos($_SERVER['REQUEST_METHOD'], 'HEAD') !== FALSE; $assetid = $asset->ID; log_message('debug', "GetAsset asset: {$assetid}"); $assets = new SQLAssets($db); //$assets = new MongoAssets($db); //$assets = new FSAssets($db); if ($headrequest) { $request_type = "Meta"; $asset = $assets->GetAssetMetadata($asset->ID); } else { $request_type = "Full"; $asset = $assets->GetAsset($asset->ID); } log_message('debug', "GetAsset requested {$request_type} information"); if ($asset) { // TODO: Enforce this once we support one or more auth methods $asset->Public = true; if ($asset->Public) { header("ETag: " . $asset->SHA256, true); header("Last-Modified: " . gmdate(DATE_RFC850, $asset->CreationDate), true); header("X-Asset-Creator-Id: " . $asset->CreatorID, true); header("Content-Type: " . $asset->ContentType, true); header("Content-Length: " . $asset->ContentLength, true); if (!$headrequest) { echo $asset->Data; } exit; } else { log_message('debug', "Access forbidden to private asset " . $asset->ID); header("HTTP/1.1 403 Forbidden"); echo 'Access forbidden'; exit; } } else { header("HTTP/1.1 404 Not Found"); echo 'Asset not found'; exit; } }