mirror of
https://github.com/VueFileManager/vuefilemanager.git
synced 2026-04-28 19:10:40 +00:00
- gate implementation
- protected shared view fix
This commit is contained in:
Čarodej
@@ -19,7 +19,7 @@ class DeleteUserController extends Controller
|
||||
DeleteUserDataAction $deleteUserData,
|
||||
): Response {
|
||||
if (is_demo()) {
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
|
||||
if ($user->subscribed('main')) {
|
||||
@@ -39,6 +39,6 @@ class DeleteUserController extends Controller
|
||||
// Delete all user data
|
||||
($deleteUserData)($user);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,7 +14,7 @@ class ResetUserPasswordController extends Controller
|
||||
public function __invoke(User $user): Response
|
||||
{
|
||||
if (is_demo()) {
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
|
||||
// Get password token
|
||||
@@ -24,6 +24,6 @@ class ResetUserPasswordController extends Controller
|
||||
// Send user email
|
||||
$user->sendPasswordResetNotification($token);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -26,7 +26,7 @@ class BrowseFolderController
|
||||
->get();
|
||||
|
||||
$files = File::with(['parent:id,name', 'shared:token,id,item_id,permission,is_protected,expire_in'])
|
||||
->where('folder_id', $root_id)
|
||||
->where('parent_id', $root_id)
|
||||
->where('user_id', Auth::id())
|
||||
->sortable()
|
||||
->get();
|
||||
|
||||
@@ -15,7 +15,7 @@ class BrowseSharedItemsController
|
||||
$user_id = Auth::id();
|
||||
|
||||
// Get shared folders and files
|
||||
$folder_ids = Share::where('user_id', $user_id)
|
||||
$parent_ids = Share::where('user_id', $user_id)
|
||||
->where('type', 'folder')
|
||||
->pluck('item_id');
|
||||
|
||||
@@ -26,7 +26,7 @@ class BrowseSharedItemsController
|
||||
// Get folders and files
|
||||
$folders = Folder::with(['parent', 'shared:token,id,item_id,permission,is_protected,expire_in'])
|
||||
->where('user_id', $user_id)
|
||||
->whereIn('id', $folder_ids)
|
||||
->whereIn('id', $parent_ids)
|
||||
->sortable()
|
||||
->get();
|
||||
|
||||
|
||||
@@ -25,7 +25,7 @@ class BrowseTrashContentController
|
||||
|
||||
$files = File::onlyTrashed()
|
||||
->with('parent')
|
||||
->where('folder_id', $root_id)
|
||||
->where('parent_id', $root_id)
|
||||
->sortable()
|
||||
->get();
|
||||
|
||||
@@ -55,8 +55,8 @@ class BrowseTrashContentController
|
||||
->with(['parent'])
|
||||
->where('user_id', $user_id)
|
||||
->where(function ($query) use ($folders_trashed) {
|
||||
$query->whereNull('folder_id');
|
||||
$query->orWhereNotIn('folder_id', array_values(array_unique(recursiveFind($folders_trashed->toArray(), 'id'))));
|
||||
$query->whereNull('parent_id');
|
||||
$query->orWhereNotIn('parent_id', array_values(array_unique(recursiveFind($folders_trashed->toArray(), 'id'))));
|
||||
})
|
||||
->sortable()
|
||||
->get();
|
||||
|
||||
@@ -39,7 +39,7 @@ class VisitorBrowseFolderController
|
||||
->get();
|
||||
|
||||
$files = File::where('user_id', $shared->user_id)
|
||||
->where('folder_id', $id)
|
||||
->where('parent_id', $id)
|
||||
->sortable()
|
||||
->get();
|
||||
|
||||
|
||||
@@ -47,21 +47,21 @@ class VisitorSearchFilesAndFoldersController extends Controller
|
||||
->get();
|
||||
|
||||
// Get accessible folders
|
||||
$accessible_folder_ids = Arr::flatten([filter_folders_ids($foldersIds), $shared->item_id]);
|
||||
$accessible_parent_ids = Arr::flatten([filter_folders_ids($foldersIds), $shared->item_id]);
|
||||
|
||||
// Filter files
|
||||
$files = $searched_files->filter(function ($file) use ($accessible_folder_ids, $shared) {
|
||||
$files = $searched_files->filter(function ($file) use ($accessible_parent_ids, $shared) {
|
||||
// Set public urls
|
||||
$file->setPublicUrl($shared->token);
|
||||
|
||||
// check if item is in accessible folders
|
||||
return in_array($file->folder_id, $accessible_folder_ids);
|
||||
return in_array($file->parent_id, $accessible_parent_ids);
|
||||
});
|
||||
|
||||
// Filter folders
|
||||
$folders = $searched_folders->filter(function ($folder) use ($accessible_folder_ids) {
|
||||
$folders = $searched_folders->filter(function ($folder) use ($accessible_parent_ids) {
|
||||
// check if item is in accessible folders
|
||||
return in_array($folder->id, $accessible_folder_ids);
