mirror of
https://github.com/VueFileManager/vuefilemanager.git
synced 2026-04-05 18:23:48 +00:00
prevention to get other user folder when folder upload is trying to recreate folder structure
This commit is contained in:
Čarodej
@@ -34,12 +34,14 @@ class GetFileParentId
|
|||||||
$directoryName = $directoryPath->shift();
|
$directoryName = $directoryPath->shift();
|
||||||
|
|
||||||
// Get requested directory
|
// Get requested directory
|
||||||
$requestedDirectory = Folder::where('name', $directoryName);
|
$requestedDirectory = Folder::where('name', $directoryName)
|
||||||
|
->where('user_id', $userId);
|
||||||
|
|
||||||
// Check if root exists, if not, create him
|
// Check if root exists, if not, create him
|
||||||
if ($requestedDirectory->exists()) {
|
if ($requestedDirectory->exists()) {
|
||||||
// Get parent folder
|
// Get parent folder
|
||||||
$parentCheck = Folder::where('name', $directoryName)
|
$parentCheck = Folder::where('name', $directoryName)
|
||||||
|
->where('user_id', $userId)
|
||||||
->where('parent_id', $parentId);
|
->where('parent_id', $parentId);
|
||||||
|
|
||||||
// Check if parent folder of requested directory name exists, if not, create it
|
// Check if parent folder of requested directory name exists, if not, create it
|
||||||
|
|||||||
@@ -53,6 +53,29 @@ class FolderUploadTest extends TestCase
|
|||||||
->hasSettings()
|
->hasSettings()
|
||||||
->create();
|
->create();
|
||||||
|
|
||||||
|
$otherUser = User::factory()
|
||||||
|
->hasSettings()
|
||||||
|
->create();
|
||||||
|
|
||||||
|
// Make same folders for other user
|
||||||
|
Folder::factory()
|
||||||
|
->create([
|
||||||
|
'name' => 'level_1',
|
||||||
|
'user_id' => $otherUser->id,
|
||||||
|
]);
|
||||||
|
|
||||||
|
Folder::factory()
|
||||||
|
->create([
|
||||||
|
'name' => 'level_2',
|
||||||
|
'user_id' => $otherUser->id,
|
||||||
|
]);
|
||||||
|
|
||||||
|
Folder::factory()
|
||||||
|
->create([
|
||||||
|
'name' => 'level_3',
|
||||||
|
'user_id' => $otherUser->id,
|
||||||
|
]);
|
||||||
|
|
||||||
$file = UploadedFile::fake()
|
$file = UploadedFile::fake()
|
||||||
->create('fake-file_1.pdf', 120000, 'application/pdf');
|
->create('fake-file_1.pdf', 120000, 'application/pdf');
|
||||||
|
|
||||||
@@ -78,9 +101,16 @@ class FolderUploadTest extends TestCase
|
|||||||
|
|
||||||
$file = File::first();
|
$file = File::first();
|
||||||
|
|
||||||
$level_1 = Folder::where('name', 'level_1')->first();
|
// Get created folders by upload
|
||||||
$level_2 = Folder::where('name', 'level_2')->first();
|
$level_1 = Folder::where('name', 'level_1')
|
||||||
$level_3 = Folder::where('name', 'level_3')->first();
|
->where('user_id', $user->id)
|
||||||
|
->first();
|
||||||
|
$level_2 = Folder::where('name', 'level_2')
|
||||||
|
->where('user_id', $user->id)
|
||||||
|
->first();
|
||||||
|
$level_3 = Folder::where('name', 'level_3')
|
||||||
|
->where('user_id', $user->id)
|
||||||
|
->first();
|
||||||
|
|
||||||
$this->assertEquals(null, $level_1->parent_id);
|
$this->assertEquals(null, $level_1->parent_id);
|
||||||
$this->assertEquals($level_2->parent_id, $level_1->id);
|
$this->assertEquals($level_2->parent_id, $level_1->id);
|
||||||
@@ -88,7 +118,7 @@ class FolderUploadTest extends TestCase
|
|||||||
|
|
||||||
$this->assertEquals($level_3->id, $file->parent_id);
|
$this->assertEquals($level_3->id, $file->parent_id);
|
||||||
|
|
||||||
$this->assertDatabaseCount('folders', 3);
|
$this->assertDatabaseCount('folders', 6);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Reference in New Issue
Block a user