nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-28 19:10:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

- public sharing refactored part 3

Browse Source
This commit is contained in:
Peter Papp
2021-03-19 10:13:48 +01:00
parent ed8ab2978f
commit f4b3f1f163
10 changed files with 593 additions and 486 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/Http/Controllers/FileManager/BrowseController.php
+1 -1
View File
@@ -199,7 +199,7 @@ class BrowseController extends Controller
{
$user_id = Auth::id();
$query = remove_accents($request->query);
$query = remove_accents($request->input('query'));
// Search files id db
$searched_files = File::search($query)
app/Http/Controllers/FileManager/EditItemsController.php
+17 -149
View File
@@ -24,6 +24,7 @@ class EditItemsController extends Controller
{
private $filemanager;
private $helper;
private $demo;
public function __construct()
{
@@ -36,29 +37,15 @@ class EditItemsController extends Controller
* Create new folder for authenticated master|editor user
*
* @param CreateFolderRequest $request
* @return array
* @return Folder|array|Model
* @throws Exception
*/
public function create_folder(CreateFolderRequest $request)
{
// Demo preview
if (is_demo(Auth::id())) {
if (is_demo_account('howdy@hi5ve.digital')) {
return $this->demo->create_folder($request);
}
// Check permission to create folder for authenticated editor
/*if ($request->user()->tokenCan('editor')) {
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// Check access to requested directory
$this->helper->check_item_access($request->parent_id, $shared);
}*/
// Create new folder
return $this->filemanager->create_folder($request);
}
@@ -73,34 +60,13 @@ class EditItemsController extends Controller
*/
public function rename_item(RenameItemRequest $request, $id)
{
// Demo preview
if (is_demo(Auth::id())) {
if (is_demo_account('howdy@hi5ve.digital')) {
return $this->demo->rename_item($request, $id);
}
// Check permission to rename item for authenticated editor
/*if ($request->user()->tokenCan('editor')) {
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// Get file|folder item
$item = get_item($request->type, $id);
// Check access to requested directory
if ($request->type === 'folder') {
$this->helper->check_item_access($item->id, $shared);
} else {
$this->helper->check_item_access($item->folder_id, $shared);
}
}*/
// If request have a change folder icon values set the folder icon
if ($request->type === 'folder' && ($request->filled('emoji') || $request->filled('color'))) {
$this->filemanager->set_folder_icon($request, $id);
// If request contain icon or color, then change it
if ($request->filled('emoji') || $request->filled('color')) {
$this->filemanager->edit_folder_properties($request, $id);
}
// Rename Item
@@ -111,77 +77,35 @@ class EditItemsController extends Controller
* Delete item for authenticated master|editor user
*
* @param DeleteItemRequest $request
* @param $id
* @return ResponseFactory|\Illuminate\Http\Response
* @throws Exception
*/
public function delete_item(DeleteItemRequest $request)
{
// Demo preview
if (is_demo(Auth::id())) {
if (is_demo_account('howdy@hi5ve.digital')) {
return $this->demo->response_with_no_content();
}
foreach ($request->input('items') as $item) {
// Check permission to delete item for authenticated editor
/*if ($request->user()->tokenCan('editor')) {
// Prevent force delete for non-master users
if ($item['force_delete']) abort('401');
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// Get file|folder item
$item = get_item($item['type'], $item['id']);
// Check access to requested directory
if ($item['type'] === 'folder') {
$this->helper->check_item_access($item->id, $shared);
} else {
$this->helper->check_item_access($item->folder_id, $shared);
}
}*/
// Delete item
$this->filemanager->delete_item($item, $item['id']);
}
return response(null, 204);
return response('Done', 204);
}
/**
* Upload file for authenticated master|editor user
*
* @param UploadRequest $request
* @return File|Model
* @return array|Model|\Illuminate\Support\Facades\File
* @throws Exception
*/
public function upload(UploadRequest $request)
{
// Demo preview
if (is_demo(Auth::id())) {
if (is_demo_account('howdy@hi5ve.digital')) {
return $this->demo->upload($request);
}
// Check permission to upload for authenticated editor
/*if ($request->user()->tokenCan('editor')) {
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// Check access to requested directory
$this->helper->check_item_access($request->parent_id, $shared);
}*/
// Return new uploaded file
return $this->filemanager->upload($request);
}
@@ -189,33 +113,15 @@ class EditItemsController extends Controller
* Move item for authenticated master|editor user
*
* @param MoveItemRequest $request
* @param $id
* @return ResponseFactory|\Illuminate\Http\Response
*/
public function move(MoveItemRequest $request)
{
// Demo preview
if (is_demo(Auth::id())) {
if (is_demo_account('howdy@hi5ve.digital')) {
return $this->demo->response_with_no_content();
}
$to_id = $request->input('to_id');
// Check permission to upload for authenticated editor
/*if ($request->user()->tokenCan('editor')) {
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// Check access to requested directory
$this->helper->check_item_access($to_id, $shared);
}*/
// Move item
$this->filemanager->move($request, $to_id);
$this->filemanager->move($request, $request->to_id);
return response('Done!', 204);
}
@@ -225,36 +131,19 @@ class EditItemsController extends Controller
*
* @param $id
* @return string
* @throws \Illuminate\Contracts\Filesystem\FileNotFoundException
*/
public function zip_folder(Request $request, $id)
public function zip_folder($id)
{
// Get user id
$user_id = Auth::id();
// Check permission to download for authenticated editor