|
||||
return in_array($folder->id, $accessible_parent_ids);
|
||||
});
|
||||
|
||||
// Collect folders and files to single array
|
||||
|
||||
@@ -86,7 +86,7 @@ class UploadFileAction
|
||||
return UserFile::create([
|
||||
'mimetype' => get_file_type_from_mimetype($file_mimetype),
|
||||
'type' => get_file_type($file_mimetype),
|
||||
'folder_id' => $request->input('folder_id'),
|
||||
'parent_id' => $request->input('parent_id'),
|
||||
'metadata' => $metadata,
|
||||
'name' => $request->input('filename'),
|
||||
'basename' => $disk_file_name,
|
||||
|
||||
@@ -23,7 +23,7 @@ class UploadFileController extends Controller
|
||||
public function __invoke(
|
||||
UploadRequest $request,
|
||||
): Response | array {
|
||||
if (is_demo_account('howdy@hi5ve.digital')) {
|
||||
if (is_demo_account()) {
|
||||
return ($this->fakeUploadFile)($request);
|
||||
}
|
||||
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
namespace Domain\Files\Controllers;
|
||||
|
||||
use Domain\Files\Models\File;
|
||||
use Gate;
|
||||
use Illuminate\Http\Response;
|
||||
use Domain\Sharing\Models\Share;
|
||||
use Domain\Files\Resources\FileResource;
|
||||
@@ -12,22 +13,16 @@ use Domain\Sharing\Actions\ProtectShareRecordAction;
|
||||
*/
|
||||
class VisitorShowFileController
|
||||
{
|
||||
public function __construct(
|
||||
private ProtectShareRecordAction $protectShareRecord,
|
||||
) {
|
||||
}
|
||||
|
||||
public function __invoke(
|
||||
Share $shared
|
||||
): Response {
|
||||
// Check ability to access protected share files
|
||||
($this->protectShareRecord)($shared);
|
||||
|
||||
// Get file
|
||||
$file = File::whereUserId($shared->user_id)
|
||||
->whereId($shared->item_id)
|
||||
->firstOrFail();
|
||||
|
||||
Gate::authorize('can-visit', [$file, $shared]);
|
||||
|
||||
// Set access urls
|
||||
$file->setPublicUrl($shared->token);
|
||||
|
||||
|
||||
@@ -27,7 +27,7 @@ class VisitorUploadFileController extends Controller
|
||||
UploadRequest $request,
|
||||
Share $shared,
|
||||
): Response | array {
|
||||
if (is_demo_account($shared->user->email)) {
|
||||
if (is_demo_account()) {
|
||||
return ($this->fakeUploadFile)($request);
|
||||
}
|
||||
|
||||
@@ -40,7 +40,7 @@ class VisitorUploadFileController extends Controller
|
||||
}
|
||||
|
||||
// Check access to requested directory
|
||||
($this->verifyAccessToItem)($request->input('folder_id'), $shared);
|
||||
($this->verifyAccessToItem)($request->input('parent_id'), $shared);
|
||||
|
||||
// Return new uploaded file
|
||||
$new_file = ($this->uploadFile)($request, $shared);
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
<?php
|
||||
namespace Domain\Files\Models;
|
||||
|
||||
use ByteUnits\Metric;
|
||||
use Illuminate\Support\Str;
|
||||
use Laravel\Scout\Searchable;
|
||||
use Domain\Sharing\Models\Share;
|
||||
@@ -23,7 +22,7 @@ use Illuminate\Database\Eloquent\Factories\HasFactory;
|
||||
* @method static where(string $string, string $user_id)
|
||||
* @property string id
|
||||
* @property string user_id
|
||||
* @property string folder_id
|
||||
* @property string parent_id
|
||||
* @property string thumbnail
|
||||
* @property string filesize
|
||||
* @property string type
|
||||
@@ -148,7 +147,16 @@ class File extends Model
|
||||
|
||||
public function parent(): BelongsTo
|
||||
{
|
||||
return $this->belongsTo(Folder::class, 'folder_id', 'id');
|
||||
return $this->belongsTo(Folder::class, 'parent_id', 'id');
|
||||
}
|
||||
|
||||
public function getLatestParent()
|
||||
{
|
||||
if ($this->parent) {
|
||||
return $this->parent->getLatestParent();
|
||||
}
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function shared(): HasOne
|
||||
@@ -159,7 +167,8 @@ class File extends Model
|
||||
public function toSearchableArray(): array
|
||||
{
|
||||
$name = mb_convert_encoding(
|
||||
mb_strtolower($this->name, 'UTF-8'), 'UTF-8'
|
||||
mb_strtolower($this->name, 'UTF-8'),
|
||||
'UTF-8'
|
||||
);
|
||||
|
||||
$trigram = (new TNTIndexer)
|
||||
|
||||
@@ -25,7 +25,7 @@ class UploadRequest extends FormRequest
|
||||
{
|
||||
return [
|
||||
'filename' => 'required|string',
|
||||
'folder_id' => 'nullable|uuid',
|
||||
'parent_id' => 'nullable|uuid',
|
||||
'is_last' => 'sometimes|string',
