nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-17 15:52:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

added SharedFileAccessContentController

Browse Source
This commit is contained in:
Peter Papp
2021-03-14 13:25:35 +01:00
parent 9297eae1d7
commit 380a588b0a
6 changed files with 208 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

173
app/Http/Controllers/FileAccessController.php
View File

@@ -88,7 +88,7 @@ class FileAccessController extends Controller
(int)$file->getRawOriginal('filesize')
);
return $this->download_file($file, Auth::id());
return $this->helper->download_file($file, Auth::id());
}
/**
@@ -120,73 +120,6 @@ class FileAccessController extends Controller
]);
}
/**
* Get generated zip for guest
*
* @param $id
* @param $token
* @return \Symfony\Component\HttpFoundation\StreamedResponse
*/
public function get_zip_public($id, $token)
{
$disk = Storage::disk('local');
$zip = Zip::where('id', $id)
->where('shared_token', $token)
->first();
$zip
->user
->record_download(
$disk->size("zip/$zip->basename")
);
return $disk
->download("zip/$zip->basename", $zip->basename, [
"Content-Type" => 'application/zip',
"Content-Length" => $disk->size("zip/$zip->basename"),
"Accept-Ranges" => "bytes",
"Content-Range" => "bytes 0-600/" . $disk->size("zip/$zip->basename"),
"Content-Disposition" => "attachment; filename=" . $zip->basename,
]);
}
/**
* Get file public
*
* @param $filename
* @param $token
* @return mixed
* @throws \Illuminate\Contracts\Filesystem\FileNotFoundException
*/
public function get_file_public($filename, $token)
{
// Get sharing record
$shared = get_shared($token);
// Abort if shared is protected
if ((int)$shared->is_protected) {
abort(403, "Sorry, you don't have permission");
}
// Get file record
$file = UserFile::where('user_id', $shared->user_id)
->where('basename', $filename)
->firstOrFail();
// Check file access
$this->check_file_access($shared, $file);
// Store user download size
$shared
->user
->record_download(
(int)$file->getRawOriginal('filesize')
);
return $this->download_file($file, $shared->user_id);
}
/**
* Get image thumbnail
*
@@ -208,108 +141,6 @@ class FileAccessController extends Controller
$this->check_file_access($request, $file);
}*/
return $this->thumbnail_file($file, Auth::id());
}
/**
* Get public image thumbnail
*
* @param $filename
* @param $token
* @return mixed
* @throws \Illuminate\Contracts\Filesystem\FileNotFoundException
*/
public function get_thumbnail_public($filename, $token)
{
// Get sharing record
$shared = get_shared($token);
// Abort if thumbnail is protected
if ((int)$shared->protected) {
abort(403, "Sorry, you don't have permission");
}
// Get file record
$file = UserFile::where('user_id', $shared->user_id)
->where('thumbnail', $filename)
->firstOrFail();
// Check file access
$this->check_file_access($shared, $file);
// Store user download size
$shared
->user
->record_download(
(int)$file->getRawOriginal('filesize')
);
return $this->thumbnail_file($file, $shared->user_id);
}
/**
* Check user file access
*
* @param $shared
* @param $file
*/
protected function check_file_access($shared, $file): void
{
// Check by parent folder permission
if ($shared->type === 'folder') {
$this->helper->check_item_access($file->folder_id, $shared);
}
// Check by single file permission
if ($shared->type === 'file') {
if ($shared->item_id !== $file->id) abort(403);
}
}
/**
* Call and download file
*
* @param $file
* @param $user_id
* @return mixed
*/
private function download_file($file, $user_id)
{
// Get file path
$path = "files/$user_id/$file->basename";
// Check if file exist
if (!Storage::exists($path)) {
abort(404);
}
// Get pretty name
$pretty_name = get_pretty_name($file->basename, $file->name, $file->mimetype);
return response()
->download(Storage::path($path), $pretty_name, [
"Accept-Ranges" => "bytes",
"Content-Type" => Storage::mimeType($path),
"Content-Length" => Storage::size($path),
"Content-Range" => "bytes 0-600/" . Storage::size($path),
"Content-Disposition" => "attachment; filename=$pretty_name",
]);
}
/**
* @param $file
* @param $user_id
* @return mixed
*/
private function thumbnail_file($file, $user_id)
{
// Get file path
$path = "/files/$user_id/{$file->getRawOriginal('thumbnail')}";
// Check if file exist
if (!Storage::exists($path)) abort(404);
// Return image thumbnail
return Storage::download($path, $file->getRawOriginal('thumbnail'));
return $this->helper->download_thumbnail_file($file, Auth::id());
}
}

11
app/Http/Controllers/Sharing/ShareEditContentController.php Normal file
View File

@@ -0,0 +1,11 @@
<?php
namespace App\Http\Controllers\Sharing;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class ShareEditContentController extends Controller
{
//
}

123
app/Http/Controllers/Sharing/SharedFileAccessContentController.php Normal file
View File

