Coding standards
Security in ResourceSpace
Developer reference
Database
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
Comment functions
Config functions
CSV export functions
Dash functions
Debug functions
Encryption functions
Facial recognition functions
File functions
General functions
Language functions
Log functions
Login functions
Message functions
Migration functions
Node functions
PDF functions
Plugin functions
Render functions
Reporting functions
Request functions
Research functions
Slideshow functions
Theme permission functions
User functions
Video functions
Database functions
Metadata functions
Resource functions
Search functions
Map functions
Job functions
Tab functions
Test functions

resource_download_allowed()

Description

For the given resource and size, can the current user download it?
resource type and access may already be available in the case of search, so pass them along to get_resource_access to avoid extra queries
$resource can be a resource-specific search result array.

Parameters

ColumnTypeDefaultDescription
$resource int ID of resource
$size string ID of size
$resource_type int ID of resource type
$alternative int -1 Use alternative?
$usecache bool false Use cached result if available?

Return

boolean

Location

include/resource_functions.php lines 5163 to 5243

Definition

 
function resource_download_allowed($resource$size$resource_type$alternative = -1$usecache false)
{
    global $userref$usergroup$user_dl_limit$user_dl_days$sizes_always_allowed$download_access_cache;

    $cacheid $resource "_" $size;
    if ($usecache && isset($download_access_cache[$cacheid])) {
        return $download_access_cache[$cacheid];
    }

    $access get_resource_access($resource);

    if (resource_has_access_denied_by_RT_size($resource_type$size)) {
        $download_access_cache[$cacheid] = false;
        return $download_access_cache[$cacheid];
    }

    if (checkperm('X' $resource_type "_" $size) && $alternative == -1) {
        # Block access to this resource type / size? Not if an alternative file
        # Only if no specific user access override (i.e. they have successfully requested this size).
        $usercustomaccess get_custom_access_user($resource$userref);
        $usergroupcustomaccess get_custom_access($resource$usergroup);
        if (
            ($usercustomaccess === false || $usercustomaccess !== 0) &&
            ($usergroupcustomaccess === false || $usergroupcustomaccess !== 0)
        ) {
            $download_access_cache[$cacheid] = false;
            return $download_access_cache[$cacheid];
        }
    }

    if (($size == "" || $size == "hpr" || getval("noattach""") == "")  && intval($user_dl_limit) > 0) {
        $download_limit_check get_user_downloads($userref$user_dl_days);
        if ($download_limit_check >= $user_dl_limit) {
            $download_access_cache[$cacheid] = false;
            return $download_access_cache[$cacheid];
        }
    }

    # Full access
    if ($access == 0) {
        $download_access_cache[$cacheid] = true;
        return $download_access_cache[$cacheid];
    }

    # Restricted
    if (== $access) {
        // The system should always allow these sizes to be downloaded as these are needed for search results and it makes
        // sense to allow them if a request for one of them is received. For example when $hide_real_filepath is enabled.
        // 'videojs' represents the preview loaded by videojs viewer.

        if ('' == $size) {
            # Original file - access depends on the 'restricted_full_download' config setting.
            $download_access_cache[$cacheid] = $GLOBALS["restricted_full_download"];
            return $download_access_cache[$cacheid];
        } elseif ('' != $size && in_array($size$sizes_always_allowed)) {
            $download_access_cache[$cacheid] = true;
            return $download_access_cache[$cacheid];
        } else {
            # Return the restricted access setting for this resource type.
            $download_access_cache[$cacheid] = ps_value("
                SELECT allow_restricted value
                  FROM preview_size
                 WHERE id = ?",
                ["s"$size],
                0,
                "schema")
                == 1;
                return $download_access_cache[$cacheid];
        }
    }

    # Confidential
    if ($access == 2) {
        $download_access_cache[$cacheid] = false;
        return $download_access_cache[$cacheid];
    }

    # Unable to determine access
    $download_access_cache[$cacheid] = false;
    return $download_access_cache[$cacheid];
}

This article was last updated 3rd April 2025 21:35 Europe/London time based on the source file dated 26th March 2025 19:05 Europe/London time.