Allow view file when owner object provides this

CHANGELOG-DEV.md

@@ -21,3 +21,4 @@ HumHub Changelog
 - Fix #6631: Fix visibility of the method `Controller::getAccessRules()`
 - Enh #6650: Add assets GZIP compression with Apache
 - Fix #6662: Change the start_url of the PWA from home to base URL
+- Enh #6667: Allow view file when owner object provides this

protected/humhub/interfaces/ArchiveableInterface.php

@@ -10,19 +10,31 @@
 
 use humhub\modules\user\models\User;
 
+/**
+ * Deletable Interface
+ * @since 1.16
+ */
 interface ArchiveableInterface
 {
     /**
      * Checks if the given user can edit/create this element.
      *
-     * @param User|integer $user user instance or user id
-     *
-     * @return bool can edit/create this element
-     * @since 1.15
+     * @param User|integer|string|null $user user instance or user id
+     * @return bool
      */
     public function canArchive($user = null): bool;
 
+    /**
+     * Archive this object
+     *
+     * @return bool
+     */
     public function archive(): bool;
 
+    /**
+     * Unarchive this object
+     *
+     * @return bool
+     */
     public function unarchive(): bool;
 }

protected/humhub/interfaces/DeletableInterface.php

@@ -8,12 +8,24 @@
 
 namespace humhub\interfaces;
 
+use humhub\modules\user\models\User;
+
+/**
+ * Deletable Interface
+ * @since 1.16
+ */
 interface DeletableInterface
 {
     /**
      * Checks if given item can be deleted.
+     *
+     * @param User|integer|string|null $user user instance or user id
+     * @return bool
      */
-    public function canDelete($userId = null);
+    public function canDelete($user = null): bool;
 
+    /**
+     * Delete this object
+     */
     public function delete();
 }

protected/humhub/interfaces/EditableInterface.php

@@ -9,18 +9,19 @@
 namespace humhub\interfaces;
 
 use humhub\modules\user\models\User;
-use Throwable;
 
+/**
+ * Editable Interface
+ * @since 1.16
+ */
 interface EditableInterface
 {
 
     /**
      * Checks if the given user can edit/create this element.
      *
-     * @param User|integer $user user instance or user id
-     *
-     * @return bool can edit/create this element
-     * @since 1.15
+     * @param User|integer|string|null $user user instance or user id
+     * @return bool
      */
     public function canEdit($user = null): bool;
 

protected/humhub/interfaces/MailerInterface.php

@@ -8,6 +8,10 @@
 
 namespace humhub\interfaces;
 
+/**
+ * Mailer Interface
+ * @since 1.16
+ */
 interface MailerInterface extends \yii\mail\MailerInterface
 {
 }

protected/humhub/interfaces/ReadableInterface.php

@@ -1,5 +1,4 @@
 <?php
-
 /*
  * @link      https://www.humhub.org/
  * @copyright Copyright (c) 2023 HumHub GmbH & Co. KG
@@ -10,14 +9,17 @@
 
 use humhub\modules\user\models\User;
 
+/**
+ * Readable Interface
+ * @since 1.16
+ */
 interface ReadableInterface
 {
     /**
      * Checks if given element can be read.
      *
-     * @param string|User $userId
-     *
+     * @param User|integer|string|null $user User instance or user id, null - current user
      * @return bool
      */
-    public function canRead($userId = ""): bool;
+    public function canRead($user = null): bool;
 }

protected/humhub/interfaces/ViewableInterface.php

@@ -9,19 +9,19 @@
 namespace humhub\interfaces;
 
 use humhub\modules\user\models\User;
-use Throwable;
 
+/**
+ * Viewable Interface
+ * @since 1.16
+ */
 interface ViewableInterface
 {
     /**
      * Checks if user can view this element.
      *
-     * @param User|integer $user
-     *
-     * @return boolean can view this element
-     * @throws Throwable
-     * @since 1.15
+     * @param User|integer|string|null $user User instance or user id, null - current user
+     * @return bool
      */
-    public function canView($user = null);
+    public function canView($user = null): bool;
 
