From 0364e73c604d2c1d7033ccfa344bc780c74afd1c Mon Sep 17 00:00:00 2001 From: Peter Papp Date: Sun, 14 Mar 2021 12:54:34 +0100 Subject: [PATCH] Guardian and FileManagerService.php refactored --- app/Http/Controllers/FileAccessController.php | 11 ++- .../FileManager/EditItemsController.php | 83 ++++++++++--------- .../Sharing/FileSharingController.php | 17 ++-- app/Http/Tools/Guardian.php | 42 ---------- app/Services/FileManagerService.php | 72 ++++++++-------- app/Services/HelperService.php | 33 ++++++++ 6 files changed, 135 insertions(+), 123 deletions(-) delete mode 100644 app/Http/Tools/Guardian.php diff --git a/app/Http/Controllers/FileAccessController.php b/app/Http/Controllers/FileAccessController.php index ff7f8068..0155fa59 100644 --- a/app/Http/Controllers/FileAccessController.php +++ b/app/Http/Controllers/FileAccessController.php @@ -2,9 +2,9 @@ namespace App\Http\Controllers; -use App\Http\Tools\Guardian; use App\Models\User; use App\Models\Zip; +use App\Services\HelperService; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\File; use Illuminate\Http\Request; @@ -13,6 +13,13 @@ use Illuminate\Support\Facades\Storage; class FileAccessController extends Controller { + private $helper; + + public function __construct() + { + $this->helper = resolve(HelperService::class); + } + /** * Get avatar * @@ -250,7 +257,7 @@ class FileAccessController extends Controller { // Check by parent folder permission if ($shared->type === 'folder') { - Guardian::check_item_access($file->folder_id, $shared); + $this->helper->check_item_access($file->folder_id, $shared); } // Check by single file permission diff --git a/app/Http/Controllers/FileManager/EditItemsController.php b/app/Http/Controllers/FileManager/EditItemsController.php index d96c1787..eed762ab 100644 --- a/app/Http/Controllers/FileManager/EditItemsController.php +++ b/app/Http/Controllers/FileManager/EditItemsController.php @@ -8,13 +8,13 @@ use App\Http\Requests\FileFunctions\RenameItemRequest; use App\Http\Requests\FileFunctions\MoveItemRequest; use App\Http\Requests\FileFunctions\UploadRequest; use App\Http\Tools\Demo; +use App\Services\FileManagerService; +use App\Services\HelperService; use Illuminate\Contracts\Routing\ResponseFactory; use Illuminate\Database\Eloquent\Model; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; use App\Http\Controllers\Controller; -use App\Http\Tools\Guardian; -use App\Http\Tools\FileManagerService; use App\Models\Folder; use App\Models\File; use Exception; @@ -22,6 +22,15 @@ use Exception; class EditItemsController extends Controller { + private $filemanager; + private $helper; + + public function __construct() + { + $this->filemanager = resolve(FileManagerService::class); + $this->helper = resolve(HelperService::class); + } + /** * Create new folder for authenticated master|editor user * @@ -46,11 +55,11 @@ class EditItemsController extends Controller $shared = get_shared($request->cookie('shared_token')); // Check access to requested directory - Guardian::check_item_access($request->parent_id, $shared); + $this->helper->check_item_access($request->parent_id, $shared); } // Create new folder - return FileManagerService::create_folder($request); + return $this->filemanager->create_folder($request); } /** @@ -74,10 +83,10 @@ class EditItemsController extends Controller if (!is_editor($shared)) abort(403); // Check access to requested directory - Guardian::check_item_access($request->parent_id, $shared); + $this->helper->check_item_access($request->parent_id, $shared); // Create folder - return FileManagerService::create_folder($request, $shared); + return $this->filemanager->create_folder($request, $shared); } /** @@ -109,19 +118,19 @@ class EditItemsController extends Controller // Check access to requested directory if ($request->type === 'folder') { - Guardian::check_item_access($item->id, $shared); + $this->helper->check_item_access($item->id, $shared); } else { - Guardian::check_item_access($item->folder_id, $shared); + $this->helper->check_item_access($item->folder_id, $shared); } } // If