nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-05 18:23:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

- protect edition of team folder from team member

Browse Source 
- zip migration deleted
This commit is contained in:
Čarodej
2021-10-22 08:08:56 +02:00
parent 07b249346b
commit 2aac3fc966
7 changed files with 588 additions and 524 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
database/migrations/2020_12_13_155309_create_zips_table.php
View File

@@ -1,36 +0,0 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateZipsTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('zips', function (Blueprint $table) {
$table->uuid('id')->primary()->index();
$table->uuid('user_id')->index();
$table->string('shared_token')->nullable()->index();
$table->text('basename');
$table->timestamps();
$table->charset = 'utf8mb4';
$table->collation = 'utf8mb4_unicode_ci';
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('zips');
}
}

64
public/mix-manifest.json
View File

@@ -6,10 +6,10 @@
"/chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/app-index~chu~c7a13fb0.js": "/chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/app-index~chu~c7a13fb0.js?id=cc4e634592b43fb340ef",
"/chunks/admin-account~chunks/app-setup~chunks/billings-detail~chunks/create-new-password~chunks/datab~39825672.js": "/chunks/admin-account~chunks/app-setup~chunks/billings-detail~chunks/create-new-password~chunks/datab~39825672.js?id=a51f6b3af124e33c8145",
"/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~3e4fdd8b.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~3e4fdd8b.js?id=df6ace416e23038cf96c",
"/chunks/admin~chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-item~6fce3876.js": "/chunks/admin~chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-item~6fce3876.js?id=30e05c5dd952014aaa20",
"/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~26d67489.js": "/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~26d67489.js?id=a6df26d40ea7cbcc269e",
"/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~d04310d2.js": "/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~d04310d2.js?id=e73d42bef2b856c254c5",
"/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~f312a84e.js": "/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~f312a84e.js?id=95e7532b565d7dfe415a",
"/chunks/admin~chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-item~9b68162c.js": "/chunks/admin~chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-item~9b68162c.js?id=556460202edd9a6086fe",
"/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~673d1ac3.js": "/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~673d1ac3.js?id=c01cde1da36dcd859bed",
"/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~97130d1f.js": "/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~97130d1f.js?id=23023a327ee0b32a7f1f",
"/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~1bec6fe4.js": "/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~1bec6fe4.js?id=2483e956635c6b940795",
"/chunks/admin~chunks/platform.js": "/chunks/admin~chunks/platform.js?id=7dff2be7cf41d68d61a7",
"/chunks/admin~chunks/platform~chunks/settings.js": "/chunks/admin~chunks/platform~chunks/settings.js?id=4ce25ba9fc9ba54b7f6d",
"/chunks/admin~chunks/platform~chunks/settings~chunks/shared.js": "/chunks/admin~chunks/platform~chunks/settings~chunks/shared.js?id=6b1ace4a084d5caf5184",
@@ -22,7 +22,7 @@
"/chunks/app-index.js": "/chunks/app-index.js?id=ffe3ffd09b3af48af118",
"/chunks/app-language.js": "/chunks/app-language.js?id=43d4f1e101d361842338",
"/chunks/app-language~chunks/app-settings~chunks/dashboard~chunks/invoices~chunks/page-edit~chunks/pag~824d674f.js": "/chunks/app-language~chunks/app-settings~chunks/dashboard~chunks/invoices~chunks/page-edit~chunks/pag~824d674f.js?id=69473963e94fb4243e51",