|
||||
'file' => ['required', 'file', new DisabledMimetypes],
|
||||
];
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
<?php
|
||||
namespace Domain\Files\Resources;
|
||||
|
||||
use ByteUnits\Metric;
|
||||
use Carbon\Carbon;
|
||||
use ByteUnits\Metric;
|
||||
use Domain\Sharing\Resources\ShareResource;
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
@@ -25,17 +25,17 @@ class FileResource extends JsonResource
|
||||
'id' => $this->id,
|
||||
'type' => $this->type,
|
||||
'attributes' => [
|
||||
'filesize' => $fileSize,
|
||||
'name' => $this->name,
|
||||
'basename' => $this->basename,
|
||||
'mimetype' => $this->mimetype,
|
||||
'file_url' => $this->file_url,
|
||||
'thumbnail' => $this->thumbnail,
|
||||
'metadata' => $this->metadata,
|
||||
'folder_id' => $this->folder_id,
|
||||
'updated_at' => $this->updated_at,
|
||||
'filesize' => $fileSize,
|
||||
'name' => $this->name,
|
||||
'basename' => $this->basename,
|
||||
'mimetype' => $this->mimetype,
|
||||
'file_url' => $this->file_url,
|
||||
'thumbnail' => $this->thumbnail,
|
||||
'metadata' => $this->metadata,
|
||||
'parent_id' => $this->parent_id,
|
||||
'updated_at' => $this->updated_at,
|
||||
'created_at' => Carbon::parse($this->created_at)->diffForHumans(),
|
||||
'deleted_at' => $this->deleted_at,
|
||||
'deleted_at' => $this->deleted_at,
|
||||
/*'updated_at' => format_date(
|
||||
set_time_by_user_timezone($this->updated_at), __t('time')
|
||||
),
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
<?php
|
||||
namespace Domain\Folders\Controllers;
|
||||
|
||||
use Auth;
|
||||
use Illuminate\Http\Response;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Domain\Folders\Resources\FolderResource;
|
||||
@@ -22,13 +21,13 @@ class CreateFolderController extends Controller
|
||||
*/
|
||||
public function __invoke(
|
||||
CreateFolderRequest $request,
|
||||
): Response | array {
|
||||
// If is demo, return fake folder
|
||||
if (is_demo_account(Auth::user()->email)) {
|
||||
return ($this->fakeCreateFolder)($request);
|
||||
): Response {
|
||||
if (is_demo_account()) {
|
||||
$fakeFolder = ($this->fakeCreateFolder)($request);
|
||||
|
||||
return response(new FolderResource($fakeFolder), 201);
|
||||
}
|
||||
|
||||
// CreateFolder
|
||||
$folder = ($this->createFolder)($request);
|
||||
|
||||
return response(new FolderResource($folder), 201);
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
<?php
|
||||
|
||||
namespace Domain\Folders\Controllers;
|
||||
|
||||
use Domain\Folders\Models\Folder;
|
||||
|
||||
@@ -27,7 +27,7 @@ class VisitorCreateFolderController extends Controller
|
||||
CreateFolderRequest $request,
|
||||
Share $shared,
|
||||
): Response | array {
|
||||
if (is_demo_account($shared->user->email)) {
|
||||
if (is_demo_account()) {
|
||||
return ($this->fakeCreateFolderAction)($request);
|
||||
}
|
||||
|
||||
|
||||
@@ -129,7 +129,7 @@ class Folder extends Model
|
||||
*/
|
||||
public function files(): HasMany
|
||||
{
|
||||
return $this->hasMany(File::class, 'folder_id', 'id');
|
||||
return $this->hasMany(File::class, 'parent_id', 'id');
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -137,7 +137,7 @@ class Folder extends Model
|
||||
*/
|
||||
public function trashedFiles(): HasMany
|
||||
{
|
||||
return $this->hasMany(File::class, 'folder_id', 'id')
|
||||
return $this->hasMany(File::class, 'parent_id', 'id')
|
||||
->withTrashed();
|
||||
}
|
||||
|
||||
@@ -187,12 +187,12 @@ class Folder extends Model
|
||||
|
||||
public function teamInvitations(): HasMany
|
||||
{
|
||||
return $this->hasMany(TeamFolderInvitation::class, 'folder_id', 'id');
|
||||
return $this->hasMany(TeamFolderInvitation::class, 'parent_id', 'id');
|
||||
}
|
||||
|
||||
public function teamMembers(): BelongsToMany
|
||||
{
|
||||
return $this->belongsToMany(User::class, 'team_folder_members', 'folder_id', 'user_id')
|
||||
return $this->belongsToMany(User::class, 'team_folder_members', 'parent_id', 'user_id')
|
||||
->withPivot('permission');
|
||||
}
|
||||
|
||||
@@ -206,10 +206,20 @@ class Folder extends Model
|
||||
return $this->parents()->with('teamRoot');
|
||||
}
|
||||
|
||||
public function getLatestParent()
|
||||
{
|
||||
if ($this->parent) {
|
||||
