2021-06-26 11:23:15 -04:00
|
|
|
<?php
|
|
|
|
|
2023-05-17 12:56:55 -04:00
|
|
|
namespace BookStack\Uploads\Controllers;
|
2016-10-09 13:58:22 -04:00
|
|
|
|
2019-10-05 07:55:01 -04:00
|
|
|
use BookStack\Entities\Repos\PageRepo;
|
2016-10-09 13:58:22 -04:00
|
|
|
use BookStack\Exceptions\FileUploadException;
|
2018-02-11 07:37:02 -05:00
|
|
|
use BookStack\Exceptions\NotFoundException;
|
2023-05-18 15:53:39 -04:00
|
|
|
use BookStack\Http\Controller;
|
2018-09-25 11:58:03 -04:00
|
|
|
use BookStack\Uploads\Attachment;
|
2018-09-25 07:30:50 -04:00
|
|
|
use BookStack\Uploads\AttachmentService;
|
2019-10-05 07:55:01 -04:00
|
|
|
use Exception;
|
|
|
|
use Illuminate\Contracts\Filesystem\FileNotFoundException;
|
2016-10-09 13:58:22 -04:00
|
|
|
use Illuminate\Http\Request;
|
2020-07-04 11:53:02 -04:00
|
|
|
use Illuminate\Support\MessageBag;
|
2019-10-05 07:55:01 -04:00
|
|
|
use Illuminate\Validation\ValidationException;
|
2016-10-09 13:58:22 -04:00
|
|
|
|
2016-11-12 09:12:26 -05:00
|
|
|
class AttachmentController extends Controller
|
2016-10-09 13:58:22 -04:00
|
|
|
{
|
2023-02-20 08:05:23 -05:00
|
|
|
public function __construct(
|
|
|
|
protected AttachmentService $attachmentService,
|
|
|
|
protected PageRepo $pageRepo
|
|
|
|
) {
|
2016-10-09 13:58:22 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2016-11-12 09:12:26 -05:00
|
|
|
* Endpoint at which attachments are uploaded to.
|
2021-06-26 11:23:15 -04:00
|
|
|
*
|
2019-10-05 07:55:01 -04:00
|
|
|
* @throws ValidationException
|
|
|
|
* @throws NotFoundException
|
2016-10-09 13:58:22 -04:00
|
|
|
*/
|
|
|
|
public function upload(Request $request)
|
|
|
|
{
|
|
|
|
$this->validate($request, [
|
2021-11-04 20:26:55 -04:00
|
|
|
'uploaded_to' => ['required', 'integer', 'exists:pages,id'],
|
2021-11-14 17:03:22 -05:00
|
|
|
'file' => array_merge(['required'], $this->attachmentService->getFileValidationRules()),
|
2016-10-09 13:58:22 -04:00
|
|
|
]);
|
|
|
|
|
|
|
|
$pageId = $request->get('uploaded_to');
|
2019-10-05 07:55:01 -04:00
|
|
|
$page = $this->pageRepo->getById($pageId);
|
2016-10-10 15:30:27 -04:00
|
|
|
|
2016-11-12 09:12:26 -05:00
|
|
|
$this->checkPermission('attachment-create-all');
|
2016-10-10 15:30:27 -04:00
|
|
|
$this->checkOwnablePermission('page-update', $page);
|
|
|
|
|
|
|
|
$uploadedFile = $request->file('file');
|
2016-10-09 13:58:22 -04:00
|
|
|
|
|
|
|
try {
|
2016-11-12 09:12:26 -05:00
|
|
|
$attachment = $this->attachmentService->saveNewUpload($uploadedFile, $pageId);
|
2016-10-09 13:58:22 -04:00
|
|
|
} catch (FileUploadException $e) {
|
|
|
|
return response($e->getMessage(), 500);
|
|
|
|
}
|
|
|
|
|
2016-11-12 09:12:26 -05:00
|
|
|
return response()->json($attachment);
|
2016-10-09 13:58:22 -04:00
|
|
|
}
|
|
|
|
|
2016-10-11 15:39:11 -04:00
|
|
|
/**
|
2016-11-12 09:12:26 -05:00
|
|
|
* Update an uploaded attachment.