"/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-items~chunks/page~432c06d3.js": "/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-items~chunks/page~432c06d3.js?id=7cfb842b79a26fb8926c",
"/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-items~chunks/page~7dbb6a42.js": "/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-items~chunks/page~7dbb6a42.js?id=edf36a5ddf8f6705f7e4",
"/chunks/app-others.js": "/chunks/app-others.js?id=78020d42e549be2efb6c",
"/chunks/app-payments.js": "/chunks/app-payments.js?id=e3dc5777451095bf53a5",
"/chunks/app-settings.js": "/chunks/app-settings.js?id=1852ee5f1ae3e9ac6a31",
@@ -38,12 +38,12 @@
"/chunks/email-verified.js": "/chunks/email-verified.js?id=fcd5cda7addbe97141de",
"/chunks/environment-setup.js": "/chunks/environment-setup.js?id=84fcc1064e39ac137752",
"/chunks/files.js": "/chunks/files.js?id=abc8f11fd49f9baed8a3",
"/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared/files~chunks~ad7e36b9.js": "/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared/files~chunks~ad7e36b9.js?id=197f3be047056c0fce7b",
"/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~chunks/share~b068369d.js": "/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~chunks/share~b068369d.js?id=ef9eab8b3083c1900533",
"/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/settings-subscription~chunks/shared~ab58556a.js": "/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/settings-subscription~chunks/shared~ab58556a.js?id=d5e194275d85e366084e",
"/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared/files~chunks/shared/single-f~f04cfcbc.js": "/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared/files~chunks/shared/single-f~f04cfcbc.js?id=7d0727c19f28229a13ff",
"/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared/files~chunks/team-folders~ch~ba7d6097.js": "/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared/files~chunks/team-folders~ch~ba7d6097.js?id=7392d5c1fbcabc7641e2",
"/chunks/files~chunks/shared/files~chunks/team-folders.js": "/chunks/files~chunks/shared/files~chunks/team-folders.js?id=b0996b2244feabc637da",
"/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared-with-me~chun~fd99312c.js": "/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared-with-me~chun~fd99312c.js?id=42944aee3313456a7e1c",
"/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~chunks/share~c7960950.js": "/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~chunks/share~c7960950.js?id=373ceb601d388f0872d3",
"/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/settings-subscription~chunks/shared~f3cd1a63.js": "/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/settings-subscription~chunks/shared~f3cd1a63.js?id=93200e8f38e44f4b59f0",
"/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared-with-me~chunks/shared/files~~34b5eb22.js": "/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared-with-me~chunks/shared/files~~34b5eb22.js?id=eb119943f935f9ec4c66",
"/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared-with-me~chunks/shared/files~~bf3ddedc.js": "/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared-with-me~chunks/shared/files~~bf3ddedc.js?id=d764385b104ca8009e36",
"/chunks/files~chunks/shared-with-me~chunks/shared/files~chunks/team-folders.js": "/chunks/files~chunks/shared-with-me~chunks/shared/files~chunks/team-folders.js?id=fbf0381594bdcd60f933",
"/chunks/forgotten-password.js": "/chunks/forgotten-password.js?id=a0e9489eeb40a00f1637",
"/chunks/homepage.js": "/chunks/homepage.js?id=60205e6b1b7f0f0fed45",
"/chunks/installation-disclaimer.js": "/chunks/installation-disclaimer.js?id=47f4044131273770fe6f",
