2017-01-12 20:45:01 +01:00
|
|
|
<?php
|
|
|
|
use Ifsnop\Mysqldump as IMysqldump;
|
|
|
|
use Respect\Validation\Validator as DataValidator;
|
|
|
|
|
|
|
|
class DownloadController extends Controller {
|
|
|
|
const PATH = '/download';
|
2017-02-08 19:09:15 +01:00
|
|
|
const METHOD = 'GET';
|
2017-01-12 20:45:01 +01:00
|
|
|
|
|
|
|
public function validations() {
|
|
|
|
return [
|
2017-02-18 19:28:23 +01:00
|
|
|
'permission' => 'any',
|
2017-01-12 20:45:01 +01:00
|
|
|
'requestData' => [
|
|
|
|
'file' => [
|
2017-01-15 01:44:20 +01:00
|
|
|
'validation' => DataValidator::alnum('_.-')->noWhitespace(),
|
2017-01-13 00:30:44 +01:00
|
|
|
'error' => ERRORS::INVALID_FILE
|
2017-01-12 20:45:01 +01:00
|
|
|
]
|
|
|
|
]
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
public function handler() {
|
2017-01-13 00:30:44 +01:00
|
|
|
$fileName = Controller::request('file');
|
2017-02-18 19:28:23 +01:00
|
|
|
$staffUser = Staff::getDataStore($fileName, 'profilePic');
|
2017-01-13 00:30:44 +01:00
|
|
|
|
2017-02-18 19:28:23 +01:00
|
|
|
if($staffUser->isNull()) {
|
|
|
|
$loggedUser = Controller::getLoggedUser();
|
2017-01-13 00:30:44 +01:00
|
|
|
|
2017-02-18 19:28:23 +01:00
|
|
|
if($loggedUser->isNull()) {
|
2017-01-13 00:30:44 +01:00
|
|
|
print '';
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2017-02-18 19:28:23 +01:00
|
|
|
$ticket = Ticket::getTicket($fileName, 'file');
|
2017-01-13 00:30:44 +01:00
|
|
|
|
2017-02-18 19:28:23 +01:00
|
|
|
if($ticket->isNull() || ($this->isNotAuthor($ticket, $loggedUser) && $this->isNotOwner($ticket, $loggedUser))) {
|
|
|
|
$ticketEvent = Ticketevent::getDataStore($fileName, 'file');
|
|
|
|
|
|
|
|
if($ticketEvent->isNull()) {
|
|
|
|
print '';
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
$ticket = $ticketEvent->ticket;
|
|
|
|
|
|
|
|
if($this->isNotAuthor($ticket, $loggedUser) && $this->isNotOwner($ticket, $loggedUser)) {
|
|
|
|
print '';
|
|
|
|
return;
|
|
|
|
}
|
2017-01-13 00:30:44 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-12 20:45:01 +01:00
|
|
|
$fileDownloader = FileDownloader::getInstance();
|
2017-01-13 00:30:44 +01:00
|
|
|
$fileDownloader->setFileName($fileName);
|
2017-01-12 20:45:01 +01:00
|
|
|
$fileDownloader->download();
|
|
|
|
}
|
2017-01-13 00:30:44 +01:00
|
|
|
|
|
|
|
private function isNotAuthor($ticket, $loggedUser) {
|
|
|
|
return Controller::isStaffLogged() || $ticket->author->id !== $loggedUser->id;
|
|
|
|
}
|
|
|
|
|
|
|
|
private function isNotOwner($ticket, $loggedUser) {
|
|
|
|
return !Controller::isStaffLogged() || !$ticket->owner || $ticket->owner->id !== $loggedUser->id;
|
|
|
|
}
|
2017-01-12 20:45:01 +01:00
|
|
|
}
|