mirror of
https://github.com/BookStackApp/BookStack.git
synced 2025-06-04 17:04:32 +08:00
Change image-selector to not use manager
- Now changes the images directly for user, system & cover. - Extra permission checks added to edit & delete actions.
This commit is contained in:
Dan Brown
@ -6,6 +6,7 @@ use BookStack\Entities\Book;
|
||||
use BookStack\Entities\EntityContextManager;
|
||||
use BookStack\Entities\Repos\EntityRepo;
|
||||
use BookStack\Entities\ExportService;
|
||||
use BookStack\Uploads\ImageRepo;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\Response;
|
||||
use Views;
|
||||
@ -17,6 +18,7 @@ class BookController extends Controller
|
||||
protected $userRepo;
|
||||
protected $exportService;
|
||||
protected $entityContextManager;
|
||||
protected $imageRepo;
|
||||
|
||||
/**
|
||||
* BookController constructor.
|
||||
@ -24,17 +26,20 @@ class BookController extends Controller
|
||||
* @param UserRepo $userRepo
|
||||
* @param ExportService $exportService
|
||||
* @param EntityContextManager $entityContextManager
|
||||
* @param ImageRepo $imageRepo
|
||||
*/
|
||||
public function __construct(
|
||||
EntityRepo $entityRepo,
|
||||
UserRepo $userRepo,
|
||||
ExportService $exportService,
|
||||
EntityContextManager $entityContextManager
|
||||
EntityContextManager $entityContextManager,
|
||||
ImageRepo $imageRepo
|
||||
) {
|
||||
$this->entityRepo = $entityRepo;
|
||||
$this->userRepo = $userRepo;
|
||||
$this->exportService = $exportService;
|
||||
$this->entityContextManager = $entityContextManager;
|
||||
$this->imageRepo = $imageRepo;
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
@ -101,13 +106,15 @@ class BookController extends Controller
|
||||
* @param string $shelfSlug
|
||||
* @return Response
|
||||
* @throws \BookStack\Exceptions\NotFoundException
|
||||
* @throws \BookStack\Exceptions\ImageUploadException
|
||||
*/
|
||||
public function store(Request $request, string $shelfSlug = null)
|
||||
{
|
||||
$this->checkPermission('book-create-all');
|
||||
$this->validate($request, [
|
||||
'name' => 'required|string|max:255',
|
||||
'description' => 'string|max:1000'
|
||||
'description' => 'string|max:1000',
|
||||
'image' => $this->imageRepo->getImageValidationRules(),
|
||||
]);
|
||||
|
||||
$bookshelf = null;
|
||||
@ -117,6 +124,7 @@ class BookController extends Controller
|
||||
}
|
||||
|
||||
$book = $this->entityRepo->createFromInput('book', $request->all());
|
||||
$this->bookUpdateActions($book, $request);
|
||||
Activity::add($book, 'book_create', $book->id);
|
||||
|
||||
if ($bookshelf) {
|
||||
@ -170,20 +178,27 @@ class BookController extends Controller
|
||||
|
||||
/**
|
||||
* Update the specified book in storage.
|
||||
* @param Request $request
|
||||
* @param Request $request
|
||||
* @param $slug
|
||||
* @return Response
|
||||
* @throws \BookStack\Exceptions\ImageUploadException
|
||||
* @throws \BookStack\Exceptions\NotFoundException
|
||||
*/
|
||||
public function update(Request $request, $slug)
|
||||
public function update(Request $request, string $slug)
|
||||
{
|
||||
$book = $this->entityRepo->getBySlug('book', $slug);
|
||||
$this->checkOwnablePermission('book-update', $book);
|
||||
$this->validate($request, [
|
||||
'name' => 'required|string|max:255',
|
||||
'description' => 'string|max:1000'
|
||||
'description' => 'string|max:1000',
|
||||
'image' => $this->imageRepo->getImageValidationRules(),
|
||||
]);
|
||||
|
||||
$book = $this->entityRepo->updateFromInput('book', $book, $request->all());
|
||||
$this->bookUpdateActions($book, $request);
|
||||
|
||||
Activity::add($book, 'book_update', $book->id);
|
||||
|
||||
return redirect($book->getUrl());
|
||||
}
|
||||
|
||||
@ -311,7 +326,12 @@ class BookController extends Controller
|
||||
$book = $this->entityRepo->getBySlug('book', $bookSlug);
|
||||
$this->checkOwnablePermission('book-delete', $book);
|
||||
Activity::addMessage('book_delete', 0, $book->name);
|
||||
|
||||
if ($book->cover) {
|
||||
$this->imageRepo->destroyImage($book->cover);
|
||||
}
|
||||
$this->entityRepo->destroyBook($book);
|
||||
|
||||
return redirect('/books');
|
||||
}
|
||||
|
||||
@ -383,4 +403,28 @@ class BookController extends Controller
|
||||
$textContent = $this->exportService->bookToPlainText($book);
|
||||
return $this->downloadResponse($textContent, $bookSlug . '.txt');
|
||||
}
|
||||
|
||||
/**
|
||||
* Common actions to run on book update.
