mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-12 04:23:19 +00:00
e233e5afa6
Conflicts: lib/Alchemy/Phrasea/Command/Developer/JavascriptBuilder.php lib/Alchemy/Phrasea/Controller/Prod/Basket.php lib/Alchemy/Phrasea/Core/Provider/TaskManagerServiceProvider.php lib/classes/Exception/Feed/ItemNotFound.php lib/classes/Exception/Feed/PublisherNotFound.php lib/classes/Feed/Abstract.php lib/classes/Feed/Adapter.php lib/classes/Feed/Aggregate.php lib/classes/Feed/Collection.php lib/classes/Feed/CollectionInterface.php lib/classes/Feed/Entry/Adapter.php lib/classes/Feed/Entry/Collection.php lib/classes/Feed/Entry/Interface.php lib/classes/Feed/Entry/Item.php lib/classes/Feed/Entry/ItemInterface.php lib/classes/Feed/Interface.php lib/classes/Feed/Link.php lib/classes/Feed/LinkInterface.php lib/classes/Feed/Publisher/Adapter.php lib/classes/Feed/Publisher/Interface.php lib/classes/Feed/Token.php lib/classes/Feed/TokenAggregate.php lib/classes/Feed/XML/Abstract.php lib/classes/Feed/XML/Atom.php lib/classes/Feed/XML/Cooliris.php lib/classes/Feed/XML/Interface.php lib/classes/Feed/XML/RSS.php lib/classes/Feed/XML/RSS/ImageInterface.php lib/classes/http/request.php lib/classes/module/console/schedulerStart.php lib/classes/module/console/schedulerState.php lib/classes/module/console/schedulerStop.php lib/classes/module/console/taskState.php lib/classes/module/console/tasklist.php lib/classes/module/console/taskrun.php lib/classes/registry.php lib/classes/registryInterface.php lib/classes/set/order.php lib/classes/system/url.php lib/classes/task/Scheduler.php lib/classes/task/appboxAbstract.php lib/classes/task/databoxAbstract.php lib/classes/task/manager.php lib/classes/task/period/RecordMover.php lib/classes/task/period/apibridge.php lib/classes/task/period/archive.php lib/classes/task/period/cindexer.php lib/classes/task/period/emptyColl.php lib/classes/task/period/ftp.php lib/classes/task/period/ftpPull.php lib/classes/task/period/subdef.php lib/classes/task/period/test.php lib/classes/task/period/writemeta.php lib/conf.d/PhraseaFixture/AbstractWZ.php lib/conf.d/PhraseaFixture/Basket/LoadFiveBaskets.php lib/conf.d/PhraseaFixture/Basket/LoadOneBasket.php lib/conf.d/PhraseaFixture/Basket/LoadOneBasketEnv.php lib/conf.d/PhraseaFixture/Lazaret/LoadOneFile.php lib/conf.d/PhraseaFixture/Story/LoadOneStory.php lib/conf.d/PhraseaFixture/UsrLists/ListAbstract.php lib/conf.d/PhraseaFixture/UsrLists/UsrList.php lib/conf.d/PhraseaFixture/UsrLists/UsrListEntry.php lib/conf.d/PhraseaFixture/UsrLists/UsrListOwner.php lib/conf.d/PhraseaFixture/ValidationParticipant/LoadOneParticipant.php lib/conf.d/PhraseaFixture/ValidationParticipant/LoadParticipantWithSession.php lib/conf.d/PhraseaFixture/ValidationSession/LoadOneValidationSession.php
108 lines
4.2 KiB
PHP
108 lines
4.2 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of Phraseanet
|
|
*
|
|
* (c) 2005-2014 Alchemy
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Alchemy\Phrasea\Controller;
|
|
|
|
use Alchemy\Phrasea\Application as PhraseaApplication;
|
|
use Silex\Application;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
|
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
|
|
|
class Datafiles extends AbstractDelivery
|
|
{
|
|
public function connect(Application $app)
|
|
{
|
|
$app['controller.datafiles'] = $this;
|
|
|
|
$controllers = $app['controllers_factory'];
|
|
|
|
$that = $this;
|
|
|
|
$controllers->before(function () use ($app) {
|
|
if (!$app['authentication']->isAuthenticated()) {
|
|
$app->abort(403, 'You are not autorized to see this');
|
|
}
|
|
});
|
|
|
|
$controllers->get('/{sbas_id}/{record_id}/{subdef}/', function ($sbas_id, $record_id, $subdef, PhraseaApplication $app) use ($that) {
|
|
|
|
$databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id);
|
|
$record = new \record_adapter($app, $sbas_id, $record_id);
|
|
|
|
$stamp = $watermark = false;
|
|
|
|
if ($subdef != 'thumbnail') {
|
|
$all_access = false;
|
|
$subdefStruct = $databox->get_subdef_structure();
|
|
|
|
if ($subdefStruct->getSubdefGroup($record->get_type())) {
|
|
foreach ($subdefStruct->getSubdefGroup($record->get_type()) as $subdefObj) {
|
|
if ($subdefObj->get_name() == $subdef) {
|
|
if ($subdefObj->get_class() == 'thumbnail') {
|
|
$all_access = true;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!$record->has_subdef($subdef) || !$record->get_subdef($subdef)->is_physically_present()) {
|
|
throw new NotFoundHttpException;
|
|
}
|
|
|
|
if (!$app['acl']->get($app['authentication']->getUser())->has_access_to_subdef($record, $subdef)) {
|
|
throw new AccessDeniedHttpException(sprintf('User has not access to subdef %s', $subdef));
|
|
}
|
|
|
|
$stamp = false;
|
|
$watermark = !$app['acl']->get($app['authentication']->getUser())->has_right_on_base($record->get_base_id(), 'nowatermark');
|
|
|
|
if ($watermark && !$all_access) {
|
|
$subdef_class = $databox
|
|
->get_subdef_structure()
|
|
->get_subdef($record->get_type(), $subdef)
|
|
->get_class();
|
|
|
|
if ($subdef_class == \databox_subdef::CLASS_PREVIEW && $app['acl']->get($app['authentication']->getUser())->has_preview_grant($record)) {
|
|
$watermark = false;
|
|
} elseif ($subdef_class == \databox_subdef::CLASS_DOCUMENT && $app['acl']->get($app['authentication']->getUser())->has_hd_grant($record)) {
|
|
$watermark = false;
|
|
}
|
|
}
|
|
|
|
if ($watermark && !$all_access) {
|
|
|
|
$repository = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\BasketElement');
|
|
|
|
/* @var $repository BasketElementRepository */
|
|
|
|
$ValidationByRecord = $repository->findReceivedValidationElementsByRecord($record, $app['authentication']->getUser());
|
|
$ReceptionByRecord = $repository->findReceivedElementsByRecord($record, $app['authentication']->getUser());
|
|
|
|
if ($ValidationByRecord && count($ValidationByRecord) > 0) {
|
|
$watermark = false;
|
|
} elseif ($ReceptionByRecord && count($ReceptionByRecord) > 0) {
|
|
$watermark = false;
|
|
}
|
|
}
|
|
}
|
|
|
|
return $that->deliverContent($app['request'], $record, $subdef, $watermark, $stamp, $app);
|
|
})
|
|
->bind('datafile')
|
|
->assert('sbas_id', '\d+')
|
|
->assert('record_id', '\d+');
|
|
|
|
return $controllers;
|
|
}
|
|
}
|