X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/3ac34b584930aad5625d29ca6c2e59b85e9d2ef8..refs/pull/1973/head:/routes/web.php diff --git a/routes/web.php b/routes/web.php index a857bce6c..90261e1ac 100644 --- a/routes/web.php +++ b/routes/web.php @@ -1,17 +1,32 @@ 'auth'], function () { - Route::get('/uploads/images/{path}', 'ImageController@showImage') + // Secure images routing + Route::get('/uploads/images/{path}', 'Images\ImageController@showImage') ->where('path', '.*$'); - Route::group(['prefix' => 'pages'], function() { - Route::get('/recently-created', 'PageController@showRecentlyCreated'); - Route::get('/recently-updated', 'PageController@showRecentlyUpdated'); + Route::get('/pages/recently-updated', 'PageController@showRecentlyUpdated'); + + // Shelves + Route::get('/create-shelf', 'BookshelfController@create'); + Route::group(['prefix' => 'shelves'], function() { + Route::get('/', 'BookshelfController@index'); + Route::post('/', 'BookshelfController@store'); + Route::get('/{slug}/edit', 'BookshelfController@edit'); + Route::get('/{slug}/delete', 'BookshelfController@showDelete'); + Route::get('/{slug}', 'BookshelfController@show'); + Route::put('/{slug}', 'BookshelfController@update'); + Route::delete('/{slug}', 'BookshelfController@destroy'); + Route::get('/{slug}/permissions', 'BookshelfController@showPermissions'); + Route::put('/{slug}/permissions', 'BookshelfController@permissions'); + Route::post('/{slug}/copy-permissions', 'BookshelfController@copyPermissions'); + + Route::get('/{shelfSlug}/create-book', 'BookController@create'); + Route::post('/{shelfSlug}/create-book', 'BookController@store'); }); Route::get('/create-book', 'BookController@create'); @@ -23,16 +38,16 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/{slug}/edit', 'BookController@edit'); Route::put('/{slug}', 'BookController@update'); Route::delete('/{id}', 'BookController@destroy'); - Route::get('/{slug}/sort-item', 'BookController@getSortItem'); + Route::get('/{slug}/sort-item', 'BookSortController@showItem'); Route::get('/{slug}', 'BookController@show'); - Route::get('/{bookSlug}/permissions', 'BookController@showRestrict'); - Route::put('/{bookSlug}/permissions', 'BookController@restrict'); + Route::get('/{bookSlug}/permissions', 'BookController@showPermissions'); + Route::put('/{bookSlug}/permissions', 'BookController@permissions'); Route::get('/{slug}/delete', 'BookController@showDelete'); - Route::get('/{bookSlug}/sort', 'BookController@sort'); - Route::put('/{bookSlug}/sort', 'BookController@saveSort'); - Route::get('/{bookSlug}/export/html', 'BookController@exportHtml'); - Route::get('/{bookSlug}/export/pdf', 'BookController@exportPdf'); - Route::get('/{bookSlug}/export/plaintext', 'BookController@exportPlainText'); + Route::get('/{bookSlug}/sort', 'BookSortController@show'); + Route::put('/{bookSlug}/sort', 'BookSortController@update'); + Route::get('/{bookSlug}/export/html', 'BookExportController@html'); + Route::get('/{bookSlug}/export/pdf', 'BookExportController@pdf'); + Route::get('/{bookSlug}/export/plaintext', 'BookExportController@plainText'); // Pages Route::get('/{bookSlug}/create-page', 'PageController@create'); @@ -40,9 +55,9 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/{bookSlug}/draft/{pageId}', 'PageController@editDraft'); Route::post('/{bookSlug}/draft/{pageId}', 'PageController@store'); Route::get('/{bookSlug}/page/{pageSlug}', 'PageController@show'); - Route::get('/{bookSlug}/page/{pageSlug}/export/pdf', 'PageController@exportPdf'); - Route::get('/{bookSlug}/page/{pageSlug}/export/html', 'PageController@exportHtml'); - Route::get('/{bookSlug}/page/{pageSlug}/export/plaintext', 'PageController@exportPlainText'); + Route::get('/{bookSlug}/page/{pageSlug}/export/pdf', 'PageExportController@pdf'); + Route::get('/{bookSlug}/page/{pageSlug}/export/html', 'PageExportController@html'); + Route::get('/{bookSlug}/page/{pageSlug}/export/plaintext', 'PageExportController@plainText'); Route::get('/{bookSlug}/page/{pageSlug}/edit', 'PageController@edit'); Route::get('/{bookSlug}/page/{pageSlug}/move', 'PageController@showMove'); Route::put('/{bookSlug}/page/{pageSlug}/move', 'PageController@move'); @@ -50,17 +65,18 @@ Route::group(['middleware' => 'auth'], function () { Route::post('/{bookSlug}/page/{pageSlug}/copy', 'PageController@copy'); Route::get('/{bookSlug}/page/{pageSlug}/delete', 'PageController@showDelete'); Route::get('/{bookSlug}/draft/{pageId}/delete', 'PageController@showDeleteDraft'); - Route::get('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@showRestrict'); - Route::put('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@restrict'); + Route::get('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@showPermissions'); + Route::put('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@permissions'); Route::put('/{bookSlug}/page/{pageSlug}', 