|
||||
* Handles updating the cover image.
|
||||
* @param Book $book
|
||||
* @param Request $request
|
||||
* @throws \BookStack\Exceptions\ImageUploadException
|
||||
*/
|
||||
protected function bookUpdateActions(Book $book, Request $request)
|
||||
{
|
||||
// Update the cover image if in request
|
||||
if ($request->has('image')) {
|
||||
$newImage = $request->file('image');
|
||||
$image = $this->imageRepo->saveNew($newImage, 'cover_book', $book->id, 512, 512, true);
|
||||
$book->image_id = $image->id;
|
||||
$book->save();
|
||||
}
|
||||
|
||||
if ($request->has('image_reset')) {
|
||||
$this->imageRepo->destroyImage($book->cover);
|
||||
$book->image_id = 0;
|
||||
$book->save();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -86,8 +86,9 @@ class BookshelfController extends Controller
|
||||
|
||||
/**
|
||||
* Store a newly created bookshelf in storage.
|
||||
* @param Request $request
|
||||
* @param Request $request
|
||||
* @return Response
|
||||
* @throws \BookStack\Exceptions\ImageUploadException
|
||||
*/
|
||||
public function store(Request $request)
|
||||
{
|
||||
@ -284,10 +285,17 @@ class BookshelfController extends Controller
|
||||
$this->entityRepo->updateShelfBooks($shelf, $request->get('books', ''));
|
||||
|
||||
// Update the cover image if in request
|
||||
if ($request->has('image') && userCan('image-create-all')) {
|
||||
$image = $this->imageRepo->saveNew($request->file('image'), 'cover', $shelf->id);
|
||||
if ($request->has('image')) {
|
||||
$newImage = $request->file('image');
|
||||
$image = $this->imageRepo->saveNew($newImage, 'cover_shelf', $shelf->id, 512, 512, true);
|
||||
$shelf->image_id = $image->id;
|
||||
$shelf->save();
|
||||
}
|
||||
|
||||
if ($request->has('image_reset')) {
|
||||
$this->imageRepo->destroyImage($shelf->cover);
|
||||
$shelf->image_id = 0;
|
||||
$shelf->save();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,242 +0,0 @@
|
||||
<?php namespace BookStack\Http\Controllers;
|
||||
|
||||
use BookStack\Entities\Repos\EntityRepo;
|
||||
use BookStack\Exceptions\ImageUploadException;
|
||||
use BookStack\Repos\PageRepo;
|
||||
use BookStack\Uploads\Image;
|
||||
use BookStack\Uploads\ImageRepo;
|
||||
use Illuminate\Filesystem\Filesystem as File;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class ImageController extends Controller
|
||||
{
|
||||
protected $image;
|
||||
protected $file;
|
||||
protected $imageRepo;
|
||||
|
||||
/**
|
||||
* ImageController constructor.
|
||||
* @param Image $image
|
||||
* @param File $file
|
||||
* @param ImageRepo $imageRepo
|
||||
*/
|
||||
public function __construct(Image $image, File $file, ImageRepo $imageRepo)
|
||||
{
|
||||
$this->image = $image;
|
||||
$this->file = $file;
|
||||
$this->imageRepo = $imageRepo;
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* Provide an image file from storage.
