mirror of
https://github.com/VueFileManager/vuefilemanager.git
synced 2026-04-06 02:33:48 +00:00
file routes refactoring
This commit is contained in:
Peter Papp
@@ -102,21 +102,19 @@ class FileAccessController extends Controller
|
||||
*/
|
||||
public function get_zip($id)
|
||||
{
|
||||
$zip = Zip::where('id', $id)
|
||||
$zip = Zip::whereId($id)
|
||||
->where('user_id', Auth::id())
|
||||
->first();
|
||||
->firstOrFail();
|
||||
|
||||
$zip_path = 'zip/' . $zip->basename;
|
||||
$disk = Storage::disk('local');
|
||||
|
||||
$header = [
|
||||
return $disk->download("zip/$zip->basename", $zip->basename, [
|
||||
"Content-Type" => 'application/zip',
|
||||
"Content-Length" => Storage::disk('local')->size($zip_path),
|
||||
"Content-Length" => $disk->size("zip/$zip->basename"),
|
||||
"Accept-Ranges" => "bytes",
|
||||
"Content-Range" => "bytes 0-600/" . Storage::disk('local')->size($zip_path),
|
||||
"Content-Disposition" => "attachment; filename=" . $zip->basename,
|
||||
];
|
||||
|
||||
return Storage::disk('local')->download($zip_path, $zip->basename, $header);
|
||||
"Content-Range" => "bytes 0-600/" . $disk->size("zip/$zip->basename"),
|
||||
"Content-Disposition" => "attachment; filename=$zip->basename",
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -50,6 +50,8 @@ class RouteServiceProvider extends ServiceProvider
|
||||
|
||||
$this->mapMaintenanceRoutes();
|
||||
|
||||
$this->mapFileRoutes();
|
||||
|
||||
$this->mapWebRoutes();
|
||||
}
|
||||
|
||||
@@ -74,6 +76,13 @@ class RouteServiceProvider extends ServiceProvider
|
||||
->group(base_path('routes/maintenance.php'));
|
||||
}
|
||||
|
||||
protected function mapFileRoutes()
|
||||
{
|
||||
Route::middleware('web')
|
||||
->namespace($this->namespace)
|
||||
->group(base_path('routes/file.php'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Define the "api" routes for the application.
|
||||
*
|
||||
|
||||
20
routes/file.php
Normal file
20
routes/file.php
Normal file
@@ -0,0 +1,20 @@
|
||||
<?php
|
||||
|
||||
// Get avatars and system images
|
||||
use App\Http\Controllers\FileAccessController;
|
||||
|
||||
Route::get('/avatars/{avatar}', [FileAccessController::class, 'get_avatar'])->name('avatar');
|
||||
Route::get('/system/{image}', [FileAccessController::class, 'get_system_image']);
|
||||
|
||||
// TODO: testy
|
||||
// Get public thumbnails and files
|
||||
Route::get('/thumbnail/{name}/public/{token}', [FileAccessController::class, 'get_thumbnail_public']);
|
||||
Route::get('/file/{name}/public/{token}', [FileAccessController::class, 'get_file_public']);
|
||||
Route::get('/zip/{id}/public/{token}', [FileAccessController::class, 'get_zip_public'])->name('zip_public');
|
||||
|
||||
// User master,editor,visitor access to image thumbnails and file downloads
|
||||
Route::group(['middleware' => ['auth:sanctum']], function () {
|
||||
Route::get('/thumbnail/{name}', [FileAccessController::class, 'get_thumbnail'])->name('thumbnail');
|
||||
Route::get('/file/{name}', [FileAccessController::class, 'get_file'])->name('file');
|
||||
Route::get('/zip/{id}', [FileAccessController::class, 'get_zip'])->name('zip');
|
||||
});
|
||||
@@ -10,23 +10,6 @@ use App\Http\Controllers\WebhookController;
|
||||
Route::post('/stripe/webhook', [WebhookController::class, 'handleWebhook']);
|
||||
Route::post('/admin-setup', [SetupWizardController::class, 'create_admin_account']);
|
||||
|
||||
// Get avatars and system images
|
||||
Route::get('/avatars/{avatar}', [FileAccessController::class, 'get_avatar'])->name('avatar');
|
||||
Route::get('/system/{image}', [FileAccessController::class, 'get_system_image']);
|
||||
|
||||
// Get public thumbnails and files
|
||||
// TODO: testy
|
||||
Route::get('/thumbnail/{name}/public/{token}', [FileAccessController::class, 'get_thumbnail_public']);
