fileStorageManager = $fileStorageManager; $this->acl = $acl; $this->entityManager = $entityManager; } public function run(Request $request, Response $response): void { $id = $request->getQueryParam('id'); if (!$id) { throw new BadRequest(); } /** @var AttachmentEntity|null $attachment */ $attachment = $this->entityManager->getEntityById('Attachment', $id); if (!$attachment) { throw new NotFoundSilent(); } if (!$this->acl->checkEntity($attachment)) { throw new Forbidden(); } if ($attachment->isBeingUploaded()) { throw new Forbidden(); } $stream = $this->fileStorageManager->getStream($attachment); $outputFileName = str_replace("\"", "\\\"", $attachment->get('name')); $type = $attachment->get('type'); $disposition = 'attachment'; if (in_array($type, $this->fileTypesToShowInline)) { $disposition = 'inline'; } $response->setHeader('Content-Description', 'File Transfer'); if ($type) { $response->setHeader('Content-Type', $type); } $size = $stream->getSize() ?? $this->fileStorageManager->getSize($attachment); $response ->setHeader('Content-Disposition', $disposition . ";filename=\"" . $outputFileName . "\"") ->setHeader('Expires', '0') ->setHeader('Cache-Control', 'must-revalidate') ->setHeader('Pragma', 'public') ->setHeader('Content-Length', (string) $size) ->setBody($stream); } }