nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-05 18:23:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

rebase

Browse Source
This commit is contained in:
Milos Holba
2020-11-13 19:02:08 +01:00
parent 1c62da4e7c
commit 382756a6f0
10 changed files with 218 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
app/Http/Controllers/FileFunctions/EditItemsController.php
View File

@@ -168,41 +168,45 @@ class EditItemsController extends Controller
* @return ResponseFactory|\Illuminate\Http\Response
* @throws Exception
*/
public function user_delete_item(DeleteItemRequest $request, $unique_id)
public function user_delete_item(DeleteItemRequest $request)
{
// Demo preview
if (is_demo(Auth::id())) {
return Demo::response_204();
}
// Check permission to delete item for authenticated editor
if ($request->user()->tokenCan('editor')) {
foreach($request->input('data') as $file){
$unique_id = $file['unique_id'];
// Prevent force delete for non-master users
if ($request->input('data.force_delete')) abort('401');
// Check permission to delete item for authenticated editor
if ($request->user()->tokenCan('editor')) {
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Prevent force delete for non-master users
if ($file['force_delete']) abort('401');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Get file|folder item
$item = get_item($request->input('data.type'), $unique_id, Auth::id());
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// Check access to requested directory
if ($request->input('data.type') === 'folder') {
Guardian::check_item_access($item->unique_id, $shared);
} else {
Guardian::check_item_access($item->folder_id, $shared);
// Get file|folder item
$item = get_item($file['type'], $unique_id, Auth::id());
// Check access to requested directory
if ($file['type'] === 'folder') {
Guardian::check_item_access($item->unique_id, $shared);
} else {
Guardian::check_item_access($item->folder_id, $shared);
}
}
}
// Delete item
Editor::delete_item($request, $unique_id);
// Delete item
Editor::delete_item($file, $unique_id);
// Return response
return response(null, 204);
}
return response(null, 204);
}
/**
@@ -214,7 +218,7 @@ class EditItemsController extends Controller
* @return ResponseFactory|\Illuminate\Http\Response
* @throws Exception
*/
public function guest_delete_item(DeleteItemRequest $request, $unique_id, $token)
public function guest_delete_item(DeleteItemRequest $request, $token)
{
// Get shared record
$shared = get_shared($token);
@@ -224,22 +228,26 @@ class EditItemsController extends Controller
return Demo::response_204();
}
// Check shared permission
if (!is_editor($shared)) abort(403);
foreach($request->input('data') as $file){
$unique_id = $file['unique_id'];
// Get file|folder item
$item = get_item($request->input('data.type'), $unique_id, $shared->user_id);
// Get file|folder item
$item = get_item($file['type'], $unique_id, $shared->user_id);
// Check access to requested item
if ($request->input('data.type') === 'folder') {
Guardian::check_item_access($item->unique_id, $shared);
} else {
Guardian::check_item_access($item->folder_id, $shared);
// Check access to requested item
if ($file['type'] === 'folder') {
Guardian::check_item_access($item->unique_id, $shared);
} else {
Guardian::check_item_access($item->folder_id, $shared);
}
// Delete item
Editor::delete_item($file, $unique_id, $shared);
}
// Delete item
Editor::delete_item($request, $unique_id, $shared);
// Return response
return response(null, 204);
}

5
app/Http/Requests/FileFunctions/DeleteItemRequest.php
View File

@@ -25,8 +25,9 @@ class DeleteItemRequest extends FormRequest
public function rules()
{
return [
'data.type' => 'required|string',
'data.force_delete' => 'required|boolean',
'data[*].force_delete' => 'required|boolean',
'data[*].type' => 'required|string',
'data[*].unique_id' => 'required|numeric'
];
}
}