@@ -59,7 +59,7 @@
"/chunks/plan-subscribers.js": "/chunks/plan-subscribers.js?id=2bdbb5f9141052aaaa3d",
"/chunks/plans.js": "/chunks/plans.js?id=a3a16f546521050656fb",
"/chunks/platform.js": "/chunks/platform.js?id=ecc47ed750bef78f68e8",
"/chunks/platform~chunks/shared.js": "/chunks/platform~chunks/shared.js?id=a32b7db311613c63769e",
"/chunks/platform~chunks/shared.js": "/chunks/platform~chunks/shared.js?id=e914b8a5e845646456c3",
"/chunks/profile.js": "/chunks/profile.js?id=91ea55260c78ea4e7abd",
"/chunks/profile~chunks/settings-password.js": "/chunks/profile~chunks/settings-password.js?id=7b80324eef831d31e3e8",
"/chunks/purchase-code.js": "/chunks/purchase-code.js?id=26a3951e09a8862d8dc2",
@@ -74,6 +74,7 @@
"/chunks/settings~chunks/settings-password.js": "/chunks/settings~chunks/settings-password.js?id=9ce23d68ab14cd3672cf",
"/chunks/setup-wizard.js": "/chunks/setup-wizard.js?id=651d5accf401908724c5",
"/chunks/shared.js": "/chunks/shared.js?id=30e37fcce9200fc20803",
"/chunks/shared-with-me.js": "/chunks/shared-with-me.js?id=8e2cbd8ee04cc259c3ef",
"/chunks/shared/authenticate.js": "/chunks/shared/authenticate.js?id=ac50ab7649bad5d43867",
"/chunks/shared/files.js": "/chunks/shared/files.js?id=f7d29daa21fc7df5fb8d",
"/chunks/shared/single-file.js": "/chunks/shared/single-file.js?id=8b19e65b3ef9aaef449e",
@@ -99,41 +100,8 @@
"/chunks/users.js": "/chunks/users.js?id=7d9943d8ddfc63d92d7f",
"/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~25aaad73.js": "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~25aaad73.js?id=0de519ac9b2c2754e0c2",
"/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~81c8aec0.js": "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~81c8aec0.js?id=ca3b57f70682c1c315f7",
"/vendors~chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunk~3c02639c.js": "/vendors~chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunk~3c02639c.js?id=e31953d811b86273037b",
"/vendors~chunks/admin~chunks/platform~chunks/settings~chunks/shared.js": "/vendors~chunks/admin~chunks/platform~chunks/settings~chunks/shared.js?id=90d4a5c68188a1bbce59",
"/js/main.7506b7c7052fac2f10a1.hot-update.js": "/js/main.7506b7c7052fac2f10a1.hot-update.js",
"/chunks/shared.fa7768522abf1a7d54b3.hot-update.js": "/chunks/shared.fa7768522abf1a7d54b3.hot-update.js",
"/chunks/shared.aba44bfa0d41183c7606.hot-update.js": "/chunks/shared.aba44bfa0d41183c7606.hot-update.js",
"/chunks/shared.99c9a6c9787fabd5fae7.hot-update.js": "/chunks/shared.99c9a6c9787fabd5fae7.hot-update.js",
"/chunks/shared.223373c5dc20fac518ee.hot-update.js": "/chunks/shared.223373c5dc20fac518ee.hot-update.js",
"/chunks/shared/authenticate.b754c3efa0f6d09c6d5d.hot-update.js": "/chunks/shared/authenticate.b754c3efa0f6d09c6d5d.hot-update.js",
"/chunks/shared/authenticate.f99485cf74326346a8b1.hot-update.js": "/chunks/shared/authenticate.f99485cf74326346a8b1.hot-update.js",
"/chunks/shared.56ccba53201e5195af28.hot-update.js": "/chunks/shared.56ccba53201e5195af28.hot-update.js",
"/chunks/shared.4d20e6443aee96d57755.hot-update.js": "/chunks/shared.4d20e6443aee96d57755.hot-update.js",
"/chunks/shared.231c37d4d932d493e5ba.hot-update.js": "/chunks/shared.231c37d4d932d493e5ba.hot-update.js",
"/js/main.88844afbc713230b2ac6.hot-update.js": "/js/main.88844afbc713230b2ac6.hot-update.js",
"/js/main.f20ab3eb1934b88b78bf.hot-update.js": "/js/main.f20ab3eb1934b88b78bf.hot-update.js",
"/chunks/admin~chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-item~9b68162c.js": "/chunks/admin~chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-item~9b68162c.js?id=556460202edd9a6086fe",
"/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~673d1ac3.js": "/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~673d1ac3.js?id=c01cde1da36dcd859bed",
