From 749bc4ae83b57aedfa20299585d3de389bafc398 Mon Sep 17 00:00:00 2001 From: Peter Papp Date: Mon, 15 Mar 2021 07:04:42 +0100 Subject: [PATCH] private share routes moved to share.php --- routes/api.php | 13 ------------- routes/share.php | 9 +++++++++ routes/user.php | 3 +-- 3 files changed, 10 insertions(+), 15 deletions(-) diff --git a/routes/api.php b/routes/api.php index 0f0cb0df..2dadb499 100644 --- a/routes/api.php +++ b/routes/api.php @@ -8,7 +8,6 @@ use App\Http\Controllers\FileManager\EditItemsController; use App\Http\Controllers\FileManager\FavouriteController; use App\Http\Controllers\FileManager\ShareController; use App\Http\Controllers\FileManager\TrashController; -use App\Http\Controllers\Sharing\ServeSharedController; // Pages Route::get('/content', [AppFunctionsController::class, 'get_setting_columns']); @@ -57,21 +56,9 @@ Route::group(['middleware' => ['auth:sanctum']], function () { }); }); -// Protected sharing routes for authenticated user -Route::group(['middleware' => ['auth:api', 'auth.shared', 'scope:visitor,editor']], function () { - - // Browse folders & files - // TODO: tests for private shared content - Route::get('/folders/{unique_id}/private', [ServeSharedController::class, 'get_private_folders']); - Route::get('/navigation/private', [ServeSharedController::class, 'get_private_navigation_tree']); - Route::get('/search/private', [ServeSharedController::class, 'search_private']); - Route::get('/files/private', [ServeSharedController::class, 'file_private']); -}); - // User master,editor routes Route::group(['middleware' => ['auth:sanctum']], function () { - // Edit items Route::post('/create-folder', [EditItemsController::class, 'create_folder']); Route::patch('/rename/{id}', [EditItemsController::class, 'rename_item']); Route::post('/remove', [EditItemsController::class, 'delete_item']); diff --git a/routes/share.php b/routes/share.php index 7a0a5798..480a05c2 100644 --- a/routes/share.php +++ b/routes/share.php @@ -32,4 +32,13 @@ Route::group(['prefix' => 'browse'], function () { Route::get('/shared/{token}', [ShareController::class, 'show']); }); +// Private sharing secured by password +// TODO: tests +Route::group(['middleware' => ['auth:api', 'auth.shared', 'scope:visitor,editor']], function () { + Route::get('/folders/{unique_id}/private', [ServeSharedController::class, 'get_private_folders']); + Route::get('/navigation/private', [ServeSharedController::class, 'get_private_navigation_tree']); + Route::get('/search/private', [ServeSharedController::class, 'search_private']); + Route::get('/files/private', [ServeSharedController::class, 'file_private']); +}); + Route::get('/og-site/{shared}', [AppFunctionsController::class, 'og_site']); \ No newline at end of file diff --git a/routes/user.php b/routes/user.php index 1c08faf8..de1fca2b 100644 --- a/routes/user.php +++ b/routes/user.php @@ -17,8 +17,7 @@ Route::group(['middleware' => ['auth:sanctum']], function () { Route::get('/storage', [AccountController::class, 'storage']); Route::get('/', [AccountController::class, 'user']); - // Payment cards - // TODO: tests + // Payment cards TODO: tests Route::delete('/payment-cards/{id}', [PaymentMethodsController::class, 'delete']); Route::patch('/payment-cards/{id}', [PaymentMethodsController::class, 'update']); Route::post('/payment-cards', [PaymentMethodsController::class, 'store']);