X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/d9eec6d82caf2c63c8535f6842612fc6939d5d0e..refs/pull/4193/head:/app/Http/Controllers/Api/ImageGalleryApiController.php diff --git a/app/Http/Controllers/Api/ImageGalleryApiController.php b/app/Http/Controllers/Api/ImageGalleryApiController.php index 85c0c3cef..3dba3d464 100644 --- a/app/Http/Controllers/Api/ImageGalleryApiController.php +++ b/app/Http/Controllers/Api/ImageGalleryApiController.php @@ -2,6 +2,7 @@ namespace BookStack\Http\Controllers\Api; +use BookStack\Entities\Models\Page; use BookStack\Uploads\Image; use BookStack\Uploads\ImageRepo; use Illuminate\Http\Request; @@ -22,7 +23,7 @@ class ImageGalleryApiController extends ApiController return [ 'create' => [ 'type' => ['required', 'string', 'in:gallery,drawio'], - 'uploaded_to' => ['required', 'integer', 'exists:pages,id'], + 'uploaded_to' => ['required', 'integer'], 'image' => ['required', 'file', ...$this->getImageValidationRules()], 'name' => ['string', 'max:180'], ], @@ -33,8 +34,8 @@ class ImageGalleryApiController extends ApiController } /** - * Get a listing of gallery images and drawings in the system. - * Requires visibility of the content they're originally uploaded to. + * Get a listing of images in the system. Includes gallery (page content) images and drawings. + * Requires visibility of the page they're originally uploaded to. */ public function list() { @@ -49,29 +50,45 @@ class ImageGalleryApiController extends ApiController /** * Create a new image in the system. + * Since "image" is expected to be a file, this needs to be a 'multipart/form-data' type request. + * The provided "uploaded_to" should be an existing page ID in the system. + * If the "name" parameter is omitted, the filename of the provided image file will be used instead. + * The "type" parameter should be 'gallery' for page content images, and 'drawio' should only be used + * when the file is a PNG file with diagrams.net image data embedded within. */ public function create(Request $request) { + $this->checkPermission('image-create-all'); $data = $this->validate($request, $this->rules()['create']); + Page::visible()->findOrFail($data['uploaded_to']); $image = $this->imageRepo->saveNew($data['image'], $data['type'], $data['uploaded_to']); + if (isset($data['name'])) { + $image->refresh(); + $image->update(['name' => $data['name']]); + } + return response()->json($this->formatForSingleResponse($image)); } /** * View the details of a single image. + * The "thumbs" response property contains links to scaled variants that BookStack may use in its UI. + * The "content" response property provides HTML and Markdown content, in the format that BookStack + * would typically use by default to add the image in page content, as a convenience. + * Actual image file data is not provided but can be fetched via the "url" response property. */ public function read(string $id) { - $image = $this->imageRepo->getById($id); - $this->checkOwnablePermission('page-view', $image->getPage()); + $image = Image::query()->scopes(['visible'])->findOrFail($id); return response()->json($this->formatForSingleResponse($image)); } /** - * Update an existing image in the system. + * Update the details of an existing image in the system. + * Only allows updating of the image name at this time. */ public function update(Request $request, string $id) { @@ -87,6 +104,8 @@ class ImageGalleryApiController extends ApiController /** * Delete an image from the system. + * Will also delete thumbnails for the image. + * Does not check or handle image usage so this could leave pages with broken image references. */ public function delete(string $id) {