|
||||
* @param string $path
|
||||
* @return mixed
|
||||
*/
|
||||
public function showImage(string $path)
|
||||
{
|
||||
$path = storage_path('uploads/images/' . $path);
|
||||
if (!file_exists($path)) {
|
||||
abort(404);
|
||||
}
|
||||
|
||||
return response()->file($path);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all images for a specific type, Paginated
|
||||
* @param Request $request
|
||||
* @param string $type
|
||||
* @param int $page
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function getAllByType(Request $request, $type, $page = 0)
|
||||
{
|
||||
$uploadedToFilter = $request->get('uploaded_to', null);
|
||||
|
||||
// For user profile request, check access to user images
|
||||
if ($type === 'user') {
|
||||
$this->checkPermissionOrCurrentUser('users-manage', $uploadedToFilter ?? 0);
|
||||
}
|
||||
|
||||
$imgData = $this->imageRepo->getPaginatedByType($type, $page, 24, $uploadedToFilter);
|
||||
return response()->json($imgData);
|
||||
}
|
||||
|
||||
/**
|
||||
* Search through images within a particular type.
|
||||
* @param $type
|
||||
* @param int $page
|
||||
* @param Request $request
|
||||
* @return mixed
|
||||
*/
|
||||
public function searchByType(Request $request, $type, $page = 0)
|
||||
{
|
||||
$this->validate($request, [
|
||||
'term' => 'required|string'
|
||||
]);
|
||||
|
||||
$searchTerm = $request->get('term');
|
||||
$imgData = $this->imageRepo->searchPaginatedByType($type, $searchTerm, $page, 24);
|
||||
return response()->json($imgData);
|
||||
}
|
||||
|
||||
public function uploadUserImage(Request $request)
|
||||
{
|
||||
// TODO
|
||||
}
|
||||
|
||||
public function uploadSystemImage(Request $request)
|
||||
{
|
||||
// TODO
|
||||
}
|
||||
|
||||
public function uploadCoverImage(Request $request)
|
||||
{
|
||||
// TODO
|
||||
}
|
||||
|
||||
/**
|
||||
* Upload a draw.io image into the system.
|
||||
* @param Request $request
|
||||
* @return \Illuminate\Contracts\Routing\ResponseFactory|\Illuminate\Http\JsonResponse|\Symfony\Component\HttpFoundation\Response
|
||||
*/
|
||||
public function uploadDrawioImage(Request $request)
|
||||
{
|
||||
$this->validate($request, [
|
||||
'image' => 'required|string',
|
||||
'uploaded_to' => 'required|integer'
|
||||
]);
|
||||
$uploadedTo = $request->get('uploaded_to', 0);
|
||||
$page = $this->
|
||||
$this->checkPermission('image-create-all');
|
||||
$imageBase64Data = $request->get('image');
|
||||
|
||||
try {
|
||||
$image = $this->imageRepo->saveDrawing($imageBase64Data, $uploadedTo);
|
||||
} catch (ImageUploadException $e) {
|
||||
return response($e->getMessage(), 500);
|
||||
}
|
||||
|
||||
return response()->json($image);
|
||||
}
|
||||
|
||||
/**
|
||||
* Handles image uploads for use on pages.
|
||||
* @param string $type
|
||||
* @param Request $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function uploadByType($type, Request $request)
|
||||
{
|
||||
$this->checkPermission('image-create-all');
|
||||
$this->validate($request, [
|
||||
'file' => 'image_extension|no_double_extension|mimes:jpeg,png,gif,bmp,webp,tiff'
|
||||
]);
|
||||
|
||||
if (!$this->imageRepo->isValidType($type)) {
|
||||
return $this->jsonError(trans('errors.image_upload_type_error'));
|
||||
}
|
||||
|
||||
$imageUpload = $request->file('file');
|
||||
|
||||
try {
|
||||
$uploadedTo = $request->get('uploaded_to', 0);
|
||||
|
||||
// For user profile request, check access to user images
|
||||
if ($type === 'user') {
|
||||
$this->checkPermissionOrCurrentUser('users-manage', $uploadedTo ?? 0);
|
||||
}
|
||||
|
||||
$image = $this->imageRepo->saveNew($imageUpload, $type, $uploadedTo);
|
||||
} catch (ImageUploadException $e) {
|
||||
return response($e->getMessage(), 500);
|
||||
}
|
||||
|
||||
return response()->json($image);
|
||||
}
|
||||
/**
|
||||
* Get the content of an image based64 encoded.