request have a change folder icon values set the folder icon if ($request->type === 'folder' && ($request->filled('emoji') || $request->filled('color'))) { - FileManagerService::set_folder_icon($request, $id); + $this->filemanager->set_folder_icon($request, $id); } // Rename Item - return FileManagerService::rename_item($request, $id); + return $this->filemanager->rename_item($request, $id); } /** @@ -153,18 +162,18 @@ class EditItemsController extends Controller // Check access to requested item if ($request->type === 'folder') { - Guardian::check_item_access($item->id, $shared); + $this->helper->check_item_access($item->id, $shared); } else { - Guardian::check_item_access($item->folder_id, $shared); + $this->helper->check_item_access($item->folder_id, $shared); } // If request have a change folder icon values set the folder icon if ($request->type === 'folder' && $request->filled('icon')) { - FileManagerService::set_folder_icon($request, $id); + $this->filemanager->set_folder_icon($request, $id); } // Rename item - $item = FileManagerService::rename_item($request, $id, $shared); + $item = $this->filemanager->rename_item($request, $id, $shared); // Set public url if ($item->type !== 'folder') { @@ -208,14 +217,14 @@ class EditItemsController extends Controller // Check access to requested directory if ($item['type'] === 'folder') { - Guardian::check_item_access($item->id, $shared); + $this->helper->check_item_access($item->id, $shared); } else { - Guardian::check_item_access($item->folder_id, $shared); + $this->helper->check_item_access($item->folder_id, $shared); } } // Delete item - FileManagerService::delete_item($item, $item['id']); + $this->filemanager->delete_item($item, $item['id']); } return response(null, 204); @@ -252,13 +261,13 @@ class EditItemsController extends Controller // Check access to requested item if ($file['type'] === 'folder') { - Guardian::check_item_access($item->id, $shared); + $this->helper->check_item_access($item->id, $shared); } else { - Guardian::check_item_access($item->folder_id, $shared); + $this->helper->check_item_access($item->folder_id, $shared); } // Delete item - FileManagerService::delete_item($file, $file['id'], $shared); + $this->filemanager->delete_item($file, $file['id'], $shared); } // Return response return response('Done', 204); @@ -288,11 +297,11 @@ class EditItemsController extends Controller $shared = get_shared($request->cookie('shared_token')); // Check access to requested directory - Guardian::check_item_access($request->parent_id, $shared); + $this->helper->check_item_access($request->parent_id, $shared); } // Return new uploaded file - return FileManagerService::upload($request); + return $this->filemanager->upload($request); } /** @@ -319,10 +328,10 @@ class EditItemsController extends Controller } // Check access to requested directory - Guardian::check_item_access($request->folder_id, $shared); + $this->helper->check_item_access($request->folder_id, $shared); // Return new uploaded file - $new_file = FileManagerService::upload($request, $shared); + $new_file = $this->filemanager->upload($request, $shared); // Set public access url $new_file->setPublicUrl($token); @@ -352,7 +361,7 @@ class EditItemsController extends Controller $shared = get_shared($request->cookie('shared_token')); // Check access to requested directory - Guardian::check_item_access($id, $shared); + $this->helper->check_item_access($id, $shared); } // Get folder @@ -363,7 +372,7 @@ class EditItemsController extends Controller abort(404, 'Requested folder doesn\'t exists.'); } - $zip = FileManagerService::zip_folder($id); + $zip = $this->filemanager->zip_folder($id); // Get file return response([ @@ -386,7 +395,7 @@ class EditItemsController extends Controller $shared = get_shared($token); // Check access to requested folder - Guardian::check_item_access($id, $shared); + $this->helper->check_item_access($id, $shared); // Get folder $folder = Folder::whereUserId($shared->user_id) @@ -396,7 +405,7 @@ class EditItemsController extends Controller abort(404, 'Requested