BookStack/app/Uploads/AttachmentService.php

246 lines
7.6 KiB
PHP
Raw Normal View History

2021-06-26 11:23:15 -04:00
<?php
namespace BookStack\Uploads;
2016-11-12 09:12:26 -05:00
use BookStack\Exceptions\FileUploadException;
use Exception;
use Illuminate\Contracts\Filesystem\FileNotFoundException;
2021-11-05 12:18:06 -04:00
use Illuminate\Contracts\Filesystem\Filesystem as Storage;
use Illuminate\Filesystem\FilesystemManager;
use Illuminate\Support\Facades\Log;
2021-09-26 10:48:22 -04:00
use Illuminate\Support\Str;
2023-02-06 15:00:44 -05:00
use League\Flysystem\WhitespacePathNormalizer;
2016-11-12 09:12:26 -05:00
use Symfony\Component\HttpFoundation\File\UploadedFile;
class AttachmentService
2016-11-12 09:12:26 -05:00
{
protected FilesystemManager $fileSystem;
/**
* AttachmentService constructor.
*/
2021-11-05 12:18:06 -04:00
public function __construct(FilesystemManager $fileSystem)
{
$this->fileSystem = $fileSystem;
}
/**
* Get the storage that will be used for storing files.
*/
2021-11-05 12:18:06 -04:00
protected function getStorageDisk(): Storage
{
return $this->fileSystem->disk($this->getStorageDiskName());
}
/**
* Get the name of the storage disk to use.
*/
protected function getStorageDiskName(): string
{
$storageType = config('filesystems.attachments');
// Change to our secure-attachment disk if any of the local options
// are used to prevent escaping that location.
if ($storageType === 'local' || $storageType === 'local_secure' || $storageType === 'local_secure_restricted') {
$storageType = 'local_secure_attachments';
}
return $storageType;
}
/**
* Change the originally provided path to fit any disk-specific requirements.
* This also ensures the path is kept to the expected root folders.
*/
protected function adjustPathForStorageDisk(string $path): string
{
2023-02-06 15:00:44 -05:00
$path = (new WhitespacePathNormalizer())->normalizePath(str_replace('uploads/files/', '', $path));
if ($this->getStorageDiskName() === 'local_secure_attachments') {
return $path;
}
return 'uploads/files/' . $path;
}
/**
* Stream an attachment from storage.
*
* @throws FileNotFoundException
*
* @return resource|null
*/
public function streamAttachmentFromStorage(Attachment $attachment)
{
return $this->getStorageDisk()->readStream($this->adjustPathForStorageDisk($attachment->path));
}
2016-11-12 09:12:26 -05:00
/**
* Store a new attachment upon user upload.
2021-10-08 17:23:17 -04:00
*
2016-11-12 09:12:26 -05:00
* @throws FileUploadException
*/
public function saveNewUpload(UploadedFile $uploadedFile, int $pageId): Attachment
2016-11-12 09:12:26 -05:00
{
$attachmentName = $uploadedFile->getClientOriginalName();
$attachmentPath = $this->putFileInStorage($uploadedFile);
$largestExistingOrder = Attachment::query()->where('uploaded_to', '=', $pageId)->max('order');
2016-11-12 09:12:26 -05:00
/** @var Attachment $attachment */
$attachment = Attachment::query()->forceCreate([
2021-06-26 11:23:15 -04:00
'name' => $attachmentName,
'path' => $attachmentPath,
'extension' => $uploadedFile->getClientOriginalExtension(),
'uploaded_to' => $pageId,
2021-06-26 11:23:15 -04:00
'created_by' => user()->id,
'updated_by' => user()->id,
'order' => $largestExistingOrder + 1,
2016-11-12 09:12:26 -05:00
]);
return $attachment;
}
/**
* Store an upload, saving to a file and deleting any existing uploads
2016-11-12 09:12:26 -05:00
* attached to that file.
2021-06-26 11:23:15 -04:00
*
2016-11-12 09:12:26 -05:00
* @throws FileUploadException
*/
public function saveUpdatedUpload(UploadedFile $uploadedFile, Attachment $attachment): Attachment
2016-11-12 09:12:26 -05:00
{
if (!$attachment->external) {
$this->deleteFileInStorage($attachment);
}
$attachmentName = $uploadedFile->getClientOriginalName();
$attachmentPath = $this->putFileInStorage($uploadedFile);
2016-11-12 09:12:26 -05:00
$attachment->name = $attachmentName;
$attachment->path = $attachmentPath;
$attachment->external = false;
$attachment->extension = $uploadedFile->getClientOriginalExtension();
$attachment->save();
2021-06-26 11:23:15 -04:00
2016-11-12 09:12:26 -05:00
return $attachment;
}
/**
* Save a new File attachment from a given link and name.
