mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
f5fe524e6c
- A continuation of the security issues addressed in v0.25.3
247 lines
7.3 KiB
PHP
247 lines
7.3 KiB
PHP
<?php namespace BookStack\Http\Controllers;
|
|
|
|
use BookStack\Entities\Repos\EntityRepo;
|
|
use BookStack\Exceptions\ImageUploadException;
|
|
use BookStack\Repos\PageRepo;
|
|
use BookStack\Uploads\Image;
|
|
use BookStack\Uploads\ImageRepo;
|
|
use Illuminate\Filesystem\Filesystem as File;
|
|
use Illuminate\Http\Request;
|
|
|
|
class ImageController extends Controller
|
|
{
|
|
protected $image;
|
|
protected $file;
|
|
protected $imageRepo;
|
|
|
|
/**
|
|
* ImageController constructor.
|
|
* @param Image $image
|
|
* @param File $file
|
|
* @param ImageRepo $imageRepo
|
|
*/
|
|
public function __construct(Image $image, File $file, ImageRepo $imageRepo)
|
|
{
|
|
$this->image = $image;
|
|
$this->file = $file;
|
|
$this->imageRepo = $imageRepo;
|
|
parent::__construct();
|
|
}
|
|
|
|
/**
|
|
* Provide an image file from storage.
|
|
* @param string $path
|
|
* @return mixed
|
|
*/
|
|
public function showImage(string $path)
|
|
{
|
|
$path = storage_path('uploads/images/' . $path);
|
|
if (!file_exists($path)) {
|
|
abort(404);
|
|
}
|
|
|
|
return response()->file($path);
|
|
}
|
|
|
|
/**
|
|
* Get all images for a specific type, Paginated
|
|
* @param string $type
|
|
* @param int $page
|
|
* @return \Illuminate\Http\JsonResponse
|
|
*/
|
|
public function getAllByType($type, $page = 0)
|
|
{
|
|
$imgData = $this->imageRepo->getPaginatedByType($type, $page);
|
|
return response()->json($imgData);
|
|
}
|
|
|
|
/**
|
|
* Search through images within a particular type.
|
|
* @param $type
|
|
* @param int $page
|
|
* @param Request $request
|
|
* @return mixed
|
|
*/
|
|
public function searchByType(Request $request, $type, $page = 0)
|
|
{
|
|
$this->validate($request, [
|
|
'term' => 'required|string'
|
|
]);
|
|
|
|
$searchTerm = $request->get('term');
|
|
$imgData = $this->imageRepo->searchPaginatedByType($type, $searchTerm, $page, 24);
|
|
return response()->json($imgData);
|
|
}
|
|
|
|
/**
|
|
* Get all images for a user.
|
|
* @param int $page
|
|
* @return \Illuminate\Http\JsonResponse
|
|
*/
|
|
public function getAllForUserType($page = 0)
|
|
{
|
|
$imgData = $this->imageRepo->getPaginatedByType('user', $page, 24, $this->currentUser->id);
|
|
return response()->json($imgData);
|
|
}
|
|
|
|
/**
|
|
* Get gallery images with a specific filter such as book or page
|
|
* @param $filter
|
|
* @param int $page
|
|
* @param Request $request
|
|
* @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\JsonResponse|\Symfony\Component\HttpFoundation\Response
|
|
*/
|
|
public function getGalleryFiltered(Request $request, $filter, $page = 0)
|
|
{
|
|
$this->validate($request, [
|
|
'page_id' => 'required|integer'
|
|
]);
|
|
|
|
$validFilters = collect(['page', 'book']);
|
|
if (!$validFilters->contains($filter)) {
|
|
return response('Invalid filter', 500);
|
|
}
|
|
|
|
$pageId = $request->get('page_id');
|
|
$imgData = $this->imageRepo->getGalleryFiltered(strtolower($filter), $pageId, $page, 24);
|
|
|
|
return response()->json($imgData);
|
|
}
|
|
|
|
/**
|
|
* Handles image uploads for use on pages.
