From 1126a4552458828abad8ea2bc6d9bed311038974 Mon Sep 17 00:00:00 2001
From: Peter Papp <peterpapp@makingcg.com>
Date: Wed, 10 Mar 2021 11:02:05 +0100
Subject: [PATCH] added it_rename_shared_file test

---
 .../FileFunctions/EditItemsController.php     |  9 ++--
 app/Http/Helpers/helpers.php                  | 12 +++++
 app/Http/Tools/Guardian.php                   |  2 +-
 routes/api.php                                | 19 ++++---
 tests/Feature/Share/ShareEditorTest.php       | 50 +++++++++++++++++--
 5 files changed, 76 insertions(+), 16 deletions(-)

diff --git a/app/Http/Controllers/FileFunctions/EditItemsController.php b/app/Http/Controllers/FileFunctions/EditItemsController.php
index 097fd3e9..539024f2 100644
--- a/app/Http/Controllers/FileFunctions/EditItemsController.php
+++ b/app/Http/Controllers/FileFunctions/EditItemsController.php
@@ -144,10 +144,12 @@ class EditItemsController extends Controller
         }
 
         // Check shared permission
-        if (!is_editor($shared)) abort(403);
+        if (is_visitor($shared)) {
+            abort(403);
+        }
 
         // Get file|folder item
-        $item = get_item($request->type, $id, $shared->user_id);
+        $item = get_item($request->type, $id);
 
         // Check access to requested item
         if ($request->type === 'folder') {
@@ -158,8 +160,7 @@ class EditItemsController extends Controller
 
         // If request have a change folder icon values set the folder icon
         if ($request->type === 'folder' && $request->filled('icon')) {
-
-            Editor::set_folder_icon($request->icon, $id, $shared);
+            Editor::set_folder_icon($request, $id);
         }
 
         // Rename item
diff --git a/app/Http/Helpers/helpers.php b/app/Http/Helpers/helpers.php
index 89aa20fd..5826dcda 100644
--- a/app/Http/Helpers/helpers.php
+++ b/app/Http/Helpers/helpers.php
@@ -220,6 +220,17 @@ function is_editor($shared)
     return $shared->permission === 'editor';
 }
 
+/**
+ * Check if shared permission is visitor
+ *
+ * @param $shared
+ * @return bool
+ */
+function is_visitor($shared)
+{
+    return $shared->permission === 'visitor';
+}
+
 /**
  * Store user avatar to storage
  *
@@ -419,6 +430,7 @@ function appeared_once($arr)
 
 /**
  * @param $folders
+ * @param string $by_column
  * @return array
  */
 function filter_folders_ids($folders, $by_column = 'id')
diff --git a/app/Http/Tools/Guardian.php b/app/Http/Tools/Guardian.php
index 94c38122..747e8880 100644
--- a/app/Http/Tools/Guardian.php
+++ b/app/Http/Tools/Guardian.php
@@ -18,7 +18,7 @@ class Guardian
     public static function check_item_access($requested_id, $shared)
     {
         // Get all children folders
-        $foldersIds = Folder::with('folders:id,parent_id,unique_id,name')
+        $foldersIds = Folder::with('folders:id,parent_id,id,name')
             ->where('user_id', $shared->user_id)
             ->where('parent_id', $shared->item_id)
             ->get();
diff --git a/routes/api.php b/routes/api.php
index 95af0489..38564cfb 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -12,13 +12,18 @@ use App\Http\Controllers\General\PricingController;
 use App\Http\Controllers\Sharing\FileSharingController;
 
