protected function DownloadController::validateDownload in Ubercart 8.4
Performs first-pass authorization. Calls authorization hooks afterwards.
Called when a user requests a file download, function checks download limits then checks for any implementation of hook_uc_download_authorize(). Passing that, the function $this->transferDownload() is called.
Parameters
$file_download: A \stdClass object representing a file, with properties equal to the columns of {uc_files} table.
\Drupal\Core\Session\AccountInterface $user: The user account entity requesting the download.
string $ip: The IP address requesting the download.
1 call to DownloadController::validateDownload()
- DownloadController::download in uc_file/
src/ Controller/ DownloadController.php - Handles file downloading and error states.
File
- uc_file/
src/ Controller/ DownloadController.php, line 272
Class
- DownloadController
- Handles administrative view of files that may be purchased and downloaded.
Namespace
Drupal\uc_file\ControllerCode
protected function validateDownload($file_download, &$user, $ip) {
$request_cache = cache()
->get('uc_file_' . $ip);
$requests = $request_cache ? $request_cache->data + 1 : 1;
$message_user = $user
->id() ? $this
->t('The user %username', [
'%username' => $user
->getUsername(),
]) : $this
->t('The IP address %ip', [
'%ip' => $ip,
]);
if ($requests > UC_FILE_REQUEST_LIMIT) {
return UC_FILE_ERROR_TOO_MANY_BOGUS_REQUESTS;
}
// Must be a valid file.
if (!$file_download || !is_readable($file_download->full_path)) {
cache()
->set('uc_file_' . $ip, $requests, REQUEST_TIME + 86400);
if ($requests == UC_FILE_REQUEST_LIMIT) {
// $message_user has already been sanitized.
$this
->getLogger('uc_file')
->warning('@username has been temporarily banned from file downloads.', [
'@username' => $message_user,
]);
}
return UC_FILE_ERROR_INVALID_DOWNLOAD;
}
$addresses = $file_download->addresses;
// Check the number of locations.
if (!empty($file_download->address_limit) && !in_array($ip, $addresses) && count($addresses) >= $file_download->address_limit) {
// $message_user has already been sanitized.
$this
->getLogger('uc_file')
->warning('@username has been denied a file download by downloading it from too many IP addresses.', [
'@username' => $message_user,
]);
return UC_FILE_ERROR_TOO_MANY_LOCATIONS;
}
// Check the downloads so far.
if (!empty($file_download->download_limit) && $file_download->accessed >= $file_download->download_limit) {
// $message_user has already been sanitized.
$this
->getLogger('uc_file')
->warning('@username has been denied a file download by downloading it too many times.', [
'@username' => $message_user,
]);
return UC_FILE_ERROR_TOO_MANY_DOWNLOADS;
}
// Check if it's expired.
if ($file_download->expiration && REQUEST_TIME >= $file_download->expiration) {
// $message_user has already been sanitized.
$this
->getLogger('uc_file')
->warning('@username has been denied an expired file download.', [
'@username' => $message_user,
]);
return UC_FILE_ERROR_EXPIRED;
}
// Check any if any hook_uc_download_authorize() calls deny the download.
$module_handler = $this
->moduleHandler();
foreach ($module_handler
->getImplementations('uc_download_authorize') as $module) {
$name = $module . '_uc_download_authorize';
$result = $name($user, $file_download);
if (!$result) {
return UC_FILE_ERROR_HOOK_ERROR;
}
}
// Everything's ok!
// $message_user has already been sanitized.
$this
->getLogger('uc_file')
->notice('@username has started download of the file %filename.', [
'@username' => $message_user,
'%filename' => $this->fileSystem
->basename($file_download->filename),
]);
}