BookStack Code Mirror - bookstack/blobdiff - app/Http/Controllers/AttachmentController.php

index 62be0b852236f9109249e17834f32ae85ae7eaee..8f5da49ed83c10c5979b9e4b8eaa74ac324e14b9 100644 (file)

--- a/app/Http/Controllers/AttachmentController.php

+++ b/app/Http/Controllers/AttachmentController.php

@@ -1,10 +1,14 @@

<?php namespace BookStack\Http\Controllers;

+use BookStack\Entities\Repos\PageRepo;

use BookStack\Exceptions\FileUploadException;

-use BookStack\Attachment;

-use BookStack\Repos\PageRepo;

-use BookStack\Services\AttachmentService;

+use BookStack\Exceptions\NotFoundException;

+use BookStack\Uploads\Attachment;

+use BookStack\Uploads\AttachmentService;

+use Exception;

+use Illuminate\Contracts\Filesystem\FileNotFoundException;

use Illuminate\Http\Request;

+use Illuminate\Validation\ValidationException;

class AttachmentController extends Controller

{

@@ -14,9 +18,6 @@ class AttachmentController extends Controller

/**

* AttachmentController constructor.

- * @param AttachmentService $attachmentService

- * @param Attachment $attachment

- * @param PageRepo $pageRepo

public function __construct(AttachmentService $attachmentService, Attachment $attachment, PageRepo $pageRepo)

{

@@ -29,8 +30,8 @@ class AttachmentController extends Controller

/**

* Endpoint at which attachments are uploaded to.

- * @param Request $request

- * @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\JsonResponse|\Symfony\Component\HttpFoundation\Response

+ * @throws ValidationException

+ * @throws NotFoundException

public function upload(Request $request)

{

@@ -40,7 +41,7 @@ class AttachmentController extends Controller

]);

$pageId = $request->get('uploaded_to');

- $page = $this->pageRepo->getById($pageId, true);

+ $page = $this->pageRepo->getById($pageId);

$this->checkPermission('attachment-create-all');

$this->checkOwnablePermission('page-update', $page);

@@ -58,11 +59,10 @@ class AttachmentController extends Controller

/**

* Update an uploaded attachment.

- * @param int $attachmentId

- * @param Request $request

- * @return mixed

+ * @throws ValidationException

+ * @throws NotFoundException

- public function uploadUpdate($attachmentId, Request $request)

+ public function uploadUpdate(Request $request, $attachmentId)

{

$this->validate($request, [

'uploaded_to' => 'required|integer|exists:pages,id',

@@ -70,14 +70,14 @@ class AttachmentController extends Controller

]);

$pageId = $request->get('uploaded_to');

- $page = $this->pageRepo->getById($pageId, true);

+ $page = $this->pageRepo->getById($pageId);

$attachment = $this->attachment->findOrFail($attachmentId);

$this->checkOwnablePermission('page-update', $page);

$this->checkOwnablePermission('attachment-create', $attachment);

if (intval($pageId) !== intval($attachment->uploaded_to)) {

- return $this->jsonError('Page mismatch during attached file update');

+ return $this->jsonError(trans('errors.attachment_page_mismatch'));

}

$uploadedFile = $request->file('file');

@@ -93,48 +93,47 @@ class AttachmentController extends Controller

/**

* Update the details of an existing file.

- * @param $attachmentId

- * @param Request $request

- * @return Attachment|mixed

+ * @throws ValidationException

+ * @throws NotFoundException

- public function update($attachmentId, Request $request)

+ public function update(Request $request, $attachmentId)

{

$this->validate($request, [

'uploaded_to' => 'required|integer|exists:pages,id',

'name' => 'required|string|min:1|max:255',

- 'link' => 'url|min:1|max:255'

+ 'link' => 'string|min:1|max:255'

]);

$pageId = $request->get('uploaded_to');

- $page = $this->pageRepo->getById($pageId, true);

+ $page = $this->pageRepo->getById($pageId);

$attachment = $this->attachment->findOrFail($attachmentId);

$this->checkOwnablePermission('page-update', $page);

$this->checkOwnablePermission('attachment-create', $attachment);

if (intval($pageId) !== intval($attachment->uploaded_to)) {

- return $this->jsonError('Page mismatch during attachment update');

+ return $this->jsonError(trans('errors.attachment_page_mismatch'));

}

$attachment = $this->attachmentService->updateFile($attachment, $request->all());

- return $attachment;

+ return response()->json($attachment);

}

/**

* Attach a link to a page.

