Bypass file download permissions check

Next topic

Author	Message
Brendan Pike	Monday 16 February 2009 9:59:16 pm Although it seems unlikely I am hoping there is some way to pass or create a download link from templates that allows policies to be bypass file download permission checks a little like fetch 'limitation', array(). I don't wish to give users read access to this entire class, but would love it if I could apply class attribute level permissions. Since this isn't possible in eZ publish without hacks can anyone suggest ant work-arounds? Thanks www.dbinformatics.com.au We are always interested in hearing from experienced eZ PHP programmers and eZ template designers interested in contract work.
Kristof Coomans	Tuesday 17 February 2009 12:11:35 am Hi Brendan, You can create a new module/view, similar to content/dowload (see kernel/content/download.php), that doesn't check any policies for certain content classes. independent eZ Publish developer and service provider \| http://blog.coomanskristof.be \| http://ezpedia.org
Brendan Pike	Tuesday 17 February 2009 5:53:30 pm Thanks Kristof I suspected it would require an extension, could be an opportunity for me to learn how to create a basic extension. :) Cheers www.dbinformatics.com.au We are always interested in hearing from experienced eZ PHP programmers and eZ template designers interested in contract work.

Author

Message

Monday 16 February 2009 9:59:16 pm

Although it seems unlikely I am hoping there is some way to pass or create a download link from templates that allows policies to be bypass file download permission checks a little like fetch 'limitation', array().

I don't wish to give users read access to this entire class, but would love it if I could apply class attribute level permissions. Since this isn't possible in eZ publish without hacks can anyone suggest ant work-arounds?

Thanks

www.dbinformatics.com.au

We are always interested in hearing from experienced eZ PHP programmers and eZ template designers interested in contract work.

Kristof Coomans

Tuesday 17 February 2009 12:11:35 am

Hi Brendan,

You can create a new module/view, similar to content/dowload (see kernel/content/download.php), that doesn't check any policies for certain content classes.

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org

Brendan Pike

Tuesday 17 February 2009 5:53:30 pm

Thanks Kristof

I suspected it would require an extension, could be an opportunity for me to learn how to create a basic extension. :)

Cheers

www.dbinformatics.com.au

We are always interested in hearing from experienced eZ PHP programmers and eZ template designers interested in contract work.

eZ debug

Timing:	Jan 18 2025 18:39:42
Script start
Timing:	Jan 18 2025 18:39:42
Module start 'layout'
Timing:	Jan 18 2025 18:39:42
Module start 'content'
Timing:	Jan 18 2025 18:39:43
Module end 'content'
Timing:	Jan 18 2025 18:39:43
Script end

Main resources:

Total runtime	0.8062 sec
Peak memory usage	4,096.0000 KB
Database Queries	57

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0058	589.9297	152.6406
Module start 'layout'	0.0058	0.0032	742.5703	39.4609
Module start 'content'	0.0090	0.7958	782.0313	529.1094
Module end 'content'	0.8047	0.0014	1,311.1406	12.3125
Script end	0.8061		1,323.4531

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0034	0.4271	16	0.0002
Check MTime	0.0014	0.1698	16	0.0001
Mysql Total
Database connection	0.0007	0.0905	1	0.0007
Mysqli_queries	0.7611	94.4147	57	0.0134
Looping result	0.0005	0.0586	55	0.0000
Template Total	0.7751	96.2	2	0.3876
Template load	0.0021	0.2585	2	0.0010
Template processing	0.7730	95.8926	2	0.3865
Template load and register function	0.0001	0.0165	1	0.0001
states
state_id_array	0.0010	0.1258	1	0.0010
state_identifier_array	0.0008	0.0995	2	0.0004
Override
Cache load	0.0017	0.2087	14	0.0001
Sytem overhead
Fetch class attribute can translate value	0.0010	0.1260	2	0.0005
Fetch class attribute name	0.0010	0.1217	4	0.0002
XML
Image XML parsing	0.0005	0.0644	2	0.0003
class_abstraction
Instantiating content class attribute	0.0000	0.0012	4	0.0000
General
dbfile	0.0007	0.0879	16	0.0000
String conversion	0.0000	0.0011	4	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

Usage	Requested template	Template	Template loaded
1	node/view/full.tpl	full/forum_topic.tpl	extension/sevenx/design/simple/override/templates/full/forum_topic.tpl
3	content/datatype/view/ezxmltext.tpl	<No override>	extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tpl
3	content/datatype/view/ezxmltags/paragraph.tpl	<No override>	extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tpl
1	content/datatype/view/ezimage.tpl	<No override>	extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tpl
1	print_pagelayout.tpl	<No override>	extension/community/design/community/templates/print_pagelayout.tpl
Number of times templates used: 9 Number of unique templates used: 5

Time used to render debug report: 0.0001 secs