|
||||
* @param $id
|
||||
* @return \Illuminate\Http\JsonResponse|mixed
|
||||
*/
|
||||
public function getBase64Image($id)
|
||||
{
|
||||
$image = $this->imageRepo->getById($id);
|
||||
$imageData = $this->imageRepo->getImageData($image);
|
||||
if ($imageData === null) {
|
||||
return $this->jsonError("Image data could not be found");
|
||||
}
|
||||
return response()->json([
|
||||
'content' => base64_encode($imageData)
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a sized thumbnail for an image.
|
||||
* @param $id
|
||||
* @param $width
|
||||
* @param $height
|
||||
* @param $crop
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
* @throws ImageUploadException
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function getThumbnail($id, $width, $height, $crop)
|
||||
{
|
||||
$this->checkPermission('image-create-all');
|
||||
$image = $this->imageRepo->getById($id);
|
||||
$thumbnailUrl = $this->imageRepo->getThumbnail($image, $width, $height, $crop == 'false');
|
||||
return response()->json(['url' => $thumbnailUrl]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update image details
|
||||
* @param integer $id
|
||||
* @param Request $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
* @throws ImageUploadException
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function update($id, Request $request)
|
||||
{
|
||||
$this->validate($request, [
|
||||
'name' => 'required|min:2|string'
|
||||
]);
|
||||
|
||||
$image = $this->imageRepo->getById($id);
|
||||
$this->checkOwnablePermission('image-update', $image);
|
||||
|
||||
$image = $this->imageRepo->updateImageDetails($image, $request->all());
|
||||
return response()->json($image);
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the usage of an image on pages.
|
||||
* @param \BookStack\Entities\Repos\EntityRepo $entityRepo
|
||||
* @param $id
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function usage(EntityRepo $entityRepo, $id)
|
||||
{
|
||||
$image = $this->imageRepo->getById($id);
|
||||
$pageSearch = $entityRepo->searchForImage($image->url);
|
||||
return response()->json($pageSearch);
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes an image and all thumbnail/image files
|
||||
* @param int $id
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function destroy($id)
|
||||
{
|
||||
$image = $this->imageRepo->getById($id);
|
||||
$this->checkOwnablePermission('image-delete', $image);
|
||||
|
||||
$this->imageRepo->destroyImage($image);
|
||||
return response()->json(trans('components.images_deleted'));
|
||||
}
|
||||
}
|
||||
@ -1,99 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace BookStack\Http\Controllers\Images;
|
||||
|
||||
// TODO - Replace this with entity-level handling
|
||||
// Since won't be part of image manager handling
|
||||
// Added some to bookshelf controller already
|
||||
|
||||
use BookStack\Entities\EntityProvider;
|
||||
use BookStack\Entities\Repos\EntityRepo;
|
||||
use BookStack\Exceptions\ImageUploadException;
|
||||
use BookStack\Uploads\ImageRepo;
|
||||
use Illuminate\Http\Request;
|
||||
use BookStack\Http\Controllers\Controller;
|
||||
|
||||
class CoverImageController extends Controller
|
||||
{
|
||||
protected $imageRepo;
|
||||
protected $entityRepo;
|
||||
|
||||
/**
|
||||
* CoverImageController constructor.
|
||||
* @param ImageRepo $imageRepo
|
||||
* @param EntityRepo $entityRepo
|
||||
*/
|
||||
public function __construct(ImageRepo $imageRepo, EntityRepo $entityRepo)
|
||||
{
|
||||
$this->imageRepo = $imageRepo;
|
||||
$this->entityRepo = $entityRepo;
|
||||
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a list of cover images, in a list.
|
||||
* Can be paged and filtered by entity.
|
||||
* @param Request $request
|
||||
* @param string $entity
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function list(Request $request, $entity)
|
||||
{
|
||||
if (!$this->isValidEntityTypeForCover($entity)) {
|
||||
return $this->jsonError(trans('errors.image_upload_type_error'));
|
||||
}
|
||||
|
||||
$page = $request->get('page', 1);
|
||||
$searchTerm = $request->get('search', null);
|
||||
|
||||
$type = 'cover_' . $entity;
|
||||
$imgData = $this->imageRepo->getPaginatedByType($type, $page, 24, null, $searchTerm);
|
||||
return response()->json($imgData);
|
||||
}
|
||||
|
||||
/**
|
||||
* Store a new cover image in the system.
