rebase

2026-05-13 08:45:01 +00:00 · 2020-11-13 19:02:08 +01:00
parent 1c62da4e7c
commit 382756a6f0
10 changed files with 218 additions and 82 deletions
@@ -168,18 +168,21 @@ class EditItemsController extends Controller
     * @return ResponseFactory|\Illuminate\Http\Response
     * @throws Exception
     */
-    public function user_delete_item(DeleteItemRequest $request, $unique_id)
+    public function user_delete_item(DeleteItemRequest $request)
    {
        // Demo preview
        if (is_demo(Auth::id())) {
            return Demo::response_204();
        }
        foreach($request->input('data') as $file){
            $unique_id = $file['unique_id'];
            // Check permission to delete item for authenticated editor 
            if ($request->user()->tokenCan('editor')) {
                // Prevent force delete for non-master users
-            if ($request->input('data.force_delete')) abort('401');
+                if ($file['force_delete']) abort('401');
                // check if shared_token cookie exist
                if (!$request->hasCookie('shared_token')) abort('401');
@@ -188,10 +191,10 @@ class EditItemsController extends Controller
                $shared = get_shared($request->cookie('shared_token'));
                // Get file|folder item
-            $item = get_item($request->input('data.type'), $unique_id, Auth::id());
+                $item = get_item($file['type'], $unique_id, Auth::id());
                // Check access to requested directory
-            if ($request->input('data.type') === 'folder') {
+                if ($file['type'] === 'folder') {
                    Guardian::check_item_access($item->unique_id, $shared);
                } else {
                    Guardian::check_item_access($item->folder_id, $shared);
@@ -199,9 +202,10 @@ class EditItemsController extends Controller
            }
            // Delete item
-        Editor::delete_item($request, $unique_id);
+            Editor::delete_item($file, $unique_id);
        // Return response
        }
    return response(null, 204);
    }
@@ -214,7 +218,7 @@ class EditItemsController extends Controller
     * @return ResponseFactory|\Illuminate\Http\Response
     * @throws Exception
     */
-    public function guest_delete_item(DeleteItemRequest $request, $unique_id, $token)
+    public function guest_delete_item(DeleteItemRequest $request, $token)
    {
        // Get shared record
        $shared = get_shared($token);
@@ -224,22 +228,26 @@ class EditItemsController extends Controller
            return Demo::response_204();
        }
        // Check shared permission
        if (!is_editor($shared)) abort(403);
        foreach($request->input('data') as $file){
            $unique_id = $file['unique_id'];
            // Get file|folder item
-        $item = get_item($request->input('data.type'), $unique_id, $shared->user_id);
+            $item = get_item($file['type'], $unique_id, $shared->user_id);
            // Check access to requested item
-        if ($request->input('data.type') === 'folder') {
+            if ($file['type'] === 'folder') {
                Guardian::check_item_access($item->unique_id, $shared);
            } else {
                Guardian::check_item_access($item->folder_id, $shared);
            }
            // Delete item
-        Editor::delete_item($request, $unique_id, $shared);
+            Editor::delete_item($file, $unique_id, $shared);
-
+        }
        // Return response
        return response(null, 204);
    }
@@ -25,8 +25,9 @@ class DeleteItemRequest extends FormRequest
    public function rules()
    {
        return [
-            'data.type'         => 'required|string',
+            'data[*].force_delete' => 'required|boolean',
-            'data.force_delete' => 'required|boolean',
+            'data[*].type'         => 'required|string',
