mirror of
https://github.com/VueFileManager/vuefilemanager.git
synced 2026-04-18 16:22:14 +00:00
added guest_get_folder_content test
This commit is contained in:
Peter Papp
@@ -143,19 +143,19 @@ class FileSharingController extends Controller
|
|||||||
* Browse private folders
|
* Browse private folders
|
||||||
*
|
*
|
||||||
* @param Request $request
|
* @param Request $request
|
||||||
* @param $unique_id
|
* @param $id
|
||||||
* @return Collection
|
* @return Collection
|
||||||
*/
|
*/
|
||||||
public function get_private_folders(Request $request, $unique_id)
|
public function get_private_folders(Request $request, $id)
|
||||||
{
|
{
|
||||||
// Get sharing record
|
// Get sharing record
|
||||||
$shared = Share::where('token', $request->cookie('shared_token'))->firstOrFail();
|
$shared = Share::where('token', $request->cookie('shared_token'))->firstOrFail();
|
||||||
|
|
||||||
// Check if user can get directory
|
// Check if user can get directory
|
||||||
Guardian::check_item_access($unique_id, $shared);
|
Guardian::check_item_access($id, $shared);
|
||||||
|
|
||||||
// Get files and folders
|
// Get files and folders
|
||||||
list($folders, $files) = $this->get_items($unique_id, $shared);
|
list($folders, $files) = $this->get_items($id, $shared);
|
||||||
|
|
||||||
// Collect folders and files to single array
|
// Collect folders and files to single array
|
||||||
return collect([$folders, $files])->collapse();
|
return collect([$folders, $files])->collapse();
|
||||||
@@ -164,24 +164,24 @@ class FileSharingController extends Controller
|
|||||||
/**
|
/**
|
||||||
* Browse public folders
|
* Browse public folders
|
||||||
*
|
*
|
||||||
* @param $unique_id
|
* @param $id
|
||||||
|
* @param $token
|
||||||
* @return Collection
|
* @return Collection
|
||||||
*/
|
*/
|
||||||
public function get_public_folders($unique_id, $token)
|
public function get_public_folders($id, $token)
|
||||||
{
|
{
|
||||||
// Get sharing record
|
$shared = get_shared($token);
|
||||||
$shared = Share::where(DB::raw('BINARY `token`'), $token)->firstOrFail();
|
|
||||||
|
|
||||||
// Abort if folder is protected
|
// Abort if folder is protected
|
||||||
if ((int) $shared->protected) {
|
if ((int) $shared->is_protected) {
|
||||||
abort(403, "Sorry, you don't have permission");
|
abort(403, "Sorry, you don't have permission");
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if user can get directory
|
// Check if user can get directory
|
||||||
Guardian::check_item_access($unique_id, $shared);
|
Guardian::check_item_access($id, $shared);
|
||||||
|
|
||||||
// Get files and folders
|
// Get files and folders
|
||||||
list($folders, $files) = $this->get_items($unique_id, $shared);
|
list($folders, $files) = $this->get_items($id, $shared);
|
||||||
|
|
||||||
// Set thumbnail links for public files
|
// Set thumbnail links for public files
|
||||||
$files->map(function ($item) use ($token) {
|
$files->map(function ($item) use ($token) {
|
||||||
@@ -357,7 +357,7 @@ class FileSharingController extends Controller
|
|||||||
$shared = get_shared($token);
|
$shared = get_shared($token);
|
||||||
|
|
||||||
// Abort if folder is protected
|
// Abort if folder is protected
|
||||||
if ((int) $shared->protected) {
|
if ((int) $shared->is_protected) {
|
||||||
abort(403, "Sorry, you don't have permission");
|
abort(403, "Sorry, you don't have permission");
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -402,19 +402,19 @@ class FileSharingController extends Controller
|
|||||||
/**
|
/**
|
||||||
* Get folders and files
|
* Get folders and files
|
||||||
*
|
*
|
||||||
* @param $unique_id
|
* @param $id
|
||||||
* @param $shared
|
* @param $shared
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
private function get_items($unique_id, $shared): array
|
private function get_items($id, $shared): array
|
||||||
{
|
{
|
||||||
$folders = Folder::where('user_id', $shared->user_id)
|
