BookStack Code Mirror - bookstack/blob - app/Http/Controllers/FileController.php

   1 <?php namespace BookStack\Http\Controllers;
   2
   3 use BookStack\Exceptions\FileUploadException;
   4 use BookStack\File;
   5 use BookStack\Repos\PageRepo;
   6 use BookStack\Services\FileService;
   7 use Illuminate\Http\Request;
   8
   9 use BookStack\Http\Requests;
  10
  11 class FileController extends Controller
  12 {
  13     protected $fileService;
  14     protected $file;
  15     protected $pageRepo;
  16
  17     /**
  18      * FileController constructor.
  19      * @param FileService $fileService
  20      * @param File $file
  21      * @param PageRepo $pageRepo
  22      */
  23     public function __construct(FileService $fileService, File $file, PageRepo $pageRepo)
  24     {
  25         $this->fileService = $fileService;
  26         $this->file = $file;
  27         $this->pageRepo = $pageRepo;
  28     }
  29
  30
  31     /**
  32      * Endpoint at which files are uploaded to.
  33      * @param Request $request
  34      */
  35     public function upload(Request $request)
  36     {
  37         // TODO - ensure uploads are deleted on page delete.
  38         $this->validate($request, [
  39             'uploaded_to' => 'required|integer|exists:pages,id'
  40         ]);
  41
  42         $pageId = $request->get('uploaded_to');
  43         $page = $this->pageRepo->getById($pageId);
  44
  45         $this->checkPermission('file-create-all');
  46         $this->checkOwnablePermission('page-update', $page);
  47
  48         $uploadedFile = $request->file('file');
  49
  50         try {
  51             $file = $this->fileService->saveNewUpload($uploadedFile, $pageId);
  52         } catch (FileUploadException $e) {
  53             return response($e->getMessage(), 500);
  54         }
  55
  56         return response()->json($file);
  57     }
  58
  59     /**
  60      * Get the files for a specific page.
  61      * @param $pageId
  62      * @return mixed
  63      */
  64     public function listForPage($pageId)
  65     {
  66         $page = $this->pageRepo->getById($pageId);
  67         $this->checkOwnablePermission('page-view', $page);
  68         return response()->json($page->files);
  69     }
  70
  71     /**
  72      * Update the file sorting.
  73      * @param $pageId
  74      * @param Request $request
  75      * @return mixed
  76      */
  77     public function sortForPage($pageId, Request $request)
  78     {
  79         $this->validate($request, [
  80             'files' => 'required|array',
  81             'files.*.id' => 'required|integer',
  82         ]);
  83         $page = $this->pageRepo->getById($pageId);
  84         $this->checkOwnablePermission('page-update', $page);
  85
  86         $files = $request->get('files');
  87         $this->fileService->updateFileOrderWithinPage($files, $pageId);
  88         return response()->json(['message' => 'File order updated']);
  89     }
  90
  91     /**
  92      * Get a file from storage.
  93      * @param $fileId
  94      */
  95     public function get($fileId)
  96     {
  97         $file = $this->file->findOrFail($fileId);
  98         $page = $this->pageRepo->getById($file->uploaded_to);
  99         $this->checkOwnablePermission('page-view', $page);
 100
 101         $fileContents = $this->fileService->getFile($file);
 102         return response($fileContents, 200, [
 103             'Content-Type' => 'application/octet-stream',
 104             'Content-Disposition' => 'attachment; filename="'. $file->name .'"'
 105         ]);
 106     }
 107
 108     /**
 109      * Delete a specific file in the system.
 110      * @param $fileId
 111      * @return mixed
 112      */
 113     public function delete($fileId)
 114     {
 115         $file = $this->file->findOrFail($fileId);
 116         $this->checkOwnablePermission($file, 'file-delete');
 117         $this->fileService->deleteFile($file);
 118         return response()->json(['message' => 'File deleted']);
 119     }
 120 }