public function rgClaimsFileUploaderAction() { // Load session data $claimReferenceNumber = null; $pageSession = new Zend_Session_Namespace('online_claims'); if (isset($pageSession->ClaimReferenceNumber)) { $claimReferenceNumber = $pageSession->ClaimReferenceNumber; $upload_handler = new Manager_Insurance_RentGuaranteeClaim_SupportingDocument($claimReferenceNumber, $this->_agentSchemeNumber); header('Pragma: no-cache'); header('Cache-Control: private, no-cache'); header('Content-Disposition: inline; filename="files.json"'); header('X-Content-Type-Options: nosniff'); header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: OPTIONS, HEAD, GET, POST, PUT, DELETE'); header('Access-Control-Allow-Headers: X-File-Name, X-File-Type, X-File-Size'); switch ($_SERVER['REQUEST_METHOD']) { case 'OPTIONS': break; case 'HEAD': case 'GET': echo Zend_Json::encode($upload_handler->getSupportingDocumentList()); break; case 'POST': echo Zend_Json::encode($upload_handler->saveSupportingDocument()); break; case 'DELETE': $upload_handler->deleteSupportingDocument(); break; default: header('HTTP/1.1 405 Method Not Allowed'); } } }
/** * To download existing stored supporting document * * @return void */ public function downloadAction() { $docId = $this->_request->getParam('d'); $claim_reference_number = $this->_request->getParam('crn'); // Check that this ASN owns this claim reference number and document ID // for security before serving up file $claimManager = new Manager_Insurance_RentGuaranteeClaim_Claim(); $claim = $claimManager->getClaim($claim_reference_number, $this->_agentSchemeNumber); if ($claim->getAgentSchemeNumber() == $this->_agentSchemeNumber) { // This claim is owned by this agent, check doc is owned by this claim $supportManager = new Manager_Insurance_RentGuaranteeClaim_SupportingDocument($claim_reference_number, $this->_agentSchemeNumber); $documentList = $supportManager->getSupportingDocumentList(); $documentInList = false; foreach ($documentList as $document) { if ($document->id == $docId) { $documentInList = true; break 1; } } if ($documentInList) { // Doc is "owned" by this claim, serve it up if (!empty($claim_reference_number)) { $supportManager->downloadSupportingDocument($docId); } } } exit; }