/** * Check if a file operation (= action) is allowed on a * File/Folder/Storage (= subject). * * This method, by design, does not throw exceptions or do logging. * Besides the usage from other methods in this class, it is also used by * the File List UI to check whether an action is allowed and whether action * related UI elements should thus be shown (move icon, edit icon, etc.) * * @param string $action, can be read, write, delete * @param \TYPO3\CMS\Core\Resource\FileInterface $file * @return boolean */ public function checkFileActionPermission($action, \TYPO3\CMS\Core\Resource\FileInterface $file) { // Check 1: Does the user have permission to perform the action? e.g. "readFile" if ($this->checkUserActionPermission($action, 'File') === FALSE) { return FALSE; } // Check 2: Does the user has the right to perform the action? // (= is he within the file mount borders) if (is_array($this->fileMounts) && count($this->fileMounts) && !$this->isWithinFileMountBoundaries($file)) { return FALSE; } $isReadCheck = FALSE; if ($action === 'read') { $isReadCheck = TRUE; } $isWriteCheck = FALSE; if (in_array($action, array('write', 'delete'))) { $isWriteCheck = TRUE; } // Check 3: Check the capabilities of the storage (and the driver) if ($isReadCheck && !$this->isBrowsable()) { return FALSE; } if ($isWriteCheck && !$this->isWritable()) { return FALSE; } // Check 4: "File permissions" of the driver $filePermissions = $this->driver->getFilePermissions($file); if ($isReadCheck && !$filePermissions['r']) { return FALSE; } if ($isWriteCheck && !$filePermissions['w']) { return FALSE; } return TRUE; }