diff --git a/app/Http/Controllers/FileAccessController.php b/app/Http/Controllers/FileAccessController.php index 0155fa59..30a33f99 100644 --- a/app/Http/Controllers/FileAccessController.php +++ b/app/Http/Controllers/FileAccessController.php @@ -88,7 +88,7 @@ class FileAccessController extends Controller (int)$file->getRawOriginal('filesize') ); - return $this->download_file($file, Auth::id()); + return $this->helper->download_file($file, Auth::id()); } /** @@ -120,73 +120,6 @@ class FileAccessController extends Controller ]); } - /** - * Get generated zip for guest - * - * @param $id - * @param $token - * @return \Symfony\Component\HttpFoundation\StreamedResponse - */ - public function get_zip_public($id, $token) - { - $disk = Storage::disk('local'); - - $zip = Zip::where('id', $id) - ->where('shared_token', $token) - ->first(); - - $zip - ->user - ->record_download( - $disk->size("zip/$zip->basename") - ); - - return $disk - ->download("zip/$zip->basename", $zip->basename, [ - "Content-Type" => 'application/zip', - "Content-Length" => $disk->size("zip/$zip->basename"), - "Accept-Ranges" => "bytes", - "Content-Range" => "bytes 0-600/" . $disk->size("zip/$zip->basename"), - "Content-Disposition" => "attachment; filename=" . $zip->basename, - ]); - } - - /** - * Get file public - * - * @param $filename - * @param $token - * @return mixed - * @throws \Illuminate\Contracts\Filesystem\FileNotFoundException - */ - public function get_file_public($filename, $token) - { - // Get sharing record - $shared = get_shared($token); - - // Abort if shared is protected - if ((int)$shared->is_protected) { - abort(403, "Sorry, you don't have permission"); - } - - // Get file record - $file = UserFile::where('user_id', $shared->user_id) - ->where('basename', $filename) - ->firstOrFail(); - - // Check file access - $this->check_file_access($shared, $file); - - // Store user download size - $shared - ->user - ->record_download( - (int)$file->getRawOriginal('filesize') - ); - - return $this->download_file($file, $shared->user_id); - } - /** * Get image thumbnail * @@ -208,108 +141,6 @@ class FileAccessController extends Controller $this->check_file_access($request, $file); }*/ - return $this->thumbnail_file($file, Auth::id()); - } - - /** - * Get public image thumbnail - * - * @param $filename - * @param $token - * @return mixed - * @throws \Illuminate\Contracts\Filesystem\FileNotFoundException - */ - public function get_thumbnail_public($filename, $token) - { - // Get sharing record - $shared = get_shared($token); - - // Abort if thumbnail is protected - if ((int)$shared->protected) { - abort(403, "Sorry, you don't have permission"); - } - - // Get file record - $file = UserFile::where('user_id', $shared->user_id) - ->where('thumbnail', $filename) - ->firstOrFail(); - - // Check file access - $this->check_file_access($shared, $file); - - // Store user download size - $shared - ->user - ->record_download( - (int)$file->getRawOriginal('filesize') - ); - - return $this->thumbnail_file($file, $shared->user_id); - } - - /** - * Check user file access - * - * @param $shared - * @param $file - */ - protected function check_file_access($shared, $file): void - { - // Check by parent folder permission - if ($shared->type === 'folder') { - $this->helper->check_item_access($file->folder_id, $shared); - } - - // Check by single file permission - if ($shared->type === 'file') { - if ($shared->item_id !