            'data[*].unique_id'    => 'required|numeric'  
        ];
    }
 }
@@ -86,13 +86,13 @@ class Editor
     * @param null $shared
     * @throws \Exception
     */
-    public static function delete_item($request, $unique_id, $shared = null)
+    public static function delete_item($file, $unique_id, $shared = null)
    {
        // Get user id
        $user = is_null($shared) ? Auth::user() : User::findOrFail($shared->user_id);
        // Delete folder
-        if ($request->input('data.type') === 'folder') {
+        if ($file['type'] === 'folder') {
            // Get folder
            $folder = FileManagerFolder::withTrashed()
@@ -113,7 +113,7 @@ class Editor
            }
            // Force delete children files
-            if ($request->input('data.force_delete')) {
+            if ($file['force_delete']) {
                // Get children folder ids
                $child_folders = filter_folders_ids($folder->trashed_folders, 'unique_id');
@@ -142,7 +142,7 @@ class Editor
            }
            // Soft delete items
-            if (!$request->input('data.force_delete')) {
+            if (!$file['force_delete']) {
                // Remove folder from user favourites
                $user->favourite_folders()->detach($unique_id);
@@ -153,7 +153,7 @@ class Editor
        }
        // Delete item
-        if ($request->input('data.type') !== 'folder') {
+        if ($file['type'] !== 'folder') {
            // Get file
            $file = FileManagerFile::withTrashed()
@@ -173,7 +173,7 @@ class Editor
            }
            // Force delete file
-            if ($request->input('data.force_delete')) {
+            if ($file['force_delete']) {
                // Delete file
                Storage::delete('/file-manager/' . $file->basename);
@@ -186,7 +186,7 @@ class Editor
            }
            // Soft delete file
-            if (!$request->input('data.force_delete')) {
+            if (!$file['force_delete']) {
                // Soft delete file
                $file->delete();
@@ -0,0 +1,20 @@
 <?php
 /** @var \Illuminate\Database\Eloquent\Factory $factory */
 use App\FileManagerFile;
 use Faker\Generator as Faker;
 use Illuminate\Support\Carbon;
 $factory->define(FileManagerFile::class, function (Faker $faker) {
    return [
        'unique_id'  => $faker->randomDigit,
        'user_id'    => 0,
        'folder_id'  => 0,
        'name'       => $faker->firstName,
        'basename'   => $faker->lastName,
        'user_scope' => 'master',
        'updated_at' => Carbon::now(),
        'created_at' => Carbon::now()
    ];
 });
@@ -0,0 +1,17 @@
 <?php
 /** @var \Illuminate\Database\Eloquent\Factory $factory */
 use App\FileManagerFolder;
 use Faker\Generator as Faker;
 $factory->define(FileManagerFolder::class, function (Faker $faker) {
    return [
        'id'        => $faker->randomDigit,
        'unique_id' => $faker->randomDigit,
        'user_id'   => 1,
        'parent_id' => 0,
        'name'      => $faker->sentence,
        'type'      => 'folder',
    ];
 });
@@ -0,0 +1,70 @@
 APP_NAME=vueFileManager
 APP_ENV=local
 APP_KEY=base64:v+s0R2C5q8jYySj3uwrKA8KH8c9JBIZTdXqB2ytk4j8=
 APP_DEBUG=true
 APP_URL=http://localhost
 APP_DEMO=false
 LOG_CHANNEL=stack
 DB_CONNECTION=sqlite
 DB_HOST=null
 DB_PORT=null
 DB_DATABASE=database/database.sqlite
 DB_USERNAME=null
 DB_PASSWORD=null
 BROADCAST_DRIVER=log
 CACHE_DRIVER=file
 QUEUE_CONNECTION=sync
 SESSION_DRIVER=file
 SESSION_LIFETIME=120
 REDIS_HOST=127.0.0.1
 REDIS_PASSWORD=null
 REDIS_PORT=6379
 MAIL_DRIVER=smtp
 MAIL_HOST=sty
 MAIL_PORT=3254
 MAIL_USERNAME=Milos
 MAIL_PASSWORD=milos123
 MAIL_ENCRYPTION=tls
 MAIL_FROM_ADDRESS="${MAIL_USERNAME}"
 MAIL_FROM_NAME="${MAIL_USERNAME}"
 AWS_ACCESS_KEY_ID=
 AWS_SECRET_ACCESS_KEY=
 AWS_DEFAULT_REGION=
 AWS_BUCKET=
 DO_SPACES_KEY=
 DO_SPACES_SECRET=
 DO_SPACES_ENDPOINT=
