You are here

Home » API reference » Private files download permission 7.2 » private_files_download_permission.module

function private_files_download_permission_file_download in Private files download permission 7.2

Same name and namespace in other branches
  1. 7 private_files_download_permission.module \private_files_download_permission_file_download()

Implements hook_file_download().

File

./private_files_download_permission.module, line 616
Handles both module settings and its behaviour.

Code

function private_files_download_permission_file_download($uri) {
  global $user;
  $debug_mode = variable_get('private_files_download_permission_debug_mode', FALSE);

  // Check if user may bypass permission restrictions.
  if (user_access('bypass private files download permission')) {
    if ($debug_mode) {
      watchdog('private_files_download_permission', 'User %user granted permission to download uri "%uri".', array(
        '%user' => $user->uid . ' (' . (isset($user->name) ? $user->name : '-') . ')',
        '%uri' => $uri,
      ), WATCHDOG_INFO, NULL);
    }
    return private_files_download_permission_download_headers($uri);
  }
  elseif (user_access('bypass private files download permission for temporary files') && 'temporary://' === substr($uri, 0, 12)) {
    if ($debug_mode) {
      watchdog('private_files_download_permission', 'User %user granted permission to download uri "%uri".', array(
        '%user' => $user->uid . ' (' . (isset($user->name) ? $user->name : '-') . ')',
        '%uri' => $uri,
      ), WATCHDOG_INFO, NULL);
    }
    return private_files_download_permission_download_headers($uri);
  }
  else {

    // Extract the path from $uri, removing the protocol prefix and the file name.
    $uri_path = explode('/', $uri);
    array_shift($uri_path);
    array_shift($uri_path);
    array_pop($uri_path);

    // Add a leading slash to $uri_path.
    $uri_path = '/' . implode('/', $uri_path);

    // Find the directory which best matches $uri_path.
    $best_matching_length = 0;
    $best_matching_directory = NULL;
    foreach (private_files_download_permission_get_directory_list() as $directory) {

      // Search for the best matching substring.
      $directory_path = $directory->path;
      if (0 === stripos($uri_path, $directory_path)) {
        if (drupal_strlen($directory_path) > $best_matching_length) {
          $best_matching_length = drupal_strlen($directory_path);
          $best_matching_directory = $directory;
        }
      }
    }
    if (NULL != $best_matching_directory) {

      // Check if this module should ignore the call.
      if ($best_matching_directory->bypass) {
        return NULL;
      }

      // Check if the file owner is allowed to access $uri.
      if ($best_matching_directory->grant_file_owners) {
        $file_uid = db_query('SELECT f.uid FROM {file_managed} f WHERE f.uri = :uri', array(
          ':uri' => $uri,
        ))
          ->fetchField();
        if ($file_uid && $file_uid == $user->uid) {
          if ($debug_mode) {
            watchdog('private_files_download_permission', 'User %user granted permission to download uri "%uri".', array(
              '%user' => $user->uid . ' (' . (isset($user->name) ? $user->name : '-') . ')',
              '%uri' => $uri,
            ), WATCHDOG_INFO, NULL);
          }
          return private_files_download_permission_download_headers($uri);
        }
      }

      // Evaluate user and role permissions and optionally allow access to $uri.
      if (variable_get('private_files_download_permission_by_user_checks')) {
        if (in_array($user->uid, array_keys($best_matching_directory->uid))) {
          if ($debug_mode) {
            watchdog('private_files_download_permission', 'User %user granted permission to download uri "%uri".', array(
              '%user' => $user->uid . ' (' . (isset($user->name) ? $user->name : '-') . ')',
              '%uri' => $uri,
            ), WATCHDOG_INFO, NULL);
          }
          return private_files_download_permission_download_headers($uri);
        }
      }
      foreach ($user->roles as $rid => $role) {
        if (in_array($rid, array_keys($best_matching_directory->rid))) {
          if ($debug_mode) {
            watchdog('private_files_download_permission', 'User %user granted permission to download uri "%uri".', array(
              '%user' => $user->uid . ' (' . (isset($user->name) ? $user->name : '-') . ')',
              '%uri' => $uri,
            ), WATCHDOG_INFO, NULL);
          }
          return private_files_download_permission_download_headers($uri);
        }
      }
    }
  }

  // By default, deny access.
  if ($debug_mode) {
    watchdog('private_files_download_permission', 'User %user denied permission to download uri "%uri".', array(
      '%user' => $user->uid . ' (' . (isset($user->name) ? $user->name : '-') . ')',
      '%uri' => $uri,
    ), WATCHDOG_INFO, NULL);
  }
  return -1;
}