mirror of
https://github.com/VueFileManager/vuefilemanager.git
synced 2026-04-29 03:10:51 +00:00
- public sharing refactored part 1
This commit is contained in:
Peter Papp
@@ -27,12 +27,10 @@ class BrowseShareController extends Controller
|
||||
* @param Share $shared
|
||||
* @return Collection
|
||||
*/
|
||||
public function get_public_folders($id, Share $shared)
|
||||
public function browse_folder($id, Share $shared)
|
||||
{
|
||||
// Abort if folder is protected
|
||||
if ($shared->is_protected) {
|
||||
abort(403, "Sorry, you don't have permission");
|
||||
}
|
||||
// Check ability to access protected share record
|
||||
$this->helper->check_protected_share_record($shared);
|
||||
|
||||
// Check if user can get directory
|
||||
$this->helper->check_item_access($id, $shared);
|
||||
@@ -57,12 +55,10 @@ class BrowseShareController extends Controller
|
||||
* @param Share $shared
|
||||
* @return Collection
|
||||
*/
|
||||
public function search_public(Request $request, Share $shared)
|
||||
public function search(Request $request, Share $shared)
|
||||
{
|
||||
// Abort if folder is protected
|
||||
if ($shared->is_protected) {
|
||||
abort(403, "Sorry, you don't have permission");
|
||||
}
|
||||
// Check ability to access protected share record
|
||||
$this->helper->check_protected_share_record($shared);
|
||||
|
||||
// Search files id db
|
||||
$searched_files = File::search($request->input('query'))
|
||||
@@ -108,8 +104,11 @@ class BrowseShareController extends Controller
|
||||
* @param Share $shared
|
||||
* @return array
|
||||
*/
|
||||
public function get_public_navigation_tree(Share $shared)
|
||||
public function navigation_tree(Share $shared)
|
||||
{
|
||||
// Check ability to access protected share record
|
||||
$this->helper->check_protected_share_record($shared);
|
||||
|
||||
// Check if user can get directory
|
||||
$this->helper->check_item_access($shared->item_id, $shared);
|
||||
|
||||
|
||||
@@ -54,15 +54,14 @@ class FileSharedAccessController extends Controller
|
||||
* Get file public
|
||||
*
|
||||
* @param $filename
|
||||
* @param $permission
|
||||
* @param Share $shared
|
||||
* @return mixed
|
||||
*/
|
||||
public function get_file_public($filename, Share $shared)
|
||||
public function get_file_public($filename, $permission, Share $shared)
|
||||
{
|
||||
// Abort if shared is protected
|
||||
if ($shared->is_protected) {
|
||||
abort(403, "Sorry, you don't have permission");
|
||||
}
|
||||
// Check ability to access protected share files
|
||||
$this->helper->check_protected_share_record($shared, $permission);
|
||||
|
||||
// Get file record
|
||||
$file = UserFile::where('user_id', $shared->user_id)
|
||||
@@ -86,15 +85,14 @@ class FileSharedAccessController extends Controller
|
||||
* Get public image thumbnail
|
||||
*
|
||||
* @param $filename
|
||||
* @param $permission
|
||||
* @param Share $shared
|
||||
* @return mixed
|
||||
*/
|
||||
public function get_thumbnail_public($filename, Share $shared)
|
||||
public function get_thumbnail_public($filename, $permission, Share $shared)
|
||||
{
|
||||
// Abort if thumbnail is protected
|
||||
if ($shared->is_protected) {
|
||||
abort(403, "Sorry, you don't have permission");
|
||||
}
|
||||
// Check ability to access protected share files
|
||||
$this->helper->check_protected_share_record($shared, $permission);
|
||||
|
||||
// Get file record
|
||||
$file = UserFile::where('user_id', $shared->user_id)
|
||||
|
||||
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\Sharing;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Http\Requests\Share\AuthenticateShareRequest;
|
||||
use App\Http\Resources\FileResource;
|
||||
use App\Http\Resources\ShareResource;
|
||||
use App\Models\Share;
|
||||
use App\Models\Setting;
