Open Monograph Press: controllers/api/file/FileApiHandler.inc.php Source File

00001 <?php
00018 // Import the base handler.
00019 import('classes.handler.Handler');
00020 import('lib.pkp.classes.core.JSONMessage');
00021 
00022 class FileApiHandler extends Handler {
00023 
00027    function FileApiHandler() {
00028       parent::Handler();
00029       $this->addRoleAssignment(
00030          array(ROLE_ID_PRESS_MANAGER, ROLE_ID_SERIES_EDITOR, ROLE_ID_PRESS_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR),
00031          array('downloadFile', 'downloadLibraryFile', 'viewFile', 'downloadAllFiles', 'recordDownload', 'enableLinkAction')
00032       );
00033    }
00034 
00035 
00036    //
00037    // Implement methods from PKPHandler
00038    //
00039    function authorize(&$request, $args, $roleAssignments) {
00040       $monographFilesIds = $request->getUserVar('filesIdsAndRevisions');
00041       $libraryFileId = $request->getUserVar('libraryFileId');
00042 
00043       import('classes.security.authorization.OmpMonographFileAccessPolicy');
00044 
00045       if (is_string($monographFilesIds)) {
00046          $monographFilesIdsArray = explode(';', $monographFilesIds);
00047          array_pop($monographFilesIdsArray);
00048       }
00049       if (!empty($monographFilesIdsArray)) {
00050          $multipleMonographFileAccessPolicy = new PolicySet(COMBINING_DENY_OVERRIDES);
00051          foreach ($monographFilesIdsArray as $fileIdAndRevision) {
00052             $multipleMonographFileAccessPolicy->addPolicy(new OmpMonographFileAccessPolicy($request, $args, $roleAssignments, MONOGRAPH_FILE_ACCESS_READ, $fileIdAndRevision));
00053          }
00054          $this->addPolicy($multipleMonographFileAccessPolicy);
00055       }else if (is_numeric($libraryFileId)) {
00056          import('classes.security.authorization.OmpPressAccessPolicy');
00057          $this->addPolicy(new OmpPressAccessPolicy($request, $roleAssignments));
00058       }else {
00059          $this->addPolicy(new OmpMonographFileAccessPolicy($request, $args, $roleAssignments, MONOGRAPH_FILE_ACCESS_READ));
00060       }
00061 
00062       return parent::authorize($request, $args, $roleAssignments);
00063    }
00064 
00065    //
00066    // Public handler methods
00067    //
00073    function downloadFile($args, &$request) {
00074       $monographFile =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH_FILE);
00075       assert($monographFile); // Should have been validated already
00076       import('classes.file.MonographFileManager');
00077       $press =& $request->getPress();
00078       $monographFileManager = new MonographFileManager($press->getId(), $monographFile->getMonographId());
00079       $monographFileManager->downloadFile($monographFile->getFileId(), $monographFile->getRevision());
00080    }
00081 
00087    function downloadLibraryFile($args, &$request) {
00088       import('classes.file.LibraryFileManager');
00089       $press =& $request->getPress();
00090       $libraryFileManager = new LibraryFileManager($press->getId());
00091       $libraryFileDao =& DAORegistry::getDAO('LibraryFileDAO');
00092       $libraryFile =& $libraryFileDao->getById($request->getUserVar('libraryFileId'));
00093       if ($libraryFile) {
00094 
00095          // If this file has a monograph ID, ensure that the current
00096          // user is assigned to that submission.
00097          if ($libraryFile->getMonographId()) {
00098             $user =& $request->getUser();
00099             $allowedAccess = false;
00100             $userStageAssignmentDao =& DAORegistry::getDAO('UserStageAssignmentDAO');
00101             $assignedUsers = $userStageAssignmentDao->getUsersBySubmissionAndStageId($libraryFile->getMonographId(), WORKFLOW_STAGE_ID_SUBMISSION);
00102             if (!$assignedUsers->wasEmpty()) {
00103                while ($assignedUser =& $assignedUsers->next()) {
00104                   if ($assignedUser->getId()  == $user->getId()) {
00105                      $allowedAccess = true;
00106                      break;
00107                   }
00108                }
00109             }
00110          } else {
00111             $allowedAccess = true; // this is a Press submission document, default to access policy.
00112          }
00113 
00114          if ($allowedAccess) {
00115             $filePath = $libraryFileManager->getBasePath() .  $libraryFile->getOriginalFileName();
00116             $libraryFileManager->downloadFile($filePath);
00117          } else {
00118             fatalError('Unauthorized access to library file.');
00119          }
00120       }
00121    }
00122 
00128    function viewFile($args, &$request) {
00129       $monographFile =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH_FILE);
00130       assert($monographFile); // Should have been validated already
00131       import('classes.file.MonographFileManager');
00132       $press =& $request->getPress();
00133       $monographFileManager = new MonographFileManager($press->getId(), $monographFile->getMonographId());
00134       $monographFileManager->downloadFile($monographFile->getFileId(), $monographFile->getRevision(), true);
00135    }
00136 
00142    function downloadAllFiles($args, &$request) {
00143       // Retrieve the authorized objects.
00144       $monographFiles = $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH_FILES);
00145       $monograph =& $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH);
00146 
00147       // Find out the paths of all files in this grid.
00148       import('classes.file.MonographFileManager');
00149       $monographFileManager = new MonographFileManager($monograph->getPressId(), $monograph->getId());
00150       $filesDir = $monographFileManager->getBasePath();
00151       $filePaths = array();
00152       foreach ($monographFiles as $monographFile) {
00153          // Remove absolute path so the archive doesn't include it (otherwise all files are organized by absolute path)
00154          $filePaths[] = str_replace($filesDir, '', $monographFile->getFilePath());
00155 
00156          unset($monographFile);
00157       }
00158 
00159       import('lib.pkp.classes.file.FileArchive');
00160       $fileArchive = new FileArchive();
00161       $archivePath = $fileArchive->create($filePaths, $filesDir);
00162 
00163       if (file_exists($archivePath)) {
00164          $fileManager = new FileManager();
00165          if ($fileArchive->zipFunctional()) {
00166             $fileManager->downloadFile($archivePath, 'application/x-zip', false, 'files.zip');
00167          } else {
00168             $fileManager->downloadFile($archivePath, 'application/x-gtar', false, 'files.tar.gz');
00169          }
00170          $fileManager->deleteFile($archivePath);
00171       } else {
00172          fatalError('Creating archive with submission files failed!');
00173       }
00174    }
00175 
00182    function recordDownload($args, &$request) {
00183       $monographFiles = $this->getAuthorizedContextObject(ASSOC_TYPE_MONOGRAPH_FILES);
00184       $fileId = null;
00185 
00186       foreach ($monographFiles as $monographFile) {
00187          import('classes.file.MonographFileManager');
00188          MonographFileManager::recordView($monographFile);
00189          $fileId = $monographFile->getFileId();
00190          unset($monographFile);
00191       }
00192 
00193       if (count($monographFiles) > 1) {
00194          $fileId = null;
00195       }
00196 
00197       return $this->enableLinkAction($args, $request);
00198    }
00199 
00208    function enableLinkAction($args, &$request) {
00209       return DAO::getDataChangedEvent();
00210    }
00211 }
00212 
00213 ?>