snipe-it/app/Http/Requests/ImageUploadRequest.php

166 lines
5.8 KiB
PHP
Raw Normal View History

2016-12-27 17:31:53 -08:00
<?php
namespace App\Http\Requests;
use App\Models\SnipeModel;
use enshrined\svgSanitize\Sanitizer;
use Intervention\Image\Facades\Image;
2021-07-04 23:59:19 -07:00
use App\Http\Traits\ConvertsBase64ToFiles;
2021-07-05 20:25:37 -07:00
use Illuminate\Http\UploadedFile;
use Illuminate\Support\Facades\Storage;
use Intervention\Image\Exception\NotReadableException;
use Illuminate\Support\Facades\Log;
2016-12-27 17:31:53 -08:00
class ImageUploadRequest extends Request
{
2021-07-04 23:59:19 -07:00
use ConvertsBase64ToFiles;
2021-07-02 00:18:18 -07:00
2016-12-27 17:31:53 -08:00
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
2021-07-02 00:18:18 -07:00
return [
'image' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp,avif',
'avatar' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp,avif',
'favicon' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp,image/x-icon,image/vnd.microsoft.icon,ico',
2021-07-02 00:18:18 -07:00
];
2016-12-27 17:31:53 -08:00
}
public function response(array $errors)
{
return $this->redirector->back()->withInput()->withErrors($errors, $this->errorBag);
}
2021-07-04 03:37:05 -07:00
/**
* Fields that should be traited from base64 to files
*/
2021-07-02 00:18:18 -07:00
protected function base64FileKeys(): array
{
/**
* image_source is here just legacy reasons. Api\AssetController
* had it once to allow encoded image uploads.
*/
2021-07-02 00:18:18 -07:00
return [
'image' => 'auto',
'image_source' => 'auto'
2021-07-02 00:18:18 -07:00
];
}
/**
* Handle and store any images attached to request
* @param SnipeModel $item Item the image is associated with
* @param string $path location for uploaded images, defaults to uploads/plural of item type.
* @return SnipeModel Target asset is being checked out to.
*/
public function handleImages($item, $w = 600, $form_fieldname = 'image', $path = null, $db_fieldname = 'image')
{
$type = strtolower(class_basename(get_class($item)));
if (is_null($path)) {
$path = str_plural($type);
if ($type == 'assetmodel') {
$path = 'models';
}
if ($type == 'user') {
$path = 'avatars';
}
}
2021-07-05 20:25:37 -07:00
if ($this->offsetGet($form_fieldname) instanceof UploadedFile) {
$image = $this->offsetGet($form_fieldname);
} elseif ($this->hasFile($form_fieldname)) {
$image = $this->file($form_fieldname);
2021-07-05 20:25:37 -07:00
}
2021-07-05 20:25:37 -07:00
if (isset($image)) {
if (!config('app.lock_passwords')) {
$ext = $image->guessExtension();
$file_name = $type.'-'.$form_fieldname.'-'.$item->id.'-'.str_random(10).'.'.$ext;
if (($image->getMimeType() == 'image/vnd.microsoft.icon') || ($image->getMimeType() == 'image/x-icon') || ($image->getMimeType() == 'image/avif') || ($image->getMimeType() == 'image/webp')) {
// If the file is an icon, webp or avif, we need to just move it since gd doesn't support resizing
// icons or avif, and webp support and needs to be compiled into gd for resizing to be available
Storage::disk('public')->put($path.'/'.$file_name, file_get_contents($image));
} elseif($image->getMimeType() == 'image/svg+xml') {
// If the file is an SVG, we need to clean it and NOT encode it
$sanitizer = new Sanitizer();
$dirtySVG = file_get_contents($image->getRealPath());
$cleanSVG = $sanitizer->sanitize($dirtySVG);
try {
Storage::disk('public')->put($path . '/' . $file_name, $cleanSVG);
} catch (\Exception $e) {
Log::debug($e);
}
} else {
try {
$upload = Image::make($image->getRealPath())->setFileInfoFromPath($image->getRealPath())->resize(null, $w, function ($constraint) {
$constraint->aspectRatio();
$constraint->upsize();
})->orientate();
} catch(NotReadableException $e) {
Log::debug($e);
$validator = \Validator::make([], []);
$validator->errors()->add($form_fieldname, trans('general.unaccepted_image_type', ['mimetype' => $image->getClientMimeType()]));
throw new \Illuminate\Validation\ValidationException($validator);
}
// This requires a string instead of an object, so we use ($string)
Storage::disk('public')->put($path.'/'.$file_name, (string) $upload->encode());
}
