nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-06 02:33:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

added guest_get_folder_content test

Browse Source
This commit is contained in:
Peter Papp
2021-03-10 17:13:49 +01:00
parent 5e37e10a0c
commit ff4af2978d
4 changed files with 109 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
app/Http/Controllers/Sharing/FileSharingController.php
View File

@@ -143,19 +143,19 @@ class FileSharingController extends Controller
* Browse private folders
*
* @param Request $request
* @param $unique_id
* @param $id
* @return Collection
*/
public function get_private_folders(Request $request, $unique_id)
public function get_private_folders(Request $request, $id)
{
// Get sharing record
$shared = Share::where('token', $request->cookie('shared_token'))->firstOrFail();
// Check if user can get directory
Guardian::check_item_access($unique_id, $shared);
Guardian::check_item_access($id, $shared);
// Get files and folders
list($folders, $files) = $this->get_items($unique_id, $shared);
list($folders, $files) = $this->get_items($id, $shared);
// Collect folders and files to single array
return collect([$folders, $files])->collapse();
@@ -164,24 +164,24 @@ class FileSharingController extends Controller
/**
* Browse public folders
*
* @param $unique_id
* @param $id
* @param $token
* @return Collection
*/
public function get_public_folders($unique_id, $token)
public function get_public_folders($id, $token)
{
// Get sharing record
$shared = Share::where(DB::raw('BINARY `token`'), $token)->firstOrFail();
$shared = get_shared($token);
// Abort if folder is protected
if ((int) $shared->protected) {
if ((int) $shared->is_protected) {
abort(403, "Sorry, you don't have permission");
}
// Check if user can get directory
Guardian::check_item_access($unique_id, $shared);
Guardian::check_item_access($id, $shared);
// Get files and folders
list($folders, $files) = $this->get_items($unique_id, $shared);
list($folders, $files) = $this->get_items($id, $shared);
// Set thumbnail links for public files
$files->map(function ($item) use ($token) {
@@ -357,7 +357,7 @@ class FileSharingController extends Controller
$shared = get_shared($token);
// Abort if folder is protected
if ((int) $shared->protected) {
if ((int) $shared->is_protected) {
abort(403, "Sorry, you don't have permission");
}
@@ -402,19 +402,19 @@ class FileSharingController extends Controller
/**
* Get folders and files
*
* @param $unique_id
* @param $id
* @param $shared
* @return array
*/
private function get_items($unique_id, $shared): array
private function get_items($id, $shared): array
{
$folders = Folder::where('user_id', $shared->user_id)
->where('parent_id', $unique_id)
->where('parent_id', $id)
->sortable()
->get();
$files = File::where('user_id', $shared->user_id)
->where('folder_id', $unique_id)
->where('folder_id', $id)
->sortable()
->get();

2
routes/api.php
View File

@@ -74,8 +74,8 @@ Route::group(['middleware' => ['auth:api', 'auth.shared', 'scope:visitor,editor'
Route::group(['middleware' => ['auth:sanctum']], function () {
// Edit items
Route::patch('/rename/{id}', [EditItemsController::class, 'user_rename_item']);
Route::post('/create-folder', [EditItemsController::class, 'user_create_folder']);
Route::patch('/rename/{id}', [EditItemsController::class, 'user_rename_item']);
Route::post('/remove', [EditItemsController::class, 'user_delete_item']);
Route::post('/upload', [EditItemsController::class, 'user_upload']);
Route::post('/move', [EditItemsController::class, 'user_move']);

