mirror of
https://github.com/VueFileManager/vuefilemanager.git
synced 2026-04-28 11:00:39 +00:00
- gate implementation
- protected shared view fix
This commit is contained in:
Čarodej
@@ -1,7 +1,6 @@
|
||||
<?php
|
||||
namespace Domain\Items\Controllers;
|
||||
|
||||
use Auth;
|
||||
use Illuminate\Http\Response;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Domain\Items\Requests\DeleteItemRequest;
|
||||
@@ -20,11 +19,9 @@ class DeleteFileOrFolderController extends Controller
|
||||
public function __invoke(
|
||||
DeleteItemRequest $request,
|
||||
): Response {
|
||||
abort_if(
|
||||
is_demo_account(Auth::user()?->email),
|
||||
204,
|
||||
'Done.'
|
||||
);
|
||||
if (is_demo_account()) {
|
||||
abort(204, 'Done.');
|
||||
}
|
||||
|
||||
foreach ($request->input('items') as $item) {
|
||||
($this->deleteFileOrFolder)($item, $item['id']);
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
<?php
|
||||
namespace Domain\Items\Controllers;
|
||||
|
||||
use Auth;
|
||||
use Illuminate\Http\Response;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Domain\Items\Requests\MoveItemRequest;
|
||||
@@ -20,15 +19,12 @@ class MoveFileOrFolderController extends Controller
|
||||
public function __invoke(
|
||||
MoveItemRequest $request,
|
||||
): Response {
|
||||
abort_if(
|
||||
is_demo_account(Auth::user()?->email),
|
||||
204,
|
||||
'Done.'
|
||||
);
|
||||
if (is_demo_account()) {
|
||||
abort(204, 'Done.');
|
||||
}
|
||||
|
||||
// Move item
|
||||
($this->moveFileOrFolder)($request, $request->input('to_id'));
|
||||
($this->moveFileOrFolder)($request);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
<?php
|
||||
namespace Domain\Items\Controllers;
|
||||
|
||||
use Auth;
|
||||
use App\Http\Controllers\Controller;
|
||||
use Domain\Files\Resources\FileResource;
|
||||
use Domain\Folders\Resources\FolderResource;
|
||||
@@ -26,7 +25,7 @@ class RenameFileOrFolderController extends Controller
|
||||
RenameItemRequest $request,
|
||||
string $id,
|
||||
): FileResource | FolderResource | array {
|
||||
if (is_demo_account(Auth::user()->email)) {
|
||||
if (is_demo_account()) {
|
||||
return ($this->fakeRenameFileOrFolder)($request, $id);
|
||||
}
|
||||
|
||||
@@ -41,7 +40,6 @@ class RenameFileOrFolderController extends Controller
|
||||
return new FolderResource($item);
|
||||
}
|
||||
|
||||
// Return updated item
|
||||
return new FileResource($item);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,7 +16,6 @@ class VisitorDeleteFileOrFolderController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private DeleteFileOrFolderAction $deleteFileOrFolder,
|
||||
private ProtectShareRecordAction $protectShareRecord,
|
||||
private VerifyAccessToItemAction $verifyAccessToItem,
|
||||
) {
|
||||
}
|
||||
@@ -25,14 +24,9 @@ class VisitorDeleteFileOrFolderController extends Controller
|
||||
DeleteItemRequest $request,
|
||||
Share $shared,
|
||||
): Response {
|
||||
abort_if(
|
||||
is_demo_account($shared->user->email),
|
||||
204,
|
||||
'Done.'
|
||||
);
|
||||
|
||||
// Check ability to access protected share record
|
||||
($this->protectShareRecord)($shared);
|
||||
if (is_demo_account()) {
|
||||
abort(204, 'Done.');
|
||||
}
|
||||
|
||||
// Check shared permission
|
||||
if (is_visitor($shared)) {
|
||||
@@ -47,7 +41,7 @@ class VisitorDeleteFileOrFolderController extends Controller
|
||||
if ($file['type'] === 'folder') {
|
||||
($this->verifyAccessToItem)($item->id, $shared);
|
||||
} else {
|
||||
($this->verifyAccessToItem)($item->folder_id, $shared);
|
||||
($this->verifyAccessToItem)($item->parent_id, $shared);
|
||||
}
|
||||
|
||||
// Delete item
|
||||
|
||||
@@ -17,7 +17,6 @@ class VisitorMoveFileOrFolderController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private MoveFileOrFolderAction $moveFileOrFolder,
|
||||
private ProtectShareRecordAction $protectShareRecord,
|
||||
private VerifyAccessToItemAction $verifyAccessToItem,
|
||||
) {
|
||||
}
|
||||
@@ -26,14 +25,9 @@ class VisitorMoveFileOrFolderController extends Controller
|
||||
MoveItemRequest $request,
|
||||
Share $shared,
|
||||
): Response {
|
||||
abort_if(
|
||||
is_demo_account($shared->user->email),
|
||||
204,
|
||||
'Done.'
