[TYPO3-dev] Howto define processedFiles folder for each feuser within extension

[Andreas Haubold]

Hello Frans!

> If you have some additional access checks in your slot
> I guess the easiest way to redirect the user is just to copy the
> redirectToUrl() method to your own class.

This sounds reasonable. 

My first thought was to use the method of FileDumpHook directly as the object is also accessable in the slot. I just wondered why it's private. But by thinking more deeply about it, it makes sense.

> Just out of curiosity, what additional access check did you add that
> fal_securedownload doesn't handle?

In the project I'm working on each user belongs to an account (e.g. a company). Within the account the files should be shareable between the users, so they are stored within an account folder. Users which don't belong to that account should not access the files of another account (although they are maybe logged in).

    /**
     * compare accountUid of file and user
     *
     * @param $file
     * @param $fileDumpHook
     * @return void
     *
     * @todo: add a property "account" to the file and do the access check with this property
     */
    public function compareAccountUid($file, $fileDumpHook)
    {
        // by definition the folder correlates with the account uid
        $fileIdentifier = $file->getOriginalFile()->getIdentifier();
        $accountFolder = intval( substr($fileIdentifier, 1, strpos($fileIdentifier, '/', 1)-1 )) ;

        $user = $fileDumpHook->getFeUser()->user;

        if (!is_array($user) || $user['tx_myextension_domain_model_account'] != $accountFolder)
        {
            echo 'You are not allowed to access this file.';
            exit;
        }
    }

Cheers,
Andreas