|
||||
* @param Request $request
|
||||
* @param string $entity
|
||||
* @return Illuminate\Http\JsonResponse
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function create(Request $request, $entity)
|
||||
{
|
||||
$this->checkPermission('image-create-all');
|
||||
$this->validate($request, [
|
||||
'file' => $this->imageRepo->getImageValidationRules(),
|
||||
'uploaded_to' => 'required|integer'
|
||||
]);
|
||||
|
||||
if (!$this->isValidEntityTypeForCover($entity)) {
|
||||
return $this->jsonError(trans('errors.image_upload_type_error'));
|
||||
}
|
||||
|
||||
$uploadedTo = $request->get('uploaded_to', 0);
|
||||
$entityInstance = $this->entityRepo->getById($entity, $uploadedTo);
|
||||
$this->checkOwnablePermission($entity . '-update', $entityInstance);
|
||||
|
||||
try {
|
||||
$type = 'cover_' . $entity;
|
||||
$imageUpload = $request->file('file');
|
||||
$image = $this->imageRepo->saveNew($imageUpload, $type, $uploadedTo);
|
||||
} catch (ImageUploadException $e) {
|
||||
return response($e->getMessage(), 500);
|
||||
}
|
||||
|
||||
return response()->json($image);
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the given entity type is valid entity to have cover images.
|
||||
* @param string $entityType
|
||||
* @return bool
|
||||
*/
|
||||
protected function isValidEntityTypeForCover(string $entityType)
|
||||
{
|
||||
return ($entityType === 'book' || $entityType === 'bookshelf');
|
||||
}
|
||||
|
||||
}
|
||||
@ -64,4 +64,26 @@ class DrawioImageController extends Controller
|
||||
return response()->json($image);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the content of an image based64 encoded.
|
||||
* @param $id
|
||||
* @return \Illuminate\Http\JsonResponse|mixed
|
||||
*/
|
||||
public function getAsBase64($id)
|
||||
{
|
||||
$image = $this->imageRepo->getById($id);
|
||||
$page = $image->getPage();
|
||||
if ($image === null || $image->type !== 'drawio' || !userCan('page-view', $page)) {
|
||||
return $this->jsonError("Image data could not be found");
|
||||
}
|
||||
|
||||
$imageData = $this->imageRepo->getImageData($image);
|
||||
if ($imageData === null) {
|
||||
return $this->jsonError("Image data could not be found");
|
||||
}
|
||||
return response()->json([
|
||||
'content' => base64_encode($imageData)
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
115
app/Http/Controllers/Images/ImageController.php
Normal file
115
app/Http/Controllers/Images/ImageController.php
Normal file
@ -0,0 +1,115 @@
|
||||
<?php namespace BookStack\Http\Controllers\Images;
|
||||
|
||||
use BookStack\Entities\Repos\EntityRepo;
|
||||
use BookStack\Exceptions\ImageUploadException;
|
||||
use BookStack\Http\Controllers\Controller;
|
||||
use BookStack\Repos\PageRepo;
|
||||
use BookStack\Uploads\Image;
|
||||
use BookStack\Uploads\ImageRepo;
|
||||
use Illuminate\Filesystem\Filesystem as File;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class ImageController extends Controller
|
||||
{
|
||||
protected $image;
|
||||
protected $file;
|
||||
protected $imageRepo;
|
||||
|
||||
/**
|
||||
* ImageController constructor.
|
||||
* @param Image $image
|
||||
* @param File $file
|
||||
* @param ImageRepo $imageRepo
|
||||
*/
|
||||
public function __construct(Image $image, File $file, ImageRepo $imageRepo)
|
||||
{
|
||||
$this->image = $image;
|
||||
$this->file = $file;
|
||||
$this->imageRepo = $imageRepo;
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* Provide an image file from storage.
