nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-18 00:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

api refactoring

Browse Source
This commit is contained in:
Čarodej
2022-05-31 15:12:31 +02:00
parent a4b18c26b5
commit 7659cc7221
9 changed files with 38 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/App/Users/Requests/UpdateAvatarRequest.php
View File

@@ -23,7 +23,7 @@ class UpdateAvatarRequest extends FormRequest
public function rules()
{
return [
'avatar' => 'required|file',
'avatar' => 'required|file|mimes:jpg,jpeg,png',
];
}
}

5
src/Domain/Browsing/Controllers/SpotlightSearchController.php
View File

@@ -38,7 +38,10 @@ class SpotlightSearchController
): JsonResponse {
// Prevent to show non admin user searching
if (Auth::user()->role !== 'admin') {
abort(response()->json(accessDeniedError()), 403);
abort(response()->json([
'type' => 'error',
'message' => 'Access denied. You need administrator privileges to search the users.',
]), 403);
}
// Get user ids

14
src/Domain/Browsing/Controllers/VisitorBrowseFolderController.php
View File

@@ -10,6 +10,7 @@ use Domain\Folders\Resources\FolderResource;
use Domain\Folders\Resources\FolderCollection;
use Domain\Sharing\Actions\ProtectShareRecordAction;
use Domain\Sharing\Actions\VerifyAccessToItemAction;
use Str;
/**
* Browse shared folder
@@ -26,14 +27,19 @@ class VisitorBrowseFolderController
string $id,
Share $shared,
): JsonResponse {
$folderId = Str::isUuid($id)
? $id
: $shared->item_id;
// Check ability to access protected share record
($this->protectShareRecord)($shared);
// Check if user can get directory
($this->verifyAccessToItem)($id, $shared);
($this->verifyAccessToItem)($folderId, $shared);
// Get requested folder
$requestedFolder = Folder::findOrFail($id);
$requestedFolder = Folder::findOrFail($folderId);
$page = request()->has('page')
? request()->input('page')
@@ -43,13 +49,13 @@ class VisitorBrowseFolderController
$query = [
'folder' => [
'where' => [
'parent_id' => $id,
'parent_id' => $folderId,
'user_id' => $shared->user_id,
],
],
'file' => [
'where' => [
'parent_id' => $id,
'parent_id' => $folderId,
'user_id' => $shared->user_id,
],
],

3
src/Domain/Sharing/Controllers/ShareItemController.php
View File

@@ -21,9 +21,8 @@ class ShareItemController extends Controller
*/
public function __invoke(
CreateShareRequest $request,
string $id,
): JsonResponse {
$item = get_item($request->input('type'), $id);
$item = get_item($request->input('type'), $request->input('id'));
// Check if item is currently shared
if ($item->shared()->exists()) {

1
src/Domain/Sharing/Requests/CreateShareRequest.php
View File

@@ -24,6 +24,7 @@ class CreateShareRequest extends FormRequest
public function rules()
{
return [
'id' => 'required|uuid',
'isPassword' => 'sometimes|boolean',
'password' => 'required_if:isPassword,true',
'type' => 'required|string',

14
src/Domain/Teams/Controllers/TeamFoldersController.php
View File

@@ -1,6 +1,7 @@
<?php
namespace Domain\Teams\Controllers;
use Gate;
use Illuminate\Support\Str;
use Domain\Files\Models\File;
use Domain\Folders\Models\Folder;
@@ -41,9 +42,16 @@ class TeamFoldersController extends Controller
$entriesPerPage = config('vuefilemanager.paginate.perPage');
// TODO: check privileges
if ($id) {
// Get team folder
$teamFolder = Folder::findOrFail($id)
->getLatestParent();
// Check privileges
if (! Gate::any(['can-edit', 'can-view'], [$teamFolder, null])) {
return response()->json(accessDeniedError(), 403);
}
$query = [
'folder' => [
'where' => [
@@ -111,7 +119,7 @@ class TeamFoldersController extends Controller
'meta' => [
'paginate' => $paginate,
'teamFolder' => $id
? new FolderResource(Folder::findOrFail($id)->getLatestParent())
? new FolderResource($teamFolder)
: null,
'root' => $id
? new FolderResource(Folder::findOrFail($id))