snipe-it/app/Http/Requests/ImageUploadRequest.php

180 lines
6.3 KiB
PHP
Raw Normal View History

2016-12-27 17:31:53 -08:00
<?php
namespace App\Http\Requests;
use App\Models\SnipeModel;
use enshrined\svgSanitize\Sanitizer;
use Intervention\Image\Facades\Image;
2021-07-04 23:59:19 -07:00
use App\Http\Traits\ConvertsBase64ToFiles;
2021-07-05 20:25:37 -07:00
use Illuminate\Http\UploadedFile;
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
use Storage;
2016-12-27 17:31:53 -08:00
class ImageUploadRequest extends Request
{
2021-07-04 23:59:19 -07:00
use ConvertsBase64ToFiles;
2021-07-02 00:18:18 -07:00
2016-12-27 17:31:53 -08:00
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
2021-07-02 00:18:18 -07:00
return [
'image' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
'avatar' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
];
2016-12-27 17:31:53 -08:00
}
public function response(array $errors)
{
return $this->redirector->back()->withInput()->withErrors($errors, $this->errorBag);
}
2021-07-04 03:37:05 -07:00
/**
* Fields that should be traited from base64 to files
*/
2021-07-02 00:18:18 -07:00
protected function base64FileKeys(): array
{
/**
* image_source is here just legacy reasons. Api\AssetController
* had it once to allow encoded image uploads.
*/
2021-07-02 00:18:18 -07:00
return [
'image' => 'auto',
'image_source' => 'auto'
2021-07-02 00:18:18 -07:00
];
}
/**
* Handle and store any images attached to request
* @param SnipeModel $item Item the image is associated with
* @param string $path location for uploaded images, defaults to uploads/plural of item type.
* @return SnipeModel Target asset is being checked out to.
*/
public function handleImages($item, $w = 600, $form_fieldname = null, $path = null, $db_fieldname = 'image')
{
$type = strtolower(class_basename(get_class($item)));
if (is_null($path)) {
$path = str_plural($type);
if ($type == 'assetmodel') {
$path = 'models';
}
if ($type == 'user') {
$path = 'avatars';
}
}
if (is_null($form_fieldname)) {
$form_fieldname = 'image';
}
// This is dumb, but we need it for overriding field names for exceptions like avatars and logo uploads
if (is_null($db_fieldname)) {
$use_db_field = $form_fieldname;
} else {
$use_db_field = $db_fieldname;
}
2021-07-05 20:25:37 -07:00
// ConvertBase64ToFiles just changes object type,
// as it cannot currently insert files to $this->files
if ($this->offsetGet($form_fieldname) instanceof UploadedFile) {
$image=$this->offsetGet($form_fieldname);
} else {
if ($this->hasFile($form_fieldname)) {
$image = $this->file($form_fieldname);
}
}
2021-07-05 20:25:37 -07:00
if (isset($image)) {
2021-07-05 20:41:37 -07:00
\Log::debug($image);
if (!config('app.lock_passwords')) {
$ext = $image->getClientOriginalExtension();
$file_name = $type.'-'.$form_fieldname.'-'.str_random(10).'.'.$ext;
[WIP] Added #5957 - Flysystem support (#6262) * Added AWS url to example env * Upgrader - added check for new storage path and attempt to move * Ignore symlink * Updated paths for models * Moved copy methods * Added AWS_URL support For some reasin, Flysystem was generating the wrong AWS url (with a region included) * Switch to Flysystem for image uploads * Nicer display of image preview * Updated image preview on edit blades to use Flysystem * Twiddled some more paths * Working filesystems config * Updated Asset Models and Departments to use Flysystem * Janky workaround for differing S3/local urls/paths * Try to smartly use S3 as public disk if S3 is configured * Use public disk Storage options for public files * Additional transformer edits for Flysystem * Removed debugging * Added missing use Storage directive * Updated seeders to use Flysystem * Default logo * Set a default width We can potentially override this in settings later * Use Flysystem for logo upload * Update downloadFile to use Flysystem * Updated AssetFilesController to use Flysystem * Updated acceptance signatures to use Flysystem * Updated signature view to use Flysystem This isn’t working 100% yet * Use Flysystem facade for displaying asset image * Set assets path Should clean all these up when we’re done here * Added Rackspace support for Flysystem * Added Flysystem migrator console command * Added use Storage directive for categories * Added user avatars to Flysystem * Added profile avatar to Flysystem * Added the option to delete