return $this->parent->getLatestParent();
|
||||
}
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function toSearchableArray(): array
|
||||
{
|
||||
$name = mb_convert_encoding(
|
||||
mb_strtolower($this->name, 'UTF-8'), 'UTF-8'
|
||||
mb_strtolower($this->name, 'UTF-8'),
|
||||
'UTF-8'
|
||||
);
|
||||
|
||||
$trigram = (new TNTIndexer)
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
namespace Domain\Items\Actions;
|
||||
|
||||
use DB;
|
||||
use Gate;
|
||||
use Illuminate\Support\Arr;
|
||||
use Domain\Files\Models\File;
|
||||
use Domain\Sharing\Models\Share;
|
||||
@@ -25,6 +26,8 @@ class DeleteFileOrFolderAction
|
||||
->with('folders')
|
||||
->find($id);
|
||||
|
||||
Gate::authorize('can-edit', [$folder, $shared]);
|
||||
|
||||
// Get folder shared record
|
||||
$shared = Share::where('type', 'folder')
|
||||
->where('item_id', $id)
|
||||
@@ -37,7 +40,7 @@ class DeleteFileOrFolderAction
|
||||
|
||||
// Remove folder from user favourites
|
||||
DB::table('favourite_folder')
|
||||
->where('folder_id', $folder->id)
|
||||
->where('parent_id', $folder->id)
|
||||
->delete();
|
||||
|
||||
// Soft delete items
|
||||
@@ -53,7 +56,7 @@ class DeleteFileOrFolderAction
|
||||
|
||||
// Get children files
|
||||
$files = File::onlyTrashed()
|
||||
->whereIn('folder_id', Arr::flatten([$id, $child_folders]))
|
||||
->whereIn('parent_id', Arr::flatten([$id, $child_folders]))
|
||||
->get();
|
||||
|
||||
// Remove all children files
|
||||
@@ -83,6 +86,8 @@ class DeleteFileOrFolderAction
|
||||
$file = File::withTrashed()
|
||||
->find($id);
|
||||
|
||||
Gate::authorize('can-edit', [$file, $shared]);
|
||||
|
||||
// Get folder shared record
|
||||
$shared = Share::where('type', 'file')
|
||||
->where('item_id', $id)
|
||||
|
||||
@@ -1,28 +1,25 @@
|
||||
<?php
|
||||
namespace Domain\Items\Actions;
|
||||
|
||||
use Domain\Files\Models\File;
|
||||
use Domain\Folders\Models\Folder;
|
||||
use Domain\Sharing\Models\Share;
|
||||
use Gate;
|
||||
|
||||
class MoveFileOrFolderAction
|
||||
{
|
||||
/**
|
||||
* Move folder or file to new location
|
||||
*/
|
||||
public function __invoke($request, ?string $to_id): void
|
||||
public function __invoke($request, ?Share $share = null): void
|
||||
{
|
||||
foreach ($request->items as $item) {
|
||||
// Move folder
|
||||
if ($item['type'] === 'folder') {
|
||||
Folder::find($item['id'])
|
||||
->update(['parent_id' => $to_id]);
|
||||
}
|
||||
foreach ($request->input('items') as $item) {
|
||||
|
||||
$item = get_item($item['type'], $item['id']);
|
||||
|
||||
Gate::authorize('can-edit', [$item, $share]);
|
||||
|
||||
// Move file
|
||||
if ($item['type'] !== 'folder') {
|
||||
File::find($item['id'])
|
||||
->update(['folder_id' => $to_id]);
|
||||
}
|
||||
$item->update([
|
||||
'parent_id' => $request->input('to_id'),
|
||||
]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,21 +1,29 @@
|
||||
<?php
|
||||
namespace Domain\Items\Actions;
|
||||
|
||||
use Gate;
|
||||
use Domain\Files\Models\File;
|
||||
use Domain\Sharing\Models\Share;
|
||||
use Domain\Folders\Models\Folder;
|
||||
use Domain\Items\Requests\RenameItemRequest;
|
||||
use Illuminate\Auth\Access\AuthorizationException;
|
||||
|
||||
class RenameFileOrFolderAction
|
||||
{
|
||||
/**
|
||||
* Rename item name
|
||||
*
|
||||
* @throws AuthorizationException
|
||||
*/
|
||||
public function __invoke(
|
||||
RenameItemRequest $request,
|
||||
string $id,
|
||||
) {
|
||||
// Get item
|
||||
?Share $shared = null,
|
||||
): File | Folder {
|
||||
$item = get_item($request->input('type'), $id);
|
||||
|
||||
// Rename item
|
||||
Gate::authorize('can-edit', [$item, $shared]);
|
||||
|
||||
$item->update([
|
||||
'name' => $request->input('name'),
|
||||
]);
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
<?php
|
||||
namespace Domain\Items\Controllers;
|
||||
|
||||
use Auth;
|
||||
use Illuminate\Http\Response;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Domain\Items\Requests\DeleteItemRequest;
|
||||
@@ -20,11 +19,9 @@ class DeleteFileOrFolderController extends Controller
|
||||
public function __invoke(
|
||||
DeleteItemRequest $request,
|
||||
): Response {
|
||||
abort_if(
|
||||
is_demo_account(Auth::user()?->email),
|
||||
204,
|
||||
'Done.'
