. */ declare(strict_types=1); namespace Fisharebest\Webtrees\Http\RequestHandlers; use Fig\Http\Message\StatusCodeInterface; use Fisharebest\Webtrees\Auth; use Fisharebest\Webtrees\Registry; use Fisharebest\Webtrees\Validator; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Server\RequestHandlerInterface; use function assert; use function redirect; /** * Download a media file. */ class MediaFileDownload implements RequestHandlerInterface { /** * Download a non-image media file. * * @param ServerRequestInterface $request * * @return ResponseInterface */ public function handle(ServerRequestInterface $request): ResponseInterface { $tree = Validator::attributes($request)->tree(); $user = Validator::attributes($request)->user(); $image_factory = Registry::imageFactory(); $disposition = $request->getQueryParams()['disposition'] ?? 'inline'; assert($disposition === 'inline' || $disposition === 'attachment'); $params = $request->getQueryParams(); $xref = $params['xref'] ?? ''; $fact_id = $params['fact_id'] ?? ''; $media = Registry::mediaFactory()->make($xref, $tree); $media = Auth::checkMediaAccess($media); foreach ($media->mediaFiles() as $media_file) { if ($media_file->factId() === $fact_id) { if ($media_file->isExternal()) { return redirect($media_file->filename()); } $watermark = $media_file->isImage() && $image_factory->fileNeedsWatermark($media_file, $user); $download = $disposition === 'attachment'; $response = $image_factory->mediaFileResponse($media_file, $watermark, $download); return $response->withHeader('cache-control', 'public,max-age=31536000'); } } return $image_factory->replacementImageResponse((string) StatusCodeInterface::STATUS_NOT_FOUND); } }