Skip to content

Commit

Permalink
FIX Renable email link to submitted file
Browse files Browse the repository at this point in the history
  • Loading branch information
emteknetnz committed Sep 4, 2023
1 parent c0eb6d6 commit e0040f4
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 40 deletions.
23 changes: 8 additions & 15 deletions code/Model/Submission/SubmittedFileField.php
Original file line number Diff line number Diff line change
Expand Up @@ -42,24 +42,17 @@ public function getFormattedValue()
$name = $this->getFileName();
$link = $this->getLink(false);
$title = _t(__CLASS__ . '.DOWNLOADFILE', 'Download File');
$message = _t(__CLASS__ . '.INSUFFICIENTRIGHTS', 'You don\'t have the right permissions to download this file');
$message = _t(__CLASS__ . '.YOUMUSTBELOGGEDIN', 'You must be logged in to view this file');
$file = $this->getUploadedFileFromDraft();

if ($link) {
if ($file->canView()) {
return DBField::create_field('HTMLText', sprintf(
'%s - <a href="%s" target="_blank">%s</a>',
htmlspecialchars($name, ENT_QUOTES),
htmlspecialchars($link, ENT_QUOTES),
htmlspecialchars($title, ENT_QUOTES)
));
} else {
return DBField::create_field('HTMLText', sprintf(
'<i class="icon font-icon-lock"></i> %s - <em>%s</em>',
htmlspecialchars($name, ENT_QUOTES),
htmlspecialchars($message, ENT_QUOTES)
));
}
return DBField::create_field('HTMLText', sprintf(
'<i class="icon font-icon-lock"></i> %s - <a href="%s" target="_blank">%s</a> - <em>%s</em>',
htmlspecialchars($name, ENT_QUOTES),
htmlspecialchars($link, ENT_QUOTES),
htmlspecialchars($title, ENT_QUOTES),
htmlspecialchars($message, ENT_QUOTES)
));
}

return false;
Expand Down
1 change: 1 addition & 0 deletions lang/en.yml
Original file line number Diff line number Diff line change
Expand Up @@ -328,6 +328,7 @@ en:
one: 'A Submitted File Field'
other: '{count} Submitted File Fields'
SINGULARNAME: 'Submitted File Field'
YOUMUSTBELOGGEDIN: 'You must be logged in to view this file'
has_one_UploadedFile: 'Uploaded file'
SilverStripe\UserForms\Model\Submission\SubmittedForm:
PLURALNAME: 'Submitted Forms'
Expand Down
44 changes: 19 additions & 25 deletions tests/php/Model/SubmittedFileFieldTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -73,34 +73,28 @@ public function testGetFormattedValue()
// Set an explicit base URL so we get a reliable value for the test
Director::config()->set('alternate_base_url', 'http://mysite.com');
$fileName = $this->submittedFile->getFileName();
$message = "You don&#039;t have the right permissions to download this file";
$message = 'You must be logged in to view this file';
$link = '<a href="http://mysite.com/assets/3c01bdbb26/test-SubmittedFileFieldTest.txt" target="_blank">Download File</a>';

$this->file->CanViewType = 'OnlyTheseUsers';
$this->file->write();

$this->loginWithPermission('ADMIN');
$this->assertEquals(
sprintf(
'%s - <a href="http://mysite.com/assets/3c01bdbb26/test-SubmittedFileFieldTest.txt" target="_blank">Download File</a>',
$fileName
),
$this->submittedFile->getFormattedValue()->value
);

$this->loginWithPermission('CMS_ACCESS_CMSMain');
$this->assertEquals(
sprintf(
'<i class="icon font-icon-lock"></i> %s - <em>%s</em>',
$fileName,
$message
),
$this->submittedFile->getFormattedValue()->value
);

$store = Injector::inst()->get(AssetStore::class);
$this->assertFalse(
$store->canView($fileName, $this->file->getHash()),
'Users without canView rights on the file should not have been session granted access to it'
);
foreach (['ADMIN', 'CMS_ACCESS_CMSMain'] as $permission) {
$this->loginWithPermission('ADMIN');
$this->assertEquals(
sprintf(
'<i class="icon font-icon-lock"></i> %s - %s - <em>%s</em>',
$fileName,
$link,
$message
),
$this->submittedFile->getFormattedValue()->value
);
$store = Injector::inst()->get(AssetStore::class);
$this->assertFalse(
$store->canView($fileName, $this->file->getHash()),
'Users without canView rights on the file should not have been session granted access to it'
);
}
}
}

0 comments on commit e0040f4

Please sign in to comment.