21
routes/share.php
View File

@@ -1,12 +1,13 @@
<?php
use App\Http\Controllers\FileFunctions\EditItemsController;
use App\Http\Controllers\FileFunctions\ShareController;
use App\Http\Controllers\Sharing\FileSharingController;
// Editor functions
Route::group(['prefix' => 'editor'], function () {
Route::patch('/rename/{id}/public/{token}', [EditItemsController::class, 'guest_rename_item']);
Route::post('/create-folder/public/{token}', [EditItemsController::class, 'guest_create_folder']);
Route::patch('/rename/{id}/public/{token}', [EditItemsController::class, 'guest_rename_item']);
Route::post('/remove/public/{token}', [EditItemsController::class, 'guest_delete_item']);
Route::post('/upload/public/{token}', [EditItemsController::class, 'guest_upload']);
Route::post('/move/public/{token}', [EditItemsController::class, 'guest_move']);
@@ -14,14 +15,16 @@ Route::group(['prefix' => 'editor'], function () {
// Editor/Visitor zip functions
Route::group(['prefix' => 'zip'], function () {
Route::get('/folder/{id}/public/{token}', [EditItemsController::class, 'guest_zip_folder']);
Route::post('/files/public/{token}', [EditItemsController::class, 'guest_zip_multiple_files']);
Route::get('/folder/{id}/public/{token}', [EditItemsController::class, 'guest_zip_folder']);
});
// Sharing page browsing
Route::get('/folders/{id}/public/{token}', [FileSharingController::class, 'get_public_folders']);
Route::get('/navigation/public/{token}', [FileSharingController::class, 'get_public_navigation_tree']);
Route::post('/shared/authenticate/{token}', [FileSharingController::class, 'authenticate']);
Route::get('/search/public/{token}', [FileSharingController::class, 'search_public']);
Route::get('/files/{token}/public', [FileSharingController::class, 'file_public']);
Route::get('/shared/{token}', [ShareController::class, 'show']);
// Browse share content
Route::group(['prefix' => 'browse'], function () {
Route::get('/folders/{id}/public/{token}', [FileSharingController::class, 'get_public_folders']);
Route::get('/navigation/public/{token}', [FileSharingController::class, 'get_public_navigation_tree']);
Route::post('/shared/authenticate/{token}', [FileSharingController::class, 'authenticate']);
Route::get('/search/public/{token}', [FileSharingController::class, 'search_public']);
Route::get('/files/{token}/public', [FileSharingController::class, 'file_public']);
Route::get('/shared/{token}', [ShareController::class, 'show']);
});

80
tests/Feature/Share/ShareEditorTest.php
View File

@@ -516,4 +516,84 @@ class ShareEditorTest extends TestCase
$this->getJson("/api/zip/folder/$folder->id/public/$share->token")
->assertStatus(403);
}
/**
* @test
*/
public function guest_get_folder_content()
{
$user = User::factory(User::class)
->create();
$root = Folder::factory(Folder::class)
->create([
'name' => 'root',
'user_id' => $user->id,
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => false,
'permission' => 'editor',
]);
$folder = Folder::factory(Folder::class)
->create([
'parent_id' => $root->id,
'name' => 'Documents',
"user_scope" => "master",
'user_id' => $user->id,
]);
$file = File::factory(File::class)
->create([
'folder_id' => $root->id,
'name' => 'Document',
'basename' => 'document.pdf',
"mimetype" => "application/pdf",
"user_scope" => "master",
"type" => "file",
'user_id' => $user->id,
]);
$this->getJson("/api/browse/folders/$root->id/public/$share->token")
->assertStatus(200)
->assertExactJson([
[
"id" => $folder->id,
"user_id" => $user->id,
"parent_id" => $root->id,
"name" => "Documents",
"color" => null,
"emoji" => null,
"user_scope" => "master",
"deleted_at" => null,
"created_at" => $folder->created_at,
"updated_at" => $folder->updated_at->toJson(),
"items" => 0,
"trashed_items" => 0,
"type" => "folder",
],
[
"id" => $file->id,
"user_id" => $user->id,
"folder_id" => $root->id,
"thumbnail" => null,
"name" => "Document",
"basename" => "document.pdf",
"mimetype" => "application/pdf",
"filesize" => $file->filesize,
"type" => "file",
"metadata" => null,
"user_scope" => "master",
"deleted_at" => null,
"created_at" => $file->created_at,
"updated_at" => $file->updated_at->toJson(),
"file_url" => "http://localhost/file/document.pdf/public/$share->token",
]
]);
}
}