X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/035a0d8efb1769d2816c1ebedb3f7cf12db1637e..refs/pull/1462/head:/routes/web.php diff --git a/routes/web.php b/routes/web.php index 41da967d9..25d7ab692 100644 --- a/routes/web.php +++ b/routes/web.php @@ -6,7 +6,8 @@ Route::get('/robots.txt', 'HomeController@getRobots'); // Authenticated routes... Route::group(['middleware' => 'auth'], function () { - Route::get('/uploads/images/{path}', 'ImageController@showImage') + // Secure images routing + Route::get('/uploads/images/{path}', 'Images\ImageController@showImage') ->where('path', '.*$'); Route::group(['prefix' => 'pages'], function() { @@ -26,6 +27,9 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/{slug}/permissions', 'BookshelfController@showPermissions'); Route::put('/{slug}/permissions', 'BookshelfController@permissions'); Route::post('/{slug}/copy-permissions', 'BookshelfController@copyPermissions'); + + Route::get('/{shelfSlug}/create-book', 'BookController@create'); + Route::post('/{shelfSlug}/create-book', 'BookController@store'); }); Route::get('/create-book', 'BookController@create'); @@ -74,7 +78,7 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/{bookSlug}/page/{pageSlug}/revisions', 'PageController@showRevisions'); Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}', 'PageController@showRevision'); Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}/changes', 'PageController@showRevisionChanges'); - Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}/restore', 'PageController@restoreRevision'); + Route::put('/{bookSlug}/page/{pageSlug}/revisions/{revId}/restore', 'PageController@restoreRevision'); Route::delete('/{bookSlug}/page/{pageSlug}/revisions/{revId}/delete', 'PageController@destroyRevision'); // Chapters @@ -100,22 +104,21 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/user/{userId}', 'UserController@showProfilePage'); // Image routes - Route::group(['prefix' => 'images'], function() { - // Get for user images - Route::get('/user/all', 'ImageController@getAllForUserType'); - Route::get('/user/all/{page}', 'ImageController@getAllForUserType'); - // Standard get, update and deletion for all types - Route::get('/thumb/{id}/{width}/{height}/{crop}', 'ImageController@getThumbnail'); - Route::get('/base64/{id}', 'ImageController@getBase64Image'); - Route::put('/update/{imageId}', 'ImageController@update'); - Route::post('/drawing/upload', 'ImageController@uploadDrawing'); - Route::get('/usage/{id}', 'ImageController@usage'); - Route::post('/{type}/upload', 'ImageController@uploadByType'); - Route::get('/{type}/all', 'ImageController@getAllByType'); - Route::get('/{type}/all/{page}', 'ImageController@getAllByType'); - Route::get('/{type}/search/{page}', 'ImageController@searchByType'); - Route::get('/gallery/{filter}/{page}', 'ImageController@getGalleryFiltered'); - Route::delete('/{id}', 'ImageController@destroy'); + Route::group(['prefix' => 'images'], function () { + + // Gallery + Route::get('/gallery', 'Images\GalleryImageController@list'); + Route::post('/gallery', 'Images\GalleryImageController@create'); + + // Drawio + Route::get('/drawio', 'Images\DrawioImageController@list'); + Route::get('/drawio/base64/{id}', 'Images\DrawioImageController@getAsBase64'); + Route::post('/drawio', 'Images\DrawioImageController@create'); + + // Shared gallery & draw.io endpoint + Route::get('/usage/{id}', 'Images\ImageController@usage'); + Route::put('/{id}', 'Images\ImageController@update'); + Route::delete('/{id}', 'Images\ImageController@destroy'); }); // Attachments routes @@ -177,6 +180,7 @@ Route::group(['middleware' => 'auth'], function () { Route::patch('/users/{id}/switch-book-view', 'UserController@switchBookView'); Route::patch('/users/{id}/switch-shelf-view', 'UserController@switchShelfView'); Route::patch('/users/{id}/change-sort/{type}', 'UserController@changeSort'); + Route::patch('/users/{id}/update-expansion-preference/{key}', 'UserController@updateExpansionPreference'); Route::post('/users/create', 'UserController@store'); Route::get('/users/{id}', 'UserController@edit'); Route::put('/users/{id}', 'UserController@update');