14
app/Http/Tools/Editor.php
View File

@@ -86,13 +86,13 @@ class Editor
* @param null $shared
* @throws \Exception
*/
public static function delete_item($request, $unique_id, $shared = null)
public static function delete_item($file, $unique_id, $shared = null)
{
// Get user id
$user = is_null($shared) ? Auth::user() : User::findOrFail($shared->user_id);
// Delete folder
if ($request->input('data.type') === 'folder') {
if ($file['type'] === 'folder') {
// Get folder
$folder = FileManagerFolder::withTrashed()
@@ -113,7 +113,7 @@ class Editor
}
// Force delete children files
if ($request->input('data.force_delete')) {
if ($file['force_delete']) {
// Get children folder ids
$child_folders = filter_folders_ids($folder->trashed_folders, 'unique_id');
@@ -142,7 +142,7 @@ class Editor
}
// Soft delete items
if (!$request->input('data.force_delete')) {
if (!$file['force_delete']) {
// Remove folder from user favourites
$user->favourite_folders()->detach($unique_id);
@@ -153,7 +153,7 @@ class Editor
}
// Delete item
if ($request->input('data.type') !== 'folder') {
if ($file['type'] !== 'folder') {
// Get file
$file = FileManagerFile::withTrashed()
@@ -173,7 +173,7 @@ class Editor
}
// Force delete file
if ($request->input('data.force_delete')) {
if ($file['force_delete']) {
// Delete file
Storage::delete('/file-manager/' . $file->basename);
@@ -186,7 +186,7 @@ class Editor
}
// Soft delete file
if (!$request->input('data.force_delete')) {
if (!$file['force_delete']) {
// Soft delete file
$file->delete();

20
database/factories/FileFactory.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
/** @var \Illuminate\Database\Eloquent\Factory $factory */
use App\FileManagerFile;
use Faker\Generator as Faker;
use Illuminate\Support\Carbon;
$factory->define(FileManagerFile::class, function (Faker $faker) {
return [
'unique_id' => $faker->randomDigit,
'user_id' => 0,
'folder_id' => 0,
'name' => $faker->firstName,
'basename' => $faker->lastName,
'user_scope' => 'master',
'updated_at' => Carbon::now(),
'created_at' => Carbon::now()
];
});

17
database/factories/FolderFactory.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
/** @var \Illuminate\Database\Eloquent\Factory $factory */
use App\FileManagerFolder;
use Faker\Generator as Faker;
$factory->define(FileManagerFolder::class, function (Faker $faker) {
return [
'id' => $faker->randomDigit,
'unique_id' => $faker->randomDigit,
'user_id' => 1,
'parent_id' => 0,
'name' => $faker->sentence,
'type' => 'folder',
];
});

70
env.testing Normal file
View File

@@ -0,0 +1,70 @@
APP_NAME=vueFileManager
APP_ENV=local
APP_KEY=base64:v+s0R2C5q8jYySj3uwrKA8KH8c9JBIZTdXqB2ytk4j8=
APP_DEBUG=true
APP_URL=http://localhost
APP_DEMO=false
LOG_CHANNEL=stack
DB_CONNECTION=sqlite
DB_HOST=null
DB_PORT=null
DB_DATABASE=database/database.sqlite
DB_USERNAME=null
DB_PASSWORD=null
BROADCAST_DRIVER=log
CACHE_DRIVER=file
QUEUE_CONNECTION=sync
SESSION_DRIVER=file
SESSION_LIFETIME=120
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
MAIL_DRIVER=smtp
MAIL_HOST=sty
MAIL_PORT=3254
MAIL_USERNAME=Milos
MAIL_PASSWORD=milos123
MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS="${MAIL_USERNAME}"
MAIL_FROM_NAME="${MAIL_USERNAME}"
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_DEFAULT_REGION=
AWS_BUCKET=
DO_SPACES_KEY=
DO_SPACES_SECRET=
DO_SPACES_ENDPOINT=
DO_SPACES_REGION=
DO_SPACES_BUCKET=
WASABI_KEY=
WASABI_SECRET=
WASABI_ENDPOINT=
WASABI_REGION=
WASABI_BUCKET=
BACKBLAZE_KEY=
BACKBLAZE_SECRET=
BACKBLAZE_ENDPOINT=
BACKBLAZE_REGION=
BACKBLAZE_BUCKET=
PASSPORT_CLIENT_ID=1
PASSPORT_CLIENT_SECRET=TqSdKJUbCbC7g5To3Clriw9BMblef0nIdEaI81Q5
APP_DEPLOY_SECRET=
CASHIER_LOGGER=stack
CASHIER_CURRENCY=
STRIPE_KEY=
STRIPE_SECRET=
STRIPE_WEBHOOK_SECRET=
CASHIER_PAYMENT_NOTIFICATION=App\Notifications\ConfirmPayment