== $file->id) abort(403); - } - } - - /** - * Call and download file - * - * @param $file - * @param $user_id - * @return mixed - */ - private function download_file($file, $user_id) - { - // Get file path - $path = "files/$user_id/$file->basename"; - - // Check if file exist - if (!Storage::exists($path)) { - abort(404); - } - - // Get pretty name - $pretty_name = get_pretty_name($file->basename, $file->name, $file->mimetype); - - return response() - ->download(Storage::path($path), $pretty_name, [ - "Accept-Ranges" => "bytes", - "Content-Type" => Storage::mimeType($path), - "Content-Length" => Storage::size($path), - "Content-Range" => "bytes 0-600/" . Storage::size($path), - "Content-Disposition" => "attachment; filename=$pretty_name", - ]); - } - - /** - * @param $file - * @param $user_id - * @return mixed - */ - private function thumbnail_file($file, $user_id) - { - // Get file path - $path = "/files/$user_id/{$file->getRawOriginal('thumbnail')}"; - - // Check if file exist - if (!Storage::exists($path)) abort(404); - - // Return image thumbnail - return Storage::download($path, $file->getRawOriginal('thumbnail')); + return $this->helper->download_thumbnail_file($file, Auth::id()); } } diff --git a/app/Http/Controllers/Sharing/ShareEditContentController.php b/app/Http/Controllers/Sharing/ShareEditContentController.php new file mode 100644 index 00000000..ccd5fe3c --- /dev/null +++ b/app/Http/Controllers/Sharing/ShareEditContentController.php @@ -0,0 +1,11 @@ +helper = resolve(HelperService::class); + } + + /** + * Get generated zip for guest + * + * @param $id + * @param $token + * @return \Symfony\Component\HttpFoundation\StreamedResponse + */ + public function get_zip_public($id, $token) + { + $disk = Storage::disk('local'); + + $zip = Zip::where('id', $id) + ->where('shared_token', $token) + ->first(); + + $zip + ->user + ->record_download( + $disk->size("zip/$zip->basename") + ); + + return $disk + ->download("zip/$zip->basename", $zip->basename, [ + "Content-Type" => 'application/zip', + "Content-Length" => $disk->size("zip/$zip->basename"), + "Accept-Ranges" => "bytes", + "Content-Range" => "bytes 0-600/" . $disk->size("zip/$zip->basename"), + "Content-Disposition" => "attachment; filename=" . $zip->basename, + ]); + } + + /** + * Get file public + * + * @param $filename + * @param $token + * @return mixed + * @throws \Illuminate\Contracts\Filesystem\FileNotFoundException + */ + public function get_file_public($filename, $token) + { + // Get sharing record + $shared = get_shared($token); + + // Abort if shared is protected + if ((int)$shared->is_protected) { + abort(403, "Sorry, you don't have permission"); + } + + // Get file record + $file = UserFile::where('user_id', $shared->user_id) + ->where('basename', $filename) + ->firstOrFail(); + + // Check file access + $this->helper->check_file_access($shared, $file); + + // Store user download size + $shared + ->user + ->record_download( + (int)$file->getRawOriginal('filesize') + ); + + return $this->helper->download_file($file, $shared->user_id); + } + + /** + * Get public image thumbnail + * + * @param $filename + * @param $token + * @return mixed + * @throws \Illuminate\Contracts\Filesystem\FileNotFoundException + */ + public function get_thumbnail_public($filename, $token) + { + // Get sharing record + $shared = get_shared($token); + + // Abort if thumbnail is protected + if ((int)$shared->is_protected) { + abort(403, "Sorry, you don't have permission"); + } + + // Get file record + $file = UserFile::where('user_id', $shared->user_id) + ->where('thumbnail', $filename) + ->firstOrFail(); + + // Check file access + $this->helper->check_file_access($shared, $file); + + // Store user download size + $shared + ->user + ->record_download( + (int)$file->getRawOriginal('filesize') + ); + + return $this->helper->thumbnail_file($file, $shared->user_id); + } +} diff --git a/app/Services/FileManagerService.php b/app/Services/FileManagerService.php index 87cfa4e6..5eda3ab7 100644 --- a/app/Services/FileManagerService.php +++ b/app/Services/FileManagerService.php @@ -2,24 +2,18 @@ namespace App\Services; -use App; use App\Models\Folder; use App\Models\Share; use