From 21fd227d2a9d7071e68e8feb07d93faa091b6507 Mon Sep 17 00:00:00 2001 From: Eternal Black Date: Fri, 9 Dec 2016 12:14:33 +0100 Subject: [PATCH] Preparation for onetime downloads and expiring downloads Expiring downloads working. Onetime downloads don't because of SecureAssetDownloadService.php:115 --- .../SecureAssetDownloadController.php | 4 ++++ .../services/SecureAssetDownloadService.php | 17 +++++++++++++++++ secureassetdownload/templates/_settings.twig | 11 +++++++++++ 3 files changed, 32 insertions(+) diff --git a/secureassetdownload/controllers/SecureAssetDownloadController.php b/secureassetdownload/controllers/SecureAssetDownloadController.php index d314095..ec3e1f9 100644 --- a/secureassetdownload/controllers/SecureAssetDownloadController.php +++ b/secureassetdownload/controllers/SecureAssetDownloadController.php @@ -8,6 +8,10 @@ public function actionIndex(array $variables = array()) if ($variables and $variables["crypt"]) { $options = craft()->secureAssetDownload->decodeUrlParam($variables["crypt"]); + if (gettype($options)!='array') { + throw new HttpException('404', 'Invalid asset URL'); + } + if (!craft()->secureAssetDownload->isDownloadAllowed($options)) { throw new Exception(Craft::t("You do not have permission to download this file")); } diff --git a/secureassetdownload/services/SecureAssetDownloadService.php b/secureassetdownload/services/SecureAssetDownloadService.php index 725e3bf..87494f3 100644 --- a/secureassetdownload/services/SecureAssetDownloadService.php +++ b/secureassetdownload/services/SecureAssetDownloadService.php @@ -31,6 +31,12 @@ public function getUrl($criteria) $options['userGroupId'] = $criteria['userGroupId']; } + $options['onetime'] = (isset($criteria['onetime']) ? $criteria['onetime'] : false); + if ($options['onetime']) { + $options['duration'] = (isset($criteria['duration']) ? $criteria['duration'] : 60); + $options['time'] = time(); + } + $urlParam = $this->encodeUrlParam($options); return UrlHelper::getSiteUrl('secureAssetDownload/' . $urlParam); @@ -99,6 +105,17 @@ public function isDownloadAllowed(array $options = array()) return false; } + if ($options['onetime']) { + $time = isset($options['duration']) ? $options['duration'] : $key = craft()->plugins->getPlugin("secureAssetDownload")->getSettings()->timeKey; + if ( (time() - $options['time']) >= $time ) { + throw new Exception(Craft::t("Link Expired")); + return false; + } + // throw new Exception(Craft::t( time() - $options['time'] . " " . $time)); + $options['time'] -= $time; + // throw new Exception(Craft::t("\$options['onetime']: " . $options['onetime'] . " | \$options['time']: " . $options['time'] . " | \$time: " . $time . " | time: " . time() )); + } + if (!craft()->userSession->isLoggedIn()) { return false; } diff --git a/secureassetdownload/templates/_settings.twig b/secureassetdownload/templates/_settings.twig index e93bb66..2e430b1 100644 --- a/secureassetdownload/templates/_settings.twig +++ b/secureassetdownload/templates/_settings.twig @@ -11,3 +11,14 @@ required: true, errors: '' }) }} +{{ forms.textField({ + label: "Time"|t, + id: 'timeKey', + name: 'timeKey', + instructions: "Global Time for one-time-downloads"|t, + value: settings.timeKey, + autofocus: true, + first: true, + required: true, + errors: '' +}) }}