1717use Contao \CoreBundle \Exception \InsufficientAuthenticationException ;
1818use Contao \CoreBundle \Exception \PageNotFoundException ;
1919use Contao \CoreBundle \Framework \ContaoFramework ;
20+ use Contao \Dbafs ;
2021use Contao \FilesModel ;
2122use Contao \FrontendUser ;
2223use Symfony \Component \HttpFoundation \BinaryFileResponse ;
@@ -61,26 +62,31 @@ public function fileAction(string $file): BinaryFileResponse
6162 // Get FilesModel entity
6263 $ filesModelfindOneByPath ($ file
6364
65+ // Dynamically add the file to the DBAFS
66+ if (null === $ filesModel
67+ $ filesModeladdResource ($ file
68+ }
69+
6470 // Do not allow files that are not in the database or don't have a parent
6571 if (null === $ filesModelnull === $ filesModelpid ) {
6672 throw new PageNotFoundException ();
6773 }
6874
6975 // Check folder permissions
70- $ allowUserAccess false ;
71- $ allowLoginAccess false ;
76+ $ allowLogin false ;
77+ $ allowAccess false ;
7278
7379 do {
7480 // Only check for folders and when member groups have been set
7581 if ('folder ' === $ filesModeltype && null !== $ filesModelgroups ) {
76- $ allowLoginAccess true ;
82+ $ allowLogin true ;
7783
7884 // Set the model to protected on the fly
7985 $ filesModelprotected = true ;
8086
8187 // Check access
8288 if (Controller::isVisibleElement ($ filesModel
83- $ allowUserAccess true ;
89+ $ allowAccess true ;
8490 break ;
8591 }
8692 }
@@ -90,12 +96,12 @@ public function fileAction(string $file): BinaryFileResponse
9096 } while (null !== $ filesModel
9197
9298 // Throw 404 exception, if there were no folders with member groups
93- if (!$ allowLoginAccess
99+ if (!$ allowLogin
94100 throw new PageNotFoundException ();
95101 }
96102
97103 // Deny access
98- if (!$ allowUserAccess
104+ if (!$ allowAccess
99105 // If a user is authenticated or the 401 exception does not exist, throw 403 exception
100106 if ($ authenticatedclass_exists (InsufficientAuthenticationException::class)) {
101107 throw new AccessDeniedException ();
0 commit comments