* @package WB * @subpackage vfs */ WBClass::load('WBVFS_AccessControlRule', 'WBUser'); /** * Virtual File System: Access Control Rule: Download * * Prevent download of original file * * @version 0.1.0 * @package WB * @subpackage vfs */ class WBVFS_AccessControlRule_Download extends WBVFS_AccessControlRule { /** * Configuration parameters * @var array */ protected $config = array( 'owner' => 'deny', // allow or deny 'other' => 'deny', // allow or deny ); /** * 2nc Constructor * * Called after configuration was set */ protected function init() { } /** * Check Permissions 4 Request * * @todo implement group access rule * @param WBRequest * @return bool */ public function isRequestGranted($req) { $mime = $this->mime->getMime(WBVFS_File::MIME_MAJOR); if ('application' != $mime) { return true; } $user = WBUser::getCurrent(); if ($user->isAuthenticated()) { // owner access $straight = true; if (!empty($this->config['owner'])) { if ('deny' == strtolower($this->config['owner'])) { $straight = false; } } if ($this->file->getUserId() == $user->getId()) { if ($straight) { $this->log->debug($this->getLogMsg($this::GRANT_ALLOW, 'Download for owner allowed')); return true; } $this->log->debug($this->getLogMsg($this::GRANT_ALLOW, 'Download for owner prevented')); return $straight; } // group access } // others access $straight = true; if (!empty($this->config['other'])) { if ('deny' == strtolower($this->config['other'])) { $straight = false; } } if ($straight) { $this->log->debug($this->getLogMsg($this::GRANT_ALLOW, 'Download for others allowed')); return true; } $this->log->debug($this->getLogMsg($this::GRANT_ALLOW, 'Download for others prevented')); return false; } }