|
||||
);
|
||||
if (is_demo_account()) {
|
||||
abort(204, 'Done.');
|
||||
}
|
||||
|
||||
foreach ($request->input('items') as $item) {
|
||||
($this->deleteFileOrFolder)($item, $item['id']);
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
<?php
|
||||
namespace Domain\Items\Controllers;
|
||||
|
||||
use Auth;
|
||||
use Illuminate\Http\Response;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Domain\Items\Requests\MoveItemRequest;
|
||||
@@ -20,15 +19,12 @@ class MoveFileOrFolderController extends Controller
|
||||
public function __invoke(
|
||||
MoveItemRequest $request,
|
||||
): Response {
|
||||
abort_if(
|
||||
is_demo_account(Auth::user()?->email),
|
||||
204,
|
||||
'Done.'
|
||||
);
|
||||
if (is_demo_account()) {
|
||||
abort(204, 'Done.');
|
||||
}
|
||||
|
||||
// Move item
|
||||
($this->moveFileOrFolder)($request, $request->input('to_id'));
|
||||
($this->moveFileOrFolder)($request);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
<?php
|
||||
namespace Domain\Items\Controllers;
|
||||
|
||||
use Auth;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Domain\Files\Resources\FileResource;
|
||||
use Domain\Folders\Resources\FolderResource;
|
||||
@@ -26,7 +25,7 @@ class RenameFileOrFolderController extends Controller
|
||||
RenameItemRequest $request,
|
||||
string $id,
|
||||
): FileResource | FolderResource | array {
|
||||
if (is_demo_account(Auth::user()->email)) {
|
||||
if (is_demo_account()) {
|
||||
return ($this->fakeRenameFileOrFolder)($request, $id);
|
||||
}
|
||||
|
||||
@@ -41,7 +40,6 @@ class RenameFileOrFolderController extends Controller
|
||||
return new FolderResource($item);
|
||||
}
|
||||
|
||||
// Return updated item
|
||||
return new FileResource($item);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,7 +16,6 @@ class VisitorDeleteFileOrFolderController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private DeleteFileOrFolderAction $deleteFileOrFolder,
|
||||
private ProtectShareRecordAction $protectShareRecord,
|
||||
private VerifyAccessToItemAction $verifyAccessToItem,
|
||||
) {
|
||||
}
|
||||
@@ -25,14 +24,9 @@ class VisitorDeleteFileOrFolderController extends Controller
|
||||
DeleteItemRequest $request,
|
||||
Share $shared,
|
||||
): Response {
|
||||
abort_if(
|
||||
is_demo_account($shared->user->email),
|
||||
204,
|
||||
'Done.'
|
||||
);
|
||||
|
||||
// Check ability to access protected share record
|
||||
($this->protectShareRecord)($shared);
|
||||
if (is_demo_account()) {
|
||||
abort(204, 'Done.');
|
||||
}
|
||||
|
||||
// Check shared permission
|
||||
if (is_visitor($shared)) {
|
||||
@@ -47,7 +41,7 @@ class VisitorDeleteFileOrFolderController extends Controller
|
||||
if ($file['type'] === 'folder') {
|
||||
($this->verifyAccessToItem)($item->id, $shared);
|
||||
} else {
|
||||
($this->verifyAccessToItem)($item->folder_id, $shared);
|
||||
($this->verifyAccessToItem)($item->parent_id, $shared);
|
||||
}
|
||||
|
||||
// Delete item
|
||||
|
||||
@@ -17,7 +17,6 @@ class VisitorMoveFileOrFolderController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private MoveFileOrFolderAction $moveFileOrFolder,
|
||||
private ProtectShareRecordAction $protectShareRecord,
|
||||
private VerifyAccessToItemAction $verifyAccessToItem,
|
||||
) {
|
||||
}
|
||||
@@ -26,14 +25,9 @@ class VisitorMoveFileOrFolderController extends Controller
|
||||
MoveItemRequest $request,
|
||||
Share $shared,
|
||||
): Response {
|
||||
abort_if(
|
||||
is_demo_account($shared->user->email),
|
||||
204,
|
||||
'Done.'
