X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/32f6ea946f00d25b3e70166d4e1bd3ef27d64a33..refs/pull/5721/head:/app/Uploads/Attachment.php diff --git a/app/Uploads/Attachment.php b/app/Uploads/Attachment.php index dfd7d980a..57d7cb334 100644 --- a/app/Uploads/Attachment.php +++ b/app/Uploads/Attachment.php @@ -2,39 +2,48 @@ namespace BookStack\Uploads; -use BookStack\Auth\Permissions\PermissionService; +use BookStack\App\Model; use BookStack\Entities\Models\Entity; use BookStack\Entities\Models\Page; -use BookStack\Model; -use BookStack\Traits\HasCreatorAndUpdater; +use BookStack\Permissions\Models\JointPermission; +use BookStack\Permissions\PermissionApplicator; +use BookStack\Users\Models\HasCreatorAndUpdater; +use BookStack\Users\Models\User; use Illuminate\Database\Eloquent\Builder; +use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Database\Eloquent\Relations\BelongsTo; +use Illuminate\Database\Eloquent\Relations\HasMany; /** - * @property int $id + * @property int $id * @property string $name * @property string $path * @property string $extension - * @property ?Page $page - * @property bool $external - * @property int $uploaded_to + * @property ?Page $page + * @property bool $external + * @property int $uploaded_to + * @property User $updatedBy + * @property User $createdBy * * @method static Entity|Builder visible() */ class Attachment extends Model { use HasCreatorAndUpdater; + use HasFactory; protected $fillable = ['name', 'order']; + protected $hidden = ['path', 'page']; + protected $casts = [ + 'external' => 'bool', + ]; /** * Get the downloadable file name for this upload. - * - * @return mixed|string */ - public function getFileName() + public function getFileName(): string { - if (strpos($this->name, '.') !== false) { + if (str_contains($this->name, '.')) { return $this->name; } @@ -49,12 +58,18 @@ class Attachment extends Model return $this->belongsTo(Page::class, 'uploaded_to'); } + public function jointPermissions(): HasMany + { + return $this->hasMany(JointPermission::class, 'entity_id', 'uploaded_to') + ->where('joint_permissions.entity_type', '=', 'page'); + } + /** * Get the url of this file. */ public function getUrl($openInline = false): string { - if ($this->external && strpos($this->path, 'http') !== 0) { + if ($this->external && !str_starts_with($this->path, 'http')) { return $this->path; } @@ -62,7 +77,22 @@ class Attachment extends Model } /** - * Generate a HTML link to this attachment. + * Get the representation of this attachment in a format suitable for the page editors. + * Detects and adapts video content to use an inline video embed. + */ + public function editorContent(): array + { + $videoExtensions = ['mp4', 'webm', 'mkv', 'ogg', 'avi']; + if (in_array(strtolower($this->extension), $videoExtensions)) { + $html = ''; + return ['text/html' => $html, 'text/plain' => $html]; + } + + return ['text/html' => $this->htmlLink(), 'text/plain' => $this->markdownLink()]; + } + + /** + * Generate the HTML link to this attachment. */ public function htmlLink(): string { @@ -70,7 +100,7 @@ class Attachment extends Model } /** - * Generate a markdown link to this attachment. + * Generate a MarkDown link to this attachment. */ public function markdownLink(): string { @@ -80,12 +110,12 @@ class Attachment extends Model /** * Scope the query to those attachments that are visible based upon related page permissions. */ - public function scopeVisible(): string + public function scopeVisible(): Builder { - $permissionService = app()->make(PermissionService::class); - return $permissionService->filterRelatedEntity( - Page::class, - Attachment::query(), + $permissions = app()->make(PermissionApplicator::class); + + return $permissions->restrictPageRelationQuery( + self::query(), 'attachments', 'uploaded_to' );