|
2021-06-26 11:23:15 -04:00
|
|
|
*
|
2019-10-05 07:55:01 -04:00
|
|
|
* @throws ValidationException
|
2016-10-11 15:39:11 -04:00
|
|
|
*/
|
2019-09-15 13:53:30 -04:00
|
|
|
public function uploadUpdate(Request $request, $attachmentId)
|
2016-10-11 15:39:11 -04:00
|
|
|
{
|
|
|
|
$this->validate($request, [
|
2021-11-14 17:03:22 -05:00
|
|
|
'file' => array_merge(['required'], $this->attachmentService->getFileValidationRules()),
|
2016-10-11 15:39:11 -04:00
|
|
|
]);
|
|
|
|
|
2021-11-01 07:17:30 -04:00
|
|
|
/** @var Attachment $attachment */
|
2021-06-05 19:51:06 -04:00
|
|
|
$attachment = Attachment::query()->findOrFail($attachmentId);
|
2020-07-04 11:53:02 -04:00
|
|
|
$this->checkOwnablePermission('view', $attachment->page);
|
|
|
|
$this->checkOwnablePermission('page-update', $attachment->page);
|
2016-11-12 09:12:26 -05:00
|
|
|
$this->checkOwnablePermission('attachment-create', $attachment);
|
2016-10-11 15:39:11 -04:00
|
|
|
|
|
|
|
$uploadedFile = $request->file('file');
|
|
|
|
|
|
|
|
try {
|
2016-11-12 09:12:26 -05:00
|
|
|
$attachment = $this->attachmentService->saveUpdatedUpload($uploadedFile, $attachment);
|
2016-10-11 15:39:11 -04:00
|
|
|
} catch (FileUploadException $e) {
|
|
|
|
return response($e->getMessage(), 500);
|
|
|
|
}
|
|
|
|
|
2016-11-12 09:12:26 -05:00
|
|
|
return response()->json($attachment);
|
2016-10-11 15:39:11 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-07-04 11:53:02 -04:00
|
|
|
* Get the update form for an attachment.
|
2016-10-11 15:39:11 -04:00
|
|
|
*/
|
2020-07-04 11:53:02 -04:00
|
|
|
public function getUpdateForm(string $attachmentId)
|
2016-10-11 15:39:11 -04:00
|
|
|
{
|
2021-11-01 07:17:30 -04:00
|
|
|
/** @var Attachment $attachment */
|
2021-06-05 19:51:06 -04:00
|
|
|
$attachment = Attachment::query()->findOrFail($attachmentId);
|
2016-10-11 15:39:11 -04:00
|
|
|
|
2020-07-04 11:53:02 -04:00
|
|
|
$this->checkOwnablePermission('page-update', $attachment->page);
|
2016-11-12 09:12:26 -05:00
|
|
|
$this->checkOwnablePermission('attachment-create', $attachment);
|
2016-10-11 15:39:11 -04:00
|
|
|
|
2020-07-04 11:53:02 -04:00
|
|
|
return view('attachments.manager-edit-form', [
|
|
|
|
'attachment' => $attachment,
|
|
|
|
]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Update the details of an existing file.
|
|
|
|
*/
|
|
|
|
public function update(Request $request, string $attachmentId)
|
|
|
|
{
|
2021-06-13 09:16:09 -04:00
|
|
|
/** @var Attachment $attachment */
|
|
|
|
$attachment = Attachment::query()->findOrFail($attachmentId);
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2020-07-04 11:53:02 -04:00
|
|
|
try {
|
|
|
|
$this->validate($request, [
|
2021-11-04 20:26:55 -04:00
|
|
|
'attachment_edit_name' => ['required', 'string', 'min:1', 'max:255'],
|
2023-02-20 08:05:23 -05:00
|
|
|
'attachment_edit_url' => ['string', 'min:1', 'max:2000', 'safe_url'],
|
2020-07-04 11:53:02 -04:00
|
|
|
]);
|
|
|
|
} catch (ValidationException $exception) {
|
|
|
|
return response()->view('attachments.manager-edit-form', array_merge($request->only(['attachment_edit_name', 'attachment_edit_url']), [
|
|
|
|
'attachment' => $attachment,
|
2021-06-26 11:23:15 -04:00
|
|
|
'errors' => new MessageBag($exception->errors()),
|
2020-07-04 11:53:02 -04:00
|
|
|
]), 422);
|
2016-10-11 15:39:11 -04:00
|
|
|
}
|
|
|
|
|
2021-10-18 12:46:55 -04:00
|
|
|
$this->checkOwnablePermission('page-view', $attachment->page);
|
2020-07-04 11:53:02 -04:00
|
|
|
$this->checkOwnablePermission('page-update', $attachment->page);
|
2021-10-18 12:46:55 -04:00
|
|
|
$this->checkOwnablePermission('attachment-update', $attachment);
|
2020-07-04 11:53:02 -04:00
|
|
|
|
|
|
|
$attachment = $this->attachmentService->updateFile($attachment, [
|
|
|
|
'name' => $request->get('attachment_edit_name'),
|
|
|
|
'link' => $request->get('attachment_edit_url'),
|
|
|
|
]);
|
|
|
|
|
|
|
|
return view('attachments.manager-edit-form', [
|
|
|
|
'attachment' => $attachment,
|
|
|
|
]);
|
2016-10-11 15:39:11 -04:00
|
|
|
}
|
|
|
|
|
2016-10-10 16:13:18 -04:00
|
|
|
/**
|
2016-11-12 09:12:26 -05:00
|
|
|
* Attach a link to a page.
