Open Journal Systems  3.3.0
FileApiHandler.inc.php
1 <?php
19 // Import the base handler.
20 import('classes.handler.Handler');
21 import('lib.pkp.classes.core.JSONMessage');
22 import('lib.pkp.classes.file.SubmissionFileManager');
23 import('lib.pkp.classes.security.authorization.SubmissionFileAccessPolicy');
24 
25 class FileApiHandler extends Handler {
26 
30  function __construct() {
31  parent::__construct();
32  $this->addRoleAssignment(
33  array(ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR),
34  array('downloadFile', 'downloadLibraryFile', 'downloadAllFiles', 'recordDownload', 'enableLinkAction')
35  );
36  }
37 
38  //
39  // Implement methods from PKPHandler
40  //
41  function authorize($request, &$args, $roleAssignments) {
42  $fileIds = $request->getUserVar('filesIdsAndRevisions');
43  $libraryFileId = $request->getUserVar('libraryFileId');
44 
45  if (is_string($fileIds)) {
46  $fileIdsArray = explode(';', $fileIds);
47  // Remove empty entries (a trailing ";" will cause these)
48  $fileIdsArray = array_filter($fileIdsArray, function($a) {
49  return !empty($a);
50  });
51  }
52  if (!empty($fileIdsArray)) {
53  $multipleSubmissionFileAccessPolicy = new PolicySet(COMBINING_DENY_OVERRIDES);
54  foreach ($fileIdsArray as $fileIdAndRevision) {
55  $multipleSubmissionFileAccessPolicy->addPolicy($this->_getAccessPolicy($request, $args, $roleAssignments, $fileIdAndRevision));
56  }
57  $this->addPolicy($multipleSubmissionFileAccessPolicy);
58  } else if (is_numeric($libraryFileId)) {
59  import('lib.pkp.classes.security.authorization.ContextAccessPolicy');
60  $this->addPolicy(new ContextAccessPolicy($request, $roleAssignments));
61  } else {
62  // IDs will be specified using the default parameters.
63  $this->addPolicy($this->_getAccessPolicy($request, $args, $roleAssignments));
64  }
65 
66  return parent::authorize($request, $args, $roleAssignments);
67  }
68 
69  //
70  // Public handler methods
71  //
77  function downloadFile($args, $request) {
78  $submissionFile = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION_FILE);
79  assert(isset($submissionFile)); // Should have been validated already
80  $context = $request->getContext();
81  $fileManager = $this->_getFileManager($context->getId(), $submissionFile->getSubmissionId());
82  if (!$fileManager->downloadById($submissionFile->getFileId(), $submissionFile->getRevision(), false, $submissionFile->getClientFileName())) {
83  error_log('FileApiHandler: File ' . $submissionFile->getFilePath() . ' does not exist or is not readable!');
84  header('HTTP/1.0 500 Internal Server Error');
85  fatalError('500 Internal Server Error');
86  }
87  }
88 
94  function downloadLibraryFile($args, $request) {
95  import('lib.pkp.pages.libraryFiles.LibraryFileHandler');
96  $libraryFileHandler = new LibraryFileHandler($this);
97  return $libraryFileHandler->downloadLibraryFile($args, $request);
98  }
99 
105  function downloadAllFiles($args, $request) {
106  // Retrieve the authorized objects.
107  $submissionFiles = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION_FILES);
108  $submission = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION);
109 
110  // Find out the paths of all files in this grid.
