X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/be4f3d62cd37c7b83eb86bbf5fffa00d20acf2ec..refs/pull/1462/head:/routes/web.php diff --git a/routes/web.php b/routes/web.php index d3c5f46d3..25d7ab692 100644 --- a/routes/web.php +++ b/routes/web.php @@ -6,11 +6,11 @@ Route::get('/robots.txt', 'HomeController@getRobots'); // Authenticated routes... Route::group(['middleware' => 'auth'], function () { - Route::get('/uploads/images/{path}', 'ImageController@showImage') + // Secure images routing + Route::get('/uploads/images/{path}', 'Images\ImageController@showImage') ->where('path', '.*$'); Route::group(['prefix' => 'pages'], function() { - Route::get('/recently-created', 'PageController@showRecentlyCreated'); Route::get('/recently-updated', 'PageController@showRecentlyUpdated'); }); @@ -24,9 +24,12 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/{slug}', 'BookshelfController@show'); Route::put('/{slug}', 'BookshelfController@update'); Route::delete('/{slug}', 'BookshelfController@destroy'); - Route::get('/{slug}/permissions', 'BookshelfController@showRestrict'); - Route::put('/{slug}/permissions', 'BookshelfController@restrict'); + Route::get('/{slug}/permissions', 'BookshelfController@showPermissions'); + Route::put('/{slug}/permissions', 'BookshelfController@permissions'); Route::post('/{slug}/copy-permissions', 'BookshelfController@copyPermissions'); + + Route::get('/{shelfSlug}/create-book', 'BookController@create'); + Route::post('/{shelfSlug}/create-book', 'BookController@store'); }); Route::get('/create-book', 'BookController@create'); @@ -40,8 +43,8 @@ Route::group(['middleware' => 'auth'], function () { Route::delete('/{id}', 'BookController@destroy'); Route::get('/{slug}/sort-item', 'BookController@getSortItem'); Route::get('/{slug}', 'BookController@show'); - Route::get('/{bookSlug}/permissions', 'BookController@showRestrict'); - Route::put('/{bookSlug}/permissions', 'BookController@restrict'); + Route::get('/{bookSlug}/permissions', 'BookController@showPermissions'); + Route::put('/{bookSlug}/permissions', 'BookController@permissions'); Route::get('/{slug}/delete', 'BookController@showDelete'); Route::get('/{bookSlug}/sort', 'BookController@sort'); Route::put('/{bookSlug}/sort', 'BookController@saveSort'); @@ -65,8 +68,8 @@ Route::group(['middleware' => 'auth'], function () { Route::post('/{bookSlug}/page/{pageSlug}/copy', 'PageController@copy'); Route::get('/{bookSlug}/page/{pageSlug}/delete', 'PageController@showDelete'); Route::get('/{bookSlug}/draft/{pageId}/delete', 'PageController@showDeleteDraft'); - Route::get('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@showRestrict'); - Route::put('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@restrict'); + Route::get('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@showPermissions'); + Route::put('/{bookSlug}/page/{pageSlug}/permissions', 'PageController@permissions'); Route::put('/{bookSlug}/page/{pageSlug}', 'PageController@update'); Route::delete('/{bookSlug}/page/{pageSlug}', 'PageController@destroy'); Route::delete('/{bookSlug}/draft/{pageId}', 'PageController@destroyDraft'); @@ -75,7 +78,7 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/{bookSlug}/page/{pageSlug}/revisions', 'PageController@showRevisions'); Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}', 'PageController@showRevision'); Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}/changes', 'PageController@showRevisionChanges'); - Route::get('/{bookSlug}/page/{pageSlug}/revisions/{revId}/restore', 'PageController@restoreRevision'); + Route::put('/{bookSlug}/page/{pageSlug}/revisions/{revId}/restore', 'PageController@restoreRevision'); Route::delete('/{bookSlug}/page/{pageSlug}/revisions/{revId}/delete', 'PageController@destroyRevision'); // Chapters @@ -88,11 +91,11 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/{bookSlug}/chapter/{chapterSlug}/move', 