4
routes/api.php
View File

@@ -44,7 +44,7 @@ Route::group(['middleware' => ['api'], 'prefix' => 'public'], function () {
Route::group(['middleware' => ['api']], function () {
// Edit Functions
Route::delete('/remove-item/{unique_id}/public/{token}', 'FileFunctions\EditItemsController@guest_delete_item');
Route::post('/remove-item/public/{token}', 'FileFunctions\EditItemsController@guest_delete_item');
Route::patch('/rename-item/{unique_id}/public/{token}', 'FileFunctions\EditItemsController@guest_rename_item');
Route::post('/create-folder/public/{token}', 'FileFunctions\EditItemsController@guest_create_folder');
Route::patch('/move/{unique_id}/public/{token}', 'FileFunctions\EditItemsController@guest_move');
@@ -184,7 +184,7 @@ Route::group(['middleware' => ['auth:api', 'auth.shared', 'scope:visitor,editor'
Route::group(['middleware' => ['auth:api', 'auth.shared', 'auth.master', 'scope:master,editor']], function () {
// Edit items
Route::delete('/remove-item/{unique_id}', 'FileFunctions\EditItemsController@user_delete_item');
Route::post('/remove-item', 'FileFunctions\EditItemsController@user_delete_item');
Route::patch('/rename-item/{unique_id}', 'FileFunctions\EditItemsController@user_rename_item');
Route::post('/create-folder', 'FileFunctions\EditItemsController@user_create_folder');
Route::patch('/move/{unique_id}', 'FileFunctions\EditItemsController@user_move');

21
tests/Feature/ExampleTest.php
View File

@@ -1,21 +0,0 @@
<?php
namespace Tests\Feature;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*
* @return void
*/
public function testBasicTest()
{
$response = $this->get('/');
$response->assertStatus(200);
}
}

59
tests/Unit/BulkdTest.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
namespace Tests\Unit;
use App\User;
// use Illuminate\Foundation\Testing\DatabaseMigrations;
use Tests\TestCase;
use App\FileManagerFile;
use Laravel\Passport\Passport;
use Illuminate\Auth\AuthenticationException;
use Illuminate\Foundation\Testing\RefreshDatabase;
class BulkTest extends TestCase
{
// use DatabaseMigrations;
use RefreshDatabase;
/**
* @test
*/
public function bulk_delete_user ()
{
$this->withoutExceptionHandling();
$data ='{
"data": [
{
"force_delete": false,
"type": "file",
"unique_id": 0
},
{
"force_delete": false,
"type": "file",
"unique_id": 1
},
{
"force_delete": false,
"type": "file",
"unique_id": 2
}
]
}';
$user = factory(User::class)->create();
factory(FileManagerFile::class, 3)->create();
$this->assertDatabaseCount('file_manager_files', 3);
$this->actingAs($user)->withoutMiddleware()->json('POST','/api/remove-item', json_decode($data , true))
->assertStatus(201);
// $this->assertDatabaseCount('file_manager_files', 3);
}
}

18
tests/Unit/ExampleTest.php
View File

@@ -1,18 +0,0 @@
<?php
namespace Tests\Unit;
use PHPUnit\Framework\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*
* @return void
*/
public function testBasicTest()
{
$this->assertTrue(true);
}
}