12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697 |
- <?php
- /**
- * @file
- * Examples demonstrating the Drupal File API.
- */
- /**
- * @defgroup file_example Example: Files
- * @ingroup examples
- * @{
- * Examples demonstrating the Drupal File API.
- *
- * The File Example module is part of the Examples for Developers Project and
- * provides a variety of examples for the Developers project page. Some
- * concepts we demonstrate with this module:
- *
- * * Creating, moving and deleting files, and reading and writing from them.
- *
- * * Using files that Drupal can manage via its Entity API ("managed files"),
- * and unmanaged files (the usual kind of file programs deal with).
- *
- * * Creating and setting up directories with the right permissions, and with
- * .htaccess files that prevent unwanted accesses.
- *
- * * Allowing restricted access to files the way Drupal private files are
- * downloaded.
- *
- * * Using special "stream" URIs like public://, private://, and temporary://.
- * Drupal has good support for this PHP language feature. You can implement
- * new file schemes as well; see the Stream Wrapper Example for how to do
- * that.If you enable the stream_wrapper_example module, you can use it
- * together with the File Example to test how a custom stream works.
- *
- * To demonstrate all of this, the File Example implements a form that lets you
- * play with files. Read src/Form/FileExampleReadWriteForm.php to see
- * demonstrations of the various File API functions you will want to use in your
- * code.
- *
- * Some links for further information on the File API and related information:
- *
- * @link http://drupal.org/project/examples Examples for Developers project
- * page. @endlink
- * @link file File summary on api.drupal.org @endlink for the function summary.
- */
- /**
- * Implements hook_file_download().
- *
- * This hook allows modules to enforce permissions on file downloads whenever
- * Drupal is handling file download, as opposed to the web server bypassing
- * Drupal and returning the file from a public directory. Modules can also
- * provide headers to specify information like the file's name or MIME type.
- *
- * For our example module, we want to be able to see the temporary, private,
- * and session (our test stream wrapper / file scheme). In general, you really
- * would NEVER give general access to your temporary, and you certainly wouldn't
- * do it for your private files. So we demonstrate this here, but kids, don't
- * try this at home ;-) Remember: keep your files secure!
- *
- * For hook_file_download() to get called at all, your code needs set up your
- * routes so that the download link uses FileDownloadController::download() as
- * a controller. FileDownloadController::download() enforces access restrictions
- * on the files it managed, in part by invoking hook_file_downloads(). See the
- * File Example's routing file to see how to do this.
- *
- * @param string $uri
- * The URI of the file.
- *
- * @return mixed
- * If the user does not have permission to access the file, return -1. If the
- * user has permission, return an array with the appropriate headers. If the
- * file is not controlled by the current module, the return value should be
- * NULL.
- *
- * @see file_download()
- * @see hook_file_download()
- * @see file_example.routing.yml
- * @see \Drupal\system\FileDownloadController::download()
- */
- function file_example_file_download($uri) {
- $scheme = file_uri_scheme($uri);
- if (in_array($scheme, ['private', 'temporary', 'session'])) {
- $permission = "read $scheme files";
- $current_user = \Drupal::currentUser();
- $account = $current_user->getAccount();
- if ($account->hasPermission($permission)) {
- return [
- 'Content-Type: text/plain',
- ];
- }
- }
- }
- /**
- * @} End of "defgroup file_example".
- */
|