]> BookStack Code Mirror - bookstack/blob - app/Http/Controllers/FileController.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Added basic attachment editing functionality
[bookstack] / app / Http / Controllers / FileController.php
1 <?php namespace BookStack\Http\Controllers;
2
3 use BookStack\Exceptions\FileUploadException;
4 use BookStack\File;
5 use BookStack\Repos\PageRepo;
6 use BookStack\Services\FileService;
7 use Illuminate\Http\Request;
8
9 use BookStack\Http\Requests;
10
11 class FileController extends Controller
12 {
13     protected $fileService;
14     protected $file;
15     protected $pageRepo;
16
17     /**
18      * FileController constructor.
19      * @param FileService $fileService
20      * @param File $file
21      * @param PageRepo $pageRepo
22      */
23     public function __construct(FileService $fileService, File $file, PageRepo $pageRepo)
24     {
25         $this->fileService = $fileService;
26         $this->file = $file;
27         $this->pageRepo = $pageRepo;
28     }
29
30
31     /**
32      * Endpoint at which files are uploaded to.
33      * @param Request $request
34      */
35     public function upload(Request $request)
36     {
37         // TODO - ensure uploads are deleted on page delete.
38         $this->validate($request, [
39             'uploaded_to' => 'required|integer|exists:pages,id',
40             'file' => 'required|file'
41         ]);
42
43         $pageId = $request->get('uploaded_to');
44         $page = $this->pageRepo->getById($pageId);
45
46         $this->checkPermission('file-create-all');
47         $this->checkOwnablePermission('page-update', $page);
48
49         $uploadedFile = $request->file('file');
50
51         try {
52             $file = $this->fileService->saveNewUpload($uploadedFile, $pageId);
53         } catch (FileUploadException $e) {
54             return response($e->getMessage(), 500);
55         }
56
57         return response()->json($file);
58     }
59
60     /**
61      * Update an uploaded file.
62      * @param int $fileId
63      * @param Request $request
64      * @return mixed
65      */
66     public function uploadUpdate($fileId, Request $request)
67     {
68         $this->validate($request, [
69             'uploaded_to' => 'required|integer|exists:pages,id',
70             'file' => 'required|file'
71         ]);
72
73         $pageId = $request->get('uploaded_to');
74         $page = $this->pageRepo->getById($pageId);
75         $file = $this->file->findOrFail($fileId);
76
77         $this->checkOwnablePermission('page-update', $page);
78         $this->checkOwnablePermission('file-create', $file);
79         
80         if (intval($pageId) !== intval($file->uploaded_to)) {
81             return $this->jsonError('Page mismatch during attached file update');
82         }
83
84         $uploadedFile = $request->file('file');
85
86         try {
87             $file = $this->fileService->saveUpdatedUpload($uploadedFile, $file);
88         } catch (FileUploadException $e) {
89             return response($e->getMessage(), 500);
90         }
91
92         return response()->json($file);
93     }
94
95     /**
96      * Update the details of an existing file.
97      * @param $fileId
98      * @param Request $request
99      * @return File|mixed
100      */
101     public function update($fileId, Request $request)
102     {
103         $this->validate($request, [
104             'uploaded_to' => 'required|integer|exists:pages,id',
105             'name' => 'string|max:255',
106             'link' =>  'url'
107         ]);
108
109         $pageId = $request->get('uploaded_to');
110         $page = $this->pageRepo->getById($pageId);
111         $file = $this->file->findOrFail($fileId);
112
113         $this->checkOwnablePermission('page-update', $page);
114         $this->checkOwnablePermission('file-create', $file);
115
116         if (intval($pageId) !== intval($file->uploaded_to)) {
117             return $this->jsonError('Page mismatch during attachment update');
118         }
119
120         $file = $this->fileService->updateFile($file, $request->all());
121         return $file;
122     }
123
124     /**
125      * Attach a link to a page as a file.
126      * @param Request $request
127      * @return mixed
128      */
129     public function attachLink(Request $request)
130     {
131         $this->validate($request, [
132             'uploaded_to' => 'required|integer|exists:pages,id',
133             'name' => 'string|max:255',
134             'link' =>  'url|max:255'
135         ]);
136
137         $pageId = $request->get('uploaded_to');
138         $page = $this->pageRepo->getById($pageId);
139
140         $this->checkPermission('file-create-all');
141         $this->checkOwnablePermission('page-update', $page);
142
143         $fileName = $request->get('name');
144         $link = $request->get('link');
145         $file = $this->fileService->saveNewFromLink($fileName, $link, $pageId);
146
147         return response()->json($file);
148     }
149
150     /**
151      * Get the files for a specific page.
152      * @param $pageId
153      * @return mixed
154      */
155     public function listForPage($pageId)
156     {
157         $page = $this->pageRepo->getById($pageId);
158         $this->checkOwnablePermission('page-view', $page);
159         return response()->json($page->files);
160     }
161
162     /**
163      * Update the file sorting.
164      * @param $pageId
165      * @param Request $request
166      * @return mixed
167      */
168     public function sortForPage($pageId, Request $request)
169     {
170         $this->validate($request, [
171             'files' => 'required|array',
172             'files.*.id' => 'required|integer',
173         ]);
174         $page = $this->pageRepo->getById($pageId);
175         $this->checkOwnablePermission('page-update', $page);
176
177         $files = $request->get('files');
178         $this->fileService->updateFileOrderWithinPage($files, $pageId);
179         return response()->json(['message' => 'Attachment order updated']);
180     }
181
182     /**
183      * Get a file from storage.
184      * @param $fileId
185      */
186     public function get($fileId)
187     {
188         $file = $this->file->findOrFail($fileId);
189         $page = $this->pageRepo->getById($file->uploaded_to);
190         $this->checkOwnablePermission('page-view', $page);
191
192         if ($file->external) {
193             return redirect($file->path);
194         }
195
196         $fileContents = $this->fileService->getFile($file);
197         return response($fileContents, 200, [
198             'Content-Type' => 'application/octet-stream',
199             'Content-Disposition' => 'attachment; filename="'. $file->name .'"'
200         ]);
201     }
202
203     /**
204      * Delete a specific file in the system.
205      * @param $fileId
206      * @return mixed
207      */
208     public function delete($fileId)
209     {
210         $file = $this->file->findOrFail($fileId);
211         $this->checkOwnablePermission('file-delete', $file);
212         $this->fileService->deleteFile($file);
213         return response()->json(['message' => 'Attachment deleted']);
214     }
215 }
The core source code for the BookStack project.