public function get_data() { if (count($this->_get_data_cache)) { return $this->_get_data_cache; } $file = false; if ($this->file_id > 0) { $file = get_single("file", "file_id", $this->file_id); } // check user has permissions to view this file. // for now we just base this on the customer id check if ($file) { // staff listing $staff = get_multiple('file_user_rel', array('file_id' => $file['file_id']), 'user_id'); $file['staff_ids'] = array_keys($staff); $file['type'] = isset($file['file_url']) && $file['file_url'] ? 'remote' : (isset($file['bucket']) && $file['bucket'] ? 'bucket' : 'upload'); if ($this->do_permissions) { switch (module_file::get_file_data_access()) { case _FILE_ACCESS_ALL: // all files, no limits on SQL here break; case _FILE_ACCESS_JOBS: $jobs = module_job::get_jobs(array(), array('columns' => 'u.job_id AS id')); if (!$file['job_id'] || !isset($jobs[$file['job_id']])) { $file = false; } break; case _FILE_ACCESS_ME: if ($file['create_user_id'] != module_security::get_loggedin_id()) { $file = false; } break; case _FILE_ACCESS_ASSIGNED: if (!in_array(module_security::get_loggedin_id(), $file['staff_ids'])) { $file = false; } break; case _FILE_ACCESS_CUSTOMERS: default: if (class_exists('module_customer', false)) { //added for compat in newsletter system that doesn't have customer module $customer_permission_check = module_customer::get_customer($file['customer_id']); if ($customer_permission_check['customer_id'] != $file['customer_id']) { $file = false; } } } // file data access switch } } if (!$file) { $file = array('new' => true, 'type' => 'upload', 'file_id' => 0, 'customer_id' => isset($_REQUEST['customer_id']) ? $_REQUEST['customer_id'] : 0, 'job_id' => isset($_REQUEST['job_id']) ? $_REQUEST['job_id'] : 0, 'quote_id' => isset($_REQUEST['quote_id']) ? $_REQUEST['quote_id'] : 0, 'description' => '', 'status' => module_config::c('file_default_status', 'Uploaded'), 'file_name' => '', 'file_url' => '', 'staff_ids' => array(), 'bucket' => 0, 'bucket_parent_file_id' => 0, 'approved_time' => 0); } $this->_get_data_cache = $file; return $file; }