|
||||
@@ -118,20 +119,17 @@ class ServeSharedController extends Controller
|
||||
*/
|
||||
public function file_public(Share $shared)
|
||||
{
|
||||
// Abort if file is protected
|
||||
if ($shared->is_protected) {
|
||||
abort(403, "Sorry, you don't have permission");
|
||||
}
|
||||
// Check ability to access protected share files
|
||||
$this->helper->check_protected_share_record($shared);
|
||||
|
||||
// Get file
|
||||
$file = File::where('user_id', $shared->user_id)
|
||||
->where('id', $shared->item_id)
|
||||
->firstOrFail(['name', 'basename', 'thumbnail', 'type', 'filesize', 'mimetype']);
|
||||
->firstOrFail();
|
||||
|
||||
// Set urls
|
||||
// Set access urls
|
||||
$file->setPublicUrl($shared->token);
|
||||
|
||||
// Return record
|
||||
return $file;
|
||||
return response(new FileResource($file), 200);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15,6 +15,7 @@ class Kernel extends HttpKernel
|
||||
* @var array
|
||||
*/
|
||||
protected $middleware = [
|
||||
// \App\Http\Middleware\TrustHosts::class,
|
||||
\App\Http\Middleware\TrustProxies::class,
|
||||
\Fruitcake\Cors\HandleCors::class,
|
||||
\App\Http\Middleware\PreventRequestsDuringMaintenance::class,
|
||||
|
||||
@@ -1,29 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
|
||||
class SharedAuth
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure $next
|
||||
* @return mixed
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
if (!$request->bearerToken()) {
|
||||
if ($request->hasCookie('shared_access_token')) {
|
||||
|
||||
$shared_access_token = $request->cookie('shared_access_token');
|
||||
|
||||
$request->headers->add(['Authorization' => 'Bearer ' . $shared_access_token]);
|
||||
|
||||
}
|
||||
}
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,35 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class FileResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return [
|
||||
'data' => [
|
||||
'id' => $this->id,
|
||||
'type' => 'file',
|
||||
'attributes' => [
|
||||
'name' => $this->name,
|
||||
'basename' => $this->basename,
|
||||
'mimetype' => $this->mimetype,
|
||||
'filesize' => $this->filesize,
|
||||
'type' => $this->type,
|
||||
'file_url' => $this->file_url,
|
||||
'thumbnail' => $this->thumbnail,
|
||||
'created_at' => $this->created_at,
|
||||
'updated_at' => $this->created_at,
|
||||
]
|
||||
],
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -1,23 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\ResourceCollection;
|
||||
|
||||
class GatewayCollection extends ResourceCollection
|
||||
{
|
||||
public $collects = GatewayResource::class;
|
||||
|
||||
/**
|
||||
* Transform the resource collection into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return [
|
||||
'data' => $this->collection,
|
||||
];
|
||||
}
|
||||
}
|
||||
@@ -1,36 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Resources;
|
||||
|
||||
use Illuminate\Http\Resources\Json\JsonResource;
|
||||
|
||||
class GatewayResource extends JsonResource
|
||||
{
|
||||
/**
|
||||
* Transform the resource into an array.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return array
|
||||
*/
|
||||
public function toArray($request)
|
||||
{
|
||||
return [
|
||||
'data' => [
|
||||
'id' => (string)$this->id,
|
||||
'type' => 'gateways',
|
||||
'attributes' => [
|
||||
'status' => $this->status,
|
||||
'sandbox' => $this->sandbox,
|
||||
'name' => $this->name,
|
||||
'slug' => $this->slug,
|
||||
'logo' => $this->logo,
|
||||
'client_id' => $this->client_id,
|
||||
'secret' => $this->secret,
|
||||
'webhook' => $this->webhook,
|
||||
'payment_processed' => $this->payment_processed,
|
||||
'optional' => $this->optional,
|
||||
]
|
||||
]
|
||||
];
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user