I'm currently integrating a zipcart-like feature into the checkout modules. Could someone tell me how I can gain access to the original image, even if the user does not have permission to access it? I didn't find anything in the functions of the core library, but probably missed it/misunderstood. I obviously need access to the image loaction on disk...
And as a side point, is it possible to get access to resize images without the watermark, when the watermark is used by default?
Addendum : is it possible to create the resizes on-the-fly, without watermarking?
Thanks,
Jay
Posts: 32509
if you're zipping files... take a look at the zipcart module.
besides: noone is stopping you from accessing the original images. you decide in your code when to do permission checks and when not.
is your question how to give a user access to the original such that the user can download the orignal image?
- if you want to give the user permanent access, use GalleryCoreApi::addUserPermission().
- if you want to give the user access to the original image temporarily, for the rest of the duration of the user's session, you can do:
use GalleryCoreApi::addEntityPermission() to set the permission
use the following to grant the permission to the current user's session:
for details, see modules/password/
--------------
Doumentation: Support / Troubleshooting | Installation, Upgrade, Configuration and Usage
Posts: 159
valiant, I was hoping to hear from you, thanks! Yes, I have already integrated the zipcart module into the checkout module (on my testbed).
Currently working on security of the checkoutpaypal module (before allowing download) as it was missing.
You understood my question in the latter part of your response, I will try that, thanks for the very complete response.
Posts: 159
valiant,
I've haven't managed to get this working. But in fact, the most efficient would be if I could get the path of the original image (not a resize), given an itemId. No need to overload with code to deal with sessions, since it's only for the purposes of a download that I need access, not for display.
Sorry, I'm clearly being dumb, but have not yet worked out how to get to this path, only that of derivatives of the image.
Jay
Posts: 159
OK, figured it out. Is this valid? :
Posts: 32509
What's the purpose of the whole thing?
Maybe you can describe the feature in details such that we can avoid bad design decisions like avoiding an additional download script (there's already core/DownloadItem.inc).
anyhow, to answer your question:
list ($ret, $absolutePath) = $item->fetchPath();
--------------
Doumentation: Support / Troubleshooting | Installation, Upgrade, Configuration and Usage
Posts: 159
Ahhhh, many apologies. Your point led me to reread the code and I realised that I had mistakenly understood that fetchPath() was not returning the path to the original image, but it is! So yes, this makes perfect sense now.
Posts: 32509
Yes, but I'm concerned about your usage of it.
Are you creating another DownloadItem.inc for your module?
If so, why not use permenant or temporary permissions? Redundancy is very bad for code maintenance in this case.
--------------
Doumentation: Support / Troubleshooting | Installation, Upgrade, Configuration and Usage
Posts: 159
What I'm doing is a slight modification to the zipcart functionality that allows the administrator to choose whether to allow the user to download the original image, or simply the best he has permission to (as is currently the case). I do not necessarily want to give permission to view the image, just to download it, so it doesn't seem necessary to use permissions in this case.