use Exception;
use Illuminate\Contracts\Filesystem\FileNotFoundException;
use Illuminate\Http\Request;
+use Illuminate\Support\MessageBag;
use Illuminate\Validation\ValidationException;
class AttachmentController extends Controller
$this->attachmentService = $attachmentService;
$this->attachment = $attachment;
$this->pageRepo = $pageRepo;
- parent::__construct();
}
/**
* Update an uploaded attachment.
* @throws ValidationException
- * @throws NotFoundException
*/
public function uploadUpdate(Request $request, $attachmentId)
{
$this->validate($request, [
- 'uploaded_to' => 'required|integer|exists:pages,id',
'file' => 'required|file'
]);
- $pageId = $request->get('uploaded_to');
- $page = $this->pageRepo->getById($pageId);
- $attachment = $this->attachment->findOrFail($attachmentId);
-
- $this->checkOwnablePermission('page-update', $page);
+ $attachment = $this->attachment->newQuery()->findOrFail($attachmentId);
+ $this->checkOwnablePermission('view', $attachment->page);
+ $this->checkOwnablePermission('page-update', $attachment->page);
$this->checkOwnablePermission('attachment-create', $attachment);
-
- if (intval($pageId) !== intval($attachment->uploaded_to)) {
- return $this->jsonError(trans('errors.attachment_page_mismatch'));
- }
$uploadedFile = $request->file('file');
}
/**
- * Update the details of an existing file.
- * @throws ValidationException
- * @throws NotFoundException
+ * Get the update form for an attachment.
+ * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
- public function update(Request $request, $attachmentId)
+ public function getUpdateForm(string $attachmentId)
{
- $this->validate($request, [
- 'uploaded_to' => 'required|integer|exists:pages,id',
- 'name' => 'required|string|min:1|max:255',
- 'link' => 'string|min:1|max:255'
- ]);
-
- $pageId = $request->get('uploaded_to');
- $page = $this->pageRepo->getById($pageId);
$attachment = $this->attachment->findOrFail($attachmentId);
- $this->checkOwnablePermission('page-update', $page);
+ $this->checkOwnablePermission('page-update', $attachment->page);
$this->checkOwnablePermission('attachment-create', $attachment);
- if (intval($pageId) !== intval($attachment->uploaded_to)) {
- return $this->jsonError(trans('errors.attachment_page_mismatch'));
+ return view('attachments.manager-edit-form', [
+ 'attachment' => $attachment,
+ ]);
+ }
+
+ /**
+ * Update the details of an existing file.
+ */
+ public function update(Request $request, string $attachmentId)
+ {
+ $attachment = $this->attachment->newQuery()->findOrFail($attachmentId);
+
+ try {
+ $this->validate($request, [
+ 'attachment_edit_name' => 'required|string|min:1|max:255',
+ 'attachment_edit_url' => 'string|min:1|max:255|safe_url'
+ ]);
+ } catch (ValidationException $exception) {
+ return response()->view('attachments.manager-edit-form', array_merge($request->only(['attachment_edit_name', 'attachment_edit_url']), [
+ 'attachment' => $attachment,
+ 'errors' => new MessageBag($exception->errors()),
+ ]), 422);
}
- $attachment = $this->attachmentService->updateFile($attachment, $request->all());
- return response()->json($attachment);
+ $this->checkOwnablePermission('view', $attachment->page);
+ $this->checkOwnablePermission('page-update', $attachment->page);
+ $this->checkOwnablePermission('attachment-create', $attachment);
+
+ $attachment = $this->attachmentService->updateFile($attachment, [
+ 'name' => $request->get('attachment_edit_name'),
+ 'link' => $request->get('attachment_edit_url'),
+ ]);
+
+ return view('attachments.manager-edit-form', [
+ 'attachment' => $attachment,
+ ]);
}
/**
* Attach a link to a page.
- * @throws ValidationException
* @throws NotFoundException
*/
public function attachLink(Request $request)
{
- $this->validate($request, [
- 'uploaded_to' => 'required|integer|exists:pages,id',
- 'name' => 'required|string|min:1|max:255',
- 'link' => 'required|string|min:1|max:255'
- ]);
+ $pageId = $request->get('attachment_link_uploaded_to');
+
+ try {
+ $this->validate($request, [
+ 'attachment_link_uploaded_to' => 'required|integer|exists:pages,id',
+ 'attachment_link_name' => 'required|string|min:1|max:255',
+ 'attachment_link_url' => 'required|string|min:1|max:255|safe_url'
+ ]);
+ } catch (ValidationException $exception) {
+ return response()->view('attachments.manager-link-form', array_merge($request->only(['attachment_link_name', 'attachment_link_url']), [
+ 'pageId' => $pageId,
+ 'errors' => new MessageBag($exception->errors()),
+ ]), 422);
+ }
- $pageId = $request->get('uploaded_to');
$page = $this->pageRepo->getById($pageId);
$this->checkPermission('attachment-create-all');
$this->checkOwnablePermission('page-update', $page);
- $attachmentName = $request->get('name');
- $link = $request->get('link');
- $attachment = $this->attachmentService->saveNewFromLink($attachmentName, $link, $pageId);
+ $attachmentName = $request->get('attachment_link_name');
+ $link = $request->get('attachment_link_url');
+ $attachment = $this->attachmentService->saveNewFromLink($attachmentName, $link, intval($pageId));
- return response()->json($attachment);
+ return view('attachments.manager-link-form', [
+ 'pageId' => $pageId,
+ ]);
}
/**
{
$page = $this->pageRepo->getById($pageId);
$this->checkOwnablePermission('page-view', $page);
- return response()->json($page->attachments);
+ return view('attachments.manager-list', [
+ 'attachments' => $page->attachments->all(),
+ ]);
}
/**
public function sortForPage(Request $request, int $pageId)
{
$this->validate($request, [
- 'files' => 'required|array',
- 'files.*.id' => 'required|integer',
+ 'order' => 'required|array',
]);
$page = $this->pageRepo->getById($pageId);
$this->checkOwnablePermission('page-update', $page);
- $attachments = $request->get('files');
- $this->attachmentService->updateFileOrderWithinPage($attachments, $pageId);
+ $attachmentOrder = $request->get('order');
+ $this->attachmentService->updateFileOrderWithinPage($attachmentOrder, $pageId);
return response()->json(['message' => trans('entities.attachments_order_updated')]);
}
* @throws FileNotFoundException
* @throws NotFoundException
*/
- public function get(int $attachmentId)
+ public function get(string $attachmentId)
{
$attachment = $this->attachment->findOrFail($attachmentId);
try {
/**
* Delete a specific attachment in the system.
- * @param $attachmentId
- * @return mixed
* @throws Exception
*/
- public function delete(int $attachmentId)
+ public function delete(string $attachmentId)
{
$attachment = $this->attachment->findOrFail($attachmentId);
$this->checkOwnablePermission('attachment-delete', $attachment);
projects / bookstack / blobdiff