BookStack Code Mirror - bookstack/blob - app/Http/Controllers/FileController.php

   1 <?php namespace BookStack\Http\Controllers;
   2
   3 use BookStack\Exceptions\FileUploadException;
   4 use BookStack\File;
   5 use BookStack\Repos\PageRepo;
   6 use BookStack\Services\FileService;
   7 use Illuminate\Http\Request;
   8
   9 use BookStack\Http\Requests;
  10
  11 class FileController extends Controller
  12 {
  13     protected $fileService;
  14     protected $file;
  15     protected $pageRepo;
  16
  17     /**
  18      * FileController constructor.
  19      * @param FileService $fileService
  20      * @param File $file
  21      * @param PageRepo $pageRepo
  22      */
  23     public function __construct(FileService $fileService, File $file, PageRepo $pageRepo)
  24     {
  25         $this->fileService = $fileService;
  26         $this->file = $file;
  27         $this->pageRepo = $pageRepo;
  28     }
  29
  30
  31     /**
  32      * Endpoint at which files are uploaded to.
  33      * @param Request $request
  34      */
  35     public function upload(Request $request)
  36     {
  37         // TODO - ensure uploads are deleted on page delete.
  38         $this->validate($request, [
  39             'uploaded_to' => 'required|integer|exists:pages,id',
  40             'file' => 'required|file'
  41         ]);
  42
  43         $pageId = $request->get('uploaded_to');
  44         $page = $this->pageRepo->getById($pageId);
  45
  46         $this->checkPermission('file-create-all');
  47         $this->checkOwnablePermission('page-update', $page);
  48
  49         $uploadedFile = $request->file('file');
  50
  51         try {
  52             $file = $this->fileService->saveNewUpload($uploadedFile, $pageId);
  53         } catch (FileUploadException $e) {
  54             return response($e->getMessage(), 500);
  55         }
  56
  57         return response()->json($file);
  58     }
  59
  60     /**
  61      * Attach a link to a page as a file.
  62      * @param Request $request
  63      * @return mixed
  64      */
  65     public function attachLink(Request $request)
  66     {
  67         $this->validate($request, [
  68             'uploaded_to' => 'required|integer|exists:pages,id',
  69             'name' => 'string',
  70             'link' =>  'url'
  71         ]);
  72
  73         $pageId = $request->get('uploaded_to');
  74         $page = $this->pageRepo->getById($pageId);
  75
  76         $this->checkPermission('file-create-all');
  77         $this->checkOwnablePermission('page-update', $page);
  78
  79         $fileName = $request->get('name');
  80         $link = $request->get('link');
  81         $file = $this->fileService->saveNewFromLink($fileName, $link, $pageId);
  82
  83         return response()->json($file);
  84     }
  85
  86     /**
  87      * Get the files for a specific page.
  88      * @param $pageId
  89      * @return mixed
  90      */
  91     public function listForPage($pageId)
  92     {
  93         $page = $this->pageRepo->getById($pageId);
  94         $this->checkOwnablePermission('page-view', $page);
  95         return response()->json($page->files);
  96     }
  97
  98     /**
  99      * Update the file sorting.
 100      * @param $pageId
 101      * @param Request $request
 102      * @return mixed
 103      */
 104     public function sortForPage($pageId, Request $request)
 105     {
 106         $this->validate($request, [
 107             'files' => 'required|array',
 108             'files.*.id' => 'required|integer',
 109         ]);
 110         $page = $this->pageRepo->getById($pageId);
 111         $this->checkOwnablePermission('page-update', $page);
 112
 113         $files = $request->get('files');
 114         $this->fileService->updateFileOrderWithinPage($files, $pageId);
 115         return response()->json(['message' => 'Attachment order updated']);
 116     }
 117
 118     /**
 119      * Get a file from storage.
 120      * @param $fileId
 121      */
 122     public function get($fileId)
 123     {
 124         $file = $this->file->findOrFail($fileId);
 125         $page = $this->pageRepo->getById($file->uploaded_to);
 126         $this->checkOwnablePermission('page-view', $page);
 127
 128         if ($file->external) {
 129             return redirect($file->path);
 130         }
 131
 132         $fileContents = $this->fileService->getFile($file);
 133         return response($fileContents, 200, [
 134             'Content-Type' => 'application/octet-stream',
 135             'Content-Disposition' => 'attachment; filename="'. $file->name .'"'
 136         ]);
 137     }
 138
 139     /**
 140      * Delete a specific file in the system.
 141      * @param $fileId
 142      * @return mixed
 143      */
 144     public function delete($fileId)
 145     {
 146         $file = $this->file->findOrFail($fileId);
 147         $this->checkOwnablePermission('file-delete', $file);
 148         $this->fileService->deleteFile($file);
 149         return response()->json(['message' => 'Attachment deleted']);
 150     }
 151 }