App\Models\File as UserFile; use App\Http\Requests\FileFunctions\RenameItemRequest; use App\Models\User; use App\Models\Zip; -use Aws\Exception\MultipartUploadException; -use Aws\S3\MultipartUploader; -use Carbon\Carbon; use DB; use Illuminate\Support\Arr; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\File; -use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Storage; use Illuminate\Support\Str; -use Intervention\Image\ImageManagerStatic as Image; use League\Flysystem\FileNotFoundException; use Madnest\Madzipper\Facades\Madzipper; use Symfony\Component\HttpKernel\Exception\HttpException; diff --git a/app/Services/HelperService.php b/app/Services/HelperService.php index df1bfa50..1e47e020 100644 --- a/app/Services/HelperService.php +++ b/app/Services/HelperService.php @@ -69,6 +69,27 @@ class HelperService } } + /** + * Check user file access + * + * @param $shared + * @param $file + */ + public function check_file_access($shared, $file): void + { + // Check by parent folder permission + if ($shared->type === 'folder') { + $this->check_item_access($file->folder_id, $shared); + } + + // Check by single file permission + if ($shared->type === 'file') { + if ($shared->item_id !== $file->id) { + abort(403); + } + } + } + /** * Check if user has enough space to upload file * @@ -198,4 +219,51 @@ class HelperService return $thumbnail ?? null; } + + /** + * Call and download file + * + * @param $file + * @param $user_id + * @return mixed + */ + function download_file($file, $user_id) + { + // Get file path + $path = "files/$user_id/$file->basename"; + + // Check if file exist + if (!Storage::exists($path)) { + abort(404); + } + + // Get pretty name + $pretty_name = get_pretty_name($file->basename, $file->name, $file->mimetype); + + return response() + ->download(Storage::path($path), $pretty_name, [ + "Accept-Ranges" => "bytes", + "Content-Type" => Storage::mimeType($path), + "Content-Length" => Storage::size($path), + "Content-Range" => "bytes 0-600/" . Storage::size($path), + "Content-Disposition" => "attachment; filename=$pretty_name", + ]); + } + + /** + * @param $file + * @param $user_id + * @return mixed + */ + function download_thumbnail_file($file, $user_id) + { + // Get file path + $path = "/files/$user_id/{$file->getRawOriginal('thumbnail')}"; + + // Check if file exist + if (!Storage::exists($path)) abort(404); + + // Return image thumbnail + return Storage::download($path, $file->getRawOriginal('thumbnail')); + } } \ No newline at end of file diff --git a/routes/file.php b/routes/file.php index 1326bfaa..e5f97f66 100644 --- a/routes/file.php +++ b/routes/file.php @@ -2,14 +2,15 @@ // Get avatars and system images use App\Http\Controllers\FileAccessController; +use App\Http\Controllers\Sharing\SharedFileAccessContentController; Route::get('/avatars/{avatar}', [FileAccessController::class, 'get_avatar'])->name('avatar'); Route::get('/system/{image}', [FileAccessController::class, 'get_system_image']); // Get public thumbnails and files -Route::get('/thumbnail/{name}/public/{token}', [FileAccessController::class, 'get_thumbnail_public']); -Route::get('/file/{name}/public/{token}', [FileAccessController::class, 'get_file_public']); -Route::get('/zip/{id}/public/{token}', [FileAccessController::class, 'get_zip_public'])->name('zip_public'); +Route::get('/thumbnail/{name}/public/{token}', [SharedFileAccessContentController::class, 'get_thumbnail_public']); +Route::get('/file/{name}/public/{token}', [SharedFileAccessContentController::class, 'get_file_public']); +Route::get('/zip/{id}/public/{token}', [SharedFileAccessContentController::class, 'get_zip_public'])->name('zip_public'); // User master,editor,visitor access to image thumbnails and file downloads Route::group(['middleware' => ['auth:sanctum']], function () {