 // Edit Functions
-Route::patch('/rename-item/{unique_id}/public/{token}', [EditItemsController::class, 'guest_rename_item']);
-Route::get('/zip-folder/{id}/public/{token}', [EditItemsController::class, 'guest_zip_folder']);
-Route::post('/create-folder/public/{token}', [EditItemsController::class, 'guest_create_folder']);
-Route::post('/remove-item/public/{token}', [EditItemsController::class, 'guest_delete_item']);
-Route::post('/zip/public/{token}', [EditItemsController::class, 'guest_zip_multiple_files']);
-Route::post('/upload/public/{token}', [EditItemsController::class, 'guest_upload']);
-Route::post('/move/public/{token}', [EditItemsController::class, 'guest_move']);
+Route::group(['prefix' => 'editor'], function () {
+    Route::patch('/rename/{id}/public/{token}', [EditItemsController::class, 'guest_rename_item']);
+    Route::post('/create-folder/public/{token}', [EditItemsController::class, 'guest_create_folder']);
+    Route::post('/remove/public/{token}', [EditItemsController::class, 'guest_delete_item']);
+    Route::post('/upload/public/{token}', [EditItemsController::class, 'guest_upload']);
+    Route::post('/move/public/{token}', [EditItemsController::class, 'guest_move']);
+});
+
+Route::group(['prefix' => 'zip'], function () {
+    Route::get('/folder/{id}/public/{token}', [EditItemsController::class, 'guest_zip_folder']);
+    Route::post('/files/public/{token}', [EditItemsController::class, 'guest_zip_multiple_files']);
+});
 
 // Sharing page browsing
 Route::get('/folders/{unique_id}/public/{token}', [FileSharingController::class, 'get_public_folders']);
diff --git a/tests/Feature/Share/ShareEditorTest.php b/tests/Feature/Share/ShareEditorTest.php
index d635523c..7b47c27f 100644
--- a/tests/Feature/Share/ShareEditorTest.php
+++ b/tests/Feature/Share/ShareEditorTest.php
@@ -11,6 +11,7 @@ use Illuminate\Foundation\Testing\DatabaseMigrations;
 use App\Services\SetupService;
 use Illuminate\Http\UploadedFile;
 use Illuminate\Support\Str;
+use Laravel\Sanctum\Sanctum;
 use Storage;
 use Tests\TestCase;
 
@@ -24,6 +25,47 @@ class ShareEditorTest extends TestCase
         $this->setup = app()->make(SetupService::class);
     }
 
+    /**
+     * @test
+     */
+    public function it_rename_shared_file()
+    {
+        $user = User::factory(User::class)
+            ->create();
+
+        $folder = Folder::factory(Folder::class)
+            ->create([
+                'user_id' => $user->id
+            ]);
+
+        $file = File::factory(File::class)
+            ->create([
+                'folder_id' => $folder->id
+            ]);
+
+        $share = Share::factory(Share::class)
+            ->create([
+                'item_id'      => $folder->id,
+                'user_id'      => $user->id,
+                'type'         => 'folder',
+                'is_protected' => false,
+                'permission'   => 'editor',
+            ]);
+
+        $this->patchJson("/api/editor/rename/{$file->id}/public/$share->token", [
+            'name' => 'Renamed Item',
+            'type' => 'file',
+        ])
+            ->assertStatus(200)
+            ->assertJsonFragment([
+                'name' => 'Renamed Item',
+            ]);
+
+        $this->assertDatabaseHas('files', [
+            'name' => 'Renamed Item'
+        ]);
+    }
+
     /**
      * @test
      */
@@ -67,7 +109,7 @@ class ShareEditorTest extends TestCase
                 'is_protected' => false,
             ]);
 
-        $this->postJson("/api/zip/public/$share->token", [
+        $this->postJson("/api/zip/files/public/$share->token", [
             'items' => File::all()->pluck('id')
         ])->assertStatus(201);
 
@@ -111,7 +153,7 @@ class ShareEditorTest extends TestCase
                 'is_protected' => false,
             ]);
 
-        $this->postJson("/api/zip/public/$share->token", [
+        $this->postJson("/api/zip/files/public/$share->token", [
             'items' => File::all()->pluck('id')
         ])->assertStatus(403);
     }
@@ -165,7 +207,7 @@ class ShareEditorTest extends TestCase
                 'is_protected' => false,
             ]);
 
-        $this->getJson("/api/zip-folder/$children->id/public/$share->token")
+        $this->getJson("/api/zip/folder/$children->id/public/$share->token")
             ->assertStatus(201);
 
         $this->assertDatabaseHas('zips', [
@@ -200,7 +242,7 @@ class ShareEditorTest extends TestCase
                 'is_protected' => false,
             ]);
 
-        $this->getJson("/api/zip-folder/$folder->id/public/$share->token")
+        $this->getJson("/api/zip/folder/$folder->id/public/$share->token")
             ->assertStatus(403);
     }
 }