local files with the migrator * Added a check to prevent people from trying to move from local to local * Fixed the selectlists for Flysystem * Fixed the getImageUrl method to reflect Flysystem * Fixed AWS copy process * Fixed models path * More selectlist updates for Flysystem * Updated example .envs with updated env variable names * *sigh* * Updated non-asset getImageUrl() methods to use Flysystem * Removed S3 hardcoding * Use Flysystem in email headers * Fixed typo * Removed camera support from asset file upload We’ll find a way to add this in later (and add that support to all of the other image uploads as well) * Fixed path for categories * WIP - Switched to standard handleImages for asset upload. This is currently broken as I refact the handleImages method. Because the assets store/create methods use their own Form Request, the handleImages method doesn’t exist in that Form Request so it wil error now. * Fixed css URL error * Updated Debugbar to latest version (#6265) v3.2 adds support for Laravel 5.7 * Fixed: Missing CSS file in basic.blade.php (#6264) * Fixed missing CSS file in basic.blade.php * Added * Changed stylesheet import for authorize.blade.php * Updated composer lock * Added AWS_BUCKET_ROOT as env variable * Use nicer image preview for logo upload * Removed AssetRequest form request * Removed asset form request, moved custom field validation into model * Added additional help text for logo upload * Increased the size of the image resize - should make this a setting tho * Few more formatting tweaks to logo section of branding blade preview * Use Flysystem for asset/license file uploads * Use Flysystem for removing images from models that have been deleted * Enable backups to use Flysystem This only handles part of the problem. This just makes it so we can ship files to S3 if we want, but does not account for how we backup files that are hosted on S3 * Use Flysystem to download license files * Updated audits to use Flysystem
2018-09-29 21:33:52 -07:00
2020-06-16 16:06:25 -07:00
\Log::info('File name will be: '.$file_name);
\Log::debug('File extension is: '.$ext);
if (($image->getClientOriginalExtension() !== 'webp') && ($image->getClientOriginalExtension() !== 'svg')) {
\Log::debug('Not an SVG or webp - resize');
\Log::debug('Trying to upload to: '.$path.'/'.$file_name);
$upload = Image::make($image->getRealPath())->resize(null, $w, function ($constraint) {
$constraint->aspectRatio();
$constraint->upsize();
});
// This requires a string instead of an object, so we use ($string)
Storage::disk('public')->put($path.'/'.$file_name, (string) $upload->encode());
} else {
// If the file is a webp, we need to just move it since webp support
// needs to be compiled into gd for resizing to be available
if ($image->getClientOriginalExtension() == 'webp') {
\Log::debug('This is a webp, just move it');
Storage::disk('public')->put($path.'/'.$file_name, file_get_contents($image));
// If the file is an SVG, we need to clean it and NOT encode it
} else {
\Log::debug('This is an SVG');
$sanitizer = new Sanitizer();
$dirtySVG = file_get_contents($image->getRealPath());
$cleanSVG = $sanitizer->sanitize($dirtySVG);
try {
\Log::debug('Trying to upload to: '.$path.'/'.$file_name);
Storage::disk('public')->put($path.'/'.$file_name, $cleanSVG);
} catch (\Exception $e) {
\Log::debug('Upload no workie :( ');
\Log::debug($e);
}
}
}
Merge branch 'develop' into integrations/2020-04-15-v5-merge # Conflicts: # README.md # app/Http/Controllers/AccessoriesController.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/LicensesController.php # app/Http/Controllers/Api/LocationsController.php # app/Http/Controllers/Api/SettingsController.php # app/Http/Controllers/Api/UsersController.php # app/Http/Controllers/AssetModelsController.php # app/Http/Controllers/Assets/AssetsController.php # app/Http/Controllers/Auth/ForgotPasswordController.php # app/Http/Controllers/CategoriesController.php # app/Http/Controllers/CompaniesController.php # app/Http/Controllers/ComponentsController.php # app/Http/Controllers/ConsumablesController.php # app/Http/Controllers/CustomFieldsetsController.php # app/Http/Controllers/DepartmentsController.php # app/Http/Controllers/LicensesController.php # app/Http/Controllers/LocationsController.php # app/Http/Controllers/ManufacturersController.php # app/Http/Controllers/SettingsController.php # app/Http/Controllers/SuppliersController.php # app/Http/Controllers/UsersController.php # app/Http/Requests/AssetRequest.php # app/Http/Requests/ImageUploadRequest.php # app/Models/LicenseSeat.php # app/Models/Location.php # app/Models/Setting.php # composer.json # composer.lock # config/database.php # config/version.php # npm-shrinkwrap.json # package.json # public/css/AdminLTE.css # public/css/AdminLTE.css.map # public/css/overrides.css # public/css/overrides.css.map # public/css/skins/skin-blue-light.css # public/css/skins/skin-blue.css # public/css/skins/skin-green-dark.min.css # public/js/app.js # public/js/bootstrap-table.js # public/js/bootstrap/js/bootstrap.js # public/js/bootstrap/js/bootstrap.min.js # public/js/build/all.js # public/js/build/vue.js # public/js/build/vue.js.map # public/js/demo.js # public/js/ekko-lightbox.js # public/js/ekko-lightbox.min.js # public/js/extensions/export/bootstrap-table-export.js # public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.js # public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.min.js # public/js/extensions/toolbar/bootstrap-table-toolbar.min.js # public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js # public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js # public/js/plugins/timepicker/bootstrap-timepicker.js # public/js/plugins/timepicker/bootstrap-timepicker.min.js # public/js/vue.js # public/mix-manifest.json # resources/assets/js/bootstrap-js.js # resources/assets/js/bootstrap.min.js # resources/assets/js/ekko-lightbox.js # resources/assets/js/ekko-lightbox.min.js # resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js # resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js # resources/assets/js/plugins/chartjs/Chart.js # resources/assets/js/plugins/timepicker/bootstrap-timepicker.js # resources/assets/js/plugins/timepicker/bootstrap-timepicker.min.js # resources/assets/less/AdminLTE.less # resources/assets/less/overrides.less # resources/assets/less/skins/_all-skins.less # resources/assets/less/skins/skin-black.less # resources/assets/less/skins/skin-blue.less # resources/assets/less/skins/skin-green.less # resources/assets/less/skins/skin-purple.less # resources/assets/less/skins/skin-red.less # resources/assets/less/skins/skin-yellow.less # resources/assets/less/variables.less # resources/js/components/importer/importer-file.vue # resources/lang/en/auth/message.php # resources/lang/en/passwords.php # resources/lang/es-CO/general.php # resources/lang/es-ES/general.php # resources/lang/es-VE/general.php # resources/less/skins/skin-black-dark.less # resources/less/skins/skin-blue-dark.less # resources/less/skins/skin-contrast.less # resources/less/skins/skin-green-dark.less # resources/less/skins/skin-orange-dark.less # resources/less/skins/skin-orange.less # resources/less/skins/skin-purple-dark.less # resources/less/skins/skin-red-dark.less # resources/less/skins/skin-yellow-dark.less # resources/views/accessories/checkin.blade.php # resources/views/accessories/checkout.blade.php # resources/views/accessories/edit.blade.php # resources/views/account/profile.blade.php # resources/views/account/view-assets.blade.php # resources/views/asset_maintenances/edit.blade.php # resources/views/auth/passwords/email.blade.php # resources/views/auth/passwords/reset.blade.php # resources/views/categories/edit.blade.php # resources/views/companies/edit.blade.php # resources/views/components/checkin.blade.php # resources/views/components/checkout.blade.php # resources/views/components/edit.blade.php # resources/views/consumables/checkout.blade.php # resources/views/consumables/edit.blade.php # resources/views/custom_fields/fields/edit.blade.php # resources/views/custom_fields/fieldsets/edit.blade.php # resources/views/dashboard.blade.php # resources/views/departments/edit.blade.php # resources/views/groups/edit.blade.php # resources/views/hardware/audit.blade.php # resources/views/hardware/bulk-checkout.blade.php # resources/views/hardware/bulk.blade.php # resources/views/hardware/checkin.blade.php # resources/views/hardware/checkout.blade.php # resources/views/hardware/edit.blade.php # resources/views/hardware/index.blade.php # resources/views/hardware/quickscan.blade.php # resources/views/hardware/view.blade.php # resources/views/importer/import.blade.php # resources/views/layouts/basic.blade.php # resources/views/layouts/default.blade.php # resources/views/layouts/edit-form.blade.php # resources/views/licenses/checkin.blade.php # resources/views/licenses/checkout.blade.php # resources/views/licenses/edit.blade.php # resources/views/locations/edit.blade.php # resources/views/manufacturers/edit.blade.php # resources/views/modals/upload-file.blade.php # resources/views/models/bulk-edit.blade.php # resources/views/models/custom_fields_form.blade.php # resources/views/models/edit.blade.php # resources/views/partials/bootstrap-table.blade.php # resources/views/partials/forms/edit/address.blade.php # resources/views/partials/forms/edit/asset-select.blade.php # resources/views/partials/forms/edit/category-select.blade.php # resources/views/partials/forms/edit/category.blade.php # resources/views/partials/forms/edit/company-select.blade.php # resources/views/partials/forms/edit/company.blade.php # resources/views/partials/forms/edit/department-select.blade.php # resources/views/partials/forms/edit/depreciation.blade.php # resources/views/partials/forms/edit/email.blade.php # resources/views/partials/forms/edit/image-upload.blade.php # resources/views/partials/forms/edit/item_number.blade.php # resources/views/partials/forms/edit/location-profile-select.blade.php # resources/views/partials/forms/edit/location-select.blade.php # resources/views/partials/forms/edit/location.blade.php # resources/views/partials/forms/edit/maintenance_type.blade.php # resources/views/partials/forms/edit/manufacturer-select.blade.php # resources/views/partials/forms/edit/manufacturer.blade.php # resources/views/partials/forms/edit/minimum_quantity.blade.php # resources/views/partials/forms/edit/model-select.blade.php # resources/views/partials/forms/edit/model_number.blade.php # resources/views/partials/forms/edit/name.blade.php # resources/views/partials/forms/edit/notes.blade.php # resources/views/partials/forms/edit/order_number.blade.php # resources/views/partials/forms/edit/phone.blade.php # resources/views/partials/forms/edit/purchase_cost.blade.php # resources/views/partials/forms/edit/purchase_date.blade.php # resources/views/partials/forms/edit/quantity.blade.php # resources/views/partials/forms/edit/serial.blade.php # resources/views/partials/forms/edit/status.blade.php # resources/views/partials/forms/edit/submit.blade.php # resources/views/partials/forms/edit/supplier-select.blade.php # resources/views/partials/forms/edit/supplier.blade.php # resources/views/partials/forms/edit/user-select.blade.php # resources/views/reports/custom.blade.php # resources/views/settings/alerts.blade.php # resources/views/settings/asset_tags.blade.php # resources/views/settings/barcodes.blade.php # resources/views/settings/branding.blade.php # resources/views/settings/general.blade.php # resources/views/settings/labels.blade.php # resources/views/settings/ldap.blade.php # resources/views/settings/localization.blade.php # resources/views/settings/security.blade.php # resources/views/setup/user.blade.php # resources/views/suppliers/edit.blade.php # resources/views/users/bulk-edit.blade.php # resources/views/users/edit.blade.php # resources/views/users/ldap.blade.php # resources/views/users/print.blade.php # resources/views/users/view.blade.php # routes/api.php # routes/web/hardware.php # webpack.mix.js
2020-04-20 23:20:34 -07:00
// Remove Current image if exists
if (Storage::disk('public')->exists($path.'/'.$item->{$use_db_field})) {
\Log::debug('A file already exists that we are replacing - we should delete the old one.');
try {
Storage::disk('public')->delete($path.'/'.$item->{$use_db_field});
\Log::debug('Old file '.$path.'/'.$file_name.' has been deleted.');
} catch (\Exception $e) {
\Log::debug('Could not delete old file. '.$path.'/'.$file_name.' does not exist?');
}
}
$item->{$use_db_field} = $file_name;
}
// If the user isn't uploading anything new but wants to delete their old image, do so
} else {
\Log::debug('No file passed for '.$form_fieldname);
if ($this->input('image_delete') == '1') {
\Log::debug('Deleting image');
try {
Storage::disk('public')->delete($path.'/'.$item->{$use_db_field});
$item->{$use_db_field} = null;
} catch (\Exception $e) {
\Log::debug($e);
}
}
}
return $item;
}
2021-07-04 03:37:05 -07:00
2016-12-27 17:31:53 -08:00
}