$folders = Folder::where('user_id', $shared->user_id)
|
||||||
->where('parent_id', $unique_id)
|
->where('parent_id', $id)
|
||||||
->sortable()
|
->sortable()
|
||||||
->get();
|
->get();
|
||||||
|
|
||||||
$files = File::where('user_id', $shared->user_id)
|
$files = File::where('user_id', $shared->user_id)
|
||||||
->where('folder_id', $unique_id)
|
->where('folder_id', $id)
|
||||||
->sortable()
|
->sortable()
|
||||||
->get();
|
->get();
|
||||||
|
|
||||||
|
|||||||
@@ -74,8 +74,8 @@ Route::group(['middleware' => ['auth:api', 'auth.shared', 'scope:visitor,editor'
|
|||||||
Route::group(['middleware' => ['auth:sanctum']], function () {
|
Route::group(['middleware' => ['auth:sanctum']], function () {
|
||||||
|
|
||||||
// Edit items
|
// Edit items
|
||||||
Route::patch('/rename/{id}', [EditItemsController::class, 'user_rename_item']);
|
|
||||||
Route::post('/create-folder', [EditItemsController::class, 'user_create_folder']);
|
Route::post('/create-folder', [EditItemsController::class, 'user_create_folder']);
|
||||||
|
Route::patch('/rename/{id}', [EditItemsController::class, 'user_rename_item']);
|
||||||
Route::post('/remove', [EditItemsController::class, 'user_delete_item']);
|
Route::post('/remove', [EditItemsController::class, 'user_delete_item']);
|
||||||
Route::post('/upload', [EditItemsController::class, 'user_upload']);
|
Route::post('/upload', [EditItemsController::class, 'user_upload']);
|
||||||
Route::post('/move', [EditItemsController::class, 'user_move']);
|
Route::post('/move', [EditItemsController::class, 'user_move']);
|
||||||
|
|||||||
@@ -1,12 +1,13 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
use App\Http\Controllers\FileFunctions\EditItemsController;
|
use App\Http\Controllers\FileFunctions\EditItemsController;
|
||||||
|
use App\Http\Controllers\FileFunctions\ShareController;
|
||||||
use App\Http\Controllers\Sharing\FileSharingController;
|
use App\Http\Controllers\Sharing\FileSharingController;
|
||||||
|
|
||||||
// Editor functions
|
// Editor functions
|
||||||
Route::group(['prefix' => 'editor'], function () {
|
Route::group(['prefix' => 'editor'], function () {
|
||||||
Route::patch('/rename/{id}/public/{token}', [EditItemsController::class, 'guest_rename_item']);
|
|
||||||
Route::post('/create-folder/public/{token}', [EditItemsController::class, 'guest_create_folder']);
|
Route::post('/create-folder/public/{token}', [EditItemsController::class, 'guest_create_folder']);
|
||||||
|
Route::patch('/rename/{id}/public/{token}', [EditItemsController::class, 'guest_rename_item']);
|
||||||
Route::post('/remove/public/{token}', [EditItemsController::class, 'guest_delete_item']);
|
Route::post('/remove/public/{token}', [EditItemsController::class, 'guest_delete_item']);
|
||||||
Route::post('/upload/public/{token}', [EditItemsController::class, 'guest_upload']);
|
Route::post('/upload/public/{token}', [EditItemsController::class, 'guest_upload']);
|
||||||
Route::post('/move/public/{token}', [EditItemsController::class, 'guest_move']);
|
Route::post('/move/public/{token}', [EditItemsController::class, 'guest_move']);
|
||||||
@@ -14,14 +15,16 @@ Route::group(['prefix' => 'editor'], function () {
|
|||||||
|
|
||||||
// Editor/Visitor zip functions
|
// Editor/Visitor zip functions
|
||||||
Route::group(['prefix' => 'zip'], function () {
|
Route::group(['prefix' => 'zip'], function () {
|
||||||
Route::get('/folder/{id}/public/{token}', [EditItemsController::class, 'guest_zip_folder']);
|
|
||||||
Route::post('/files/public/{token}', [EditItemsController::class, 'guest_zip_multiple_files']);
|
Route::post('/files/public/{token}', [EditItemsController::class, 'guest_zip_multiple_files']);
|
||||||
|
Route::get('/folder/{id}/public/{token}', [EditItemsController::class, 'guest_zip_folder']);
|
||||||
});
|
});
|
||||||
|
|
||||||
// Sharing page browsing
|
// Browse share content
|
||||||
Route::get('/folders/{id}/public/{token}', [FileSharingController::class, 'get_public_folders']);