folder doesn\'t exists.'); } - $zip = FileManagerService::zip_folder($id, $shared); + $zip = $this->filemanager->zip_folder($id, $shared); // Get file return response([ @@ -432,7 +441,7 @@ class EditItemsController extends Controller ->toArray(); // Check access to requested directory - Guardian::check_item_access($file_parent_folders, $shared); + $this->helper->check_item_access($file_parent_folders, $shared); } // Get requested files @@ -440,7 +449,7 @@ class EditItemsController extends Controller ->whereIn('id', $request->input('items')) ->get(); - $zip = FileManagerService::zip_files($files); + $zip = $this->filemanager->zip_files($files); // Get file return response([ @@ -468,14 +477,14 @@ class EditItemsController extends Controller ->toArray(); // Check access to requested directory - Guardian::check_item_access($file_parent_folders, $shared); + $this->helper->check_item_access($file_parent_folders, $shared); // Get requested files $files = File::whereUserId($shared->user_id) ->whereIn('id', $request->items) ->get(); - $zip = FileManagerService::zip_files($files, $shared); + $zip = $this->filemanager->zip_files($files, $shared); // Get file return response([ @@ -513,11 +522,11 @@ class EditItemsController extends Controller $shared = get_shared($request->cookie('shared_token')); // Check access to requested directory - Guardian::check_item_access($to_id, $shared); + $this->helper->check_item_access($to_id, $shared); } // Move item - FileManagerService::move($request, $to_id); + $this->filemanager->move($request, $to_id); return response('Done!', 204); } @@ -549,7 +558,7 @@ class EditItemsController extends Controller if ($item['type'] === 'folder') { - Guardian::check_item_access([ + $this->helper->check_item_access([ $request->to_id, $item['id'] ], $shared); } @@ -560,13 +569,13 @@ class EditItemsController extends Controller ->where('user_id', $shared->user_id) ->firstOrFail(); - Guardian::check_item_access([ + $this->helper->check_item_access([ $request->to_id, $file->folder_id ], $shared); } } - FileManagerService::move($request, $request->to_id); + $this->filemanager->move($request, $request->to_id); return response('Done!', 204); } diff --git a/app/Http/Controllers/Sharing/FileSharingController.php b/app/Http/Controllers/Sharing/FileSharingController.php index 0d92f399..f5de06b5 100644 --- a/app/Http/Controllers/Sharing/FileSharingController.php +++ b/app/Http/Controllers/Sharing/FileSharingController.php @@ -5,10 +5,9 @@ namespace App\Http\Controllers\Sharing; use App\Http\Controllers\Controller; use App\Http\Requests\Share\AuthenticateShareRequest; use App\Http\Resources\ShareResource; -use App\Http\Tools\Guardian; use App\Models\Share; use App\Models\Setting; -use Illuminate\Contracts\View\Factory; +use App\Services\HelperService; use Illuminate\Support\Facades\Cookie; use Illuminate\Support\Facades\DB; use Illuminate\Support\Facades\Hash; @@ -22,6 +21,12 @@ use Illuminate\Support\Facades\Storage; class FileSharingController extends Controller { + private $helper; + + public function __construct() + { + $this->helper = resolve(HelperService::class); + } /** * Show page index and delete access_token & shared_token cookie @@ -152,7 +157,7 @@ class FileSharingController extends Controller $shared = Share::where('token', $request->cookie('shared_token'))->firstOrFail(); // Check if user can get directory - Guardian::check_item_access($id, $shared); + $this->helper->check_item_access($id, $shared); // Get files and folders list($folders, $files) = $this->get_items($id, $shared); @@ -178,7 +183,7 @@ class FileSharingController extends Controller } // Check if user can get directory - Guardian::check_item_access($id, $shared); + $this->helper->check_item_access($id, $shared); // Get files and folders list($folders, $files) = $this->get_items($id, $shared); @@ -250,7 +255,7 @@ class FileSharingController extends Controller $shared = get_shared($request->cookie('shared_token')); // Check if user can get directory - Guardian::check_item_access($shared->item_id, $shared); + $this->helper->check_item_access($shared->item_id, $shared); // Get