|
2021-06-26 11:23:15 -04:00
|
|
|
*
|
2019-10-05 07:55:01 -04:00
|
|
|
* @throws NotFoundException
|
2016-10-10 16:13:18 -04:00
|
|
|
*/
|
|
|
|
public function attachLink(Request $request)
|
|
|
|
{
|
2020-07-04 11:53:02 -04:00
|
|
|
$pageId = $request->get('attachment_link_uploaded_to');
|
|
|
|
|
|
|
|
try {
|
|
|
|
$this->validate($request, [
|
2021-11-04 20:26:55 -04:00
|
|
|
'attachment_link_uploaded_to' => ['required', 'integer', 'exists:pages,id'],
|
|
|
|
'attachment_link_name' => ['required', 'string', 'min:1', 'max:255'],
|
2023-02-20 08:05:23 -05:00
|
|
|
'attachment_link_url' => ['required', 'string', 'min:1', 'max:2000', 'safe_url'],
|
2020-07-04 11:53:02 -04:00
|
|
|
]);
|
|
|
|
} catch (ValidationException $exception) {
|
|
|
|
return response()->view('attachments.manager-link-form', array_merge($request->only(['attachment_link_name', 'attachment_link_url']), [
|
|
|
|
'pageId' => $pageId,
|
|
|
|
'errors' => new MessageBag($exception->errors()),
|
|
|
|
]), 422);
|
|
|
|
}
|
2016-10-10 16:13:18 -04:00
|
|
|
|
2019-10-05 07:55:01 -04:00
|
|
|
$page = $this->pageRepo->getById($pageId);
|
2016-10-10 16:13:18 -04:00
|
|
|
|
2016-11-12 09:12:26 -05:00
|
|
|
$this->checkPermission('attachment-create-all');
|
2016-10-10 16:13:18 -04:00
|
|
|
$this->checkOwnablePermission('page-update', $page);
|
|
|
|
|
2020-07-04 11:53:02 -04:00
|
|
|
$attachmentName = $request->get('attachment_link_name');
|
|
|
|
$link = $request->get('attachment_link_url');
|
2021-06-13 09:16:09 -04:00
|
|
|
$this->attachmentService->saveNewFromLink($attachmentName, $link, intval($pageId));
|
2016-10-10 16:13:18 -04:00
|
|
|
|
2020-07-04 11:53:02 -04:00
|
|
|
return view('attachments.manager-link-form', [
|
|
|
|
'pageId' => $pageId,
|
|
|
|
]);
|
2016-10-10 16:13:18 -04:00
|
|
|
}
|
|
|
|
|
2016-10-09 13:58:22 -04:00
|
|
|
/**
|
2016-11-12 09:12:26 -05:00
|
|
|
* Get the attachments for a specific page.
|
2021-11-01 09:26:02 -04:00
|
|
|
*
|
2021-11-01 07:17:30 -04:00
|
|
|
* @throws NotFoundException
|
2016-10-09 13:58:22 -04:00
|
|
|
*/
|
2019-10-05 07:55:01 -04:00
|
|
|
public function listForPage(int $pageId)
|
2016-10-09 13:58:22 -04:00
|
|
|
{
|
2019-10-05 07:55:01 -04:00
|
|
|
$page = $this->pageRepo->getById($pageId);
|
2016-10-10 15:30:27 -04:00
|
|
|
$this->checkOwnablePermission('page-view', $page);
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2020-07-04 11:53:02 -04:00
|
|
|
return view('attachments.manager-list', [
|
2020-06-30 17:12:45 -04:00
|
|
|
'attachments' => $page->attachments->all(),
|
|
|
|
]);
|
2016-10-09 13:58:22 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2016-11-12 09:12:26 -05:00
|
|
|
* Update the attachment sorting.
