1.0.0

Author: Kharg

files/application/Espo/Modules/FileSharing/Classes/FieldProcessing/FileSharing/SetEntryPointUrl.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace Espo\Modules\FileSharing\Classes\FieldProcessing\FileSharing;
+
+use Espo\Core\FieldProcessing\Loader;
+use Espo\Core\FieldProcessing\Loader\Params;
+use Espo\Core\ORM\EntityManager;
+use Espo\ORM\Entity;
+use Espo\Core\Utils\Config;
+
+class SetEntryPointUrl implements Loader
+{
+    private EntityManager $entityManager;
+    private Config $config;
+
+    public function __construct(EntityManager $entityManager, Config $config)
+    {
+        $this->entityManager = $entityManager;
+        $this->config = $config;
+    }
+
+    public function process(Entity $entity, Params $params): void
+    {
+        $id = $entity->getId();
+        $token = $entity->get('accessToken');
+
+        $siteUrl = $this->config->get('siteUrl');
+
+        // Add a '/' at the end of the siteUrl if there's none
+        if (substr($siteUrl, -1) !== '/') {
+            $siteUrl .= '/';
+        }
+
+        $entryPointUrl = "{$siteUrl}?entryPoint=FileSharing&id={$id}&token={$token}";
+
+        $entity->set('entryPointUrl', $entryPointUrl);
+    }
+}

files/application/Espo/Modules/FileSharing/Classes/Select/PrimaryFilters/Active.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace Espo\Modules\FileSharing\Classes\Select\PrimaryFilters;
+
+use Espo\Core\Select\Primary\Filter;
+use Espo\ORM\Query\SelectBuilder;
+
+class Active implements Filter
+{
+    public function apply(SelectBuilder $queryBuilder): void
+    {
+        $queryBuilder->where([
+             'status=' => ['Active']
+           ]);
+    }
+}
+?>

files/application/Espo/Modules/FileSharing/Classes/Select/PrimaryFilters/Canceled.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace Espo\Modules\FileSharing\Classes\Select\PrimaryFilters;
+
+use Espo\Core\Select\Primary\Filter;
+use Espo\ORM\Query\SelectBuilder;
+
+class Canceled implements Filter
+{
+    public function apply(SelectBuilder $queryBuilder): void
+    {
+        $queryBuilder->where([
+            'status=' => ['Canceled']
+          ]);
+    }
+}
+?>

files/application/Espo/Modules/FileSharing/Classes/Select/PrimaryFilters/Draft.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace Espo\Modules\FileSharing\Classes\Select\PrimaryFilters;
+
+use Espo\Core\Select\Primary\Filter;
+use Espo\ORM\Query\SelectBuilder;
+
+class Draft implements Filter
+{
+    public function apply(SelectBuilder $queryBuilder): void
+    {
+        $queryBuilder->where([
+            'status=' => ['Draft']
+          ]);
+    }
+}
+?>

files/application/Espo/Modules/FileSharing/Classes/Select/PrimaryFilters/Expired.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace Espo\Modules\FileSharing\Classes\Select\PrimaryFilters;
+
+use Espo\Core\Select\Primary\Filter;
+use Espo\ORM\Query\SelectBuilder;
+
+class Expired implements Filter
+{
+    public function apply(SelectBuilder $queryBuilder): void
+    {
+        $queryBuilder->where([
+            'status=' => ['Expired']
+          ]);
+    }
+}
+?>

files/application/Espo/Modules/FileSharing/Controllers/FileSharing.php

@@ -0,0 +1,7 @@
+<?php
+
+namespace Espo\Modules\FileSharing\Controllers;
+
+class FileSharing extends \Espo\Core\Templates\Controllers\Base
+{
+}

files/application/Espo/Modules/FileSharing/Controllers/GenerateToken.php

@@ -0,0 +1,48 @@
+<?php
+
+namespace Espo\Modules\FileSharing\Controllers;
+
+use Espo\Core\Api\Request;
+use Espo\Core\Api\Response;
+use Espo\ORM\Entity;
+use Espo\ORM\EntityManager;
+use Espo\Core\Exceptions\Error;
+use Espo\Core\Exceptions\BadRequest;
+use Espo\Core\Exceptions\NotFound;
+
+class GenerateToken
+{
+    public function __construct(EntityManager $entityManager)
+    {
+        $this->entityManager = $entityManager;
+    }
+
+    public function postActionGenerateNewToken(Request $request, Response $response): void
+    {
+        $data = $request->getParsedBody();
+
+        if (empty($data->id)) {
+            throw new BadRequest('ID is missing.');
+        }
+
+        $id = $data->id;
+
+        // Load the FileSharing entity
+        $fileSharing = $this->entityManager->getEntity('FileSharing', $id);
+        if (!$fileSharing) {
+            throw new NotFound("FileSharing entity with ID '{$id}' not found.");
+        }
+
+        // Generate a new access token
+        $accessToken = bin2hex(random_bytes(18));
+
+        // Set the new access token to the FileSharing entity
+        $fileSharing->set('accessToken', $accessToken);
+
+        // Save the FileSharing entity with the new access token
+        $this->entityManager->saveEntity($fileSharing);
+
+        // Return the new access token in the response
+        $response->writeBody(json_encode(['accessToken' => $accessToken]));
+    }
+}

