Hugging Face's logo

Spaces:
chrisbryan17
/
mautic
No application file

App Files Community
mautic
File size: 3,371 Bytes 
d2897cd
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
 
<?php

namespace Mautic\AssetBundle\Controller;

use Mautic\CoreBundle\Controller\FormController as CommonFormController;
use Mautic\CoreBundle\Helper\CoreParametersHelper;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;

class PublicController extends CommonFormController
{
    /**
     * @param string $slug
     *
     * @return Response
     */
    public function downloadAction(Request $request, CoreParametersHelper $parametersHelper, $slug)
    {
        // find the asset
        /** @var \Mautic\AssetBundle\Model\AssetModel $model */
        $model = $this->getModel('asset');

        /** @var \Mautic\AssetBundle\Entity\Asset $entity */
        $entity = $model->getEntityBySlugs($slug);

        if (!empty($entity)) {
            $published = $entity->isPublished();

            // make sure the asset is published or deny access if not
            if ((!$published) && (!$this->security->hasEntityAccess('asset:assets:viewown', 'asset:assets:viewother', $entity->getCreatedBy()))) {
                $model->trackDownload($entity, $request, 401);

                return $this->accessDenied();
            }

            // make sure URLs match up
            $url        = $model->generateUrl($entity, false);
            $requestUri = $request->getRequestUri();
            // remove query
            $query = $request->getQueryString();

            if (!empty($query)) {
                $requestUri = str_replace("?{$query}", '', $url);
            }

            // redirect if they don't match
            if ($requestUri != $url) {
                $model->trackDownload($entity, $request, 301);

                return $this->redirect($url, 301);
            }

            if ($entity->isRemote()) {
                $model->trackDownload($entity, $request, 200);

                // Redirect to remote URL
                $response = new RedirectResponse($entity->getRemotePath());
            } else {
                try {
                    // set the uploadDir
                    $entity->setUploadDir($parametersHelper->get('upload_dir'));
                    $contents = $entity->getFileContents();
                    $model->trackDownload($entity, $request, 200);
                } catch (\Exception) {
                    $model->trackDownload($entity, $request, 404);

                    return $this->notFound();
                }

                $response = new Response();

                if ($entity->getDisallow()) {
                    $response->headers->set('X-Robots-Tag', 'noindex, nofollow, noarchive');
                }

                $response->headers->set('Content-Type', $entity->getFileMimeType());

                // Display the file directly in the browser just for selected extensions
                $stream = $request->get('stream', in_array($entity->getExtension(), $this->coreParametersHelper->get('streamed_extensions')));
                if (!$stream) {
                    $response->headers->set('Content-Disposition', 'attachment;filename="'.$entity->getOriginalFileName());
                }
                $response->setContent($contents);
            }

            return $response;
        }

        $model->trackDownload($entity, $request, 404);

        return $this->notFound();
    }
}