|
|
* @param string $type
|
|
* @param Request $request
|
|
* @return \Illuminate\Http\JsonResponse
|
|
* @throws \Exception
|
|
*/
|
|
public function uploadByType($type, Request $request)
|
|
{
|
|
$this->checkPermission('image-create-all');
|
|
$this->validate($request, [
|
|
'file' => 'image_extension|mimes:jpeg,png,gif,bmp,webp,tiff'
|
|
]);
|
|
|
|
if (!$this->imageRepo->isValidType($type)) {
|
|
return $this->jsonError(trans('errors.image_upload_type_error'));
|
|
}
|
|
|
|
$imageUpload = $request->file('file');
|
|
|
|
try {
|
|
$uploadedTo = $request->get('uploaded_to', 0);
|
|
$image = $this->imageRepo->saveNew($imageUpload, $type, $uploadedTo);
|
|
} catch (ImageUploadException $e) {
|
|
return response($e->getMessage(), 500);
|
|
}
|
|
|
|
return response()->json($image);
|
|
}
|
|
|
|
/**
|
|
* Upload a drawing to the system.
|
|
* @param Request $request
|
|
* @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\JsonResponse|\Symfony\Component\HttpFoundation\Response
|
|
*/
|
|
public function uploadDrawing(Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'image' => 'required|string',
|
|
'uploaded_to' => 'required|integer'
|
|
]);
|
|
$this->checkPermission('image-create-all');
|
|
$imageBase64Data = $request->get('image');
|
|
|
|
try {
|
|
$uploadedTo = $request->get('uploaded_to', 0);
|
|
$image = $this->imageRepo->saveDrawing($imageBase64Data, $uploadedTo);
|
|
} catch (ImageUploadException $e) {
|
|
return response($e->getMessage(), 500);
|
|
}
|
|
|
|
return response()->json($image);
|
|
}
|
|
|
|
/**
|
|
* Get the content of an image based64 encoded.
|
|
* @param $id
|
|
* @return \Illuminate\Http\JsonResponse|mixed
|
|
*/
|
|
public function getBase64Image($id)
|
|
{
|
|
$image = $this->imageRepo->getById($id);
|
|
$imageData = $this->imageRepo->getImageData($image);
|
|
if ($imageData === null) {
|
|
return $this->jsonError("Image data could not be found");
|
|
}
|
|
return response()->json([
|
|
'content' => base64_encode($imageData)
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Generate a sized thumbnail for an image.
|
|
* @param $id
|
|
* @param $width
|
|
* @param $height
|
|
* @param $crop
|
|
* @return \Illuminate\Http\JsonResponse
|
|
* @throws ImageUploadException
|
|
* @throws \Exception
|
|
*/
|
|
public function getThumbnail($id, $width, $height, $crop)
|
|
{
|
|
$this->checkPermission('image-create-all');
|
|
$image = $this->imageRepo->getById($id);
|
|
$thumbnailUrl = $this->imageRepo->getThumbnail($image, $width, $height, $crop == 'false');
|
|
return response()->json(['url' => $thumbnailUrl]);
|
|
}
|
|
|
|
/**
|
|
* Update image details
|
|
* @param integer $imageId
|
|
* @param Request $request
|
|
* @return \Illuminate\Http\JsonResponse
|
|
* @throws ImageUploadException
|
|
* @throws \Exception
|
|
*/
|
|
public function update($imageId, Request $request)
|
|
{
|
|
$this->validate($request, [
|
|
'name' => 'required|min:2|string'
|
|
]);
|
|
$image = $this->imageRepo->getById($imageId);
|
|
$this->checkOwnablePermission('image-update', $image);
|
|
$image = $this->imageRepo->updateImageDetails($image, $request->all());
|
|
return response()->json($image);
|
|
}
|
|
|
|
/**
|
|
* Show the usage of an image on pages.
|
|
* @param \BookStack\Entities\Repos\EntityRepo $entityRepo
|
|
* @param $id
|
|
* @return \Illuminate\Http\JsonResponse
|
|
*/
|
|
public function usage(EntityRepo $entityRepo, $id)
|
|
{
|
|
$image = $this->imageRepo->getById($id);
|
|
$pageSearch = $entityRepo->searchForImage($image->url);
|
|
return response()->json($pageSearch);
|
|
}
|
|
|
|
/**
|
|
* Deletes an image and all thumbnail/image files
|
|
* @param int $id
|
|
* @return \Illuminate\Http\JsonResponse
|
|
* @throws \Exception
|
|
*/
|
|
public function destroy($id)
|
|
{
|
|
$image = $this->imageRepo->getById($id);
|
|
$this->checkOwnablePermission('image-delete', $image);
|
|
|
|
$this->imageRepo->destroyImage($image);
|
|
return response()->json(trans('components.images_deleted'));
|
|
}
|
|
}
|