nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-29 19:25:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Refactoring

Browse Source 
- Download restriction
This commit is contained in:
Čarodej
2022-01-05 18:29:07 +01:00
parent ec29764c3f
commit 29a954e21b
15 changed files with 400 additions and 176 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Domain/Files/Controllers/FileAccess/GetFileController.php
+10 -1
View File
@@ -2,6 +2,7 @@
namespace Domain\Files\Controllers\FileAccess;
use Gate;
use Illuminate\Http\Response;
use App\Http\Controllers\Controller;
use Domain\Files\Models\File as UserFile;
use Domain\Files\Actions\DownloadFileAction;
@@ -18,11 +19,19 @@ class GetFileController extends Controller
public function __invoke(
string $filename,
): BinaryFileResponse {
): Response|BinaryFileResponse {
$file = UserFile::withTrashed()
->where('basename', $filename)
->firstOrFail();
// Check if user can download file
if (! $file->owner->canDownload()) {
return response([
'type' => 'error',
'message' => 'This user action is not allowed.',
], 401);
}
if (! Gate::any(['can-edit', 'can-view'], [$file, null])) {
abort(403, 'Access Denied');
}
src/Domain/Files/Controllers/FileAccess/VisitorGetFileController.php
+10 -1
View File
@@ -2,6 +2,7 @@
namespace Domain\Files\Controllers\FileAccess;
use Domain\Files\Models\File;
use Illuminate\Http\Response;
use Domain\Sharing\Models\Share;
use App\Http\Controllers\Controller;
use Domain\Files\Actions\DownloadFileAction;
@@ -26,7 +27,15 @@ class VisitorGetFileController extends Controller
public function __invoke(
$filename,
Share $shared,
): BinaryFileResponse {
): BinaryFileResponse|Response {
// Check if user can download file
if (! $shared->user->canDownload()) {
return response([
'type' => 'error',
'message' => 'This user action is not allowed.',
], 401);
}
// Check ability to access protected share files
($this->protectShareRecord)($shared);