X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/573357a08cf4a096921b3ce83f1449bd8b80c119..refs/pull/755/head:/app/Http/Controllers/AttachmentController.php diff --git a/app/Http/Controllers/AttachmentController.php b/app/Http/Controllers/AttachmentController.php index e61a488ce..ea41278ae 100644 --- a/app/Http/Controllers/AttachmentController.php +++ b/app/Http/Controllers/AttachmentController.php @@ -2,7 +2,8 @@ use BookStack\Exceptions\FileUploadException; use BookStack\Attachment; -use BookStack\Repos\PageRepo; +use BookStack\Exceptions\NotFoundException; +use BookStack\Repos\EntityRepo; use BookStack\Services\AttachmentService; use Illuminate\Http\Request; @@ -10,19 +11,19 @@ class AttachmentController extends Controller { protected $attachmentService; protected $attachment; - protected $pageRepo; + protected $entityRepo; /** * AttachmentController constructor. * @param AttachmentService $attachmentService * @param Attachment $attachment - * @param PageRepo $pageRepo + * @param EntityRepo $entityRepo */ - public function __construct(AttachmentService $attachmentService, Attachment $attachment, PageRepo $pageRepo) + public function __construct(AttachmentService $attachmentService, Attachment $attachment, EntityRepo $entityRepo) { $this->attachmentService = $attachmentService; $this->attachment = $attachment; - $this->pageRepo = $pageRepo; + $this->entityRepo = $entityRepo; parent::__construct(); } @@ -40,7 +41,7 @@ class AttachmentController extends Controller ]); $pageId = $request->get('uploaded_to'); - $page = $this->pageRepo->getById($pageId, true); + $page = $this->entityRepo->getById('page', $pageId, true); $this->checkPermission('attachment-create-all'); $this->checkOwnablePermission('page-update', $page); @@ -70,7 +71,7 @@ class AttachmentController extends Controller ]); $pageId = $request->get('uploaded_to'); - $page = $this->pageRepo->getById($pageId, true); + $page = $this->entityRepo->getById('page', $pageId, true); $attachment = $this->attachment->findOrFail($attachmentId); $this->checkOwnablePermission('page-update', $page); @@ -106,7 +107,7 @@ class AttachmentController extends Controller ]); $pageId = $request->get('uploaded_to'); - $page = $this->pageRepo->getById($pageId, true); + $page = $this->entityRepo->getById('page', $pageId, true); $attachment = $this->attachment->findOrFail($attachmentId); $this->checkOwnablePermission('page-update', $page); @@ -117,7 +118,7 @@ class AttachmentController extends Controller } $attachment = $this->attachmentService->updateFile($attachment, $request->all()); - return $attachment; + return response()->json($attachment); } /** @@ -134,7 +135,7 @@ class AttachmentController extends Controller ]); $pageId = $request->get('uploaded_to'); - $page = $this->pageRepo->getById($pageId, true); + $page = $this->entityRepo->getById('page', $pageId, true); $this->checkPermission('attachment-create-all'); $this->checkOwnablePermission('page-update', $page); @@ -153,7 +154,7 @@ class AttachmentController extends Controller */ public function listForPage($pageId) { - $page = $this->pageRepo->getById($pageId, true); + $page = $this->entityRepo->getById('page', $pageId, true); $this->checkOwnablePermission('page-view', $page); return response()->json($page->attachments); } @@ -170,7 +171,7 @@ class AttachmentController extends Controller 'files' => 'required|array', 'files.*.id' => 'required|integer', ]); - $page = $this->pageRepo->getById($pageId); + $page = $this->entityRepo->getById('page', $pageId); $this->checkOwnablePermission('page-update', $page); $attachments = $request->get('files'); @@ -182,11 +183,16 @@ class AttachmentController extends Controller * Get an attachment from storage. * @param $attachmentId * @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|\Symfony\Component\HttpFoundation\Response + * @throws \Illuminate\Contracts\Filesystem\FileNotFoundException */ public function get($attachmentId) { $attachment = $this->attachment->findOrFail($attachmentId); - $page = $this->pageRepo->getById($attachment->uploaded_to); + $page = $this->entityRepo->getById('page', $attachment->uploaded_to); + if ($page === null) { + throw new NotFoundException(trans('errors.attachment_not_found')); + } + $this->checkOwnablePermission('page-view', $page); if ($attachment->external) { @@ -204,6 +210,7 @@ class AttachmentController extends Controller * Delete a specific attachment in the system. * @param $attachmentId * @return mixed + * @throws \Exception */ public function delete($attachmentId) {