X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/573357a08cf4a096921b3ce83f1449bd8b80c119..refs/pull/755/head:/app/Http/Controllers/AttachmentController.php

diff --git a/app/Http/Controllers/AttachmentController.php b/app/Http/Controllers/AttachmentController.php
index e61a488ce..ea41278ae 100644
--- a/app/Http/Controllers/AttachmentController.php
+++ b/app/Http/Controllers/AttachmentController.php
@@ -2,7 +2,8 @@
 
 use BookStack\Exceptions\FileUploadException;
 use BookStack\Attachment;
-use BookStack\Repos\PageRepo;
+use BookStack\Exceptions\NotFoundException;
+use BookStack\Repos\EntityRepo;
 use BookStack\Services\AttachmentService;
 use Illuminate\Http\Request;
 
@@ -10,19 +11,19 @@ class AttachmentController extends Controller
 {
     protected $attachmentService;
     protected $attachment;
-    protected $pageRepo;
+    protected $entityRepo;
 
     /**
      * AttachmentController constructor.
      * @param AttachmentService $attachmentService
      * @param Attachment $attachment
-     * @param PageRepo $pageRepo
+     * @param EntityRepo $entityRepo
      */
-    public function __construct(AttachmentService $attachmentService, Attachment $attachment, PageRepo $pageRepo)
+    public function __construct(AttachmentService $attachmentService, Attachment $attachment, EntityRepo $entityRepo)
     {
         $this->attachmentService = $attachmentService;
         $this->attachment = $attachment;
-        $this->pageRepo = $pageRepo;
+        $this->entityRepo = $entityRepo;
         parent::__construct();
     }
 
@@ -40,7 +41,7 @@ class AttachmentController extends Controller
         ]);
 
         $pageId = $request->get('uploaded_to');
-        $page = $this->pageRepo->getById($pageId, true);
+        $page = $this->entityRepo->getById('page', $pageId, true);
 
         $this->checkPermission('attachment-create-all');
         $this->checkOwnablePermission('page-update', $page);
@@ -70,7 +71,7 @@ class AttachmentController extends Controller
         ]);
 
         $pageId = $request->get('uploaded_to');
-        $page = $this->pageRepo->getById($pageId, true);
+        $page = $this->entityRepo->getById('page', $pageId, true);
         $attachment = $this->attachment->findOrFail($attachmentId);
 
         $this->checkOwnablePermission('page-update', $page);
@@ -106,7 +107,7 @@ class AttachmentController extends Controller
         ]);
 
         $pageId = $request->get('uploaded_to');
-        $page = $this->pageRepo->getById($pageId, true);
+        $page = $this->entityRepo->getById('page', $pageId, true);
         $attachment = $this->attachment->findOrFail($attachmentId);
 
         $this->checkOwnablePermission('page-update', $page);
@@ -117,7 +118,7 @@ class AttachmentController extends Controller
         }
 
         $attachment = $this->attachmentService->updateFile($attachment, $request->all());
-        return $attachment;
+        return response()->json($attachment);
     }
 
     /**
@@ -134,7 +135,7 @@ class AttachmentController extends Controller
         ]);
 
         $pageId = $request->get('uploaded_to');
-        $page = $this->pageRepo->getById($pageId, true);
+        $page = $this->entityRepo->getById('page', $pageId, true);
 
         $this->checkPermission('attachment-create-all');
         $this->checkOwnablePermission('page-update', $page);
@@ -153,7 +154,7 @@ class AttachmentController extends Controller
      */
     public function listForPage($pageId)
     {
-        $page = $this->pageRepo->getById($pageId, true);
+        $page = $this->entityRepo->getById('page', $pageId, true);
         $this->checkOwnablePermission('page-view', $page);
         return response()->json($page->attachments);
     }
@@ -170,7 +171,7 @@ class AttachmentController extends Controller
             'files' => 'required|array',
             'files.*.id' => 'required|integer',
         ]);
-        $page = $this->pageRepo->getById($pageId);
+        $page = $this->entityRepo->getById('page', $pageId);
         $this->checkOwnablePermission('page-update', $page);
 
         $attachments = $request->get('files');
@@ -182,11 +183,16 @@ class AttachmentController extends Controller
      * Get an attachment from storage.
      * @param $attachmentId
      * @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|\Symfony\Component\HttpFoundation\Response
+     * @throws \Illuminate\Contracts\Filesystem\FileNotFoundException
      */
     public function get($attachmentId)
     {
         $attachment = $this->attachment->findOrFail($attachmentId);
-        $page = $this->pageRepo->getById($attachment->uploaded_to);
+        $page = $this->entityRepo->getById('page', $attachment->uploaded_to);
+        if ($page === null) {
+            throw new NotFoundException(trans('errors.attachment_not_found'));
+        }
+
         $this->checkOwnablePermission('page-view', $page);
 
         if ($attachment->external) {
@@ -204,6 +210,7 @@ class AttachmentController extends Controller
      * Delete a specific attachment in the system.
      * @param $attachmentId
      * @return mixed
+     * @throws \Exception
      */
     public function delete($attachmentId)
     {