|
||||
);
|
||||
|
||||
// Check ability to access protected share record
|
||||
($this->protectShareRecord)($shared);
|
||||
if (is_demo_account()) {
|
||||
abort(204, 'Done.');
|
||||
}
|
||||
|
||||
// Check shared permission
|
||||
if (is_visitor($shared)) {
|
||||
@@ -53,13 +47,13 @@ class VisitorMoveFileOrFolderController extends Controller
|
||||
->firstOrFail();
|
||||
|
||||
($this->verifyAccessToItem)([
|
||||
$request->input('to_id'), $file->folder_id,
|
||||
$request->input('to_id'), $file->parent_id,
|
||||
], $shared);
|
||||
}
|
||||
}
|
||||
|
||||
($this->moveFileOrFolder)($request, $request->to_id);
|
||||
($this->moveFileOrFolder)($request, $shared);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,7 +8,6 @@ use Domain\Files\Resources\FileResource;
|
||||
use Domain\Folders\Resources\FolderResource;
|
||||
use Domain\Items\Requests\RenameItemRequest;
|
||||
use Domain\Items\Actions\RenameFileOrFolderAction;
|
||||
use Domain\Sharing\Actions\ProtectShareRecordAction;
|
||||
use Domain\Sharing\Actions\VerifyAccessToItemAction;
|
||||
use Domain\Folders\Actions\UpdateFolderPropertyAction;
|
||||
use Support\Demo\Actions\FakeRenameFileOrFolderAction;
|
||||
@@ -20,7 +19,6 @@ class VisitorRenameFileOrFolderController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private RenameFileOrFolderAction $renameFileOrFolder,
|
||||
private ProtectShareRecordAction $protectShareRecord,
|
||||
private VerifyAccessToItemAction $verifyAccessToItem,
|
||||
private UpdateFolderPropertyAction $updateFolderProperty,
|
||||
private FakeRenameFileOrFolderAction $fakeRenameFileOrFolder,
|
||||
@@ -33,13 +31,10 @@ class VisitorRenameFileOrFolderController extends Controller
|
||||
Share $shared,
|
||||
): Response | array {
|
||||
// Return fake renamed item in demo
|
||||
if (is_demo_account($shared->user->email)) {
|
||||
if (is_demo_account()) {
|
||||
return ($this->fakeRenameFileOrFolder)($request, $id);
|
||||
}
|
||||
|
||||
// Check ability to access protected share record
|
||||
($this->protectShareRecord)($shared);
|
||||
|
||||
// Check shared permission
|
||||
if (is_visitor($shared)) {
|
||||
abort(403);
|
||||
@@ -52,7 +47,7 @@ class VisitorRenameFileOrFolderController extends Controller
|
||||
if ($request->input('type') === 'folder') {
|
||||
($this->verifyAccessToItem)($item->id, $shared);
|
||||
} else {
|
||||
($this->verifyAccessToItem)($item->folder_id, $shared);
|
||||
($this->verifyAccessToItem)($item->parent_id, $shared);
|
||||
}
|
||||
|
||||
// If request have a change folder icon values set the folder icon
|
||||
@@ -61,7 +56,7 @@ class VisitorRenameFileOrFolderController extends Controller
|
||||
}
|
||||
|
||||
// Rename item
|
||||
$item = ($this->renameFileOrFolder)($request, $id);
|
||||
$item = ($this->renameFileOrFolder)($request, $id, $shared);
|
||||
|
||||
// Set public url
|
||||
if ($request->input('type') !== 'folder') {
|
||||
|
||||
@@ -139,6 +139,6 @@ class PaymentMethodsController extends Controller
|
||||
"default-payment-methods-user-{$user->id}",
|
||||
]);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -93,6 +93,6 @@ class PlansController extends Controller
|
||||
// Clear cached plans
|
||||
cache_forget_many(['plans', 'pricing']);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -21,19 +21,19 @@ class VerifyAccessToItemAction
|
||||
->get();
|
||||
|
||||
// Get all authorized parent folders by shared folder as root of tree
|
||||
$accessible_folder_ids = Arr::flatten([filter_folders_ids($foldersIds), $shared->item_id]);
|
||||
$accessible_parent_ids = Arr::flatten([filter_folders_ids($foldersIds), $shared->item_id]);
|
||||
|
||||
// Check user access
|
||||
if (is_array($requested_id)) {
|
||||
foreach ($requested_id as $id) {
|
||||
if (! in_array($id, $accessible_folder_ids)) {
|
||||
if (! in_array($id, $accessible_parent_ids)) {
|
||||
abort(403);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (! is_array($requested_id)) {
|
||||
if (! in_array($requested_id, $accessible_folder_ids)) {
|
||||
if (! in_array($requested_id, $accessible_parent_ids)) {
|
||||
abort(403);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,7 +20,7 @@ class VerifyAccessToItemWithinAction