"/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~97130d1f.js": "/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/settin~97130d1f.js?id=23023a327ee0b32a7f1f",
"/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~1bec6fe4.js": "/chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~1bec6fe4.js?id=2483e956635c6b940795",
"/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-items~chunks/page~7dbb6a42.js": "/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/my-shared-items~chunks/page~7dbb6a42.js?id=edf36a5ddf8f6705f7e4",
"/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared-with-me~chun~fd99312c.js": "/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared-with-me~chun~fd99312c.js?id=42944aee3313456a7e1c",
"/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~chunks/share~c7960950.js": "/chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunks/shared~chunks/share~c7960950.js?id=373ceb601d388f0872d3",
"/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/settings-subscription~chunks/shared~f3cd1a63.js": "/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/settings-subscription~chunks/shared~f3cd1a63.js?id=93200e8f38e44f4b59f0",
"/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared-with-me~chunks/shared/files~~34b5eb22.js": "/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared-with-me~chunks/shared/files~~34b5eb22.js?id=eb119943f935f9ec4c66",
"/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared-with-me~chunks/shared/files~~bf3ddedc.js": "/chunks/files~chunks/my-shared-items~chunks/recent-uploads~chunks/shared-with-me~chunks/shared/files~~bf3ddedc.js?id=d764385b104ca8009e36",
"/chunks/files~chunks/shared-with-me~chunks/shared/files~chunks/team-folders.js": "/chunks/files~chunks/shared-with-me~chunks/shared/files~chunks/team-folders.js?id=fbf0381594bdcd60f933",
"/chunks/shared-with-me.js": "/chunks/shared-with-me.js?id=8e2cbd8ee04cc259c3ef",
"/vendors~chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunk~40ccbae3.js": "/vendors~chunks/admin~chunks/files~chunks/my-shared-items~chunks/platform~chunks/recent-uploads~chunk~40ccbae3.js?id=37ce1e1ab9968c100712",
"/js/main.9d081c43dda89cccca63.hot-update.js": "/js/main.9d081c43dda89cccca63.hot-update.js",
"/chunks/shared-with-me.9d081c43dda89cccca63.hot-update.js": "/chunks/shared-with-me.9d081c43dda89cccca63.hot-update.js",
"/js/main.15713ba41c25f6bd5f72.hot-update.js": "/js/main.15713ba41c25f6bd5f72.hot-update.js",
"/chunks/shared-with-me.15713ba41c25f6bd5f72.hot-update.js": "/chunks/shared-with-me.15713ba41c25f6bd5f72.hot-update.js",
"/js/main.028cd308790f8e3e1d76.hot-update.js": "/js/main.028cd308790f8e3e1d76.hot-update.js",
"/chunks/shared-with-me.48ff296470c6c8d9c8e1.hot-update.js": "/chunks/shared-with-me.48ff296470c6c8d9c8e1.hot-update.js",
"/chunks/shared-with-me.45f55a938be68c52688f.hot-update.js": "/chunks/shared-with-me.45f55a938be68c52688f.hot-update.js",
"/chunks/shared-with-me.6eea1ed760d886c08ef8.hot-update.js": "/chunks/shared-with-me.6eea1ed760d886c08ef8.hot-update.js",
"/js/main.b938f61eef37f98d19fe.hot-update.js": "/js/main.b938f61eef37f98d19fe.hot-update.js",
"/js/main.a9db17282c61afba01bd.hot-update.js": "/js/main.a9db17282c61afba01bd.hot-update.js"
"/vendors~chunks/admin~chunks/platform~chunks/settings~chunks/shared.js": "/vendors~chunks/admin~chunks/platform~chunks/settings~chunks/shared.js?id=90d4a5c68188a1bbce59",
"/chunks/platform~chunks/shared.e201462e3461644fdd7c.hot-update.js": "/chunks/platform~chunks/shared.e201462e3461644fdd7c.hot-update.js",
"/chunks/platform~chunks/shared.7197b42fd1286b07967d.hot-update.js": "/chunks/platform~chunks/shared.7197b42fd1286b07967d.hot-update.js"
}