files/application/Espo/Modules/FileSharing/Entities/FileSharing.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace Espo\Modules\FileSharing\Entities;
+
+class FileSharing extends \Espo\Core\Templates\Entities\Base
+{
+    public const ENTITY_TYPE = 'FileSharing';
+
+    protected $entityType = 'FileSharing';
+}

files/application/Espo/Modules/FileSharing/EntryPoints/FileSharing.php

@@ -0,0 +1,111 @@
+<?php
+
+namespace Espo\Modules\FileSharing\EntryPoints;
+
+use Espo\Core\Exceptions\NotFound;
+use Espo\Core\Exceptions\Forbidden;
+use Espo\Core\Exceptions\BadRequest;
+use Espo\Core\EntryPoints\Base;
+use Espo\Core\ORM\EntityManager;
+use Espo\Core\Api\Request;
+use Espo\Core\Api\Response;
+use Espo\Entities\Attachment as AttachmentEntity;
+use Espo\Core\FileStorage\Manager as FileStorageManager;
+use Espo\Core\EntryPoint\Traits\NoAuth;
+
+class FileSharing extends Base
+{
+    use NoAuth;
+
+    protected function getEntityManager(): EntityManager
+    {
+        return $this->getContainer()->get('entityManager');
+    }
+
+    protected function fileStorageManager(): fileStorageManager
+    {
+        return $this->getContainer()->get('fileStorageManager');
+    }
+
+    public function run(Request $request, Response $response): void
+    {
+        $id = $request->getQueryParam('id');
+        if (!$id) {
+            throw new BadRequest("Missing 'id' parameter.");
+        }
+        
+        $fileSharing = $this->getEntityManager()->getEntity('FileSharing', $id);
+        if (!$fileSharing) {
+            throw new NotFound("FileSharing entity with ID '{$id}' not found.");
+        }
+
+        // Check if the accessToken matches the one in the entity
+        $accessToken = $request->getQueryParam('token');
+        if (!$accessToken || $accessToken !== $fileSharing->get('accessToken')) {
+            throw new Forbidden("Token not valid.");
+        }
+    
+        $status = $fileSharing->get('status');
+    if ($status !== 'Active') {
+        throw new Forbidden("The requested file is not active and cannot be downloaded.");
+    }
+
+    $validTill = $fileSharing->get('validTill');
+    if ($validTill) {
+        // Convert validTill to the server's timezone
+        $validTillDateTime = new \DateTime($validTill);
+        $serverTimezone = new \DateTimeZone(date_default_timezone_get());
+        $validTillDateTime->setTimezone($serverTimezone);
+
+        $now = new \DateTime();
+        if ($now > $validTillDateTime) {
+            throw new Forbidden("The requested file has expired and is no longer available.");
+        }
+    }
+
+        $attachmentId = $fileSharing->get('attachmentId');
+        if (!$attachmentId) {
+            throw new NotFound("Attachment not found for FileSharing entity with ID '{$id}'.");
+        }
+        $attachment = $this->getEntityManager()->getEntityById(AttachmentEntity::ENTITY_TYPE, $attachmentId);
+        $stream = $this->fileStorageManager()->getStream($attachment);
+        if (!$attachment) {
+            throw new NotFound("Attachment with ID '{$attachmentId}' not found.");
+        }
+
+        $filePath = $this->getEntityManager()->getRepository('Attachment')->getFilePath($attachment);
+        if (!$filePath) {
+            throw new NotFound("File not found on the server.");
+        }
+
+        $fileName = $attachment->getName();
+        $fileType = $attachment->getType();
+        $size = $stream->getSize() ?? $this->fileStorageManager()->getSize($attachment);
+        $forceFileDownload = $fileSharing->get('forceFileDownload');
+    
+     $accessCount = $fileSharing->get('accessCount');
+    $allowedUsage = $fileSharing->get('allowedUsage');
+    if ($allowedUsage != 0 && $accessCount >= $allowedUsage) {
+        throw new NotFound("Download Limit exceeded.");
+    }
+     // Increment the accessCount field
+    $accessCount = $fileSharing->get('accessCount');
+    $fileSharing->set('accessCount', $accessCount + 1);
+    $this->getEntityManager()->saveEntity($fileSharing);
+
+        $this->downloadFile($response, $stream, $fileName, $fileType, $forceFileDownload, $size);
+    }
+
+    protected function downloadFile(Response $response, $stream, $fileName, $fileType, $forceFileDownload, $size)
+    {
+        $disposition = $forceFileDownload ? 'attachment' : 'inline';
+
+        $response->setHeader("Content-Disposition", "$disposition; filename=\"{$fileName}\"");
+        $response->setHeader("Content-Type", $fileType);
+        $response->setHeader('Pragma', 'public');
+        $response->setHeader('Cache-Control', 'must-revalidate');
+        $response->setHeader('Expires', '0');
+        $response->setHeader('Content-Length', (string) $size);
+        $response->setBody($stream);
+    }
+}

files/application/Espo/Modules/FileSharing/Hooks/FileSharing/GenerateDownloadToken.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace Espo\Modules\FileSharing\Hooks\FileSharing;
+
+use Espo\Core\Hooks\Base;
+use Espo\ORM\Entity;
+
+class GenerateDownloadToken extends Base
+{
+    public function beforeSave(Entity $entity, array $options = [])
+    {
+        // Generate a random 36-character alphanumeric token
+        $accessToken = bin2hex(random_bytes(18));
+
+        if ($entity->isNew()) {
+            $entity->set('accessToken', $accessToken);
+        }
+    }
+}