*/
public function saveNewFromLink(string $name, string $link, int $page_id): Attachment
2016-11-12 09:12:26 -05:00
{
$largestExistingOrder = Attachment::where('uploaded_to', '=', $page_id)->max('order');
2021-06-26 11:23:15 -04:00
2016-11-12 09:12:26 -05:00
return Attachment::forceCreate([
2021-06-26 11:23:15 -04:00
'name' => $name,
'path' => $link,
'external' => true,
'extension' => '',
2016-11-12 09:12:26 -05:00
'uploaded_to' => $page_id,
2021-06-26 11:23:15 -04:00
'created_by' => user()->id,
'updated_by' => user()->id,
'order' => $largestExistingOrder + 1,
2016-11-12 09:12:26 -05:00
]);
}
/**
* Updates the ordering for a listing of attached files.
2016-11-12 09:12:26 -05:00
*/
public function updateFileOrderWithinPage(array $attachmentOrder, string $pageId)
2016-11-12 09:12:26 -05:00
{
foreach ($attachmentOrder as $index => $attachmentId) {
Attachment::query()->where('uploaded_to', '=', $pageId)
->where('id', '=', $attachmentId)
->update(['order' => $index]);
2016-11-12 09:12:26 -05:00
}
}
/**
* Update the details of a file.
*/
public function updateFile(Attachment $attachment, array $requestData): Attachment
2016-11-12 09:12:26 -05:00
{
$attachment->name = $requestData['name'];
$link = trim($requestData['link'] ?? '');
if (!empty($link)) {
2016-11-12 09:12:26 -05:00
if (!$attachment->external) {
$this->deleteFileInStorage($attachment);
$attachment->external = true;
$attachment->extension = '';
2016-11-12 09:12:26 -05:00
}
$attachment->path = $requestData['link'];
2016-11-12 09:12:26 -05:00
}
2016-11-12 09:12:26 -05:00
$attachment->save();
2021-10-20 05:49:45 -04:00
return $attachment->refresh();
2016-11-12 09:12:26 -05:00
}
/**
* Delete a File from the database and storage.
2021-10-08 17:23:17 -04:00
*
* @throws Exception
2016-11-12 09:12:26 -05:00
*/
public function deleteFile(Attachment $attachment)
{
if (!$attachment->external) {
$this->deleteFileInStorage($attachment);
2016-11-12 09:12:26 -05:00
}
2021-06-26 11:23:15 -04:00
2016-11-12 09:12:26 -05:00
$attachment->delete();
}
/**
* Delete a file from the filesystem it sits on.
* Cleans any empty leftover folders.
*/
protected function deleteFileInStorage(Attachment $attachment)
{
$storage = $this->getStorageDisk();
$dirPath = $this->adjustPathForStorageDisk(dirname($attachment->path));
2016-11-12 09:12:26 -05:00
$storage->delete($this->adjustPathForStorageDisk($attachment->path));
2016-11-12 09:12:26 -05:00
if (count($storage->allFiles($dirPath)) === 0) {
$storage->deleteDirectory($dirPath);
}
}
/**
2021-06-26 11:23:15 -04:00
* Store a file in storage with the given filename.
2021-10-08 17:23:17 -04:00
*
2016-11-12 09:12:26 -05:00
* @throws FileUploadException
*/
protected function putFileInStorage(UploadedFile $uploadedFile): string
2016-11-12 09:12:26 -05:00
{
$storage = $this->getStorageDisk();
2021-06-26 11:23:15 -04:00
$basePath = 'uploads/files/' . date('Y-m-M') . '/';
2016-11-12 09:12:26 -05:00
$uploadFileName = Str::random(16) . '-' . $uploadedFile->getClientOriginalExtension();
while ($storage->exists($this->adjustPathForStorageDisk($basePath . $uploadFileName))) {
2019-09-13 18:58:40 -04:00
$uploadFileName = Str::random(3) . $uploadFileName;
2016-11-12 09:12:26 -05:00
}
2022-04-02 13:46:48 -04:00
$attachmentStream = fopen($uploadedFile->getRealPath(), 'r');
$attachmentPath = $basePath . $uploadFileName;
2021-06-26 11:23:15 -04:00
2016-11-12 09:12:26 -05:00
try {
2022-04-02 13:46:48 -04:00
$storage->writeStream($this->adjustPathForStorageDisk($attachmentPath), $attachmentStream);
2016-11-12 09:12:26 -05:00
} catch (Exception $e) {
Log::error('Error when attempting file upload:' . $e->getMessage());
2021-06-26 11:23:15 -04:00
throw new FileUploadException(trans('errors.path_not_writable', ['filePath' => $attachmentPath]));
2016-11-12 09:12:26 -05:00
}
2016-11-12 09:12:26 -05:00
return $attachmentPath;
}
/**
* Get the file validation rules for attachments.
*/
public function getFileValidationRules(): array
{
return ['file', 'max:' . (config('app.upload_limit') * 1000)];
}
}