@@ -0,0 +1,123 @@
<?php
namespace App\Http\Controllers\Sharing;
use App\Http\Controllers\Controller;
use App\Models\File as UserFile;
use App\Models\Zip;
use App\Services\HelperService;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Storage;
class SharedFileAccessContentController extends Controller
{
private $helper;
public function __construct()
{
$this->helper = resolve(HelperService::class);
}
/**
* Get generated zip for guest
*
* @param $id
* @param $token
* @return \Symfony\Component\HttpFoundation\StreamedResponse
*/
public function get_zip_public($id, $token)
{
$disk = Storage::disk('local');
$zip = Zip::where('id', $id)
->where('shared_token', $token)
->first();
$zip
->user
->record_download(
$disk->size("zip/$zip->basename")
);
return $disk
->download("zip/$zip->basename", $zip->basename, [
"Content-Type" => 'application/zip',
"Content-Length" => $disk->size("zip/$zip->basename"),
"Accept-Ranges" => "bytes",
"Content-Range" => "bytes 0-600/" . $disk->size("zip/$zip->basename"),
"Content-Disposition" => "attachment; filename=" . $zip->basename,
]);
}
/**
* Get file public
*
* @param $filename
* @param $token
* @return mixed
* @throws \Illuminate\Contracts\Filesystem\FileNotFoundException
*/
public function get_file_public($filename, $token)
{
// Get sharing record
$shared = get_shared($token);
// Abort if shared is protected
if ((int)$shared->is_protected) {
abort(403, "Sorry, you don't have permission");
}
// Get file record
$file = UserFile::where('user_id', $shared->user_id)
->where('basename', $filename)
->firstOrFail();
// Check file access
$this->helper->check_file_access($shared, $file);
// Store user download size
$shared
->user
->record_download(
(int)$file->getRawOriginal('filesize')
);
return $this->helper->download_file($file, $shared->user_id);
}
/**
* Get public image thumbnail
*
* @param $filename
* @param $token
* @return mixed
* @throws \Illuminate\Contracts\Filesystem\FileNotFoundException
*/
public function get_thumbnail_public($filename, $token)
{
// Get sharing record
$shared = get_shared($token);
// Abort if thumbnail is protected
if ((int)$shared->is_protected) {
abort(403, "Sorry, you don't have permission");
}
// Get file record
$file = UserFile::where('user_id', $shared->user_id)
->where('thumbnail', $filename)
->firstOrFail();
// Check file access
$this->helper->check_file_access($shared, $file);
// Store user download size
$shared
->user
->record_download(
(int)$file->getRawOriginal('filesize')
);
return $this->helper->thumbnail_file($file, $shared->user_id);
}
}

6
app/Services/FileManagerService.php
View File

@@ -2,24 +2,18 @@
namespace App\Services;
use App;
use App\Models\Folder;
use App\Models\Share;
use App\Models\File as UserFile;
use App\Http\Requests\FileFunctions\RenameItemRequest;
use App\Models\User;
use App\Models\Zip;
use Aws\Exception\MultipartUploadException;
use Aws\S3\MultipartUploader;
use Carbon\Carbon;
use DB;
use Illuminate\Support\Arr;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\File;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Storage;
use Illuminate\Support\Str;
use Intervention\Image\ImageManagerStatic as Image;
use League\Flysystem\FileNotFoundException;
use Madnest\Madzipper\Facades\Madzipper;
use Symfony\Component\HttpKernel\Exception\HttpException;

68
app/Services/HelperService.php
View File

@@ -69,6 +69,27 @@ class HelperService
}
}
/**
* Check user file access
*
* @param $shared
* @param $file
*/
public function check_file_access($shared, $file): void
{
// Check by parent folder permission
if ($shared->type === 'folder') {
$this->check_item_access($file->folder_id, $shared);
}
// Check by single file permission
if ($shared->type === 'file') {
if ($shared->item_id !== $file->id) {
abort(403);
}
}
}
/**
* Check if user has enough space to upload file
*
@@ -198,4 +219,51 @@ class HelperService
return $thumbnail ?? null;
}
/**
* Call and download file
*
* @param $file
* @param $user_id
* @return mixed
*/
function download_file($file, $user_id)
{
// Get file path
$path = "files/$user_id/$file->basename";
// Check if file exist
if (!Storage::exists($path)) {
abort(404);
}
// Get pretty name
$pretty_name = get_pretty_name($file->basename, $file->name, $file->mimetype);
return response()
->download(Storage::path($path), $pretty_name, [
"Accept-Ranges" => "bytes",
"Content-Type" => Storage::mimeType($path),
"Content-Length" => Storage::size($path),
"Content-Range" => "bytes 0-600/" . Storage::size($path),
"Content-Disposition" => "attachment; filename=$pretty_name",
]);
}
/**
* @param $file
* @param $user_id
* @return mixed
*/
function download_thumbnail_file($file, $user_id)
{
// Get file path
$path = "/files/$user_id/{$file->getRawOriginal('thumbnail')}";
// Check if file exist
if (!Storage::exists($path)) abort(404);
// Return image thumbnail
return Storage::download($path, $file->getRawOriginal('thumbnail'));
}
}

7
routes/file.php
View File

@@ -2,14 +2,15 @@
// Get avatars and system images
use App\Http\Controllers\FileAccessController;
use App\Http\Controllers\Sharing\SharedFileAccessContentController;
Route::get('/avatars/{avatar}', [FileAccessController::class, 'get_avatar'])->name('avatar');
Route::get('/system/{image}', [FileAccessController::class, 'get_system_image']);
// Get public thumbnails and files
Route::get('/thumbnail/{name}/public/{token}', [FileAccessController::class, 'get_thumbnail_public']);
Route::get('/file/{name}/public/{token}', [FileAccessController::class, 'get_file_public']);
Route::get('/zip/{id}/public/{token}', [FileAccessController::class, 'get_zip_public'])->name('zip_public');
Route::get('/thumbnail/{name}/public/{token}', [SharedFileAccessContentController::class, 'get_thumbnail_public']);
Route::get('/file/{name}/public/{token}', [SharedFileAccessContentController::class, 'get_file_public']);
Route::get('/zip/{id}/public/{token}', [SharedFileAccessContentController::class, 'get_zip_public'])->name('zip_public');
// User master,editor,visitor access to image thumbnails and file downloads
Route::group(['middleware' => ['auth:sanctum']], function () {