|
||||
): void {
|
||||
// Check by parent folder permission
|
||||
if ($shared->type === 'folder') {
|
||||
($this->verifyAccessToItem)($file->folder_id, $shared);
|
||||
($this->verifyAccessToItem)($file->parent_id, $shared);
|
||||
}
|
||||
|
||||
// Check by single file permission
|
||||
|
||||
@@ -84,6 +84,6 @@ class ShareController extends Controller
|
||||
->delete();
|
||||
}
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -22,6 +22,6 @@ class ShareViaEmailController extends Controller
|
||||
token: $token,
|
||||
);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -17,7 +17,7 @@ class SubscriptionCancelController extends Controller
|
||||
|
||||
// Check if is demo
|
||||
if (is_demo_account($user->email)) {
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
|
||||
// Cancel subscription
|
||||
@@ -26,6 +26,6 @@ class SubscriptionCancelController extends Controller
|
||||
// Forget user subscription
|
||||
Cache::forget("subscription-user-{$user->id}");
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -17,7 +17,7 @@ class SubscriptionResumeController extends Controller
|
||||
|
||||
// Check if is demo
|
||||
if (is_demo_account($user->email)) {
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
|
||||
// Resume subscription
|
||||
@@ -26,6 +26,6 @@ class SubscriptionResumeController extends Controller
|
||||
// Forget user subscription
|
||||
Cache::forget("subscription-user-{$user->id}");
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,7 +24,7 @@ class SubscriptionUpgradeController extends Controller
|
||||
|
||||
// Check if is demo
|
||||
if (is_demo_account($user->email)) {
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
|
||||
// Forget user subscription
|
||||
@@ -53,6 +53,6 @@ class SubscriptionUpgradeController extends Controller
|
||||
'storage_capacity' => $plan['product']['metadata']['capacity'],
|
||||
]);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,10 +2,10 @@
|
||||
namespace Domain\Teams\Actions;
|
||||
|
||||
use Domain\Folders\Models\Folder;
|
||||
use Spatie\QueueableAction\QueueableAction;
|
||||
use Illuminate\Support\Facades\Notification;
|
||||
use Domain\Teams\Models\TeamFolderInvitation;
|
||||
use Domain\Teams\Notifications\InvitationIntoTeamFolder;
|
||||
use Spatie\QueueableAction\QueueableAction;
|
||||
|
||||
class InviteMembersIntoTeamFolderAction
|
||||
{
|
||||
@@ -21,7 +21,7 @@ class InviteMembersIntoTeamFolderAction
|
||||
$invitation = TeamFolderInvitation::create([
|
||||
'permission' => $member['permission'],
|
||||
'email' => $member['email'],
|
||||
'folder_id' => $folder->id,
|
||||
'parent_id' => $folder->id,
|
||||
]);
|
||||
|
||||
// Invite user
|
||||
|
||||
@@ -37,7 +37,7 @@ class UpdateInvitationsAction
|
||||
// Delete invite from team folder
|
||||
if ($removed->isNotEmpty()) {
|
||||
DB::table('team_folder_invitations')
|
||||
->where('folder_id', $folder->id)
|
||||
->where('parent_id', $folder->id)
|
||||
->whereIn('email', $removed)
|
||||
->delete();
|
||||
}
|
||||
@@ -47,7 +47,7 @@ class UpdateInvitationsAction
|
||||
->each(
|
||||
fn ($invitation) =>
|
||||
DB::table('team_folder_invitations')
|
||||
->where('folder_id', $folder->id)
|
||||
->where('parent_id', $folder->id)
|
||||
->where('email', $invitation['email'])
|
||||
->update([
|
||||
'permission' => $invitation['permission'],
|
||||
|
||||
@@ -20,7 +20,7 @@ class UpdateMembersAction
|
||||
// Remove team members from team folder
|
||||
if ($deletedMembers->isNotEmpty()) {
|
||||
DB::table('team_folder_members')
|
||||
->where('folder_id', $folder->id)
|
||||
->where('parent_id', $folder->id)
|
||||
->whereIn('user_id', $deletedMembers->toArray())
|
||||
->delete();
|
||||
}
|
||||
@@ -30,7 +30,7 @@ class UpdateMembersAction
|
||||
->each(
|
||||
fn ($member) =>
|
||||
DB::table('team_folder_members')
|
||||
->where('folder_id', $folder->id)
|
||||
->where('parent_id', $folder->id)
|
||||
->where('user_id', $member['id'])
|
||||
->update([
|
||||
'permission' => $member['permission'],
|
||||
|
||||
@@ -26,7 +26,7 @@ class BrowseSharedWithMeController
|
||||
->get();
|
||||
|
||||