111  $context = $request->getContext();
112  $filePaths = array();
113  $fileManager = $this->_getFileManager($context->getId(), $submission->getId());
114  $filesDir = $fileManager->getBasePath();
115  foreach ($submissionFiles as $submissionFile) {
116  // Remove absolute path so the archive doesn't include it (otherwise all files are organized by absolute path)
117  $filePaths[str_replace($filesDir, '', $submissionFile->getFilePath())] = $submissionFile->getClientFileName();
118 
119  }
120 
121  import('lib.pkp.classes.file.FileArchive');
122  $fileArchive = new FileArchive();
123  $archivePath = $fileArchive->create($filePaths, $filesDir);
124  if (file_exists($archivePath)) {
125  $fileManager = new FileManager();
126  if ($fileArchive->zipFunctional()) {
127  $fileManager->downloadByPath($archivePath, 'application/x-zip', false, 'files.zip');
128  } else {
129  $fileManager->downloadByPath($archivePath, 'application/x-gtar', false, 'files.tar.gz');
130  }
131  $fileManager->deleteByPath($archivePath);
132  } else {
133  fatalError('Creating archive with submission files failed!');
134  }
135  }
136 
143  function recordDownload($args, $request) {
144  $submissionFiles = $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION_FILES);
145  $fileId = null;
146 
147  foreach ($submissionFiles as $submissionFile) {
148  $submissionFileManager = new SubmissionFileManager($request->getContext()->getId(), $submissionFile->getSubmissionId());
149  $submissionFileManager->recordView($submissionFile);
150  $fileId = $submissionFile->getFileId();
151  unset($submissionFile);
152  }
153 
154  if (count($submissionFiles) > 1) {
155  $fileId = null;
156  }
157 
158  return $this->enableLinkAction($args, $request);
159  }
160 
169  function enableLinkAction($args, $request) {
170  return DAO::getDataChangedEvent();
171  }
172 
179  function _getFileManager($contextId, $submissionId) {
180  return new SubmissionFileManager($contextId, $submissionId);
181  }
182 
191  function _getAccessPolicy($request, $args, $roleAssignments, $fileIdAndRevision = null) {
192  return new SubmissionFileAccessPolicy($request, $args, $roleAssignments, SUBMISSION_FILE_ACCESS_READ, $fileIdAndRevision);
193  }
194 }
195 
196 
PKPHandler\addRoleAssignment
addRoleAssignment($roleIds, $operations)
Definition: PKPHandler.inc.php:213
FileApiHandler\downloadLibraryFile
downloadLibraryFile($args, $request)
Definition: FileApiHandler.inc.php:94
SubmissionFileManager
Helper class for database-backed submission file management tasks.
Definition: SubmissionFileManager.inc.php:30
ContextAccessPolicy
Class to control access to PKP applications' setup components.
Definition: ContextAccessPolicy.inc.php:17
FileApiHandler\__construct
__construct()
Definition: FileApiHandler.inc.php:30
FileArchive
Class provides functionality for creating an archive of files.
Definition: FileArchive.inc.php:16
FileApiHandler\authorize
authorize($request, &$args, $roleAssignments)
Definition: FileApiHandler.inc.php:41
FileApiHandler\downloadAllFiles
downloadAllFiles($args, $request)
Definition: FileApiHandler.inc.php:105
FileApiHandler
Class defining an AJAX API for supplying file information.
Definition: FileApiHandler.inc.php:25
FileApiHandler\_getFileManager
_getFileManager($contextId, $submissionId)
Definition: FileApiHandler.inc.php:179
FileApiHandler\enableLinkAction
enableLinkAction($args, $request)
Definition: FileApiHandler.inc.php:169
DAO\getDataChangedEvent
static getDataChangedEvent($elementId=null, $parentElementId=null, $content='')
Definition: DAO.inc.php:647
PKPHandler\getAuthorizedContextObject
& getAuthorizedContextObject($assocType)
Definition: PKPHandler.inc.php:174
FileApiHandler\recordDownload
recordDownload($args, $request)
Definition: FileApiHandler.inc.php:143
SubmissionFileAccessPolicy
Base class to control (write) access to submissions and (read) access to submission files.
Definition: SubmissionFileAccessPolicy.inc.php:23
FileApiHandler\_getAccessPolicy
_getAccessPolicy($request, $args, $roleAssignments, $fileIdAndRevision=null)
Definition: FileApiHandler.inc.php:191
LibraryFileHandler
Class defining a handler for library file access.
Definition: LibraryFileHandler.inc.php:18
PKPHandler\addPolicy
addPolicy($authorizationPolicy, $addToTop=false)
Definition: PKPHandler.inc.php:157
fatalError
if(!function_exists('import')) fatalError($reason)
Definition: functions.inc.php:32
FileManager
Class defining basic operations for file management.
Definition: FileManager.inc.php:35
Handler
Base request handler application class.
Definition: Handler.inc.php:18
FileApiHandler\downloadFile
downloadFile($args, $request)
Definition: FileApiHandler.inc.php:77
PolicySet
An ordered list of policies. Policy sets can be added to decision managers like policies....
Definition: PolicySet.inc.php:26