nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-18 00:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

added it_get_public_file_record_and_download_them, it_try_to_get_protected_file_record, it_get_shared_record, it_get_deleted_shared_record, it_get_shared_page, it_get_deleted_shared_page test

Browse Source
This commit is contained in:
Peter Papp
2021-03-10 08:41:21 +01:00
parent e164d1021c
commit aecdf56304
14 changed files with 195 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/Http/Controllers/Auth/AuthController.php
View File

@@ -3,9 +3,9 @@
namespace App\Http\Controllers\Auth;
use App\Http\Requests\Auth\CheckAccountRequest;
use App\Setting;
use App\User;
use App\UserSettings;
use App\Models\Setting;
use App\Models\User;
use App\Models\UserSettings;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Auth;

2
app/Http/Controllers/Auth/ForgotPasswordController.php
View File

@@ -6,7 +6,7 @@ use App\Http\Controllers\Controller;
use App\Mail\TestMail;
use App\Notifications\ResetPassword;
use App\Notifications\ResetUserPasswordNotification;
use App\User;
use App\Models\User;
use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Lang;

2
app/Http/Controllers/Auth/RegisterController.php
View File

@@ -4,7 +4,7 @@ namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use App\User;
use App\Models\User;
use Illuminate\Foundation\Auth\RegistersUsers;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;

25
app/Http/Controllers/FileAccessController.php
View File

@@ -2,24 +2,14 @@
namespace App\Http\Controllers;
use App\Models\Folder;
use App\Http\Tools\Editor;
use App\Http\Tools\Guardian;
use App\Models\Share;
use App\Models\User;
use App\Models\Zip;
use Illuminate\Support\Arr;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\File;
use Illuminate\Http\Request;
use App\Models\File as UserFile;
use Illuminate\Support\Facades\Storage;
use Illuminate\Support\Str;
use Illuminate\Http\Exceptions\HttpResponseException;
use Madnest\Madzipper\Facades\Madzipper;
use Response;
use League\Flysystem\FileNotFoundException;
use Symfony\Component\HttpKernel\Exception\HttpException;
class FileAccessController extends Controller
{
@@ -157,12 +147,12 @@ class FileAccessController extends Controller
$shared = get_shared($token);
// Abort if shared is protected
if ((int)$shared->protected) {
if ((int) $shared->is_protected) {
abort(403, "Sorry, you don't have permission");
}
// Get file record
$file = File::where('user_id', $shared->user_id)
$file = UserFile::where('user_id', $shared->user_id)
->where('basename', $filename)
->firstOrFail();
@@ -170,9 +160,12 @@ class FileAccessController extends Controller
$this->check_file_access($shared, $file);
// Store user download size
User::find($shared->user_id)->record_download((int)$file->getRawOriginal('filesize'));
User::find($shared->user_id)
->record_download(
(int) $file->getRawOriginal('filesize')
);
return $this->download_file($file);
return $this->download_file($file, $shared->user_id);
}
/**
@@ -243,7 +236,7 @@ class FileAccessController extends Controller
// Check by single file permission
if ($shared->type === 'file') {
if ($shared->item_id !== $file->unique_id) abort(403);
if ($shared->item_id !== $file->id) abort(403);
}
}

2
app/Http/Controllers/FileFunctions/ShareController.php
View File

@@ -28,7 +28,7 @@ class ShareController extends Controller
public function show($token)
{
// Get record
$shared = Share::where(DB::raw('BINARY `token`'), $token)
$shared = Share::whereToken($token)
->firstOrFail();
return new ShareResource($shared);

18
app/Http/Controllers/Sharing/FileSharingController.php
View File

@@ -26,16 +26,21 @@ class FileSharingController extends Controller
/**
* Show page index and delete access_token & shared_token cookie
*
* @return Factory|\Illuminate\View\View
* @return \Illuminate\Http\Response
*/
public function index($token)
{
// Get shared token
$shared = Share::where(\DB::raw('BINARY `token`'), $token)
$shared = Share::whereToken($token)
->first();
if (! $shared) {
return view("index");
return response()
->view('index', [
'settings' => null,
'legal' => null,
'installation' => null,
], 404);
}
// Delete old access_token if exist
@@ -196,16 +201,17 @@ class FileSharingController extends Controller
public function file_public($token)
{
// Get sharing record
$shared = Share::where(DB::raw('BINARY `token`'), $token)->firstOrFail();
$shared = Share::whereToken($token)
->firstOrFail();
// Abort if file is protected
if ((int) $shared->protected) {
if ((int) $shared->is_protected) {
abort(403, "Sorry, you don't have permission");
}
// Get file
$file = File::where('user_id', $shared->user_id)
->where('unique_id', $shared->item_id)
->where('id', $shared->item_id)
->firstOrFail(['name', 'basename', 'thumbnail', 'type', 'filesize', 'mimetype']);
// Set urls

6
app/Http/Controllers/User/AccountController.php
View File

@@ -2,8 +2,8 @@
namespace App\Http\Controllers\User;
use App\File;
use App\Folder;
use App\Models\File;
use App\Models\Folder;
use App\Http\Resources\InvoiceCollection;
use App\Http\Resources\StorageDetailResource;
use App\Http\Resources\UserResource;
@@ -16,7 +16,7 @@ use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Http\Request;
use ByteUnits\Metric;
use App\User;
use App\Models\User;
class AccountController extends Controller
{

