nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-18 00:02:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bulk-operations' into sorting

Browse Source
This commit is contained in:
Milos Holba
2020-12-05 17:25:38 +01:00
parent ec6087a03c 2e465f4d03
commit d076817c9e
16 changed files with 228 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
app/Http/Controllers/FileFunctions/EditItemsController.php
View File

@@ -228,10 +228,10 @@ class EditItemsController extends Controller
return Demo::response_204();
}
// Check shared permission
if (!is_editor($shared)) abort(403);
foreach($request->input('data') as $file){
$unique_id = $file['unique_id'];
@@ -329,20 +329,21 @@ class EditItemsController extends Controller
if (is_demo(Auth::id())) {
return Demo::response_204();
}
$to_unique_id = $request->input('to_unique_id');
// Check permission to upload for authenticated editor
if ($request->user()->tokenCan('editor')) {
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
$to_unique_id = $request->input('to_unique_id');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// Check permission to upload for authenticated editor
if ($request->user()->tokenCan('editor')) {
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// Check access to requested directory
Guardian::check_item_access($to_unique_id, $shared);
}
// Check access to requested directory
Guardian::check_item_access($to_unique_id, $shared);
}
// Move item
Editor::move($request, $to_unique_id);
@@ -377,7 +378,7 @@ class EditItemsController extends Controller
$unique_id = $item['unique_id'];
$moving_unique_id = $unique_id;
if ($item['type'] !== 'folder') {
$file = FileManagerFile::where('unique_id', $unique_id)