'PageController@update'); Route::delete('/{bookSlug}/page/{pageSlug}', 'PageController@destroy'); Route::delete('/{bookSlug}/draft/{pageId}', 'PageController@destroyDraft'); // Revisions - Route::get('/{bookSlug}/page/{pageSlug}/revisions', 'PageController@showRevisions'); - Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}', 'PageController@showRevision'); - Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}/changes', 'PageController@showRevisionChanges'); - Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}/restore', 'PageController@restoreRevision'); + Route::get('/{bookSlug}/page/{pageSlug}/revisions', 'PageRevisionController@index'); + Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}', 'PageRevisionController@show'); + Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}/changes', 'PageRevisionController@changes'); + Route::put('/{bookSlug}/page/{pageSlug}/revisions/{revId}/restore', 'PageRevisionController@restore'); + Route::delete('/{bookSlug}/page/{pageSlug}/revisions/{revId}/delete', 'PageRevisionController@destroy'); // Chapters Route::get('/{bookSlug}/chapter/{chapterSlug}/create-page', 'PageController@create'); @@ -72,36 +88,34 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/{bookSlug}/chapter/{chapterSlug}/move', 'ChapterController@showMove'); Route::put('/{bookSlug}/chapter/{chapterSlug}/move', 'ChapterController@move'); Route::get('/{bookSlug}/chapter/{chapterSlug}/edit', 'ChapterController@edit'); - Route::get('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@showRestrict'); - Route::get('/{bookSlug}/chapter/{chapterSlug}/export/pdf', 'ChapterController@exportPdf'); - Route::get('/{bookSlug}/chapter/{chapterSlug}/export/html', 'ChapterController@exportHtml'); - Route::get('/{bookSlug}/chapter/{chapterSlug}/export/plaintext', 'ChapterController@exportPlainText'); - Route::put('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@restrict'); + Route::get('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@showPermissions'); + Route::get('/{bookSlug}/chapter/{chapterSlug}/export/pdf', 'ChapterExportController@pdf'); + Route::get('/{bookSlug}/chapter/{chapterSlug}/export/html', 'ChapterExportController@html'); + Route::get('/{bookSlug}/chapter/{chapterSlug}/export/plaintext', 'ChapterExportController@plainText'); + Route::put('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@permissions'); Route::get('/{bookSlug}/chapter/{chapterSlug}/delete', 'ChapterController@showDelete'); Route::delete('/{bookSlug}/chapter/{chapterSlug}', 'ChapterController@destroy'); - }); // User Profile routes Route::get('/user/{userId}', 'UserController@showProfilePage'); // Image routes - Route::group(['prefix' => 'images'], function() { - // Get for user images - Route::get('/user/all', 'ImageController@getAllForUserType'); - Route::get('/user/all/{page}', 'ImageController@getAllForUserType'); - // Standard get, update and deletion for all types - Route::get('/thumb/{id}/{width}/{height}/{crop}', 'ImageController@getThumbnail'); - Route::get('/base64/{id}', 'ImageController@getBase64Image'); - Route::put('/update/{imageId}', 'ImageController@update'); - Route::post('/drawing/upload', 'ImageController@uploadDrawing'); - Route::put('/drawing/upload/{id}', 'ImageController@replaceDrawing'); - Route::post('/{type}/upload', 'ImageController@uploadByType'); - Route::get('/{type}/all', 'ImageController@getAllByType'); - Route::get('/{type}/all/{page}', 'ImageController@getAllByType'); - Route::get('/{type}/search/{page}', 'ImageController@searchByType'); - Route::get('/gallery/{filter}/{page}', 'ImageController@getGalleryFiltered'); - Route::delete('/{id}', 'ImageController@destroy'); + Route::group(['prefix' => 'images'], function () { + + // Gallery + Route::get('/gallery', 'Images\GalleryImageController@list'); + Route::post('/gallery', 'Images\GalleryImageController@create'); + + // Drawio + Route::get('/drawio', 'Images\DrawioImageController@list'); + Route::get('/drawio/base64/{id}', 'Images\DrawioImageController@getAsBase64'); + Route::post('/drawio', 'Images\DrawioImageController@create'); + + // Shared gallery & draw.io endpoint + Route::get('/usage/{id}', 'Images\ImageController@usage'); + Route::put('/{id}', 'Images\ImageController@update'); + Route::delete('/{id}', 'Images\ImageController@destroy'); }); // Attachments routes @@ -140,6 +154,10 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/search', 'SearchController@search'); Route::get('/search/book/{bookId}', 'SearchController@searchBook'); Route::get('/search/chapter/{bookId}', 