Guardian and FileManagerService.php refactored

2026-04-30 03:25:59 +00:00 · 2021-03-14 12:54:34 +01:00
parent bb469f2520
commit 0364e73c60
6 changed files with 135 additions and 123 deletions
@@ -27,42 +27,6 @@ use Symfony\Component\HttpKernel\Exception\HttpException;

 class FileManagerService
 {
-    /**
-     * Store folder icon
-     *
-     * @param $request
-     * @param $id
-     */
-    public static function set_folder_icon($request, $id)
-    {
-        // Get folder
-        $folder = Folder::find($id);
-
-        // Set default folder icon
-        if ($request->emoji === 'default') {
-            $folder->update([
-                'emoji' => null,
-                'color' => null,
-            ]);
-        }
-
-        // Set emoji
-        if ($request->filled('emoji')) {
-            $folder->update([
-                'emoji' => $request->emoji,
-                'color' => null,
-            ]);
-        }
-
-        // Set color
-        if ($request->filled('color')) {
-            $folder->update([
-                'emoji' => null,
-                'color' => $request->color,
-            ]);
-        }
-    }
-
    /**
     * Zip requested folder
     *
@@ -480,6 +444,42 @@ class FileManagerService
        }
    }

+    /**
+     * Store folder icon
+     *
+     * @param $request
+     * @param $id
+     */
+    public static function set_folder_icon($request, $id)
+    {
+        // Get folder
+        $folder = Folder::find($id);
+
+        // Set default folder icon
+        if ($request->emoji === 'default') {
+            $folder->update([
+                'emoji' => null,
+                'color' => null,
+            ]);
+        }
+
+        // Set emoji
+        if ($request->filled('emoji')) {
+            $folder->update([
+                'emoji' => $request->emoji,
+                'color' => null,
+            ]);
+        }
+
+        // Set color
+        if ($request->filled('color')) {
+            $folder->update([
+                'emoji' => null,
+                'color' => $request->color,
+            ]);
+        }
+    }
+
    /**
     * Move file to external storage if is set
     *
@@ -2,7 +2,9 @@

 namespace App\Services;

+use App\Models\Folder;
 use DB;
+use Illuminate\Support\Arr;
 use Illuminate\Support\Facades\Storage;

 class HelperService
@@ -30,4 +32,35 @@ class HelperService
                    ->delete();
            });
    }
+
+    /**
+     * Check access to requested directory
+     *
+     * @param integer|array $requested_id
+     * @param string $shared Shared record detail
+     */
+    public function check_item_access($requested_id, $shared)
+    {
+        // Get all children folders
+        $foldersIds = Folder::with('folders:id,parent_id,id,name')
+            ->where('user_id', $shared->user_id)
+            ->where('parent_id', $shared->item_id)
+            ->get();
+
+        // Get all authorized parent folders by shared folder as root of tree
+        $accessible_folder_ids = Arr::flatten([filter_folders_ids($foldersIds), $shared->item_id]);
+
+        // Check user access
+        if ( is_array($requested_id) ) {
+            foreach ($requested_id as $id) {
+                if (!in_array($id, $accessible_folder_ids))
+                    abort(403);
+            }
+        }
+
+        if (! is_array($requested_id)) {
+            if (! in_array($requested_id, $accessible_folder_ids))
+                abort(403);
+        }
+    }
 }