|
||||
* @param string $path
|
||||
* @return mixed
|
||||
*/
|
||||
public function showImage(string $path)
|
||||
{
|
||||
$path = storage_path('uploads/images/' . $path);
|
||||
if (!file_exists($path)) {
|
||||
abort(404);
|
||||
}
|
||||
|
||||
return response()->file($path);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Update image details
|
||||
* @param integer $id
|
||||
* @param Request $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
* @throws ImageUploadException
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function update($id, Request $request)
|
||||
{
|
||||
$this->validate($request, [
|
||||
'name' => 'required|min:2|string'
|
||||
]);
|
||||
|
||||
$image = $this->imageRepo->getById($id);
|
||||
$this->checkImagePermission($image);
|
||||
$this->checkOwnablePermission('image-update', $image);
|
||||
|
||||
$image = $this->imageRepo->updateImageDetails($image, $request->all());
|
||||
return response()->json($image);
|
||||
}
|
||||
|
||||
/**
|
||||
* Show the usage of an image on pages.
|
||||
* @param \BookStack\Entities\Repos\EntityRepo $entityRepo
|
||||
* @param $id
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function usage(EntityRepo $entityRepo, $id)
|
||||
{
|
||||
$image = $this->imageRepo->getById($id);
|
||||
$this->checkImagePermission($image);
|
||||
$pageSearch = $entityRepo->searchForImage($image->url);
|
||||
return response()->json($pageSearch);
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes an image and all thumbnail/image files
|
||||
* @param int $id
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function destroy($id)
|
||||
{
|
||||
$image = $this->imageRepo->getById($id);
|
||||
$this->checkOwnablePermission('image-delete', $image);
|
||||
$this->checkImagePermission($image);
|
||||
|
||||
$this->imageRepo->destroyImage($image);
|
||||
return response()->json(trans('components.images_deleted'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Check related page permission and ensure type is drawio or gallery.
|
||||
* @param Image $image
|
||||
*/
|
||||
protected function checkImagePermission(Image $image)
|
||||
{
|
||||
if ($image->type !== 'drawio' || $image->type !== 'gallery') {
|
||||
$this->showPermissionError();
|
||||
}
|
||||
|
||||
$relatedPage = $image->getPage();
|
||||
if ($relatedPage) {
|
||||
$this->checkOwnablePermission('page-view', $relatedPage);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -1,67 +0,0 @@
|
||||
<?php
|
||||
|
||||
// TODO - Replace this with setting-level handling
|
||||
// Since won't be part of image manager handling
|
||||
|
||||
namespace BookStack\Http\Controllers\Images;
|
||||
|
||||
use BookStack\Exceptions\ImageUploadException;
|
||||
use BookStack\Uploads\ImageRepo;
|
||||
use Illuminate\Http\Request;
|
||||
use BookStack\Http\Controllers\Controller;
|
||||
|
||||
class SystemImageController extends Controller
|
||||
{
|
||||
protected $imageRepo;
|
||||
|
||||
/**
|
||||
* SystemImageController constructor.
|
||||
* @param ImageRepo $imageRepo
|
||||
*/
|
||||
public function __construct(ImageRepo $imageRepo)
|
||||
{
|
||||
$this->imageRepo = $imageRepo;
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a list of system images, in a list.
|
||||
* @param Request $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function list(Request $request)
|
||||
{
|
||||
$this->checkPermission('settings-manage');
|
||||
$page = $request->get('page', 1);
|
||||
$searchTerm = $request->get('search', null);
|
||||
|
||||
$imgData = $this->imageRepo->getPaginatedByType('system', $page, 24, null, $searchTerm);
|
||||
return response()->json($imgData);
|
||||
}
|
||||
|
||||
/**
|
||||
* Store a new system image.