$files = File::with($relations)
|
||||
->where('folder_id', $id)
|
||||
->where('parent_id', $id)
|
||||
->sortable()
|
||||
->get();
|
||||
}
|
||||
@@ -34,7 +34,7 @@ class BrowseSharedWithMeController
|
||||
if (! $rootId) {
|
||||
$folderIds = DB::table('team_folder_members')
|
||||
->where('user_id', Auth::id())
|
||||
->pluck('folder_id');
|
||||
->pluck('parent_id');
|
||||
|
||||
$folders = Folder::with($relations)
|
||||
->whereIn('id', $folderIds)
|
||||
|
||||
@@ -22,7 +22,7 @@ class InvitationsController extends Controller
|
||||
|
||||
DB::table('team_folder_members')
|
||||
->insert([
|
||||
'folder_id' => $invitation->folder_id,
|
||||
'parent_id' => $invitation->parent_id,
|
||||
'user_id' => $user->id,
|
||||
'permission' => 'can-edit',
|
||||
]);
|
||||
|
||||
@@ -54,7 +54,7 @@ class TeamFoldersController extends Controller
|
||||
: $requestedFolder;
|
||||
|
||||
// Get files
|
||||
$files = File::where('folder_id', $rootId)
|
||||
$files = File::where('parent_id', $rootId)
|
||||
->where('user_id', Auth::id())
|
||||
->sortable()
|
||||
->get();
|
||||
@@ -109,12 +109,12 @@ class TeamFoldersController extends Controller
|
||||
{
|
||||
// Delete existing invitations
|
||||
DB::table('team_folder_invitations')
|
||||
->where('folder_id', $folder->id)
|
||||
->where('parent_id', $folder->id)
|
||||
->delete();
|
||||
|
||||
// Delete attached members from folder
|
||||
DB::table('team_folder_members')
|
||||
->where('folder_id', $folder->id)
|
||||
->where('parent_id', $folder->id)
|
||||
->delete();
|
||||
|
||||
$folder->update([
|
||||
|
||||
@@ -9,7 +9,7 @@ use Illuminate\Database\Eloquent\Factories\HasFactory;
|
||||
/**
|
||||
* @method static create(array $array)
|
||||
* @property string id
|
||||
* @property string folder_id
|
||||
* @property string parent_id
|
||||
* @property string email
|
||||
* @property string status
|
||||
* @property string created_at
|
||||
|
||||
@@ -13,9 +13,9 @@ class DumpTrashController extends Controller
|
||||
public function __invoke(): Response
|
||||
{
|
||||
abort_if(
|
||||
is_demo_account(Auth::user()->email),
|
||||
is_demo_account(auth()->user()->email),
|
||||
204,
|
||||
'Done!'
|
||||
'Done.'
|
||||
);
|
||||
|
||||
$user_id = Auth::id();
|
||||
@@ -47,6 +47,6 @@ class DumpTrashController extends Controller
|
||||
}
|
||||
|
||||
// Return response
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -53,7 +53,7 @@ class RestoreTrashContentController extends Controller
|
||||
|
||||
// Restore item to home directory
|
||||
if ($request->has('to_home') && $request->to_home) {
|
||||
$item->folder_id = null;
|
||||
$item->parent_id = null;
|
||||
$item->save();
|
||||
}
|
||||
}
|
||||
@@ -63,6 +63,6 @@ class RestoreTrashContentController extends Controller
|
||||
}
|
||||
|
||||
// Return response
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -44,7 +44,7 @@ class VisitorZipController extends Controller
|
||||
$file_parent_folders = File::whereUserId($shared->user_id)
|
||||
->whereIn('id', $files->pluck('id'))
|
||||
->get()
|
||||
->pluck('folder_id')
|
||||
->pluck('parent_id')
|
||||
->toArray();
|
||||
|
||||
// Check access to requested directory
|
||||
|
||||
@@ -2,7 +2,6 @@
|
||||
namespace Domain\Zip\Controllers;
|
||||
|
||||
use Illuminate\Http\Request;
|
||||
use STS\ZipStream\ZipStream;
|
||||
use Domain\Zip\Actions\ZipAction;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
@@ -20,18 +19,16 @@ class ZipController extends Controller
|
||||
|
||||
public function __invoke(
|
||||
Request $request,
|
||||
): ZipStream {
|
||||
$user_id = Auth::id();
|
||||
|
||||
): \ZipStream\ZipStream {
|
||||
// Get list of folders and files from requested url parameter
|
||||
list($folders, $files) = ($this->getItemsListFromUrlParam)($user_id);
|
||||
list($folders, $files) = ($this->getItemsListFromUrlParam)(auth()->id());
|
||||
|
||||
// Zip items
|
||||
$zip = ($this->zip)($folders, $files);
|
||||
|
||||
($this->recordDownload)(
|
||||
file_size: $zip->predictZipSize(),
|
||||
user_id: $user_id,
|
||||
user_id: auth()->id(),
|
||||
);
|
||||
|
||||
return $zip;
|
||||
|
||||
Reference in New Issue
Block a user