|
Route::group(['prefix' => 'browse'], function () {
|
||||||
Route::get('/navigation/public/{token}', [FileSharingController::class, 'get_public_navigation_tree']);
|
Route::get('/folders/{id}/public/{token}', [FileSharingController::class, 'get_public_folders']);
|
||||||
Route::post('/shared/authenticate/{token}', [FileSharingController::class, 'authenticate']);
|
Route::get('/navigation/public/{token}', [FileSharingController::class, 'get_public_navigation_tree']);
|
||||||
Route::get('/search/public/{token}', [FileSharingController::class, 'search_public']);
|
Route::post('/shared/authenticate/{token}', [FileSharingController::class, 'authenticate']);
|
||||||
Route::get('/files/{token}/public', [FileSharingController::class, 'file_public']);
|
Route::get('/search/public/{token}', [FileSharingController::class, 'search_public']);
|
||||||
Route::get('/shared/{token}', [ShareController::class, 'show']);
|
Route::get('/files/{token}/public', [FileSharingController::class, 'file_public']);
|
||||||
|
Route::get('/shared/{token}', [ShareController::class, 'show']);
|
||||||
|
});
|
||||||
|
|||||||
@@ -516,4 +516,84 @@ class ShareEditorTest extends TestCase
|
|||||||
$this->getJson("/api/zip/folder/$folder->id/public/$share->token")
|
$this->getJson("/api/zip/folder/$folder->id/public/$share->token")
|
||||||
->assertStatus(403);
|
->assertStatus(403);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @test
|
||||||
|
*/
|
||||||
|
public function guest_get_folder_content()
|
||||||
|
{
|
||||||
|
$user = User::factory(User::class)
|
||||||
|
->create();
|
||||||
|
|
||||||
|
$root = Folder::factory(Folder::class)
|
||||||
|
->create([
|
||||||
|
'name' => 'root',
|
||||||
|
'user_id' => $user->id,
|
||||||
|
]);
|
||||||
|
|
||||||
|
$share = Share::factory(Share::class)
|
||||||
|
->create([
|
||||||
|
'item_id' => $root->id,
|
||||||
|
'user_id' => $user->id,
|
||||||
|
'type' => 'folder',
|
||||||
|
'is_protected' => false,
|
||||||
|
'permission' => 'editor',
|
||||||
|
]);
|
||||||
|
|
||||||
|
$folder = Folder::factory(Folder::class)
|
||||||
|
->create([
|
||||||
|
'parent_id' => $root->id,
|
||||||
|
'name' => 'Documents',
|
||||||
|
"user_scope" => "master",
|
||||||
|
'user_id' => $user->id,
|
||||||
|
]);
|
||||||
|
|
||||||
|
$file = File::factory(File::class)
|
||||||
|
->create([
|
||||||
|
'folder_id' => $root->id,
|
||||||
|
'name' => 'Document',
|
||||||
|
'basename' => 'document.pdf',
|
||||||
|
"mimetype" => "application/pdf",
|
||||||
|
"user_scope" => "master",
|
||||||
|
"type" => "file",
|
||||||
|
'user_id' => $user->id,
|
||||||
|
]);
|
||||||
|
|
||||||
|
$this->getJson("/api/browse/folders/$root->id/public/$share->token")
|
||||||
|
->assertStatus(200)
|
||||||
|
->assertExactJson([
|
||||||
|
[
|
||||||
|
"id" => $folder->id,
|
||||||
|
"user_id" => $user->id,
|
||||||
|
"parent_id" => $root->id,
|
||||||
|
"name" => "Documents",
|
||||||
|
"color" => null,
|
||||||
|
"emoji" => null,
|
||||||
|
"user_scope" => "master",
|
||||||
|
"deleted_at" => null,
|
||||||
|
"created_at" => $folder->created_at,
|
||||||
|
"updated_at" => $folder->updated_at->toJson(),
|
||||||
|
"items" => 0,
|
||||||
|
"trashed_items" => 0,
|
||||||
|
"type" => "folder",
|
||||||
|
],
|
||||||
|
[
|
||||||
|
"id" => $file->id,
|
||||||
|
"user_id" => $user->id,
|
||||||
|
"folder_id" => $root->id,
|
||||||
|
"thumbnail" => null,
|
||||||
|
"name" => "Document",
|
||||||
|
"basename" => "document.pdf",
|
||||||
|
"mimetype" => "application/pdf",
|
||||||
|
"filesize" => $file->filesize,
|
||||||
|
"type" => "file",
|
||||||
|
"metadata" => null,
|
||||||
|
"user_scope" => "master",
|
||||||
|
"deleted_at" => null,
|
||||||
|
"created_at" => $file->created_at,
|
||||||
|
"updated_at" => $file->updated_at->toJson(),
|
||||||
|
"file_url" => "http://localhost/file/document.pdf/public/$share->token",
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user