|
||||
);
|
||||
|
||||
// Check ability to access protected share record
|
||||
($this->protectShareRecord)($shared);
|
||||
if (is_demo_account()) {
|
||||
abort(204, 'Done.');
|
||||
}
|
||||
|
||||
// Check shared permission
|
||||
if (is_visitor($shared)) {
|
||||
@@ -53,13 +47,13 @@ class VisitorMoveFileOrFolderController extends Controller
|
||||
->firstOrFail();
|
||||
|
||||
($this->verifyAccessToItem)([
|
||||
$request->input('to_id'), $file->folder_id,
|
||||
$request->input('to_id'), $file->parent_id,
|
||||
], $shared);
|
||||
}
|
||||
}
|
||||
|
||||
($this->moveFileOrFolder)($request, $request->to_id);
|
||||
($this->moveFileOrFolder)($request, $shared);
|
||||
|
||||
return response('Done!', 204);
|
||||
return response('Done.', 204);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,7 +8,6 @@ use Domain\Files\Resources\FileResource;
|
||||
use Domain\Folders\Resources\FolderResource;
|
||||
use Domain\Items\Requests\RenameItemRequest;
|
||||
use Domain\Items\Actions\RenameFileOrFolderAction;
|
||||
use Domain\Sharing\Actions\ProtectShareRecordAction;
|
||||
use Domain\Sharing\Actions\VerifyAccessToItemAction;
|
||||
use Domain\Folders\Actions\UpdateFolderPropertyAction;
|
||||
use Support\Demo\Actions\FakeRenameFileOrFolderAction;
|
||||
@@ -20,7 +19,6 @@ class VisitorRenameFileOrFolderController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private RenameFileOrFolderAction $renameFileOrFolder,
|
||||
private ProtectShareRecordAction $protectShareRecord,
|
||||
private VerifyAccessToItemAction $verifyAccessToItem,
|
||||
private UpdateFolderPropertyAction $updateFolderProperty,
|
||||
private FakeRenameFileOrFolderAction $fakeRenameFileOrFolder,
|
||||
@@ -33,13 +31,10 @@ class VisitorRenameFileOrFolderController extends Controller
|
||||
Share $shared,
|
||||
): Response | array {
|
||||
// Return fake renamed item in demo
|
||||
if (is_demo_account($shared->user->email)) {
|
||||
if (is_demo_account()) {
|
||||
return ($this->fakeRenameFileOrFolder)($request, $id);
|
||||
}
|
||||
|
||||
// Check ability to access protected share record
|
||||
($this->protectShareRecord)($shared);
|
||||
|
||||
// Check shared permission
|
||||
if (is_visitor($shared)) {
|
||||
abort(403);
|
||||
@@ -52,7 +47,7 @@ class VisitorRenameFileOrFolderController extends Controller
|
||||
if ($request->input('type') === 'folder') {
|
||||
($this->verifyAccessToItem)($item->id, $shared);
|
||||
} else {
|
||||
($this->verifyAccessToItem)($item->folder_id, $shared);
|
||||
($this->verifyAccessToItem)($item->parent_id, $shared);
|
||||
}
|
||||
|
||||
// If request have a change folder icon values set the folder icon
|
||||
@@ -61,7 +56,7 @@ class VisitorRenameFileOrFolderController extends Controller
|
||||
}
|
||||
|
||||
// Rename item
|
||||
$item = ($this->renameFileOrFolder)($request, $id);
|
||||
$item = ($this->renameFileOrFolder)($request, $id, $shared);
|
||||
|
||||
// Set public url
|
||||
if ($request->input('type') !== 'folder') {
|
||||
|
||||
Reference in New Issue
Block a user