]> BookStack Code Mirror - bookstack/blob - app/Http/Controllers/FileController.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Added in attachment tests
[bookstack] / app / Http / Controllers / FileController.php
1 <?php namespace BookStack\Http\Controllers;
2
3 use BookStack\Exceptions\FileUploadException;
4 use BookStack\File;
5 use BookStack\Repos\PageRepo;
6 use BookStack\Services\FileService;
7 use Illuminate\Http\Request;
8
9 use BookStack\Http\Requests;
10
11 class FileController extends Controller
12 {
13     protected $fileService;
14     protected $file;
15     protected $pageRepo;
16
17     /**
18      * FileController constructor.
19      * @param FileService $fileService
20      * @param File $file
21      * @param PageRepo $pageRepo
22      */
23     public function __construct(FileService $fileService, File $file, PageRepo $pageRepo)
24     {
25         $this->fileService = $fileService;
26         $this->file = $file;
27         $this->pageRepo = $pageRepo;
28     }
29
30
31     /**
32      * Endpoint at which files are uploaded to.
33      * @param Request $request
34      */
35     public function upload(Request $request)
36     {
37         $this->validate($request, [
38             'uploaded_to' => 'required|integer|exists:pages,id',
39             'file' => 'required|file'
40         ]);
41
42         $pageId = $request->get('uploaded_to');
43         $page = $this->pageRepo->getById($pageId);
44
45         $this->checkPermission('file-create-all');
46         $this->checkOwnablePermission('page-update', $page);
47
48         $uploadedFile = $request->file('file');
49
50         try {
51             $file = $this->fileService->saveNewUpload($uploadedFile, $pageId);
52         } catch (FileUploadException $e) {
53             return response($e->getMessage(), 500);
54         }
55
56         return response()->json($file);
57     }
58
59     /**
60      * Update an uploaded file.
61      * @param int $fileId
62      * @param Request $request
63      * @return mixed
64      */
65     public function uploadUpdate($fileId, Request $request)
66     {
67         $this->validate($request, [
68             'uploaded_to' => 'required|integer|exists:pages,id',
69             'file' => 'required|file'
70         ]);
71
72         $pageId = $request->get('uploaded_to');
73         $page = $this->pageRepo->getById($pageId);
74         $file = $this->file->findOrFail($fileId);
75
76         $this->checkOwnablePermission('page-update', $page);
77         $this->checkOwnablePermission('file-create', $file);
78         
79         if (intval($pageId) !== intval($file->uploaded_to)) {
80             return $this->jsonError('Page mismatch during attached file update');
81         }
82
83         $uploadedFile = $request->file('file');
84
85         try {
86             $file = $this->fileService->saveUpdatedUpload($uploadedFile, $file);
87         } catch (FileUploadException $e) {
88             return response($e->getMessage(), 500);
89         }
90
91         return response()->json($file);
92     }
93
94     /**
95      * Update the details of an existing file.
96      * @param $fileId
97      * @param Request $request
98      * @return File|mixed
99      */
100     public function update($fileId, Request $request)
101     {
102         $this->validate($request, [
103             'uploaded_to' => 'required|integer|exists:pages,id',
104             'name' => 'string|max:255',
105             'link' =>  'url'
106         ]);
107
108         $pageId = $request->get('uploaded_to');
109         $page = $this->pageRepo->getById($pageId);
110         $file = $this->file->findOrFail($fileId);
111
112         $this->checkOwnablePermission('page-update', $page);
113         $this->checkOwnablePermission('file-create', $file);
114
115         if (intval($pageId) !== intval($file->uploaded_to)) {
116             return $this->jsonError('Page mismatch during attachment update');
117         }
118
119         $file = $this->fileService->updateFile($file, $request->all());
120         return $file;
121     }
122
123     /**
124      * Attach a link to a page as a file.
125      * @param Request $request
126      * @return mixed
127      */
128     public function attachLink(Request $request)
129     {
130         $this->validate($request, [
131             'uploaded_to' => 'required|integer|exists:pages,id',
132             'name' => 'string|max:255',
133             'link' =>  'url|max:255'
134         ]);
135
136         $pageId = $request->get('uploaded_to');
137         $page = $this->pageRepo->getById($pageId);
138
139         $this->checkPermission('file-create-all');
140         $this->checkOwnablePermission('page-update', $page);
141
142         $fileName = $request->get('name');
143         $link = $request->get('link');
144         $file = $this->fileService->saveNewFromLink($fileName, $link, $pageId);
145
146         return response()->json($file);
147     }
148
149     /**
150      * Get the files for a specific page.
151      * @param $pageId
152      * @return mixed
153      */
154     public function listForPage($pageId)
155     {
156         $page = $this->pageRepo->getById($pageId);
157         $this->checkOwnablePermission('page-view', $page);
158         return response()->json($page->files);
159     }
160
161     /**
162      * Update the file sorting.
163      * @param $pageId
164      * @param Request $request
165      * @return mixed
166      */
167     public function sortForPage($pageId, Request $request)
168     {
169         $this->validate($request, [
170             'files' => 'required|array',
171             'files.*.id' => 'required|integer',
172         ]);
173         $page = $this->pageRepo->getById($pageId);
174         $this->checkOwnablePermission('page-update', $page);
175
176         $files = $request->get('files');
177         $this->fileService->updateFileOrderWithinPage($files, $pageId);
178         return response()->json(['message' => 'Attachment order updated']);
179     }
180
181     /**
182      * Get a file from storage.
183      * @param $fileId
184      */
185     public function get($fileId)
186     {
187         $file = $this->file->findOrFail($fileId);
188         $page = $this->pageRepo->getById($file->uploaded_to);
189         $this->checkOwnablePermission('page-view', $page);
190
191         if ($file->external) {
192             return redirect($file->path);
193         }
194
195         $fileContents = $this->fileService->getFile($file);
196         return response($fileContents, 200, [
197             'Content-Type' => 'application/octet-stream',
198             'Content-Disposition' => 'attachment; filename="'. $file->getFileName() .'"'
199         ]);
200     }
201
202     /**
203      * Delete a specific file in the system.
204      * @param $fileId
205      * @return mixed
206      */
207     public function delete($fileId)
208     {
209         $file = $this->file->findOrFail($fileId);
210         $this->checkOwnablePermission('file-delete', $file);
211         $this->fileService->deleteFile($file);
212         return response()->json(['message' => 'Attachment deleted']);
213     }
214 }
The core source code for the BookStack project.