4
resources/js/components/FilesView/DesktopToolbar.vue
View File

@@ -40,11 +40,11 @@
<ToolbarGroup v-if="! $isMobile() && ! $isThisRoute($route, ['Public'])">
<!--Team Folder Icon-->
<PopoverWrapper v-if="$isThisRoute($route, ['TeamFolders'])">
<PopoverWrapper v-if="$isThisRoute($route, ['TeamFolders', 'SharedWithMe'])">
<TeamMembersButton @click.stop.native="showTeamFolderMenu" class="team-preview" />
<PopoverItem name="team-folder" side="left">
<TeamFolderPreview />
<OptionGroup>
<OptionGroup v-if="$isThisRoute($route, ['TeamFolders'])">
<Option @click.native="$updateTeamFolder(teamFolder)" :title="$t('Edit Members')" icon="rename" />
<Option @click.native="$dissolveTeamFolder(teamFolder)" :title="$t('Dissolve Team')" icon="trash" />
</OptionGroup>

10
src/App/Providers/AuthServiceProvider.php
View File

@@ -7,7 +7,6 @@ use Domain\Files\Models\File;
use Domain\Sharing\Models\Share;
use Domain\Folders\Models\Folder;
use Illuminate\Support\Facades\Gate;
use Domain\Sharing\Actions\ProtectShareRecordAction;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
class AuthServiceProvider extends ServiceProvider
@@ -33,7 +32,7 @@ class AuthServiceProvider extends ServiceProvider
// Define admin maintenance gate
Gate::define('maintenance', fn ($user) => $user->role === 'admin');
// Define user ability
// Define user ability to edit file or folder
collect(['can-edit', 'can-visit'])
->each(function ($ability) {
Gate::define($ability, function (?User $user, File | Folder $item, ?Share $share) use ($ability) {
@@ -51,6 +50,13 @@ class AuthServiceProvider extends ServiceProvider
return $this->team_member_guard($item, $user, $ability);
});
});
// Define owner of file or folder
Gate::define('owner', function (?User $user, File | Folder $item) {
// Check user owner status
return $user?->id === $item->user_id;
});
}
private function share_guard(Share $share, Folder | File $item): bool

4
src/Domain/Teams/Controllers/TeamFoldersController.php
View File

@@ -76,6 +76,8 @@ class TeamFoldersController extends Controller
UpdateInvitationsAction $updateInvitations,
UpdateMembersAction $updateMembers,
): ResponseFactory | Response {
$this->authorize('owner', $folder);
$updateInvitations(
$folder,
$request->input('invitations')
@@ -91,6 +93,8 @@ class TeamFoldersController extends Controller
public function destroy(Folder $folder): ResponseFactory | Response
{
$this->authorize('owner', $folder);
// Delete existing invitations
DB::table('team_folder_invitations')
->where('parent_id', $folder->id)