'SearchController@searchChapter'); + Route::get('/search/entity/siblings', 'SearchController@searchSiblings'); + + Route::get('/templates', 'PageTemplateController@list'); + Route::get('/templates/{templateId}', 'PageTemplateController@get'); // Other Pages Route::get('/', 'HomeController@index'); @@ -151,16 +169,32 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/', 'SettingController@index')->name('settings'); Route::post('/', 'SettingController@update'); + // Maintenance + Route::get('/maintenance', 'SettingController@showMaintenance'); + Route::delete('/maintenance/cleanup-images', 'SettingController@cleanupImages'); + Route::post('/maintenance/send-test-email', 'SettingController@sendTestEmail'); + // Users Route::get('/users', 'UserController@index'); Route::get('/users/create', 'UserController@create'); Route::get('/users/{id}/delete', 'UserController@delete'); Route::patch('/users/{id}/switch-book-view', 'UserController@switchBookView'); + Route::patch('/users/{id}/switch-shelf-view', 'UserController@switchShelfView'); + Route::patch('/users/{id}/change-sort/{type}', 'UserController@changeSort'); + Route::patch('/users/{id}/update-expansion-preference/{key}', 'UserController@updateExpansionPreference'); Route::post('/users/create', 'UserController@store'); Route::get('/users/{id}', 'UserController@edit'); Route::put('/users/{id}', 'UserController@update'); Route::delete('/users/{id}', 'UserController@destroy'); + // User API Tokens + Route::get('/users/{userId}/create-api-token', 'UserApiTokenController@create'); + Route::post('/users/{userId}/create-api-token', 'UserApiTokenController@store'); + Route::get('/users/{userId}/api-tokens/{tokenId}', 'UserApiTokenController@edit'); + Route::put('/users/{userId}/api-tokens/{tokenId}', 'UserApiTokenController@update'); + Route::get('/users/{userId}/api-tokens/{tokenId}/delete', 'UserApiTokenController@delete'); + Route::delete('/users/{userId}/api-tokens/{tokenId}', 'UserApiTokenController@destroy'); + // Roles Route::get('/roles', 'PermissionController@listRoles'); Route::get('/roles/new', 'PermissionController@createRole'); @@ -174,22 +208,35 @@ Route::group(['middleware' => 'auth'], function () { }); // Social auth routes -Route::get('/login/service/{socialDriver}', 'Auth\LoginController@getSocialLogin'); -Route::get('/login/service/{socialDriver}/callback', 'Auth\RegisterController@socialCallback'); -Route::get('/login/service/{socialDriver}/detach', 'Auth\RegisterController@detachSocialAccount'); -Route::get('/register/service/{socialDriver}', 'Auth\RegisterController@socialRegister'); +Route::get('/login/service/{socialDriver}', 'Auth\SocialController@getSocialLogin'); +Route::get('/login/service/{socialDriver}/callback', 'Auth\SocialController@socialCallback'); +Route::group(['middleware' => 'auth'], function () { + Route::get('/login/service/{socialDriver}/detach', 'Auth\SocialController@detachSocialAccount'); +}); +Route::get('/register/service/{socialDriver}', 'Auth\SocialController@socialRegister'); // Login/Logout routes Route::get('/login', 'Auth\LoginController@getLogin'); Route::post('/login', 'Auth\LoginController@login'); Route::get('/logout', 'Auth\LoginController@logout'); Route::get('/register', 'Auth\RegisterController@getRegister'); -Route::get('/register/confirm', 'Auth\RegisterController@getRegisterConfirmation'); -Route::get('/register/confirm/awaiting', 'Auth\RegisterController@showAwaitingConfirmation'); -Route::post('/register/confirm/resend', 'Auth\RegisterController@resendConfirmation'); -Route::get('/register/confirm/{token}', 'Auth\RegisterController@confirmEmail'); +Route::get('/register/confirm', 'Auth\ConfirmEmailController@show'); +Route::get('/register/confirm/awaiting', 'Auth\ConfirmEmailController@showAwaiting'); +Route::post('/register/confirm/resend', 'Auth\ConfirmEmailController@resend'); +Route::get('/register/confirm/{token}', 'Auth\ConfirmEmailController@confirm'); Route::post('/register', 'Auth\RegisterController@postRegister'); +// SAML routes +Route::post('/saml2/login', 'Auth\Saml2Controller@login'); +Route::get('/saml2/logout', 'Auth\Saml2Controller@logout'); +Route::get('/saml2/metadata', 'Auth\Saml2Controller@metadata'); +Route::get('/saml2/sls', 'Auth\Saml2Controller@sls'); +Route::post('/saml2/acs', 'Auth\Saml2Controller@acs'); + +// User invitation routes +Route::get('/register/invite/{token}', 'Auth\UserInviteController@showSetPassword'); +Route::post('/register/invite/{token}', 'Auth\UserInviteController@setPassword'); + // Password reset link request routes... Route::get('/password/email', 'Auth\ForgotPasswordController@showLinkRequestForm'); Route::post('/password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail');