xref: /webtrees/app/Http/RequestHandlers/MediaFileDownload.php (revision 63b8905b3e5720e93dbeefb3d48a5c7ca767ad39) 
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2020 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees\Http\RequestHandlers;
21
22use Fig\Http\Message\StatusCodeInterface;
23use Fisharebest\Webtrees\Auth;
24use Fisharebest\Webtrees\Exceptions\HttpAccessDeniedException;
25use Fisharebest\Webtrees\Exceptions\HttpNotFoundException;
26use Fisharebest\Webtrees\Exceptions\MediaNotFoundException;
27use Fisharebest\Webtrees\Factory;
28use Fisharebest\Webtrees\Tree;
29use League\Flysystem\FilesystemInterface;
30use Psr\Http\Message\ResponseInterface;
31use Psr\Http\Message\ServerRequestInterface;
32use Psr\Http\Server\RequestHandlerInterface;
33
34use function addcslashes;
35use function assert;
36use function redirect;
37use function response;
38use function strlen;
39
40/**
41 * Download a media file.
42 */
43class MediaFileDownload implements RequestHandlerInterface
44{
45    /**
46     * Download a non-image media file.
47     *
48     * @param ServerRequestInterface $request
49     *
50     * @return ResponseInterface
51     */
52    public function handle(ServerRequestInterface $request): ResponseInterface
53    {
54        $tree = $request->getAttribute('tree');
55        assert($tree instanceof Tree);
56
57        $data_filesystem = $request->getAttribute('filesystem.data');
58        assert($data_filesystem instanceof FilesystemInterface);
59
60        $disposition = $request->getQueryParams()['disposition'] ?? 'inline';
61        assert($disposition === 'inline' || $disposition === 'attachment');
62
63        $params  = $request->getQueryParams();
64        $xref    = $params['xref'];
65        $fact_id = $params['fact_id'];
66        $media   = Factory::media()->make($xref, $tree);
67        $media   = Auth::checkMediaAccess($media);
68
69        foreach ($media->mediaFiles() as $media_file) {
70            if ($media_file->factId() === $fact_id) {
71                if ($media_file->isExternal()) {
72                    return redirect($media_file->filename());
73                }
74
75                if ($media_file->fileExists($data_filesystem)) {
76                    $data = $media_file->media()->tree()->mediaFilesystem($data_filesystem)->read($media_file->filename());
77
78                    return response($data, StatusCodeInterface::STATUS_OK, [
79                        'Content-Type'        => $media_file->mimeType(),
80                        'Content-Length'      => (string) strlen($data),
81                        'Content-Disposition' => $disposition . '; filename="' . addcslashes($media_file->filename(), '"') . '"',
82                    ]);
83                }
84            }
85        }
86
87        throw new HttpNotFoundException();
88    }
89}
90