Source of file DecryptController.php
Size: 1,758 Bytes - Last Modified: 2021-12-23T10:00:31+00:00
/var/www/docs.ssmods.com/process/src/src/DecryptController.php
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 | <?php namespace LeKoala\Encrypt; use SilverStripe\Assets\File; use SilverStripe\Control\Controller; use SilverStripe\Security\Permission; use SilverStripe\Security\Security; use SilverStripe\Versioned\Versioned; /** * Easily decrypt your files */ class DecryptController extends Controller { public function index() { $request = $this->getRequest(); $ID = (int) $request->getVar("ID"); $Hash = $request->getVar("Hash"); if (!$ID || !$Hash) { return $this->httpError(404); } $sendDraft = $this->config()->send_draft; /** @var File|EncryptedDBFile $File */ $File = File::get()->byID($ID); if (!$File && $sendDraft) { $File = Versioned::get_one_by_stage(File::class, Versioned::DRAFT, "ID = " . $ID); } if (!$File) { return $this->httpError(404); } // Verify hash $FileHash = substr($File->File->Hash, 0, 10); if ($Hash != $FileHash && !Permission::check("CMS_ACCESS")) { return $this->httpError(404); } // Check protected $sendProtected = $this->config()->send_protected; $adminSendProtected = $this->config()->admin_send_protected; $currentUserID = Security::getCurrentUser()->ID ?? 0; $isOwner = $File->OwnerID === $currentUserID; if ($File->getVisibility() == "protected") { if (!$sendProtected && !$isOwner) { if ($adminSendProtected && Permission::check("CMS_ACCESS")) { // We can proceed } else { return $this->httpError(404); } } } EncryptHelper::sendDecryptedFile($File); } } |