/*if ($request->user()->tokenCan('editor')) {
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
// Check access to requested directory
$this->helper->check_item_access($id, $shared);
}*/
// Get folder
$folder = Folder::whereUserId($user_id)
$folder = Folder::whereUserId(Auth::id())
->where('id', $id);
if (!$folder->exists()) {
abort(404, 'Requested folder doesn\'t exists.');
abort(404, "Requested folder doesn't exists.");
}
$zip = $this->filemanager->zip_folder($id);
// Get file
return response([
'url' => route('zip', $zip->id),
'name' => $zip->basename,
@@ -269,33 +158,12 @@ class EditItemsController extends Controller
*/
public function zip_multiple_files(Request $request)
{
// Check permission to upload for authenticated editor
/*if ($request->user()->tokenCan('editor')) {
// check if shared_token cookie exist
if (!$request->hasCookie('shared_token')) abort('401');
// Get shared token
$shared = get_shared($request->cookie('shared_token'));
$file_parent_folders = File::whereUserId(Auth::id())
->whereIn('id', $request->input('files'))
->get()
->pluck('folder_id')
->toArray();
// Check access to requested directory
$this->helper->check_item_access($file_parent_folders, $shared);
}*/
// Get requested files
$files = File::whereUserId(Auth::id())
->whereIn('id', $request->input('items'))
->get();
$zip = $this->filemanager->zip_files($files);
// Get file
return response([
'url' => route('zip', $zip->id),
'name' => $zip->basename,
app/Http/Controllers/Sharing/BrowseShareController.php
+5 -4
View File
@@ -61,6 +61,7 @@ class BrowseShareController extends Controller
/**
* Check Password for protected item
*
* @param AuthenticateShareRequest $request
* @param Share $shared
* @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\Response
@@ -84,7 +85,7 @@ class BrowseShareController extends Controller
}
/**
* Browse public folders
* Browse shared folder
*
* @param $id
* @param Share $shared
@@ -112,7 +113,7 @@ class BrowseShareController extends Controller
}
/**
* Search public files
* Search shared files
*
* @param Request $request
* @param Share $shared
@@ -167,7 +168,7 @@ class BrowseShareController extends Controller
}
/**
* Get navigation tree
* Get navigation tree of shared folder
*
* @param Share $shared
* @return array
@@ -198,7 +199,7 @@ class BrowseShareController extends Controller
}
/**
* Get shared public file record
* Get shared file record
*
* @param Share $shared
* @return mixed
app/Http/Controllers/Sharing/FileSharedAccessController.php
+4 -6
View File
@@ -54,14 +54,13 @@ class FileSharedAccessController extends Controller
* Get file public
*
* @param $filename
* @param $permission
* @param Share $shared
* @return mixed
*/
public function get_file_public($filename, $permission, Share $shared)
public function get_file_public($filename, Share $shared)
{
// Check ability to access protected share files
$this->helper->check_protected_share_record($shared, $permission);
$this->helper->check_protected_share_record($shared);
// Get file record
$file = UserFile::where('user_id', $shared->user_id)
@@ -85,14 +84,13 @@ class FileSharedAccessController extends Controller
* Get public image thumbnail
*
* @param $filename
* @param $permission
* @param Share $shared
* @return mixed
*/
public function get_thumbnail_public($filename, $permission, Share $shared)
public function get_thumbnail_public($filename, Share $shared)
{
// Check ability to access protected share files
$this->helper->check_protected_share_record($shared, $permission);
$this->helper->check_protected_share_record($shared);
// Get file record
$file = UserFile::where('user_id', $shared->user_id)
app/Http/Controllers/Sharing/EditShareItemsController.php → app/Http/Controllers/Sharing/ManipulateShareItemsController.php
+17 -2
View File
@@ -19,7 +19,7 @@ use Illuminate\Database\Eloquent\Model;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class EditShareItemsController extends Controller
class ManipulateShareItemsController extends Controller
{
private $filemanager;
private $helper;
@@ -45,6 +45,9 @@ class EditShareItemsController extends Controller
return $this->demo->create_folder($request);
}
// Check ability to access protected share record
$this->helper->check_protected_share_record($shared);
// Check shared permission
if (is_visitor($shared)) {
abort(403);
@@ -74,6 +77,9 @@ class EditShareItemsController extends Controller
return $this->demo->rename_item($request, $id);
}
// Check ability to access protected share record
$this->helper->check_protected_share_record($shared);
// Check shared permission
if (is_visitor($shared)) {
abort(403);
@@ -91,7 +97,7 @@ class EditShareItemsController extends Controller
// If request have a change folder icon values set the folder icon
if ($request->type === 'folder' && $request->filled('icon')) {
$this->filemanager->set_folder_icon($request, $id);
$this->filemanager->edit_folder_properties($request, $id);
}
// Rename item
@@ -119,6 +125,9 @@ class EditShareItemsController extends Controller
return $this->demo->response_with_no_content();
}
// Check ability to access protected share record
$this->helper->check_protected_share_record($shared);
// Check shared permission
if (is_visitor($shared)) {
abort(403);
@@ -157,6 +166,9 @@ class EditShareItemsController extends Controller
return $this->demo->upload($request);
}
// Check ability to access protected share record
$this->helper->check_protected_share_record($shared);
// Check shared permission
if (is_visitor($shared)) {
abort(403);
@@ -187,6 +199,9 @@ class EditShareItemsController extends Controller
return $this->demo->response_with_no_content();
}
// Check ability to access protected share record
$this->helper->check_protected_share_record($shared);
// Check shared permission
if (is_visitor($shared)) {
abort(403);