/** * Check user access to folder or file * * @param \Ameos\AmeosFilemanager\Domain\Model\File $file * @param \Ameos\AmeosFilemanager\Domain\Model\_Folder $folder * @param string $right * @param array $arguments Arguments * @return string the rendered string */ public function render($file = null, $folder = null, $right = null, $arguments = null) { $user = $GLOBALS['TSFE']->fe_user->user; if ($file == null && $folder == null || $right == null) { return $this->renderElseChild(); } if ($folder != null) { if ($right == "r") { return Tools::userHasFolderReadAccess($user, $folder, $arguments) ? $this->renderThenChild() : $this->renderElseChild(); } else { if ($right == "w") { return Tools::userHasFolderWriteAccess($user, $folder, $arguments) ? $this->renderThenChild() : $this->renderElseChild(); } else { return $this->renderElseChild(); } } } else { if ($file != null) { if ($right == "r") { return Tools::userHasFileReadAccess($user, $file, $arguments) ? $this->renderThenChild() : $this->renderElseChild(); } else { if ($right == "w") { return Tools::userHasFileWriteAccess($user, $file, $arguments) ? $this->renderThenChild() : $this->renderElseChild(); } else { return $this->renderElseChild(); } } } else { return $this->renderElseChild(); } } return $this->renderElseChild(); }
/** * download the file and log the download in the DB * @param integer $uidFile uid of the file * @return void */ public static function downloadFile($uidFile, $folderRoot = null) { $fileRepository = GeneralUtility::makeInstance('Ameos\\AmeosFilemanager\\Domain\\Repository\\FileRepository'); $file = $fileRepository->findByUid($uidFile); $user = $GLOBALS['TSFE']->fe_user->user; // We check if the user has access to the file. if (Tools::userHasFileReadAccess($user, $file, array("folderRoot" => $folderRoot))) { if ($file) { $filename = urldecode($file->getPublicUrl()); } if (file_exists($filename)) { // We register who downloaded the file and when $filedownloadRepository = GeneralUtility::makeInstance('Ameos\\AmeosFilemanager\\Domain\\Repository\\FiledownloadRepository'); $filedownload = GeneralUtility::makeInstance('Ameos\\AmeosFilemanager\\Domain\\Model\\Filedownload'); $filedownload->setFile($file); $filedownload->setUserDownload($user['uid']); $filedownloadRepository->add($filedownload); $persitenceManager = GeneralUtility::makeInstance('TYPO3\\CMS\\Extbase\\Persistence\\Generic\\PersistenceManager'); $persitenceManager->persistAll(); // Download of the file header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename=' . basename($filename)); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($filename)); ob_clean(); flush(); readfile($filename); exit; } } else { header('HTTP/1.1 403 Forbidden'); $message = $GLOBALS["TSFE"]->tmpl->setup["plugin."]["tx_ameosfilemanager."]["settings."]["forbidden"] ?: "Access denied"; exit($message); } }