X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/32f6ea946f00d25b3e70166d4e1bd3ef27d64a33..e29d03ae769db2bc1fe02520862c26d04cc5ea91:/app/Http/Controllers/AttachmentController.php diff --git a/app/Http/Controllers/AttachmentController.php b/app/Http/Controllers/AttachmentController.php index 56503a694..445611fcb 100644 --- a/app/Http/Controllers/AttachmentController.php +++ b/app/Http/Controllers/AttachmentController.php @@ -9,6 +9,7 @@ use BookStack\Uploads\Attachment; use BookStack\Uploads\AttachmentService; use Exception; use Illuminate\Contracts\Filesystem\FileNotFoundException; +use Illuminate\Foundation\Http\Middleware\ValidatePostSize; use Illuminate\Http\Request; use Illuminate\Support\MessageBag; use Illuminate\Validation\ValidationException; @@ -36,8 +37,8 @@ class AttachmentController extends Controller public function upload(Request $request) { $this->validate($request, [ - 'uploaded_to' => 'required|integer|exists:pages,id', - 'file' => 'required|file', + 'uploaded_to' => ['required', 'integer', 'exists:pages,id'], + 'file' => array_merge(['required'], $this->attachmentService->getFileValidationRules()), ]); $pageId = $request->get('uploaded_to'); @@ -65,9 +66,10 @@ class AttachmentController extends Controller public function uploadUpdate(Request $request, $attachmentId) { $this->validate($request, [ - 'file' => 'required|file', + 'file' => array_merge(['required'], $this->attachmentService->getFileValidationRules()), ]); + /** @var Attachment $attachment */ $attachment = Attachment::query()->findOrFail($attachmentId); $this->checkOwnablePermission('view', $attachment->page); $this->checkOwnablePermission('page-update', $attachment->page); @@ -86,11 +88,10 @@ class AttachmentController extends Controller /** * Get the update form for an attachment. - * - * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View */ public function getUpdateForm(string $attachmentId) { + /** @var Attachment $attachment */ $attachment = Attachment::query()->findOrFail($attachmentId); $this->checkOwnablePermission('page-update', $attachment->page); @@ -111,8 +112,8 @@ class AttachmentController extends Controller try { $this->validate($request, [ - 'attachment_edit_name' => 'required|string|min:1|max:255', - 'attachment_edit_url' => 'string|min:1|max:255|safe_url', + 'attachment_edit_name' => ['required', 'string', 'min:1', 'max:255'], + 'attachment_edit_url' => ['string', 'min:1', 'max:255', 'safe_url'], ]); } catch (ValidationException $exception) { return response()->view('attachments.manager-edit-form', array_merge($request->only(['attachment_edit_name', 'attachment_edit_url']), [ @@ -146,9 +147,9 @@ class AttachmentController extends Controller try { $this->validate($request, [ - 'attachment_link_uploaded_to' => 'required|integer|exists:pages,id', - 'attachment_link_name' => 'required|string|min:1|max:255', - 'attachment_link_url' => 'required|string|min:1|max:255|safe_url', + 'attachment_link_uploaded_to' => ['required', 'integer', 'exists:pages,id'], + 'attachment_link_name' => ['required', 'string', 'min:1', 'max:255'], + 'attachment_link_url' => ['required', 'string', 'min:1', 'max:255', 'safe_url'], ]); } catch (ValidationException $exception) { return response()->view('attachments.manager-link-form', array_merge($request->only(['attachment_link_name', 'attachment_link_url']), [ @@ -173,6 +174,8 @@ class AttachmentController extends Controller /** * Get the attachments for a specific page. + * + * @throws NotFoundException */ public function listForPage(int $pageId) { @@ -193,7 +196,7 @@ class AttachmentController extends Controller public function sortForPage(Request $request, int $pageId) { $this->validate($request, [ - 'order' => 'required|array', + 'order' => ['required', 'array'], ]); $page = $this->pageRepo->getById($pageId); $this->checkOwnablePermission('page-update', $page);