558
tests/Domain/Teams/TeamManagementTest.php Normal file
View File

@@ -0,0 +1,558 @@
<?php
namespace Tests\Domain\Teams;
use App\Users\Models\User;
use Domain\Folders\Models\Folder;
use Domain\Teams\Models\TeamFolderInvitation;
use Domain\Teams\Notifications\InvitationIntoTeamFolder;
use Illuminate\Support\Facades\DB;
use Notification;
use Tests\TestCase;
class TeamManagementTest extends TestCase
{
/**
* @test
*/
public function it_accept_team_folder_invite()
{
$member = User::factory(User::class)
->create([
'email' => 'john@internal.com',
]);
$folder = Folder::factory()
->create();
$invitation = TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'email' => $member->email,
'status' => 'pending',
'permission' => 'can-edit',
]);
$this
->actingAs($member)
->putJson("/api/teams/invitations/{$invitation->id}")
->assertNoContent();
$this
->assertDatabaseHas('team_folder_invitations', [
'parent_id' => $folder->id,
'status' => 'accepted',
])
->assertDatabaseHas('team_folder_members', [
'parent_id' => $folder->id,
'user_id' => $member->id,
'permission' => 'can-edit',
]);
}
/**
* @test
*/
public function it_reject_team_folder_invite()
{
$member = User::factory(User::class)
->create([
'email' => 'john@internal.com',
]);
$folder = Folder::factory()
->create();
$invitation = TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'email' => $member->email,
'status' => 'pending',
'permission' => 'can-edit',
]);
$this
->actingAs($member)
->deleteJson("/api/teams/invitations/{$invitation->id}")
->assertNoContent();
$this
->assertDatabaseHas('team_folder_invitations', [
'parent_id' => $folder->id,
'status' => 'rejected',
])
->assertDatabaseMissing('team_folder_members', [
'parent_id' => $folder->id,
'user_id' => $member->id,
]);
}
/**
* @test
*/
public function it_invite_member_into_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-edit',
'email' => 'existing@member.com',
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [
[
'id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'id' => $members[1]->id,
'permission' => 'can-edit',
],
],
'invitations' => [
[
'id' => null,
'email' => 'existing@member.com',
'permission' => 'can-edit',
],
[
'id' => null,
'email' => 'added@member.com',
'permission' => 'can-view',
],
],
])
->assertCreated();
$this
->assertDatabaseCount('team_folder_members', 2)
->assertDatabaseCount('team_folder_invitations', 2)
->assertDatabaseHas('team_folder_invitations', [
'email' => 'added@member.com',
'permission' => 'can-view',
]);
Notification::assertTimesSent(1, InvitationIntoTeamFolder::class);
}
/**
* @test
*/
public function it_delete_invited_member_from_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-edit',
'email' => 'deleted@member.com',
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-edit',
'email' => 'existing@member.com',
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [
[
'id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'id' => $members[1]->id,
'permission' => 'can-view',
],
],
'invitations' => [
[
'id' => null,
'email' => 'existing@member.com',
'permission' => 'can-view',
],
],
])
->assertCreated();
$this
->assertDatabaseCount('team_folder_members', 2)
->assertDatabaseCount('team_folder_invitations', 1)
->assertDatabaseHas('team_folder_invitations', [
'email' => 'existing@member.com',
]);
}
/**
* @test
*/
public function it_remove_member_from_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [
[
'id' => $members[0]->id,
'permission' => 'can-edit',
],
],
'invitations' => [],
])
->assertCreated();
$this
->assertDatabaseCount('team_folder_members', 1)
->assertDatabaseMissing('team_folder_members', [
'user_id' => $members[1]->id,
]);
}
/**
* @test
*/
public function it_update_invited_member_permission_in_team_folder()
{
$user = User::factory(User::class)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-view',
'email' => 'existing@member.com',
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [],
'invitations' => [
[
'id' => null,
'email' => 'existing@member.com',
'permission' => 'can-edit',
],
],
])
->assertCreated();
$this
->assertDatabaseCount('team_folder_members', 0)
->assertDatabaseCount('team_folder_invitations', 1)
->assertDatabaseHas('team_folder_invitations', [
'email' => 'existing@member.com',
'permission' => 'can-edit',
]);
Notification::assertTimesSent(0, InvitationIntoTeamFolder::class);
}
/**
* @test
*/
public function it_update_member_permission_in_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [
[
'id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'id' => $members[1]->id,
'permission' => 'can-view',
],
],
'invitations' => [],
])
->assertCreated();
$this->assertDatabaseHas('team_folder_members', [
'user_id' => $members[1]->id,
'permission' => 'can-view',
]);
}
/**
* @test
*/
public function member_try_update_permission_in_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs(
User::find($members[0]->id)
)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [
[
'id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'id' => $members[1]->id,
'permission' => 'can-view',
],
],
'invitations' => [],
])
->assertForbidden();
$this->assertDatabaseHas('team_folder_members', [
'user_id' => $members[1]->id,
'permission' => 'can-edit',
]);
}
/**
* @test
*/
public function it_dissolve_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-edit',
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->deleteJson("/api/teams/folders/{$folder->id}")
->assertNoContent();
$this
->assertDatabaseCount('team_folder_members', 0)
->assertDatabaseCount('team_folder_invitations', 0);
}
/**
* @test
*/
public function member_try_dissolve_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-edit',
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs(
User::find($members[0]->id)
)
->deleteJson("/api/teams/folders/{$folder->id}")
->assertForbidden();
$this
->assertDatabaseCount('team_folder_members', 2)
->assertDatabaseCount('team_folder_invitations', 1);
}
}