- * @param Request $request

- * @return mixed

+ * @throws ValidationException

+ * @throws NotFoundException

public function attachLink(Request $request)

{

$this->validate($request, [

'uploaded_to' => 'required|integer|exists:pages,id',

'name' => 'required|string|min:1|max:255',

- 'link' => 'required|url|min:1|max:255'

+ 'link' => 'required|string|min:1|max:255'

]);

$pageId = $request->get('uploaded_to');

- $page = $this->pageRepo->getById($pageId, true);

+ $page = $this->pageRepo->getById($pageId);

$this->checkPermission('attachment-create-all');

$this->checkOwnablePermission('page-update', $page);

@@ -148,23 +147,20 @@ class AttachmentController extends Controller

/**

* Get the attachments for a specific page.

- * @param $pageId

- * @return mixed

- public function listForPage($pageId)

+ public function listForPage(int $pageId)

{

- $page = $this->pageRepo->getById($pageId, true);

+ $page = $this->pageRepo->getById($pageId);

$this->checkOwnablePermission('page-view', $page);

return response()->json($page->attachments);

}

/**

* Update the attachment sorting.

- * @param $pageId

- * @param Request $request

- * @return mixed

+ * @throws ValidationException

+ * @throws NotFoundException

- public function sortForPage($pageId, Request $request)

+ public function sortForPage(Request $request, int $pageId)

{

$this->validate($request, [

'files' => 'required|array',

@@ -175,18 +171,23 @@ class AttachmentController extends Controller

$attachments = $request->get('files');

$this->attachmentService->updateFileOrderWithinPage($attachments, $pageId);

- return response()->json(['message' => 'Attachment order updated']);

+ return response()->json(['message' => trans('entities.attachments_order_updated')]);

}

/**

* Get an attachment from storage.

- * @param $attachmentId

- * @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector|\Symfony\Component\HttpFoundation\Response

+ * @throws FileNotFoundException

+ * @throws NotFoundException

- public function get($attachmentId)

+ public function get(int $attachmentId)

{

$attachment = $this->attachment->findOrFail($attachmentId);

- $page = $this->pageRepo->getById($attachment->uploaded_to);

+ try {

+ $page = $this->pageRepo->getById($attachment->uploaded_to);

+ } catch (NotFoundException $exception) {

+ throw new NotFoundException(trans('errors.attachment_not_found'));

+ }

$this->checkOwnablePermission('page-view', $page);

if ($attachment->external) {

@@ -194,22 +195,20 @@ class AttachmentController extends Controller

}

$attachmentContents = $this->attachmentService->getAttachmentFromStorage($attachment);

- return response($attachmentContents, 200, [

- 'Content-Type' => 'application/octet-stream',

- 'Content-Disposition' => 'attachment; filename="'. $attachment->getFileName() .'"'

- ]);

+ return $this->downloadResponse($attachmentContents, $attachment->getFileName());

}

/**

* Delete a specific attachment in the system.

* @param $attachmentId

* @return mixed

+ * @throws Exception

- public function delete($attachmentId)

+ public function delete(int $attachmentId)

{

$attachment = $this->attachment->findOrFail($attachmentId);

$this->checkOwnablePermission('attachment-delete', $attachment);

$this->attachmentService->deleteFile($attachment);

- return response()->json(['message' => 'Attachment deleted']);

+ return response()->json(['message' => trans('entities.attachments_deleted')]);

}