folders $folders = Folder::with('folders:id,parent_id,unique_id,name') @@ -281,7 +286,7 @@ class FileSharingController extends Controller $shared = get_shared($token); // Check if user can get directory - Guardian::check_item_access($shared->item_id, $shared); + $this->helper->check_item_access($shared->item_id, $shared); // Get folders $folders = Folder::with('folders:id,parent_id,name') diff --git a/app/Http/Tools/Guardian.php b/app/Http/Tools/Guardian.php deleted file mode 100644 index 747e8880..00000000 --- a/app/Http/Tools/Guardian.php +++ /dev/null @@ -1,42 +0,0 @@ -where('user_id', $shared->user_id) - ->where('parent_id', $shared->item_id) - ->get(); - - // Get all authorized parent folders by shared folder as root of tree - $accessible_folder_ids = Arr::flatten([filter_folders_ids($foldersIds), $shared->item_id]); - - // Check user access - if ( is_array($requested_id) ) { - foreach ($requested_id as $id) { - if (!in_array($id, $accessible_folder_ids)) - abort(403); - } - } - - if (! is_array($requested_id)) { - if (! in_array($requested_id, $accessible_folder_ids)) - abort(403); - } - } -} \ No newline at end of file diff --git a/app/Services/FileManagerService.php b/app/Services/FileManagerService.php index f7caac78..7b98a26b 100644 --- a/app/Services/FileManagerService.php +++ b/app/Services/FileManagerService.php @@ -27,42 +27,6 @@ use Symfony\Component\HttpKernel\Exception\HttpException; class FileManagerService { - /** - * Store folder icon - * - * @param $request - * @param $id - */ - public static function set_folder_icon($request, $id) - { - // Get folder - $folder = Folder::find($id); - - // Set default folder icon - if ($request->emoji === 'default') { - $folder->update([ - 'emoji' => null, - 'color' => null, - ]); - } - - // Set emoji - if ($request->filled('emoji')) { - $folder->update([ - 'emoji' => $request->emoji, - 'color' => null, - ]); - } - - // Set color - if ($request->filled('color')) { - $folder->update([ - 'emoji' => null, - 'color' => $request->color, - ]); - } - } - /** * Zip requested folder * @@ -480,6 +444,42 @@ class FileManagerService } } + /** + * Store folder icon + * + * @param $request + * @param $id + */ + public static function set_folder_icon($request, $id) + { + // Get folder + $folder = Folder::find($id); + + // Set default folder icon + if ($request->emoji === 'default') { + $folder->update([ + 'emoji' => null, + 'color' => null, + ]); + } + + // Set emoji + if ($request->filled('emoji')) { + $folder->update([ + 'emoji' => $request->emoji, + 'color' => null, + ]); + } + + // Set color + if ($request->filled('color')) { + $folder->update([ + 'emoji' => null, + 'color' => $request->color, + ]); + } + } + /** * Move file to external storage if is set * diff --git a/app/Services/HelperService.php b/app/Services/HelperService.php index 663240ab..5202185b 100644 --- a/app/Services/HelperService.php +++ b/app/Services/HelperService.php @@ -2,7 +2,9 @@ namespace App\Services; +use App\Models\Folder; use DB; +use Illuminate\Support\Arr; use Illuminate\Support\Facades\Storage; class HelperService @@ -30,4 +32,35 @@ class HelperService ->delete(); }); } + + /** + * Check access to requested directory + * + * @param integer|array $requested_id + * @param string $shared Shared record detail + */ + public function check_item_access($requested_id, $shared) + { + // Get all children folders + $foldersIds = Folder::with('folders:id,parent_id,id,name') + ->where('user_id', $shared->user_id) + ->where('parent_id', $shared->item_id) + ->get(); + + // Get all authorized parent folders by shared folder as root of tree + $accessible_folder_ids = Arr::flatten([filter_folders_ids($foldersIds), $shared->item_id]); + + // Check user access + if ( is_array($requested_id) ) { + foreach ($requested_id as $id) { + if (!in_array($id, $accessible_folder_ids)) + abort(403); + } + } + + if (! is_array($requested_id)) { + if (! in_array($requested_id, $accessible_folder_ids)) + abort(403); + } + } } \ No newline at end of file