|
||||
Route::get('/file/{name}/public/{token}', [FileAccessController::class, 'get_file_public']);
|
||||
Route::get('/zip/{id}/public/{token}', [FileAccessController::class, 'get_zip_public'])->name('zip_public');
|
||||
|
||||
// User master,editor,visitor access to image thumbnails and file downloads
|
||||
Route::group(['middleware' => ['auth:sanctum']], function () {
|
||||
Route::get('/thumbnail/{name}', [FileAccessController::class, 'get_thumbnail'])->name('thumbnail');
|
||||
Route::get('/file/{name}', [FileAccessController::class, 'get_file'])->name('file');
|
||||
Route::get('/zip/{id}', [FileAccessController::class, 'get_zip'])->name('zip');
|
||||
});
|
||||
|
||||
// Get user invoice
|
||||
Route::group(['middleware' => ['auth:sanctum']], function () {
|
||||
Route::get('/invoice/{customer}/{token}', [InvoiceController::class, 'show']);
|
||||
|
||||
@@ -4,6 +4,8 @@ namespace Tests\Feature;
|
||||
|
||||
use App\Models\File;
|
||||
use App\Models\User;
|
||||
use App\Models\Zip;
|
||||
use Carbon\Carbon;
|
||||
use Illuminate\Foundation\Testing\DatabaseMigrations;
|
||||
use App\Services\SetupService;
|
||||
use Illuminate\Http\UploadedFile;
|
||||
@@ -89,31 +91,14 @@ class FileAccessTest extends TestCase
|
||||
->assertOk();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public function guest_try_to_get_private_user_file()
|
||||
{
|
||||
Storage::fake('local');
|
||||
|
||||
$this->setup->create_directories();
|
||||
|
||||
$user = User::factory(User::class)
|
||||
->create();
|
||||
|
||||
$file = UploadedFile::fake()
|
||||
->create(Str::random() . '-fake-file.pdf', 1200, 'application/pdf');
|
||||
|
||||
Storage::putFileAs("files/$user->id", $file, $file->name);
|
||||
|
||||
File::factory(File::class)
|
||||
->create([
|
||||
'basename' => $file->name,
|
||||
'name' => 'fake-file.pdf',
|
||||
]);
|
||||
|
||||
$this->get("file/$file->name")
|
||||
->assertStatus(302);
|
||||
$this->get("file/fake-file.pdf")
|
||||
->assertRedirect();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -144,4 +129,68 @@ class FileAccessTest extends TestCase
|
||||
$this->get("file/$file->name")
|
||||
->assertNotFound();
|
||||
}
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public function it_get_private_user_zip()
|
||||
{
|
||||
Storage::fake('local');
|
||||
|
||||
$this->setup->create_directories();
|
||||
|
||||
$user = User::factory(User::class)
|
||||
->create();
|
||||
|
||||
Sanctum::actingAs($user);
|
||||
|
||||
$file = UploadedFile::fake()
|
||||
->create('archive.zip', 2000, 'application/zip');
|
||||
|
||||
Storage::putFileAs('zip', $file, 'EHWKcuvKzA4Gv29v-archive.zip');
|
||||
|
||||
$zip = Zip::factory(Zip::class)->create([
|
||||
'basename' => 'EHWKcuvKzA4Gv29v-archive.zip',
|
||||
'user_id' => $user->id,
|
||||
]);
|
||||
|
||||
$this->get("zip/$zip->id")
|
||||
->assertOk();
|
||||
}
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public function logged_user_try_to_get_another_private_user_zip()
|
||||
{
|
||||
Storage::fake('local');
|
||||
|
||||
$this->setup->create_directories();
|
||||
|
||||
$user = User::factory(User::class)
|
||||
->create();
|
||||
|
||||
Sanctum::actingAs($user);
|
||||
|
||||
$file = UploadedFile::fake()
|
||||
->create('archive.zip', 2000, 'application/zip');
|
||||
|
||||
Storage::putFileAs('zip', $file, 'EHWKcuvKzA4Gv29v-archive.zip');
|
||||
|
||||
$zip = Zip::factory(Zip::class)->create([
|
||||
'basename' => 'EHWKcuvKzA4Gv29v-archive.zip',
|
||||
]);
|
||||
|
||||
$this->get("zip/$zip->id")
|
||||
->assertNotFound();
|
||||
}
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public function guest_try_to_get_private_user_zip()
|
||||
{
|
||||
$this->get("zip/EHWKcuvKzA4Gv29v-archive.zip")
|
||||
->assertRedirect();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user