From f66982b3ecec04d320b424f45af1805983a924ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=8Carodej?= <peterpapp@makingcg.com>
Date: Mon, 16 May 2022 12:33:09 +0200
Subject: [PATCH] sharing route refactoring

---
 .env.testing                                  |  2 +-
 resources/js/store/modules/sharing.js         |  2 +-
 routes/share.php                              |  3 +-
 .../VisitorUploadFileController.php           | 73 +++++++++++++++++++
 tests/Domain/Sharing/VisitorBrowseTest.php    |  8 +-
 tests/Domain/Zip/SharedZippingTest.php        | 12 +--
 6 files changed, 87 insertions(+), 13 deletions(-)
 create mode 100644 src/Domain/Files/Controllers/VisitorUploadFileController.php

diff --git a/.env.testing b/.env.testing
index b0045eaf..8b7af98b 100644
--- a/.env.testing
+++ b/.env.testing
@@ -1,6 +1,6 @@
 APP_NAME=Laravel
 APP_ENV=local
-APP_KEY=base64:z6k1PzCZHXgOlUdNwFJzjKtyxIy8Qczl3POYpk3O94A=
+APP_KEY=base64:x5KqtYx90b6qdRZ0tzl1LunUYNlu6uXZATY3oKTMn1M=
 APP_DEBUG=true
 APP_URL=http://localhost
 APP_DEMO=false
diff --git a/resources/js/store/modules/sharing.js b/resources/js/store/modules/sharing.js
index 9344a3a1..7053aca6 100644
--- a/resources/js/store/modules/sharing.js
+++ b/resources/js/store/modules/sharing.js
@@ -50,7 +50,7 @@ const actions = {
     getShareDetail: ({ commit, state }, token) => {
         return new Promise((resolve, reject) => {
             axios
-                .get(`/api/sharing/share/${token}`)
+                .get(`/api/sharing/${token}`)
                 .then((response) => {
                     resolve(response)
 
diff --git a/routes/share.php b/routes/share.php
index 2ea91dc8..1f2ad43e 100644
--- a/routes/share.php
+++ b/routes/share.php
@@ -3,6 +3,7 @@
 use Domain\Sharing\Controllers\ShareController;
 use Domain\Zip\Controllers\VisitorZipController;
 use Domain\Files\Controllers\VisitorShowFileController;
+use Domain\Files\Controllers\VisitorUploadFileController;
 use Domain\Folders\Controllers\VisitorCreateFolderController;
 use Domain\Sharing\Controllers\WebCrawlerOpenGraphController;
 use Domain\Browsing\Controllers\VisitorBrowseFolderController;
@@ -32,7 +33,7 @@ Route::post('/authenticate/{shared}', VisitorUnlockLockedShareController::class)
 Route::get('/navigation/{shared}', VisitorNavigationFolderTreeController::class);
 Route::get('/folders/{id}/{shared}', VisitorBrowseFolderController::class);
 Route::get('/file/{shared}', VisitorShowFileController::class);
-Route::get('/share/{share}', [ShareController::class, 'show']);
+Route::get('/{share}', [ShareController::class, 'show']);
 
 // Others
 Route::get('/search/{shared}', VisitorSearchFilesAndFoldersController::class);
diff --git a/src/Domain/Files/Controllers/VisitorUploadFileController.php b/src/Domain/Files/Controllers/VisitorUploadFileController.php
new file mode 100644
index 00000000..0a877d64
--- /dev/null
+++ b/src/Domain/Files/Controllers/VisitorUploadFileController.php
@@ -0,0 +1,73 @@
+<?php
+namespace Domain\Files\Controllers;
+
+use Str;
+use Storage;
+use Domain\Sharing\Models\Share;
+use Illuminate\Http\JsonResponse;
+use App\Http\Controllers\Controller;
+use Domain\Files\Resources\FileResource;
+use Domain\Files\Actions\ProcessFileAction;
+use Domain\Files\Requests\UploadFileRequest;
+use Support\Demo\Actions\FakeUploadFileAction;
+use Domain\Files\Actions\StoreFileChunksAction;
+use Domain\Sharing\Actions\ProtectShareRecordAction;
+use Domain\Sharing\Actions\VerifyAccessToItemAction;
+use Illuminate\Contracts\Filesystem\FileNotFoundException;
+
+/**
+ * guest user upload file into shared folder
+ */
+class VisitorUploadFileController extends Controller
+{
+    public function __construct(
+        public ProcessFileAction $processFie,
+        public StoreFileChunksAction $storeFileChunks,
+        private FakeUploadFileAction $fakeUploadFile,
+        private ProtectShareRecordAction $protectShareRecord,
+        private VerifyAccessToItemAction $verifyAccessToItem,
+    ) {
+    }
+
+    /**
+     * @throws FileNotFoundException
+     */
+    public function __invoke(
+        UploadFileRequest $request,
+        Share $shared,
+    ): JsonResponse {
+        if (isDemoAccount()) {
+            return response()->json(($this->fakeUploadFile)($request), 201);
+        }
+
+        // Check ability to access protected share record
+        ($this->protectShareRecord)($shared);
+
+        // Check shared permission
+        if (is_visitor($shared)) {
+            return response()->json(accessDeniedError(), 403);
+        }
+
+        // Add default parent id if missing
+        if ($request->missing('parent_id')) {
+            $request->merge(['parent_id' => $shared->item_id]);
+        }
+
+        // Check access to requested directory
+        ($this->verifyAccessToItem)($request->input('parent_id'), $shared);
+
+        // Get file name
+        $name = Str::uuid() . '.' . $request->input('extension');
+
+        // Put file to user directory
+        Storage::disk('local')->put("files/$shared->user_id/$name", $request->file('file')->get());
+
+        // Process file
+        $file = ($this->processFie)($request, $shared->user, $name);
+
+        // Set public access url
+        $file->setSharedPublicUrl($shared->token);
+
+        return response()->json(new FileResource($file), 201);
+    }
+}
diff --git a/tests/Domain/Sharing/VisitorBrowseTest.php b/tests/Domain/Sharing/VisitorBrowseTest.php
index 5aae0e9f..b09a1c8e 100644
--- a/tests/Domain/Sharing/VisitorBrowseTest.php
+++ b/tests/Domain/Sharing/VisitorBrowseTest.php
@@ -19,7 +19,7 @@ class VisitorBrowseTest extends TestCase
                 'is_protected' => 0,
             ]);
 
