/** * Download a library file. * @param $args array * @param $request Request */ function downloadLibraryFile($args, $request) { import('classes.file.LibraryFileManager'); $context = $request->getContext(); $libraryFileManager = new LibraryFileManager($context->getId()); $libraryFileDao = DAORegistry::getDAO('LibraryFileDAO'); $libraryFile = $libraryFileDao->getById($request->getUserVar('libraryFileId')); if ($libraryFile) { // If this file has a submission ID, ensure that the current // user has access to that submission. if ($libraryFile->getSubmissionId()) { $allowedAccess = false; // Managers are always allowed access. $userRoles = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES); if (array_intersect($userRoles, array(ROLE_ID_MANAGER))) { $allowedAccess = true; } // Check for specific assignments. $user = $request->getUser(); $userStageAssignmentDao = DAORegistry::getDAO('UserStageAssignmentDAO'); $assignedUsers = $userStageAssignmentDao->getUsersBySubmissionAndStageId($libraryFile->getSubmissionId(), WORKFLOW_STAGE_ID_SUBMISSION); if (!$assignedUsers->wasEmpty()) { while ($assignedUser = $assignedUsers->next()) { if ($assignedUser->getId() == $user->getId()) { $allowedAccess = true; break; } } } } else { $allowedAccess = true; // this is a Context submission document, default to access policy. } if ($allowedAccess) { $filePath = $libraryFileManager->getBasePath() . $libraryFile->getOriginalFileName(); $libraryFileManager->downloadFile($filePath); } else { fatalError('Unauthorized access to library file.'); } } }