From d69b565b67dfc0c74c5b27d2169e3150013eee85 Mon Sep 17 00:00:00 2001
From: Elmar Ludwig <elmar.ludwig@uni-osnabrueck.de>
Date: Thu, 10 Jun 2021 15:37:30 +0200
Subject: [PATCH] fix regression in download ($controller is not defined), re
 #70

---
 controllers/solutions.php               | 76 -----------------------
 exercises/tb_exercise.php               | 80 +++++++++++++++++++++++++
 views/exercises/correct_tb_exercise.php |  6 +-
 views/exercises/print_tb_exercise.php   |  2 +-
 views/exercises/solve_tb_exercise.php   |  2 +-
 5 files changed, 85 insertions(+), 81 deletions(-)

diff --git a/controllers/solutions.php b/controllers/solutions.php
index d855dc7..de46b30 100644
--- a/controllers/solutions.php
+++ b/controllers/solutions.php
@@ -636,82 +636,6 @@ class SolutionsController extends StudipController
         die();
     }
 
-    /**
-     * Trigger download of uploaded file for a selected solution.
-     */
-    public function download_file_action()
-    {
-        $file_id     = Request::option('file_id');
-        $solution_id = Request::int('solution_id');
-        $solution    = VipsSolution::find($solution_id) ?: VipsSolutionArchive::find($solution_id);
-        $assignment  = $solution->assignment;
-
-        check_assignment_access($assignment);
-
-        if (!vips_has_status('tutor') && $solution->user_id !== $GLOBALS['user']->id) {
-            $group = $assignment->getUserGroup($solution->user_id);
-            $group2 = $assignment->getUserGroup($GLOBALS['user']->id);
-
-            if ($group === null || $group->id !== $group2->id) {
-                throw new AccessDeniedException(_vips('Sie haben keinen Zugriff auf diese Datei!'));
-            }
-        }
-
-        $file = $solution->files->find($file_id);
-
-        vips_clean_output_buffer();
-        header('Content-Type: ' . $file->mime_type);
-        header('Content-Disposition: attachment; ' . vips_encode_header_parameter('filename', $file->name));
-        header('Content-Length: ' . $file->size);
-
-        readfile($file->getFilePath());
-        die();
-    }
-
-    /**
-     * Trigger download of all uploaded files for a selected solution.
-     */
-    public function download_zip_action()
-    {
-        $solution_id = Request::int('solution_id');
-        $solution    = VipsSolution::find($solution_id) ?: VipsSolutionArchive::find($solution_id);
-        $assignment  = $solution->assignment;
-
-        check_assignment_access($assignment);
-
-        if (!vips_has_status('tutor') && $solution->user_id !== $GLOBALS['user']->id) {
-            $group = $assignment->getUserGroup($solution->user_id);
-            $group2 = $assignment->getUserGroup($GLOBALS['user']->id);
-
-            if ($group === null || $group->id !== $group2->id) {
-                throw new AccessDeniedException(_vips('Sie haben keinen Zugriff auf diese Datei!'));
-            }
-        }
-
-        $filename = 'solution_' . $solution->id . '.zip';
-        $zipfile = tempnam($GLOBALS['TMP_PATH'], 'upload');
-        $zip = new ZipArchive();
-
-        if (!$zip->open($zipfile, ZipArchive::CREATE | ZipArchive::OVERWRITE)) {
-            throw new Exception(_vips('ZIP-Archiv konnte nicht erzeugt werden.'));
-        }
-
-        foreach ($solution->files as $file) {
-            $zip->addFile($file->getFilePath(), $file->name);
-        }
-
-        $zip->close();
-
-        vips_clean_output_buffer();
-        header('Content-Type: application/zip');
-        header('Content-Disposition: attachment; ' . vips_encode_header_parameter('filename', $filename));
-        header('Content-Length: ' . filesize($zipfile));
-
-        readfile($zipfile);
-        unlink($zipfile);
-        die();
-    }
-
     /**
      * Show dialog for publishing the assignment in the gradebook.
      */
diff --git a/exercises/tb_exercise.php b/exercises/tb_exercise.php
index 5ca4676..f838322 100644
--- a/exercises/tb_exercise.php
+++ b/exercises/tb_exercise.php
@@ -178,6 +178,86 @@ class tb_exercise extends Exercise
         return $solution;
     }
 
