Browse Source

Add file access check to IIIF manifest generation. (#884)

pull/899/head 2.4.3
Adam 2 years ago committed by GitHub
parent
commit
725b559280
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 4
      modules/islandora_iiif/src/Plugin/views/style/IIIFManifest.php

4
modules/islandora_iiif/src/Plugin/views/style/IIIFManifest.php

@ -198,6 +198,10 @@ class IIIFManifest extends StylePluginBase {
/** @var \Drupal\Core\Field\FieldItemListInterface $images */
$images = $entity->{$viewsField->definition['field_name']};
foreach ($images as $image) {
if (!$image->entity->access('view')) {
// If the user does not have permission to view the file, skip it.
continue;
}
// Create the IIIF URL for this file
// Visiting $iiif_url will resolve to the info.json for the image.
$file_url = $image->entity->createFileUrl(FALSE);

Loading…
Cancel
Save