 DO_SPACES_REGION=
 DO_SPACES_BUCKET=
 WASABI_KEY=
 WASABI_SECRET=
 WASABI_ENDPOINT=
 WASABI_REGION=
 WASABI_BUCKET=
 BACKBLAZE_KEY=
 BACKBLAZE_SECRET=
 BACKBLAZE_ENDPOINT=
 BACKBLAZE_REGION=
 BACKBLAZE_BUCKET=
 PASSPORT_CLIENT_ID=1
 PASSPORT_CLIENT_SECRET=TqSdKJUbCbC7g5To3Clriw9BMblef0nIdEaI81Q5
 APP_DEPLOY_SECRET=
 CASHIER_LOGGER=stack
 CASHIER_CURRENCY=
 STRIPE_KEY=
 STRIPE_SECRET=
 STRIPE_WEBHOOK_SECRET=
 CASHIER_PAYMENT_NOTIFICATION=App\Notifications\ConfirmPayment
@@ -44,7 +44,7 @@ Route::group(['middleware' => ['api'], 'prefix' => 'public'], function () {
 Route::group(['middleware' => ['api']], function () {
    // Edit Functions
-    Route::delete('/remove-item/{unique_id}/public/{token}', 'FileFunctions\EditItemsController@guest_delete_item');
+    Route::post('/remove-item/public/{token}', 'FileFunctions\EditItemsController@guest_delete_item');
    Route::patch('/rename-item/{unique_id}/public/{token}', 'FileFunctions\EditItemsController@guest_rename_item');
    Route::post('/create-folder/public/{token}', 'FileFunctions\EditItemsController@guest_create_folder');
    Route::patch('/move/{unique_id}/public/{token}', 'FileFunctions\EditItemsController@guest_move');
@@ -184,7 +184,7 @@ Route::group(['middleware' => ['auth:api', 'auth.shared', 'scope:visitor,editor'
 Route::group(['middleware' => ['auth:api', 'auth.shared', 'auth.master', 'scope:master,editor']], function () {
    // Edit items
-    Route::delete('/remove-item/{unique_id}', 'FileFunctions\EditItemsController@user_delete_item');
+    Route::post('/remove-item', 'FileFunctions\EditItemsController@user_delete_item');
    Route::patch('/rename-item/{unique_id}', 'FileFunctions\EditItemsController@user_rename_item');
    Route::post('/create-folder', 'FileFunctions\EditItemsController@user_create_folder');
    Route::patch('/move/{unique_id}', 'FileFunctions\EditItemsController@user_move');
@@ -1,21 +0,0 @@
 <?php
 namespace Tests\Feature;
 use Illuminate\Foundation\Testing\RefreshDatabase;
 use Tests\TestCase;
 class ExampleTest extends TestCase
 {
    /**
     * A basic test example.
     *
     * @return void
     */
    public function testBasicTest()
    {
        $response = $this->get('/');
        $response->assertStatus(200);
    }
 }
@@ -0,0 +1,59 @@
 <?php
 namespace Tests\Unit;
 use App\User;
 // use Illuminate\Foundation\Testing\DatabaseMigrations;
 use Tests\TestCase;
 use App\FileManagerFile;
 use Laravel\Passport\Passport;
 use Illuminate\Auth\AuthenticationException;
 use Illuminate\Foundation\Testing\RefreshDatabase;
 class BulkTest extends TestCase
 {
    // use DatabaseMigrations;
    use RefreshDatabase;
    /**
     * @test 
     */
     public function bulk_delete_user ()
     {
         $this->withoutExceptionHandling();
         $data ='{
          "data": [
            {
                "force_delete": false,
                "type": "file",
                "unique_id": 0
            },
            {
                "force_delete": false,
                "type": "file",
                "unique_id": 1
            },
            {
                "force_delete": false,
                "type": "file",
                "unique_id": 2
            }
          ]
          }';
        $user = factory(User::class)->create();
       factory(FileManagerFile::class, 3)->create();
         $this->assertDatabaseCount('file_manager_files', 3);
         $this->actingAs($user)->withoutMiddleware()->json('POST','/api/remove-item', json_decode($data , true))
         ->assertStatus(201);
        //  $this->assertDatabaseCount('file_manager_files', 3);
     }
 }
@@ -1,18 +0,0 @@
 <?php
 namespace Tests\Unit;
 use PHPUnit\Framework\TestCase;
 class ExampleTest extends TestCase
 {
    /**
     * A basic test example.
     *
     * @return void
     */
    public function testBasicTest()
    {
        $this->assertTrue(true);
    }
 }