X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/968bc8cdf354d9cbe29b88abdc747a7845031fab..refs/pull/5676/head:/app/Uploads/Controllers/AttachmentApiController.php diff --git a/app/Uploads/Controllers/AttachmentApiController.php b/app/Uploads/Controllers/AttachmentApiController.php index 2e6d16205..87e00257c 100644 --- a/app/Uploads/Controllers/AttachmentApiController.php +++ b/app/Uploads/Controllers/AttachmentApiController.php @@ -2,7 +2,7 @@ namespace BookStack\Uploads\Controllers; -use BookStack\Entities\Models\Page; +use BookStack\Entities\Queries\PageQueries; use BookStack\Exceptions\FileUploadException; use BookStack\Http\ApiController; use BookStack\Uploads\Attachment; @@ -15,7 +15,8 @@ use Illuminate\Validation\ValidationException; class AttachmentApiController extends ApiController { public function __construct( - protected AttachmentService $attachmentService + protected AttachmentService $attachmentService, + protected PageQueries $pageQueries, ) { } @@ -48,7 +49,7 @@ class AttachmentApiController extends ApiController $requestData = $this->validate($request, $this->rules()['create']); $pageId = $request->get('uploaded_to'); - $page = Page::visible()->findOrFail($pageId); + $page = $this->pageQueries->findVisibleByIdOrFail($pageId); $this->checkOwnablePermission('page-update', $page); if ($request->hasFile('file')) { @@ -132,7 +133,7 @@ class AttachmentApiController extends ApiController $page = $attachment->page; if ($requestData['uploaded_to'] ?? false) { $pageId = $request->get('uploaded_to'); - $page = Page::visible()->findOrFail($pageId); + $page = $this->pageQueries->findVisibleByIdOrFail($pageId); $attachment->uploaded_to = $requestData['uploaded_to']; } @@ -170,16 +171,16 @@ class AttachmentApiController extends ApiController { return [ 'create' => [ - 'name' => ['required', 'min:1', 'max:255', 'string'], + 'name' => ['required', 'string', 'min:1', 'max:255'], 'uploaded_to' => ['required', 'integer', 'exists:pages,id'], 'file' => array_merge(['required_without:link'], $this->attachmentService->getFileValidationRules()), - 'link' => ['required_without:file', 'min:1', 'max:2000', 'safe_url'], + 'link' => ['required_without:file', 'string', 'min:1', 'max:2000', 'safe_url'], ], 'update' => [ - 'name' => ['min:1', 'max:255', 'string'], + 'name' => ['string', 'min:1', 'max:255'], 'uploaded_to' => ['integer', 'exists:pages,id'], 'file' => $this->attachmentService->getFileValidationRules(), - 'link' => ['min:1', 'max:2000', 'safe_url'], + 'link' => ['string', 'min:1', 'max:2000', 'safe_url'], ], ]; }