|
||||
* @param Request $request
|
||||
* @return Illuminate\Http\JsonResponse
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function create(Request $request)
|
||||
{
|
||||
$this->checkPermission('image-create-all');
|
||||
$this->checkPermission('settings-manage');
|
||||
|
||||
$this->validate($request, [
|
||||
'file' => $this->imageRepo->getImageValidationRules()
|
||||
]);
|
||||
|
||||
try {
|
||||
$imageUpload = $request->file('file');
|
||||
$image = $this->imageRepo->saveNew($imageUpload, 'system', 0);
|
||||
} catch (ImageUploadException $e) {
|
||||
return response($e->getMessage(), 500);
|
||||
}
|
||||
|
||||
return response()->json($image);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,73 +0,0 @@
|
||||
<?php
|
||||
|
||||
namespace BookStack\Http\Controllers\Images;
|
||||
|
||||
// TODO - Replace this with user-controller-level handling
|
||||
// Since won't be part of image manager handling
|
||||
|
||||
use BookStack\Exceptions\ImageUploadException;
|
||||
use BookStack\Uploads\ImageRepo;
|
||||
use Illuminate\Http\Request;
|
||||
use BookStack\Http\Controllers\Controller;
|
||||
|
||||
class UserImageController extends Controller
|
||||
{
|
||||
protected $imageRepo;
|
||||
|
||||
/**
|
||||
* UserImageController constructor.
|
||||
* @param ImageRepo $imageRepo
|
||||
*/
|
||||
public function __construct(ImageRepo $imageRepo)
|
||||
{
|
||||
$this->imageRepo = $imageRepo;
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a list of user profile images, in a list.
|
||||
* @param Request $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function list(Request $request)
|
||||
{
|
||||
$page = $request->get('page', 1);
|
||||
$searchTerm = $request->get('search', null);
|
||||
$userId = $request->get('uploaded_to', null);
|
||||
|
||||
$this->checkPermissionOrCurrentUser('users-manage', $userId);
|
||||
|
||||
$imgData = $this->imageRepo->getPaginatedByType('user', $page, 24, $userId, $searchTerm);
|
||||
return response()->json($imgData);
|
||||
}
|
||||
|
||||
/**
|
||||
* Store a new user profile image in the system.
|
||||
* @param Request $request
|
||||
* @return Illuminate\Http\JsonResponse
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function create(Request $request)
|
||||
{
|
||||
$this->checkPermission('image-create-all');
|
||||
|
||||
$this->validate($request, [
|
||||
'uploaded_to' => 'required|integer',
|
||||
'file' => $this->imageRepo->getImageValidationRules()
|
||||
]);
|
||||
|
||||
$userId = $request->get('uploaded_to', null);
|
||||
$this->checkPermissionOrCurrentUser('users-manage', $userId);
|
||||
|
||||
try {
|
||||
$imageUpload = $request->file('file');
|
||||
$uploadedTo = $request->get('uploaded_to', 0);
|
||||
$image = $this->imageRepo->saveNew($imageUpload, 'user', $uploadedTo);
|
||||
} catch (ImageUploadException $e) {
|
||||
return response($e->getMessage(), 500);
|
||||
}
|
||||
|
||||
return response()->json($image);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,6 +1,7 @@
|
||||
<?php namespace BookStack\Http\Controllers;
|
||||
|
||||
use BookStack\Auth\User;
|
||||
use BookStack\Uploads\ImageRepo;
|
||||
use BookStack\Uploads\ImageService;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\Response;
|
||||
@ -8,6 +9,19 @@ use Setting;
|
||||
|
||||
class SettingController extends Controller
|
||||
{
|
||||
protected $imageRepo;
|
||||
|
||||
/**
|
||||
* SettingController constructor.
|
||||
* @param $imageRepo
|
||||
*/
|
||||
public function __construct(ImageRepo $imageRepo)
|
||||
{
|
||||
$this->imageRepo = $imageRepo;
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Display a listing of the settings.
