# packages/acs-subsite/www/image.vuh # # Subsite handler for images # # @author Dave Bauer (dave@thedesignexperience.org) # @creation-date 2006-08-01 # @cvs-id $Id: file.vuh,v 1.5 2007/04/09 06:39:50 maltes Exp $ if {![regexp {^/([0-9]{1,8})(/(private)/([0-9]{1,8}))?(/(.+))?$} [ad_conn path_info] match object_id private_slash private dummy anchor]} { ad_return_warning "Invalid object id" [subst { The identifier given for this object is invalid. Please check your url or contact the webmaster if you think it should work. }] return } # check permissions! if {$private eq "private"} { # find if the image has a parent link to the object # that is, if the image is used in a content item and you can read the # content item, you can read the image regardless of the permissions if {![application_data_link::link_exists \ -from_object_id $private_parent_id \ -to_object_id $object_id]} { # if the link does not exist it might be # because its a new object # that means you uploaded the image so you can see it in the editor while you are working on it if {![permission::permission_p \ -object_id $object_id \ -privilege "read" \ -party_id [ad_conn user_id]]} { # if you don't have permission to see it, it doesn't exist ns_returnnotfound ad_script_abort } } elseif {![permission::permission_p \ -privilege "read" \ -object_id $private_parent_id \ -party_id [ad_conn user_id]]} { ns_returnnotfound ad_script_abort } else { permission::require_permission \ -privilege "read" \ -object_id $object_id \ -party_id [ad_conn user_id] } } if {[apm_package_installed_p views]} { set user_id [ad_conn user_id] views::record_view -object_id $object_id -viewer_id $user_id } # find a cr_item and serve it cr_write_content -item_id $object_id