436
tests/Domain/Teams/TeamsTest.php
View File

@@ -125,442 +125,6 @@ class TeamsTest extends TestCase
Notification::assertTimesSent(2, InvitationIntoTeamFolder::class);
}
/**
* @test
*/
public function it_accept_team_folder_invite()
{
$member = User::factory(User::class)
->create([
'email' => 'john@internal.com',
]);
$folder = Folder::factory()
->create();
$invitation = TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'email' => $member->email,
'status' => 'pending',
'permission' => 'can-edit',
]);
$this
->actingAs($member)
->putJson("/api/teams/invitations/{$invitation->id}")
->assertNoContent();
$this
->assertDatabaseHas('team_folder_invitations', [
'parent_id' => $folder->id,
'status' => 'accepted',
])
->assertDatabaseHas('team_folder_members', [
'parent_id' => $folder->id,
'user_id' => $member->id,
'permission' => 'can-edit',
]);
}
/**
* @test
*/
public function it_reject_team_folder_invite()
{
$member = User::factory(User::class)
->create([
'email' => 'john@internal.com',
]);
$folder = Folder::factory()
->create();
$invitation = TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'email' => $member->email,
'status' => 'pending',
'permission' => 'can-edit',
]);
$this
->actingAs($member)
->deleteJson("/api/teams/invitations/{$invitation->id}")
->assertNoContent();
$this
->assertDatabaseHas('team_folder_invitations', [
'parent_id' => $folder->id,
'status' => 'rejected',
])
->assertDatabaseMissing('team_folder_members', [
'parent_id' => $folder->id,
'user_id' => $member->id,
]);
}
/**
* @test
*/
public function it_invite_member_into_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-edit',
'email' => 'existing@member.com',
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [
[
'id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'id' => $members[1]->id,
'permission' => 'can-edit',
],
],
'invitations' => [
[
'id' => null,
'email' => 'existing@member.com',
'permission' => 'can-edit',
],
[
'id' => null,
'email' => 'added@member.com',
'permission' => 'can-view',
],
],
])
->assertCreated();
$this
->assertDatabaseCount('team_folder_members', 2)
->assertDatabaseCount('team_folder_invitations', 2)
->assertDatabaseHas('team_folder_invitations', [
'email' => 'added@member.com',
'permission' => 'can-view',
]);
Notification::assertTimesSent(1, InvitationIntoTeamFolder::class);
}
/**
* @test
*/
public function it_delete_invited_member_from_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-edit',
'email' => 'deleted@member.com',
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-edit',
'email' => 'existing@member.com',
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [
[
'id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'id' => $members[1]->id,
'permission' => 'can-view',
],
],
'invitations' => [
[
'id' => null,
'email' => 'existing@member.com',
'permission' => 'can-view',
],
],
])
->assertCreated();
$this
->assertDatabaseCount('team_folder_members', 2)
->assertDatabaseCount('team_folder_invitations', 1)
->assertDatabaseHas('team_folder_invitations', [
'email' => 'existing@member.com',
]);
}
/**
* @test
*/
public function it_remove_member_from_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [
[
'id' => $members[0]->id,
'permission' => 'can-edit',
],
],
'invitations' => [],
])
->assertCreated();
$this
->assertDatabaseCount('team_folder_members', 1)
->assertDatabaseMissing('team_folder_members', [
'user_id' => $members[1]->id,
]);
}
/**
* @test
*/
public function it_update_invited_member_permission_in_team_folder()
{
$user = User::factory(User::class)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-view',
'email' => 'existing@member.com',
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [],
'invitations' => [
[
'id' => null,
'email' => 'existing@member.com',
'permission' => 'can-edit',
],
],
])
->assertCreated();
$this
->assertDatabaseCount('team_folder_members', 0)
->assertDatabaseCount('team_folder_invitations', 1)
->assertDatabaseHas('team_folder_invitations', [
'email' => 'existing@member.com',
'permission' => 'can-edit',
]);
Notification::assertTimesSent(0, InvitationIntoTeamFolder::class);
}
/**
* @test
*/
public function it_update_member_permission_in_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->patchJson("/api/teams/folders/{$folder->id}", [
'members' => [
[
'id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'id' => $members[1]->id,
'permission' => 'can-view',
],
],
'invitations' => [],
])
->assertCreated();
$this->assertDatabaseHas('team_folder_members', [
'user_id' => $members[1]->id,
'permission' => 'can-view',
]);
}
/**
* @test
*/
public function it_dissolve_team_folder()
{
$user = User::factory(User::class)
->create();
$members = User::factory(User::class)
->count(2)
->create();
$folder = Folder::factory()
->create([
'user_id' => $user->id,
'team_folder' => 1,
]);
TeamFolderInvitation::factory()
->create([
'parent_id' => $folder->id,
'status' => 'pending',
'permission' => 'can-edit',
]);
DB::table('team_folder_members')
->insert([
[
'parent_id' => $folder->id,
'user_id' => $members[0]->id,
'permission' => 'can-edit',
],
[
'parent_id' => $folder->id,
'user_id' => $members[1]->id,
'permission' => 'can-edit',
],
]);
$this
->actingAs($user)
->deleteJson("/api/teams/folders/{$folder->id}")
->assertNoContent();
$this
->assertDatabaseCount('team_folder_members', 0)
->assertDatabaseCount('team_folder_invitations', 0);
}
/**
* @test
*/