Congegni
/
libretime
mirror of https://github.com/libretime/libretime.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Apikey rest delete (#7) 

* Allow file deletes from V1 REST API call

* Add comment to satisfy CI checks (*sigh*)
This commit is contained in:
Thomas Göttgens 2024-04-18 14:06:14 +02:00 committed by GitHub
parent a1a8caf0fb
commit 21cf79a1bf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
legacy/application/models/StoredFile.php
View File

@ -394,16 +394,18 @@ SQL;
throw new DeleteScheduledFileException();
}
$userInfo = Zend_Auth::getInstance()->getStorage()->read();
$user = new Application_Model_User($userInfo->id);
$isAdminOrPM = $user->isUserType([UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER]);
if (!$isAdminOrPM && $this->getFileOwnerId() != $user->getId()) {
throw new FileNoPermissionException();
// if we get here from the REST API, there's no valid user. APIKEY is validated already.
if ($userInfo = Zend_Auth::getInstance()->getStorage()->read()) {
// This call will throw "Trying to get property 'id' of non-object"
$user = new Application_Model_User($userInfo->id);
$isAdminOrPM = $user->isUserType([UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER]);
if (!$isAdminOrPM && $this->getFileOwnerId() != $user->getId()) {
throw new FileNoPermissionException();
}
$file_id = $this->_file->getDbId();
Logging::info($file_id);
Logging::info('User ' . $user->getLogin() . ' is deleting file: ' . $this->_file->getDbTrackTitle() . ' - file id: ' . $file_id);
}
$file_id = $this->_file->getDbId();
Logging::info($file_id);
Logging::info('User ' . $user->getLogin() . ' is deleting file: ' . $this->_file->getDbTrackTitle() . ' - file id: ' . $file_id);
$filesize = $this->_file->getFileSize();
if ($filesize < 0) {
throw new Exception('Cannot delete file with filesize ' . $filesize);