|
2021-06-26 11:23:15 -04:00
|
|
|
*
|
2019-10-05 07:55:01 -04:00
|
|
|
* @throws ValidationException
|
|
|
|
* @throws NotFoundException
|
2016-10-09 13:58:22 -04:00
|
|
|
*/
|
2019-10-05 07:55:01 -04:00
|
|
|
public function sortForPage(Request $request, int $pageId)
|
2016-10-09 13:58:22 -04:00
|
|
|
{
|
|
|
|
$this->validate($request, [
|
2021-11-04 20:26:55 -04:00
|
|
|
'order' => ['required', 'array'],
|
2016-10-09 13:58:22 -04:00
|
|
|
]);
|
2019-10-05 07:55:01 -04:00
|
|
|
$page = $this->pageRepo->getById($pageId);
|
2016-10-10 15:30:27 -04:00
|
|
|
$this->checkOwnablePermission('page-update', $page);
|
|
|
|
|
2020-06-30 17:12:45 -04:00
|
|
|
$attachmentOrder = $request->get('order');
|
|
|
|
$this->attachmentService->updateFileOrderWithinPage($attachmentOrder, $pageId);
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2016-12-04 11:51:39 -05:00
|
|
|
return response()->json(['message' => trans('entities.attachments_order_updated')]);
|
2016-10-09 13:58:22 -04:00
|
|
|
}
|
|
|
|
|
2016-10-10 15:30:27 -04:00
|
|
|
/**
|
2016-11-12 09:12:26 -05:00
|
|
|
* Get an attachment from storage.
|
2021-06-26 11:23:15 -04:00
|
|
|
*
|
2019-10-05 07:55:01 -04:00
|
|
|
* @throws FileNotFoundException
|
2018-05-20 06:06:10 -04:00
|
|
|
* @throws NotFoundException
|
2016-10-10 15:30:27 -04:00
|
|
|
*/
|
2021-06-05 19:51:06 -04:00
|
|
|
public function get(Request $request, string $attachmentId)
|
2016-10-10 15:30:27 -04:00
|
|
|
{
|
2021-06-05 19:51:06 -04:00
|
|
|
/** @var Attachment $attachment */
|
|
|
|
$attachment = Attachment::query()->findOrFail($attachmentId);
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2019-10-05 07:55:01 -04:00
|
|
|
try {
|
|
|
|
$page = $this->pageRepo->getById($attachment->uploaded_to);
|
|
|
|
} catch (NotFoundException $exception) {
|
2018-02-11 07:37:02 -05:00
|
|
|
throw new NotFoundException(trans('errors.attachment_not_found'));
|
|
|
|
}
|
|
|
|
|
2016-10-10 15:30:27 -04:00
|
|
|
$this->checkOwnablePermission('page-view', $page);
|
2016-10-09 13:58:22 -04:00
|
|
|
|
2016-11-12 09:12:26 -05:00
|
|
|
if ($attachment->external) {
|
|
|
|
return redirect($attachment->path);
|
2016-10-10 16:13:18 -04:00
|
|
|
}
|
|
|
|
|
2021-06-05 19:51:06 -04:00
|
|
|
$fileName = $attachment->getFileName();
|
2022-04-02 13:07:43 -04:00
|
|
|
$attachmentStream = $this->attachmentService->streamAttachmentFromStorage($attachment);
|
2021-06-05 19:51:06 -04:00
|
|
|
|
|
|
|
if ($request->get('open') === 'true') {
|
2022-06-08 18:50:42 -04:00
|
|
|
return $this->download()->streamedInline($attachmentStream, $fileName);
|
2021-06-05 19:51:06 -04:00
|
|
|
}
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2022-06-08 18:50:42 -04:00
|
|
|
return $this->download()->streamedDirectly($attachmentStream, $fileName);
|
2016-10-10 15:30:27 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2016-11-12 09:12:26 -05:00
|
|
|
* Delete a specific attachment in the system.
|
2021-06-26 11:23:15 -04:00
|
|
|
*
|
2019-10-05 07:55:01 -04:00
|
|
|
* @throws Exception
|
2016-10-10 15:30:27 -04:00
|
|
|
*/
|
2020-07-04 11:53:02 -04:00
|
|
|
public function delete(string $attachmentId)
|
2016-10-10 15:30:27 -04:00
|
|
|
{
|
2021-06-13 09:16:09 -04:00
|
|
|
/** @var Attachment $attachment */
|
2021-06-05 19:51:06 -04:00
|
|
|
$attachment = Attachment::query()->findOrFail($attachmentId);
|
2016-11-12 09:12:26 -05:00
|
|
|
$this->checkOwnablePermission('attachment-delete', $attachment);
|
|
|
|
$this->attachmentService->deleteFile($attachment);
|
2021-06-26 11:23:15 -04:00
|
|
|
|
2016-12-04 11:51:39 -05:00
|
|
|
return response()->json(['message' => trans('entities.attachments_deleted')]);
|
2016-10-10 15:30:27 -04:00
|
|
|
}
|
2016-10-09 13:58:22 -04:00
|
|
|
}
|