+    /**
+     * Trigger download of uploaded file for a selected solution.
+     */
+    public function download_action()
+    {
+        vips_require_status('autor');
+
+        $file_id     = Request::option('file_id');
+        $solution_id = Request::int('solution_id');
+        $solution    = VipsSolution::find($solution_id) ?: VipsSolutionArchive::find($solution_id);
+        $assignment  = $solution->assignment;
+
+        check_assignment_access($assignment);
+
+        if (!vips_has_status('tutor') && $solution->user_id !== $GLOBALS['user']->id) {
+            $group = $assignment->getUserGroup($solution->user_id);
+            $group2 = $assignment->getUserGroup($GLOBALS['user']->id);
+
+            if ($group === null || $group->id !== $group2->id) {
+                throw new AccessDeniedException(_vips('Sie haben keinen Zugriff auf diese Datei!'));
+            }
+        }
+
+        $file = $solution->files->find($file_id);
+
+        vips_clean_output_buffer();
+        header('Content-Type: ' . $file->mime_type);
+        header('Content-Disposition: attachment; ' . vips_encode_header_parameter('filename', $file->name));
+        header('Content-Length: ' . $file->size);
+
+        readfile($file->getFilePath());
+        die();
+    }
+
+    /**
+     * Trigger download of all uploaded files for a selected solution.
+     */
+    public function download_zip_action()
+    {
+        vips_require_status('autor');
+
+        $solution_id = Request::int('solution_id');
+        $solution    = VipsSolution::find($solution_id) ?: VipsSolutionArchive::find($solution_id);
+        $assignment  = $solution->assignment;
+
+        check_assignment_access($assignment);
+
+        if (!vips_has_status('tutor') && $solution->user_id !== $GLOBALS['user']->id) {
+            $group = $assignment->getUserGroup($solution->user_id);
+            $group2 = $assignment->getUserGroup($GLOBALS['user']->id);
+
+            if ($group === null || $group->id !== $group2->id) {
+                throw new AccessDeniedException(_vips('Sie haben keinen Zugriff auf diese Datei!'));
+            }
+        }
+
+        $filename = 'solution_' . $solution->id . '.zip';
+        $zipfile = tempnam($GLOBALS['TMP_PATH'], 'upload');
+        $zip = new ZipArchive();
+
+        if (!$zip->open($zipfile, ZipArchive::CREATE | ZipArchive::OVERWRITE)) {
+            throw new Exception(_vips('ZIP-Archiv konnte nicht erzeugt werden.'));
+        }
+
+        foreach ($solution->files as $file) {
+            $zip->addFile($file->getFilePath(), $file->name);
+        }
+
+        $zip->close();
+
+        vips_clean_output_buffer();
+        header('Content-Type: application/zip');
+        header('Content-Disposition: attachment; ' . vips_encode_header_parameter('filename', $filename));
+        header('Content-Length: ' . filesize($zipfile));
+
+        readfile($zipfile);
+        unlink($zipfile);
+        die();
+    }
+
     /**
      * Return the list of keywords used for text export. The first keyword
      * in the list must be the keyword for the exercise type.
diff --git a/views/exercises/correct_tb_exercise.php b/views/exercises/correct_tb_exercise.php
index 02da7d6..8a4b992 100644
--- a/views/exercises/correct_tb_exercise.php
+++ b/views/exercises/correct_tb_exercise.php
@@ -103,7 +103,7 @@
                 <?= htmlReady($file->name) ?>:
             </div>
             <div class="formatted-content">
-                <img src="<?= $controller->link_for('solutions/download_file', ['solution_id' => $solution->id, 'file_id' => $file->id]) ?>">
+                <img src="<?= $exercise->link_for('download', ['solution_id' => $solution->id, 'file_id' => $file->id]) ?>">
             </div>
         <? endif ?>
     <? endforeach ?>
@@ -134,7 +134,7 @@
             <? foreach ($solution->files as $file): ?>
                 <tr>
                     <td>
-                        <a href="<?= $controller->link_for('solutions/download_file', ['solution_id' => $solution->id, 'file_id' => $file->id]) ?>">
+                        <a href="<?= $exercise->link_for('download', ['solution_id' => $solution->id, 'file_id' => $file->id]) ?>">
                             <?= Icon::create('file', 'clickable', ['title' => _vips('Datei herunterladen')]) ?>
                             <?= htmlReady($file->name) ?>
                         </a>
@@ -156,7 +156,7 @@
             <tfoot>
                 <tr>
                     <td colspan="4">
-                        <?= Studip\LinkButton::create(_vips('Alle Dateien herunterladen'), $controller->url_for('solutions/download_zip', ['solution_id' => $solution->id])) ?>
+                        <?= Studip\LinkButton::create(_vips('Alle Dateien herunterladen'), $exercise->url_for('download_zip', ['solution_id' => $solution->id])) ?>
                     </td>
                 </tr>
             </tfoot>
diff --git a/views/exercises/print_tb_exercise.php b/views/exercises/print_tb_exercise.php
index f0c9c05..c8f72f9 100644
--- a/views/exercises/print_tb_exercise.php
+++ b/views/exercises/print_tb_exercise.php
@@ -43,7 +43,7 @@
                 <?= htmlReady($file->name) ?>:
             </div>
             <div class="formatted-content">
-                <img src="<?= $controller->link_for('solutions/download_file', ['solution_id' => $solution->id, 'file_id' => $file->id]) ?>">
+                <img src="<?= $exercise->link_for('download', ['solution_id' => $solution->id, 'file_id' => $file->id]) ?>">
             </div>
         <? endif ?>
     <? endforeach ?>
diff --git a/views/exercises/solve_tb_exercise.php b/views/exercises/solve_tb_exercise.php
index 34ee07b..17fa36e 100644
--- a/views/exercises/solve_tb_exercise.php
+++ b/views/exercises/solve_tb_exercise.php
@@ -89,7 +89,7 @@
                     <tr class="dynamic_row">
                         <td>
                             <input type="hidden" name="file_ids[]" value="<?= $file->id ?>">
-                            <a href="<?= $controller->link_for('solutions/download_file', ['solution_id' => $solution->id, 'file_id' => $file->id]) ?>">
+                            <a href="<?= $exercise->link_for('download', ['solution_id' => $solution->id, 'file_id' => $file->id]) ?>">
                                 <?= Icon::create('file', 'clickable', ['title' => _vips('Datei herunterladen')]) ?>
                                 <?= htmlReady($file->name) ?>
                             </a>
-- 
GitLab