3
app/Http/Helpers/helpers.php
View File

@@ -205,8 +205,7 @@ function get_item($type, $id)
*/
function get_shared($token)
{
return Share::where(DB::raw('BINARY `token`'), $token)
return Share::whereToken($token)
->firstOrFail();
}

2
app/Http/Resources/UserResource.php
View File

@@ -3,7 +3,7 @@
namespace App\Http\Resources;
use App\Services\StripeService;
use App\User;
use App\Models\User;
use Cartalyst\Stripe\Api\PaymentMethods;
use Faker\Factory;
use Illuminate\Http\Resources\Json\JsonResource;

8
app/Http/Tools/Demo.php
View File

@@ -3,11 +3,11 @@
namespace App\Http\Tools;
use App;
use App\Share;
use App\File;
use App\Folder;
use App\Models\Share;
use App\Models\File;
use App\Models\Folder;
use App\Http\Requests\FileFunctions\RenameItemRequest;
use App\User;
use App\Models\User;
use ByteUnits\Metric;
use Carbon\Carbon;
use Illuminate\Contracts\Routing\ResponseFactory;

2
app/Models/User.php
View File

@@ -257,7 +257,7 @@ class User extends Authenticatable
*/
protected static function boot()
{
parent::booted();
parent::boot();
static::creating(function ($user) {
$user->id = Str::uuid();

2
tests/Feature/FileAccessTest.php → tests/Feature/ContentAccessTest.php
View File

@@ -15,7 +15,7 @@ use Laravel\Sanctum\Sanctum;
use Storage;
use Tests\TestCase;
class FileAccessTest extends TestCase
class ContentAccessTest extends TestCase
{
use DatabaseMigrations;

93
tests/Feature/ShareContentAccessTest.php Normal file
View File

@@ -0,0 +1,93 @@
<?php
namespace Tests\Feature;
use App\Models\File;
use App\Models\Share;
use App\Models\Traffic;
use App\Models\User;
use App\Services\SetupService;
use Carbon\Carbon;
use Illuminate\Foundation\Testing\DatabaseMigrations;
use Illuminate\Http\UploadedFile;
use Illuminate\Support\Str;
use Laravel\Sanctum\Sanctum;
use Storage;
use Tests\TestCase;
class ShareContentAccessTest extends TestCase
{
use DatabaseMigrations;
public function __construct()
{
parent::__construct();
$this->setup = app()->make(SetupService::class);
}
/**
* @test
*/
public function it_get_public_file_record_and_download_them()
{
Storage::fake('local');
$this->setup->create_directories();
$user = User::factory(User::class)
->create();
$document = UploadedFile::fake()
->create(Str::random() . '-fake-file.pdf', 1000, 'application/pdf');
Storage::putFileAs("files/$user->id", $document, $document->name);
$file = File::factory(File::class)
->create([
'filesize' => $document->getSize(),
'user_id' => $user->id,
'basename' => $document->name,
'name' => 'fake-file.pdf',
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $file->id,
'user_id' => $user->id,
'type' => 'file',
'is_protected' => false,
]);
// Get share record
$this->get("/api/files/$share->token/public")
->assertStatus(200)
->assertJsonFragment([
'basename' => $document->name
]);
// Get shared file
$this->get("/file/$document->name/public/$share->token")
->assertStatus(200);
$this->assertDatabaseHas('traffic', [
'user_id' => $user->id,
'download' => '1024000',
]);
}
/**
* @test
*/
public function it_try_to_get_protected_file_record()
{
$share = Share::factory(Share::class)
->create([
'type' => 'file',
'is_protected' => true,
]);
// Get share record
$this->get("/api/files/$share->token/public")
->assertStatus(403);
}
}

65
tests/Feature/ShareTest.php
View File

@@ -237,5 +237,68 @@ class ShareTest extends TestCase
]);
}
// TODO: napisat testy pre FileSharingController
/**
* @test
*/
public function it_get_shared_record()
{
$share = Share::factory(Share::class)
->create([
'is_protected' => 0,
]);
$this->get("/api/shared/$share->token")
->assertStatus(200)
->assertExactJson([
'data' => [
'id' => $share->id,
'type' => 'shares',
'attributes' => [
'permission' => $share->permission,
'is_protected' => '0',
'item_id' => $share->item_id,
'expire_in' => $share->expire_in,
'token' => $share->token,
'link' => $share->link,
'type' => $share->type,
'created_at' => $share->created_at->toJson(),
'updated_at' => $share->updated_at->toJson(),
],
]
]);
}
/**
* @test
*/
public function it_get_deleted_shared_record()
{
$this->get("/api/shared/19ZMPNiass4ZqWwQ")
->assertNotFound();
}
/**
* @test
*/
public function it_get_shared_page()
{
$share = Share::factory(Share::class)
->create([
'type' => 'file',
'is_protected' => false,
]);
$this->get("/shared/$share->token")
->assertViewIs('index')
->assertStatus(200);
}
/**
* @test
*/
public function it_get_deleted_shared_page()
{
$this->get('/shared/19ZMPNiass4ZqWwQ')
->assertNotFound();
}
}