mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-24 18:33:13 +00:00
107 lines
3.9 KiB
PHP
107 lines
3.9 KiB
PHP
<?php
|
|
/*
|
|
* This file is part of Phraseanet
|
|
*
|
|
* (c) 2005-2016 Alchemy
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Alchemy\Phrasea\Controller;
|
|
|
|
use Alchemy\Phrasea\Application;
|
|
use Alchemy\Phrasea\Authentication\ACLProvider;
|
|
use Alchemy\Phrasea\Authentication\Authenticator;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
|
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
|
|
|
|
class DatafileController extends AbstractDelivery
|
|
{
|
|
/** @var ACLProvider */
|
|
private $acl;
|
|
/** @var \appbox */
|
|
private $appbox;
|
|
/** @var Authenticator */
|
|
private $authentication;
|
|
|
|
public function __construct(Application $app, \appbox $appbox, ACLProvider $acl, Authenticator $authenticator)
|
|
{
|
|
parent::__construct($app);
|
|
|
|
$this->appbox = $appbox;
|
|
$this->acl = $acl;
|
|
$this->authentication = $authenticator;
|
|
}
|
|
|
|
public function getAction(Request $request, $sbas_id, $record_id, $subdef)
|
|
{
|
|
$databox = $this->appbox->get_databox((int) $sbas_id);
|
|
$record = new \record_adapter($this->app, $sbas_id, $record_id);
|
|
|
|
$stamp = $watermark = false;
|
|
|
|
if ($subdef != 'thumbnail') {
|
|
$all_access = false;
|
|
$subdefGroup = $databox->get_subdef_structure()->getSubdefGroup($record->getType());
|
|
if ($subdefGroup) {
|
|
foreach ($subdefGroup as $subdefObj) {
|
|
if ($subdefObj->get_name() == $subdef) {
|
|
if ($subdefObj->get_class() == 'thumbnail') {
|
|
$all_access = true;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!$record->has_subdef($subdef) || !$record->get_subdef($subdef)->is_physically_present()) {
|
|
throw new NotFoundHttpException;
|
|
}
|
|
|
|
if (!$this->acl->get($this->authentication->getUser())->has_access_to_subdef($record, $subdef)) {
|
|
throw new AccessDeniedHttpException(sprintf('User has not access to subdef %s', $subdef));
|
|
}
|
|
|
|
$stamp = false;
|
|
$watermark = !$this->acl->get($this->authentication->getUser())
|
|
->has_right_on_base($record->getBaseId(), \ACL::NOWATERMARK);
|
|
|
|
if ($watermark && !$all_access) {
|
|
$subdef_class = null;
|
|
try {
|
|
$subdef_class = $databox
|
|
->get_subdef_structure()
|
|
->get_subdef($record->getType(), $subdef)
|
|
->get_class();
|
|
} catch (\Exception_Databox_SubdefNotFound $e) {
|
|
|
|
}
|
|
|
|
if ($subdef_class == \databox_subdef::CLASS_PREVIEW && $this->acl->get($this->authentication->getUser())->has_preview_grant($record)) {
|
|
$watermark = false;
|
|
} elseif ($subdef_class == \databox_subdef::CLASS_DOCUMENT && $this->acl->get(
|
|
$this->authentication->getUser())->has_hd_grant($record)) {
|
|
$watermark = false;
|
|
}
|
|
}
|
|
|
|
if ($watermark && !$all_access) {
|
|
$repository = $this->app['repo.basket-elements'];
|
|
|
|
$ValidationByRecord = $repository->findReceivedValidationElementsByRecord($record, $this->authentication->getUser());
|
|
$ReceptionByRecord = $repository->findReceivedElementsByRecord($record, $this->authentication->getUser());
|
|
|
|
if ($ValidationByRecord && count($ValidationByRecord) > 0) {
|
|
$watermark = false;
|
|
} elseif ($ReceptionByRecord && count($ReceptionByRecord) > 0) {
|
|
$watermark = false;
|
|
}
|
|
}
|
|
}
|
|
|
|
return $this->deliverContent($request, $record, $subdef, $watermark, $stamp);
|
|
}
|
|
}
|