|
||||
* @return Response
|
||||
@ -35,6 +49,9 @@ class SettingController extends Controller
|
||||
{
|
||||
$this->preventAccessForDemoUsers();
|
||||
$this->checkPermission('settings-manage');
|
||||
$this->validate($request, [
|
||||
'app_logo' => $this->imageRepo->getImageValidationRules(),
|
||||
]);
|
||||
|
||||
// Cycles through posted settings and update them
|
||||
foreach ($request->all() as $name => $value) {
|
||||
@ -42,7 +59,21 @@ class SettingController extends Controller
|
||||
continue;
|
||||
}
|
||||
$key = str_replace('setting-', '', trim($name));
|
||||
Setting::put($key, $value);
|
||||
setting()->put($key, $value);
|
||||
}
|
||||
|
||||
// Update logo image if set
|
||||
if ($request->has('app_logo')) {
|
||||
$logoFile = $request->file('app_logo');
|
||||
$this->imageRepo->destroyByType('system');
|
||||
$image = $this->imageRepo->saveNew($logoFile, 'system', 0, null, 86);
|
||||
setting()->put('app-logo', $image->url);
|
||||
}
|
||||
|
||||
// Clear logo image if requested
|
||||
if ($request->get('app_logo_reset', null)) {
|
||||
$this->imageRepo->destroyByType('system');
|
||||
setting()->remove('app-logo');
|
||||
}
|
||||
|
||||
session()->flash('success', trans('settings.settings_save_success'));
|
||||
|
||||
@ -4,6 +4,7 @@ use BookStack\Auth\Access\SocialAuthService;
|
||||
use BookStack\Auth\User;
|
||||
use BookStack\Auth\UserRepo;
|
||||
use BookStack\Exceptions\UserUpdateException;
|
||||
use BookStack\Uploads\ImageRepo;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\Response;
|
||||
|
||||
@ -12,16 +13,19 @@ class UserController extends Controller
|
||||
|
||||
protected $user;
|
||||
protected $userRepo;
|
||||
protected $imageRepo;
|
||||
|
||||
/**
|
||||
* UserController constructor.
|
||||
* @param User $user
|
||||
* @param User $user
|
||||
* @param UserRepo $userRepo
|
||||
* @param ImageRepo $imageRepo
|
||||
*/
|
||||
public function __construct(User $user, UserRepo $userRepo)
|
||||
public function __construct(User $user, UserRepo $userRepo, ImageRepo $imageRepo)
|
||||
{
|
||||
$this->user = $user;
|
||||
$this->userRepo = $userRepo;
|
||||
$this->imageRepo = $imageRepo;
|
||||
parent::__construct();
|
||||
}
|
||||
|
||||
@ -94,6 +98,7 @@ class UserController extends Controller
|
||||
$this->userRepo->setUserRoles($user, $roles);
|
||||
}
|
||||
|
||||
// TODO - Check this uses new profile assignment
|
||||
$this->userRepo->downloadAndAssignUserAvatar($user);
|
||||
|
||||
return redirect('/settings/users');
|
||||
@ -121,10 +126,11 @@ class UserController extends Controller
|
||||
|
||||
/**
|
||||
* Update the specified user in storage.
|
||||
* @param Request $request
|
||||
* @param int $id
|
||||
* @param Request $request
|
||||
* @param int $id
|
||||
* @return Response
|
||||
* @throws UserUpdateException
|
||||
* @throws \BookStack\Exceptions\ImageUploadException
|
||||
*/
|
||||
public function update(Request $request, $id)
|
||||
{
|
||||
@ -136,7 +142,8 @@ class UserController extends Controller
|
||||
'email' => 'min:2|email|unique:users,email,' . $id,
|
||||
'password' => 'min:5|required_with:password_confirm',
|
||||
'password-confirm' => 'same:password|required_with:password',
|
||||
'setting' => 'array'
|
||||
'setting' => 'array',
|
||||
'profile_image' => $this->imageRepo->getImageValidationRules(),
|
||||
]);
|
||||
|
||||
$user = $this->userRepo->getById($id);
|
||||
@ -166,10 +173,23 @@ class UserController extends Controller
|
||||
}
|
||||
}
|
||||
|
||||
// Save profile image if in request
|
||||
if ($request->has('profile_image')) {
|
||||
$imageUpload = $request->file('profile_image');
|
||||
$this->imageRepo->destroyImage($user->avatar);
|
||||
$image = $this->imageRepo->saveNew($imageUpload, 'user', $user->id);
|
||||
$user->image_id = $image->id;
|
||||
}
|
||||
|
||||
// Delete the profile image if set to
|
||||
if ($request->has('profile_image_reset')) {
|
||||
$this->imageRepo->destroyImage($user->avatar);
|
||||
}
|
||||
|
||||
$user->save();
|
||||
session()->flash('success', trans('settings.users_edit_success'));
|
||||
|
||||
$redirectUrl = userCan('users-manage') ? '/settings/users' : '/settings/users/' . $user->id;
|
||||
$redirectUrl = userCan('users-manage') ? '/settings/users' : ('/settings/users/' . $user->id);
|
||||
return redirect($redirectUrl);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user