diff --git a/resources/js/components/Others/TreeMenu.vue b/resources/js/components/Others/TreeMenu.vue
index 21bc2a01..e565f8b6 100644
--- a/resources/js/components/Others/TreeMenu.vue
+++ b/resources/js/components/Others/TreeMenu.vue
@@ -27,25 +27,25 @@
diff --git a/resources/js/components/Others/TreeMenuNavigator.vue b/resources/js/components/Others/TreeMenuNavigator.vue
index 54983d9c..aa1e1ecd 100644
--- a/resources/js/components/Others/TreeMenuNavigator.vue
+++ b/resources/js/components/Others/TreeMenuNavigator.vue
@@ -22,7 +22,7 @@
}"
/>
-
+
{
// Get route
- let route = getters.sharedDetail
- ? `/api/editor/create-folder/${router.currentRoute.params.token}`
- : '/api/create-folder'
-
- let parent_id = getters.currentFolder ? getters.currentFolder.data.id : undefined
+ let route = {
+ RequestUpload: `/api/upload-request/${router.currentRoute.params.token}/create-folder`,
+ Public: `/api/editor/create-folder/${router.currentRoute.params.token}`,
+ }[router.currentRoute.name] || '/api/create-folder'
axios
.post(route, {
- parent_id: parent_id,
name: folder.name,
emoji: folder.emoji,
+ parent_id: getters.currentFolder?.data.id,
})
.then((response) => {
commit('ADD_NEW_FOLDER', response.data)
@@ -120,7 +119,7 @@ const actions = {
},
renameItem: ({ commit, getters, dispatch }, data) => {
// Updated name in favourites panel
- if (getters.permission === 'master' && data.type === 'folder')
+ if (data.type === 'folder' && getters.user)
commit('UPDATE_NAME_IN_FAVOURITES', data)
// Get route
diff --git a/routes/upload-request.php b/routes/upload-request.php
index f1e1b750..cc22b8fe 100644
--- a/routes/upload-request.php
+++ b/routes/upload-request.php
@@ -1,5 +1,6 @@
['auth:sanctum']], function () {
Route::post('/', CreateUploadRequestController::class);
diff --git a/src/Domain/UploadRequest/Controllers/CreateFolderController.php b/src/Domain/UploadRequest/Controllers/CreateFolderController.php
new file mode 100644
index 00000000..80356d68
--- /dev/null
+++ b/src/Domain/UploadRequest/Controllers/CreateFolderController.php
@@ -0,0 +1,46 @@
+status !== 'active') {
+ return response('Gone', 410);
+ }
+
+ // Check privileges
+ if (! in_array($request->input('parent_id'), getChildrenFolderIds($uploadRequest->id))) {
+ return response('Access Denied', 403);
+ }
+
+ // Create new folder
+ $folder = Folder::create([
+ 'parent_id' => $request->input('parent_id'),
+ 'name' => $request->input('name'),
+ 'color' => $request->input('color') ?? null,
+ 'emoji' => $request->input('emoji') ?? null,
+ 'author' => 'visitor',
+ 'user_id' => $uploadRequest->user_id,
+ 'team_folder' => false,
+ ]);
+
+ // Return new folder
+ return response(new FolderResource($folder), 201);
+ }
+}
\ No newline at end of file
diff --git a/src/Support/helpers.php b/src/Support/helpers.php
index 69ed3d85..baf91d4c 100644
--- a/src/Support/helpers.php
+++ b/src/Support/helpers.php
@@ -3,6 +3,7 @@
use Carbon\Carbon;
use ByteUnits\Metric;
use App\Users\Models\User;
+use Illuminate\Support\Arr;
use Illuminate\Support\Str;
use Domain\Files\Models\File;
use Domain\Sharing\Models\Share;
@@ -27,6 +28,22 @@ if (! function_exists('isRunningCron')) {
}
}
+if (! function_exists('getInnerFolderIds')) {
+ /**
+ * Get all folder children ids
+ */
+ function getChildrenFolderIds(string $id): array
+ {
+ // Get folders within upload request
+ $folderWithinIds = Folder::with('folders:id,parent_id')
+ ->where('parent_id', $id)
+ ->get(['id']);
+
+ // Then get all accessible folders within
+ return Arr::flatten([filter_folders_ids($folderWithinIds), $id]);
+ }
+}
+
if (! function_exists('obfuscate_email')) {
/**
* Obfuscate email
diff --git a/tests/Domain/UploadRequest/RenameFileOrFolderController.php b/tests/Domain/UploadRequest/RenameFileOrFolderController.php
index e149edfb..96634f3f 100644
--- a/tests/Domain/UploadRequest/RenameFileOrFolderController.php
+++ b/tests/Domain/UploadRequest/RenameFileOrFolderController.php
@@ -1,8 +1,6 @@
input('type'), $id);
- // Get folders within upload request
- $folderWithinIds = Folder::with('folders:id,parent_id')
- ->where('parent_id', $uploadRequest->id)
- ->get(['id']);
-
- // Then get all accessible folders within
- $accessibleParentIds = Arr::flatten([filter_folders_ids($folderWithinIds), $uploadRequest->id]);
-
// Check privileges
- if (! in_array($item->parent_id, $accessibleParentIds)) {
+ if (! in_array($item->parent_id, getChildrenFolderIds($uploadRequest->id))) {
return response('Access Denied', 403);
}
diff --git a/tests/Domain/UploadRequest/UploadRequestEditingTest.php b/tests/Domain/UploadRequest/UploadRequestEditingTest.php
index 1d3926fd..7e40d14c 100644
--- a/tests/Domain/UploadRequest/UploadRequestEditingTest.php
+++ b/tests/Domain/UploadRequest/UploadRequestEditingTest.php
@@ -1,4 +1,5 @@
actingAs($user)
- ->postJson("/api/upload-request/$uploadRequest->id/rename/$folder->id", [
+ ->patchJson("/api/upload-request/$uploadRequest->id/rename/$folder->id", [
'name' => 'Renamed Folder',
'type' => 'folder',
])
@@ -45,6 +46,7 @@ class UploadRequestEditingTest extends TestCase
'name' => 'Renamed Folder',
]);
}
+
/**
* @test
*/
@@ -68,7 +70,7 @@ class UploadRequestEditingTest extends TestCase
$this
->actingAs($user)
- ->postJson("/api/upload-request/$uploadRequest->id/rename/$file->id", [
+ ->patchJson("/api/upload-request/$uploadRequest->id/rename/$file->id", [
'name' => 'Renamed File',
'type' => 'file',
])
@@ -81,4 +83,36 @@ class UploadRequestEditingTest extends TestCase
'name' => 'Renamed File',
]);
}
+
+ /**
+ * @test
+ */
+ public function it_create_new_folder_in_upload_request()
+ {
+ $user = User::factory()
+ ->hasSettings()
+ ->create();
+
+ $uploadRequest = UploadRequest::factory()
+ ->create([
+ 'status' => 'active',
+ 'user_id' => $user->id,
+ ]);
+
+ $this
+ ->actingAs($user)
+ ->postJson("/api/upload-request/$uploadRequest->id/create-folder", [
+ 'name' => 'New Folder',
+ 'parent_id' => $uploadRequest->id,
+ ])
+ ->assertStatus(201)
+ ->assertJsonFragment([
+ 'name' => 'New Folder',
+ ]);
+
+ $this->assertDatabaseHas('folders', [
+ 'name' => 'New Folder',
+ 'parent_id' => $uploadRequest->id,
+ ]);
+ }
}