X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/c429cf78187e80deb63982a282a1c6889f30291a..refs/pull/5591/head:/app/Uploads/Attachment.php diff --git a/app/Uploads/Attachment.php b/app/Uploads/Attachment.php index 5acd4f141..57d7cb334 100644 --- a/app/Uploads/Attachment.php +++ b/app/Uploads/Attachment.php @@ -2,33 +2,48 @@ namespace BookStack\Uploads; +use BookStack\App\Model; +use BookStack\Entities\Models\Entity; use BookStack\Entities\Models\Page; -use BookStack\Model; -use BookStack\Traits\HasCreatorAndUpdater; +use BookStack\Permissions\Models\JointPermission; +use BookStack\Permissions\PermissionApplicator; +use BookStack\Users\Models\HasCreatorAndUpdater; +use BookStack\Users\Models\User; +use Illuminate\Database\Eloquent\Builder; +use Illuminate\Database\Eloquent\Factories\HasFactory; use Illuminate\Database\Eloquent\Relations\BelongsTo; +use Illuminate\Database\Eloquent\Relations\HasMany; /** - * @property int id - * @property string name - * @property string path - * @property string extension - * @property ?Page page - * @property bool external + * @property int $id + * @property string $name + * @property string $path + * @property string $extension + * @property ?Page $page + * @property bool $external + * @property int $uploaded_to + * @property User $updatedBy + * @property User $createdBy + * + * @method static Entity|Builder visible() */ class Attachment extends Model { use HasCreatorAndUpdater; + use HasFactory; protected $fillable = ['name', 'order']; + protected $hidden = ['path', 'page']; + protected $casts = [ + 'external' => 'bool', + ]; /** * Get the downloadable file name for this upload. - * - * @return mixed|string */ - public function getFileName() + public function getFileName(): string { - if (strpos($this->name, '.') !== false) { + if (str_contains($this->name, '.')) { return $this->name; } @@ -43,12 +58,18 @@ class Attachment extends Model return $this->belongsTo(Page::class, 'uploaded_to'); } + public function jointPermissions(): HasMany + { + return $this->hasMany(JointPermission::class, 'entity_id', 'uploaded_to') + ->where('joint_permissions.entity_type', '=', 'page'); + } + /** * Get the url of this file. */ public function getUrl($openInline = false): string { - if ($this->external && strpos($this->path, 'http') !== 0) { + if ($this->external && !str_starts_with($this->path, 'http')) { return $this->path; } @@ -56,7 +77,22 @@ class Attachment extends Model } /** - * Generate a HTML link to this attachment. + * Get the representation of this attachment in a format suitable for the page editors. + * Detects and adapts video content to use an inline video embed. + */ + public function editorContent(): array + { + $videoExtensions = ['mp4', 'webm', 'mkv', 'ogg', 'avi']; + if (in_array(strtolower($this->extension), $videoExtensions)) { + $html = ''; + return ['text/html' => $html, 'text/plain' => $html]; + } + + return ['text/html' => $this->htmlLink(), 'text/plain' => $this->markdownLink()]; + } + + /** + * Generate the HTML link to this attachment. */ public function htmlLink(): string { @@ -64,10 +100,24 @@ class Attachment extends Model } /** - * Generate a markdown link to this attachment. + * Generate a MarkDown link to this attachment. */ public function markdownLink(): string { return '[' . $this->name . '](' . $this->getUrl() . ')'; } + + /** + * Scope the query to those attachments that are visible based upon related page permissions. + */ + public function scopeVisible(): Builder + { + $permissions = app()->make(PermissionApplicator::class); + + return $permissions->restrictPageRelationQuery( + self::query(), + 'attachments', + 'uploaded_to' + ); + } }