'ChapterController@showMove'); Route::put('/{bookSlug}/chapter/{chapterSlug}/move', 'ChapterController@move'); Route::get('/{bookSlug}/chapter/{chapterSlug}/edit', 'ChapterController@edit'); - Route::get('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@showRestrict'); + Route::get('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@showPermissions'); Route::get('/{bookSlug}/chapter/{chapterSlug}/export/pdf', 'ChapterController@exportPdf'); Route::get('/{bookSlug}/chapter/{chapterSlug}/export/html', 'ChapterController@exportHtml'); Route::get('/{bookSlug}/chapter/{chapterSlug}/export/plaintext', 'ChapterController@exportPlainText'); - Route::put('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@restrict'); + Route::put('/{bookSlug}/chapter/{chapterSlug}/permissions', 'ChapterController@permissions'); Route::get('/{bookSlug}/chapter/{chapterSlug}/delete', 'ChapterController@showDelete'); Route::delete('/{bookSlug}/chapter/{chapterSlug}', 'ChapterController@destroy'); }); @@ -101,22 +104,21 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/user/{userId}', 'UserController@showProfilePage'); // Image routes - Route::group(['prefix' => 'images'], function() { - // Get for user images - Route::get('/user/all', 'ImageController@getAllForUserType'); - Route::get('/user/all/{page}', 'ImageController@getAllForUserType'); - // Standard get, update and deletion for all types - Route::get('/thumb/{id}/{width}/{height}/{crop}', 'ImageController@getThumbnail'); - Route::get('/base64/{id}', 'ImageController@getBase64Image'); - Route::put('/update/{imageId}', 'ImageController@update'); - Route::post('/drawing/upload', 'ImageController@uploadDrawing'); - Route::get('/usage/{id}', 'ImageController@usage'); - Route::post('/{type}/upload', 'ImageController@uploadByType'); - Route::get('/{type}/all', 'ImageController@getAllByType'); - Route::get('/{type}/all/{page}', 'ImageController@getAllByType'); - Route::get('/{type}/search/{page}', 'ImageController@searchByType'); - Route::get('/gallery/{filter}/{page}', 'ImageController@getGalleryFiltered'); - Route::delete('/{id}', 'ImageController@destroy'); + Route::group(['prefix' => 'images'], function () { + + // Gallery + Route::get('/gallery', 'Images\GalleryImageController@list'); + Route::post('/gallery', 'Images\GalleryImageController@create'); + + // Drawio + Route::get('/drawio', 'Images\DrawioImageController@list'); + Route::get('/drawio/base64/{id}', 'Images\DrawioImageController@getAsBase64'); + Route::post('/drawio', 'Images\DrawioImageController@create'); + + // Shared gallery & draw.io endpoint + Route::get('/usage/{id}', 'Images\ImageController@usage'); + Route::put('/{id}', 'Images\ImageController@update'); + Route::delete('/{id}', 'Images\ImageController@destroy'); }); // Attachments routes @@ -155,6 +157,7 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/search', 'SearchController@search'); Route::get('/search/book/{bookId}', 'SearchController@searchBook'); Route::get('/search/chapter/{bookId}', 'SearchController@searchChapter'); + Route::get('/search/entity/siblings', 'SearchController@searchSiblings'); // Other Pages Route::get('/', 'HomeController@index'); @@ -176,6 +179,8 @@ Route::group(['middleware' => 'auth'], function () { Route::get('/users/{id}/delete', 'UserController@delete'); Route::patch('/users/{id}/switch-book-view', 'UserController@switchBookView'); Route::patch('/users/{id}/switch-shelf-view', 'UserController@switchShelfView'); + Route::patch('/users/{id}/change-sort/{type}', 'UserController@changeSort'); + Route::patch('/users/{id}/update-expansion-preference/{key}', 'UserController@updateExpansionPreference'); Route::post('/users/create', 'UserController@store'); Route::get('/users/{id}', 'UserController@edit'); Route::put('/users/{id}', 'UserController@update');