-        $this->get("/api/browse/share/$share->token")
+        $this->get("/api/sharing/$share->token")
             ->assertStatus(200)
             ->assertExactJson([
                 'data' => [
@@ -63,7 +63,7 @@ class VisitorBrowseTest extends TestCase
      */
     public function it_try_to_get_deleted_share_record()
     {
-        $this->get('/api/browse/share/19ZMPNiass4ZqWwQ')
+        $this->get('/api/sharing/19ZMPNiass4ZqWwQ')
             ->assertNotFound();
     }
 
@@ -180,7 +180,7 @@ class VisitorBrowseTest extends TestCase
 
                     $this
                         ->withUnencryptedCookies($cookie)
-                        ->get("/api/browse/folders/$root->id/$share->token")
+                        ->get("/api/sharing/folders/$root->id/$share->token")
                         ->assertStatus(200)
                         ->assertJsonFragment([
                             'id' => $file->id,
@@ -192,7 +192,7 @@ class VisitorBrowseTest extends TestCase
 
                 // Check public shared item
                 if (! $is_protected) {
-                    $this->getJson("/api/browse/folders/$root->id/$share->token")
+                    $this->getJson("/api/sharing/folders/$root->id/$share->token")
                         ->assertStatus(200)
                         ->assertJsonFragment([
                             'id' => $file->id,
diff --git a/tests/Domain/Zip/SharedZippingTest.php b/tests/Domain/Zip/SharedZippingTest.php
index 72163acf..96e7ff71 100644
--- a/tests/Domain/Zip/SharedZippingTest.php
+++ b/tests/Domain/Zip/SharedZippingTest.php
@@ -89,7 +89,7 @@ class SharedZippingTest extends TestCase
 
                     $this
                         ->withUnencryptedCookies($cookie)
-                        ->get("/api/zip/{$share->token}?items=$files[0]|file,$files[1]|file,$folder->id|folder")
+                        ->get("/api/sharing/zip/{$share->token}?items=$files[0]|file,$files[1]|file,$folder->id|folder")
                         ->assertStatus(200)
                         ->assertHeader('content-type', 'application/x-zip');
                 }
@@ -97,7 +97,7 @@ class SharedZippingTest extends TestCase
                 // Check public shared item
                 if (! $is_protected) {
                     $this
-                        ->get("/api/zip/{$share->token}?items=$files[0]|file,$files[1]|file,$folder->id|folder")
+                        ->get("/api/sharing/zip/{$share->token}?items=$files[0]|file,$files[1]|file,$folder->id|folder")
                         ->assertStatus(200)
                         ->assertHeader('content-type', 'application/x-zip');
                 }
@@ -152,14 +152,14 @@ class SharedZippingTest extends TestCase
 
                     $this
                         ->withUnencryptedCookies($cookie)
-                        ->get("/api/zip/$share->token?items=$files[0]|file,$files[1]|file")
+                        ->get("/api/sharing/zip/$share->token?items=$files[0]|file,$files[1]|file")
                         ->assertStatus(403);
                 }
 
                 // Check public shared item
                 if (! $is_protected) {
                     $this
-                        ->get("/api/zip/$share->token?items=$files[0]|file,$files[1]|file")
+                        ->get("/api/sharing/zip/$share->token?items=$files[0]|file,$files[1]|file")
                         ->assertStatus(403);
                 }
 
@@ -267,13 +267,13 @@ class SharedZippingTest extends TestCase
 
                     $this
                         ->withUnencryptedCookies($cookie)
-                        ->get("/api/zip/$share->token?items=$folder->id|folder")
+                        ->get("/api/sharing/zip/$share->token?items=$folder->id|folder")
                         ->assertStatus(403);
                 }
 
                 // Check public shared item
                 if (! $is_protected) {
-                    $this->getJson("/api/zip/$share->token?items=$folder->id|folder")
+                    $this->getJson("/api/sharing/zip/$share->token?items=$folder->id|folder")
                         ->assertStatus(403);
                 }
             });