 }

protected/humhub/modules/content/components/ContentAddonActiveRecord.php

@@ -138,8 +138,7 @@ public function beforeSave($insert)
      * Checks if the given / or current user can delete this content.
      * Currently only the creator can remove.
      *
-     * @param null $userId
-     * @return boolean
+     * @inheritdoc
      */
     public function canDelete($userId = null): bool
     {
@@ -151,14 +150,11 @@ public function canDelete($userId = null): bool
     }
 
     /**
-     * Check if current user can read this object
-     *
-     * @param string $userId
-     * @return boolean
+     * @inheritdoc
      */
-    public function canRead($userId = ""): bool
+    public function canRead($user = null): bool
     {
-        return $this->content->canView($userId);
+        return $this->content->canView($user);
     }
 
     /**

protected/humhub/modules/content/models/Content.php

@@ -567,9 +567,7 @@ public function isArchived(): bool
      * Checks if the current user can archive this content.
      * The content owner and the workspace admin can archive contents.
      *
-     * @return boolean
-     * @throws Exception
-     * @throws \yii\base\InvalidConfigException
+     * @inheritdoc
      */
     public function canArchive($user = null): bool
     {
@@ -599,9 +597,7 @@ public function canArchive($user = null): bool
     }
 
     /**
-     * Archives the content object
-     *
-     * @return bool
+     * @inheritdoc
      */
     public function archive(): bool
     {
@@ -735,9 +731,7 @@ public function afterMove(ContentContainerActiveRecord $container = null)
     }
 
     /**
-     * Unarchives the content object
-     *
-     * @return bool
+     * @inheritdoc
      */
     public function unarchive(): bool
     {
@@ -970,13 +964,7 @@ public function can($permission, $params = [], $allowCaching = true)
     }
 
     /**
-     * Checks if user can view this content.
-     *
-     * @param User|integer $user
-     * @return boolean can view this content
-     * @throws Exception
-     * @throws Throwable
-     * @since 1.1
+     * @inheritdoc
      */
     public function canView($user = null): bool
     {

protected/humhub/modules/file/models/File.php

@@ -11,13 +11,13 @@
 use humhub\components\ActiveRecord;
 use humhub\components\behaviors\GUID;
 use humhub\components\behaviors\PolymorphicRelation;
+use humhub\interfaces\ViewableInterface;
 use humhub\libs\StdClass;
 use humhub\modules\content\components\ContentActiveRecord;
 use humhub\modules\content\components\ContentAddonActiveRecord;
 use humhub\modules\file\components\StorageManager;
 use humhub\modules\file\components\StorageManagerInterface;
 use humhub\modules\file\libs\Metadata;
-use humhub\modules\user\models\User;
 use Throwable;
 use Yii;
 use yii\base\InvalidArgumentException;
@@ -28,7 +28,6 @@
 use yii\db\StaleObjectException;
 use yii\helpers\Url;
 use yii\web\UploadedFile;
-use humhub\interfaces\ViewableInterface;
 
 /**
  * This is the model class for table "file".
@@ -282,28 +281,24 @@ public function getHash($length = 0)
     }
 
     /**
-     * Checks if given file can read.
-     *
-     * If the file is not an instance of HActiveRecordContent or HActiveRecordContentAddon
-     * the file is readable for all.
-     *
-     * @param string|User $userId
-     *
-     * @return bool
-     * @throws IntegrityException
-     * @throws Throwable
-     * @throws \yii\base\Exception
+     * @inheritdoc
      */
-    public function canRead($userId = ""): bool
+    public function canRead($user = null): bool
     {
         $object = $this->getPolymorphicRelation();
         if ($object instanceof ContentActiveRecord || $object instanceof ContentAddonActiveRecord) {
-            return $object->content->canView($userId);
+            return $object->content->canView($user);
+        }
+        if ($object instanceof ViewableInterface) {
+            return $object->canView($user);
         }
 
         return true;
     }
 
+    /**
+     * @inheritdoc
+     */
     public function canView($user = null): bool
     {
         return $this->canRead($user);