diff --git a/app/Http/Controllers/FileAccessController.php b/app/Http/Controllers/FileAccessController.php index 9b4c4188..ff7f8068 100644 --- a/app/Http/Controllers/FileAccessController.php +++ b/app/Http/Controllers/FileAccessController.php @@ -92,11 +92,17 @@ class FileAccessController extends Controller */ public function get_zip($id) { + $disk = Storage::disk('local'); + $zip = Zip::whereId($id) ->where('user_id', Auth::id()) ->firstOrFail(); - $disk = Storage::disk('local'); + $zip + ->user + ->record_download( + $disk->size("zip/$zip->basename") + ); return $disk->download("zip/$zip->basename", $zip->basename, [ "Content-Type" => 'application/zip', @@ -116,21 +122,26 @@ class FileAccessController extends Controller */ public function get_zip_public($id, $token) { + $disk = Storage::disk('local'); + $zip = Zip::where('id', $id) ->where('shared_token', $token) ->first(); - $zip_path = 'zip/' . $zip->basename; + $zip + ->user + ->record_download( + $disk->size("zip/$zip->basename") + ); - $header = [ - "Content-Type" => 'application/zip', - "Content-Length" => Storage::disk('local')->size($zip_path), - "Accept-Ranges" => "bytes", - "Content-Range" => "bytes 0-600/" . Storage::disk('local')->size($zip_path), - "Content-Disposition" => "attachment; filename=" . $zip->basename, - ]; - - return Storage::disk('local')->download($zip_path, $zip->basename, $header); + return $disk + ->download("zip/$zip->basename", $zip->basename, [ + "Content-Type" => 'application/zip', + "Content-Length" => $disk->size("zip/$zip->basename"), + "Accept-Ranges" => "bytes", + "Content-Range" => "bytes 0-600/" . $disk->size("zip/$zip->basename"), + "Content-Disposition" => "attachment; filename=" . $zip->basename, + ]); } /** diff --git a/app/Http/Controllers/FileFunctions/EditItemsController.php b/app/Http/Controllers/FileFunctions/EditItemsController.php index 7457a45c..7f9848e5 100644 --- a/app/Http/Controllers/FileFunctions/EditItemsController.php +++ b/app/Http/Controllers/FileFunctions/EditItemsController.php @@ -459,7 +459,7 @@ class EditItemsController extends Controller $shared = get_shared($token); $file_parent_folders = File::whereUserId($shared->user_id) - ->whereIn('id', $request->input('files')) + ->whereIn('id', $request->items) ->get() ->pluck('folder_id') ->toArray(); @@ -469,7 +469,7 @@ class EditItemsController extends Controller // Get requested files $files = File::whereUserId($shared->user_id) - ->whereIn('id', $request->input('files')) + ->whereIn('id', $request->items) ->get(); $zip = Editor::zip_files($files, $shared); @@ -481,7 +481,7 @@ class EditItemsController extends Controller 'token' => $shared->token, ]), 'name' => $zip->basename, - ], 200); + ], 201); } /** diff --git a/app/Http/Tools/Guardian.php b/app/Http/Tools/Guardian.php index 0a1e6697..94c38122 100644 --- a/app/Http/Tools/Guardian.php +++ b/app/Http/Tools/Guardian.php @@ -3,7 +3,7 @@ namespace App\Http\Tools; use App; -use App\Folder; +use App\Models\Folder; use Illuminate\Support\Arr; diff --git a/app/Models/Zip.php b/app/Models/Zip.php index 2226a321..0bca6e7e 100644 --- a/app/Models/Zip.php +++ b/app/Models/Zip.php @@ -16,6 +16,11 @@ class Zip extends Model protected $keyType = 'string'; + public function user() + { + return $this->hasOne(User::class, 'id', 'user_id'); + } + /** * Model events */ diff --git a/tests/Feature/ShareContentAccessTest.php b/tests/Feature/ShareContentAccessTest.php index 3134cabf..72362477 100644 --- a/tests/Feature/ShareContentAccessTest.php +++ b/tests/Feature/ShareContentAccessTest.php @@ -3,9 +3,11 @@ namespace Tests\Feature; use App\Models\File; +use App\Models\Folder; use App\Models\Share; use App\Models\Traffic; use App\Models\User; +use App\Models\Zip; use App\Services\SetupService; use Carbon\Carbon; use Illuminate\Foundation\Testing\DatabaseMigrations; @@ -132,4 +134,106 @@ class ShareContentAccessTest extends TestCase $this->get("/api/files/$share->token/public") ->assertStatus(403); } + + /** + * @test + */ + public function it_zip_shared_multiple_files_and_download_it() + { + Storage::fake('local'); + + $this->setup->create_directories(); + + $user = User::factory(User::class) + ->create(); + + $folder = Folder::factory(Folder::class) + ->create([ + 'user_id' => $user->id + ]); + + collect([0, 1]) + ->each(function ($index) use ($folder, $user) { + + $file = UploadedFile::fake() + ->create(Str::random() . "-fake-file-$index.pdf", 1000, 'application/pdf'); + + Storage::putFileAs("files/$user->id", $file, $file->name); + + File::factory(File::class) + ->create([ + 'filesize' => $file->getSize(), + 'folder_id' => $folder->id, + 'user_id' => $user->id, + 'basename' => $file->name, + 'name' => "fake-file-$index.pdf", + ]); + }); + + $share = Share::factory(Share::class) + ->create([ + 'item_id' => $folder->id, + 'user_id' => $user->id, + 'type' => 'folder', + 'is_protected' => false, + ]); + + $this->postJson("/api/zip/public/$share->token", [ + 'items' => File::all()->pluck('id') + ])->assertStatus(201); + + $this->assertDatabaseHas('zips', [ + 'user_id' => $user->id, + 'shared_token' => $share->token, + ]); + + $zip = Zip::first(); + + Storage::assertExists("zip/$zip->basename"); + + $this->get("/zip/$zip->id/public/$share->token") + ->assertStatus(200); + + $this->assertDatabaseMissing('traffic', [ + 'user_id' => $user->id, + 'download' => null, + ]); + } + + /** + * @test + */ + public function it_try_zip_non_shared_file_with_shared_multiple_files_and_download_it() + { + $user = User::factory(User::class) + ->create(); + + $folder = Folder::factory(Folder::class) + ->create([ + 'user_id' => $user->id + ]); + + File::factory(File::class) + ->create([ + 'folder_id' => $folder->id, + 'user_id' => $user->id, + ]); + + File::factory(File::class) + ->create([ + 'user_id' => $user->id, + ]); + + $share = Share::factory(Share::class) + ->create([ + 'item_id' => $folder->id, + 'user_id' => $user->id, + 'type' => 'folder', + 'is_protected' => false, + ]); + + $this->postJson("/api/zip/public/$share->token", [ + 'items' => File::all()->pluck('id') + ])->assertStatus(403); + } }