Netsyms
/
Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Created an endpoint that will hopefully allow MS to display documents

Browse Source
inline-attachment-viewing
Mike Koch 7 years ago
parent 9ed6b33077
commit e3bb11f27d
3 changed files with 56 additions and 9 deletions
Show Stats Download Patch File Download Diff File

14
api/BusinessLogic/Attachments/AttachmentRetriever.php
Unescape Escape View File

@ -30,6 +30,20 @@ class AttachmentRetriever {
$this->userToTicketChecker = $userToTicketChecker;
}
//-- TODO Test
function getAttachmentContentsForTrackingId($trackingId, $attachmentId, $userContext, $heskSettings) {
$ticket = $this->ticketGateway->getTicketByTrackingId($trackingId, $heskSettings);
if ($ticket === null) {
throw new ApiFriendlyException("Ticket {$trackingId} not found!", "Ticket Not Found", 404);
}
$attachment = $this->attachmentGateway->getAttachmentById($attachmentId, $heskSettings);
return array('meta' => $attachment,
'contents' => $this->fileReader->readFromFile($attachment->savedName, $heskSettings['attach_dir']));
}
function getAttachmentContentsForTicket($ticketId, $attachmentId, $userContext, $heskSettings) {
$ticket = $this->ticketGateway->getTicketById($ticketId, $heskSettings);

39
api/Controllers/Attachments/PublicAttachmentController.php
Unescape Escape View File

@ -0,0 +1,39 @@
<?php
namespace Controllers\Attachments;
use BusinessLogic\Attachments\Attachment;
use BusinessLogic\Attachments\AttachmentRetriever;
use BusinessLogic\Exceptions\ApiFriendlyException;
class PublicAttachmentController {
static function getRaw($trackingId, $attachmentId) {
global $hesk_settings, $applicationContext, $userContext;
self::verifyAttachmentsAreEnabled($hesk_settings);
/* @var $attachmentRetriever AttachmentRetriever */
$attachmentRetriever = $applicationContext->get[AttachmentRetriever::class];
$attachment = $attachmentRetriever->getAttachmentContentsForTrackingId($trackingId, $attachmentId, $userContext, $hesk_settings);
/* @var $metadata Attachment */
$metadata = $attachment['meta'];
// Send the file as an attachment to prevent malicious code from executing
header("Pragma: "); # To fix a bug in IE when running https
header("Cache-Control: "); # To fix a bug in IE when running https
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Length: ' . $metadata->fileSize);
header('Content-Disposition: attachment; filename=' . $metadata->displayName);
print $attachment['contents'];
}
private static function verifyAttachmentsAreEnabled($heskSettings) {
if (!$heskSettings['attachments']['use']) {
throw new ApiFriendlyException('Attachments are disabled on this server', 'Attachments Disabled', 404);
}
}
}

12
api/index.php
Unescape Escape View File

@ -18,14 +18,9 @@ function handle404() {
function before() {
global $userContext;
assertApiIsEnabled();
$path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
return;
if (preg_match('/^.*\/v1-public\/staff\/inline-attachment\/\d+$/', $path)) {
$userContext = \BusinessLogic\Security\UserContext::buildAnonymousUser();
return;
}
assertApiIsEnabled();
$internalUse = \BusinessLogic\Helpers::getHeader('X-INTERNAL-CALL');
@ -185,10 +180,9 @@ Link::all(array(
// Tickets - Staff
'/v1/staff/tickets/{i}' => \Controllers\Tickets\StaffTicketController::class,
// Attachments
'/v1/tickets/{a}/attachments/{i}' => \Controllers\Attachments\PublicAttachmentController::class . '::getRaw',
'/v1/staff/tickets/{i}/attachments' => \Controllers\Attachments\StaffTicketAttachmentsController::class,
'/v1/staff/tickets/{i}/attachments/{i}' => \Controllers\Attachments\StaffTicketAttachmentsController::class,
'/v1-internal/staff/tickets/{i}/attachments/{i}/inline' => \Controllers\Attachments\StaffTicketAttachmentsController::class . '::buildInline',
'/v1-public/staff/inline-attachment/{i}' => \Controllers\Attachments\StaffTicketAttachmentsController::class . '::viewInline',
// Statuses
'/v1/statuses' => \Controllers\Statuses\StatusController::class,
// Settings

Write Preview
Loading…
Cancel
Save