Merge branch 'develop' into integrations/2020-04-15-v5-merge # Conflicts: # README.md # app/Http/Controllers/AccessoriesController.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/LicensesController.php # app/Http/Controllers/Api/LocationsController.php # app/Http/Controllers/Api/SettingsController.php # app/Http/Controllers/Api/UsersController.php # app/Http/Controllers/AssetModelsController.php # app/Http/Controllers/Assets/AssetsController.php # app/Http/Controllers/Auth/ForgotPasswordController.php # app/Http/Controllers/CategoriesController.php # app/Http/Controllers/CompaniesController.php # app/Http/Controllers/ComponentsController.php # app/Http/Controllers/ConsumablesController.php # app/Http/Controllers/CustomFieldsetsController.php # app/Http/Controllers/DepartmentsController.php # app/Http/Controllers/LicensesController.php # app/Http/Controllers/LocationsController.php # app/Http/Controllers/ManufacturersController.php # app/Http/Controllers/SettingsController.php # app/Http/Controllers/SuppliersController.php # app/Http/Controllers/UsersController.php # app/Http/Requests/AssetRequest.php # app/Http/Requests/ImageUploadRequest.php # app/Models/LicenseSeat.php # app/Models/Location.php # app/Models/Setting.php # composer.json # composer.lock # config/database.php # config/version.php # npm-shrinkwrap.json # package.json # public/css/AdminLTE.css # public/css/AdminLTE.css.map # public/css/overrides.css # public/css/overrides.css.map # public/css/skins/skin-blue-light.css # public/css/skins/skin-blue.css # public/css/skins/skin-green-dark.min.css # public/js/app.js # public/js/bootstrap-table.js # public/js/bootstrap/js/bootstrap.js # public/js/bootstrap/js/bootstrap.min.js # public/js/build/all.js # public/js/build/vue.js # public/js/build/vue.js.map # public/js/demo.js # public/js/ekko-lightbox.js # public/js/ekko-lightbox.min.js # public/js/extensions/export/bootstrap-table-export.js # public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.js # public/js/extensions/multiple-sort/bootstrap-table-multiple-sort.min.js # public/js/extensions/toolbar/bootstrap-table-toolbar.min.js # public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js # public/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js # public/js/plugins/timepicker/bootstrap-timepicker.js # public/js/plugins/timepicker/bootstrap-timepicker.min.js # public/js/vue.js # public/mix-manifest.json # resources/assets/js/bootstrap-js.js # resources/assets/js/bootstrap.min.js # resources/assets/js/ekko-lightbox.js # resources/assets/js/ekko-lightbox.min.js # resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.js # resources/assets/js/plugins/bootstrap-wysihtml5/bootstrap3-wysihtml5.all.min.js # resources/assets/js/plugins/chartjs/Chart.js # resources/assets/js/plugins/timepicker/bootstrap-timepicker.js # resources/assets/js/plugins/timepicker/bootstrap-timepicker.min.js # resources/assets/less/AdminLTE.less # resources/assets/less/overrides.less # resources/assets/less/skins/_all-skins.less # resources/assets/less/skins/skin-black.less # resources/assets/less/skins/skin-blue.less # resources/assets/less/skins/skin-green.less # resources/assets/less/skins/skin-purple.less # resources/assets/less/skins/skin-red.less # resources/assets/less/skins/skin-yellow.less # resources/assets/less/variables.less # resources/js/components/importer/importer-file.vue # resources/lang/en/auth/message.php # resources/lang/en/passwords.php # resources/lang/es-CO/general.php # resources/lang/es-ES/general.php # resources/lang/es-VE/general.php # resources/less/skins/skin-black-dark.less # resources/less/skins/skin-blue-dark.less # resources/less/skins/skin-contrast.less # resources/less/skins/skin-green-dark.less # resources/less/skins/skin-orange-dark.less # resources/less/skins/skin-orange.less # resources/less/skins/skin-purple-dark.less # resources/less/skins/skin-red-dark.less # resources/less/skins/skin-yellow-dark.less # resources/views/accessories/checkin.blade.php # resources/views/accessories/checkout.blade.php # resources/views/accessories/edit.blade.php # resources/views/account/profile.blade.php # resources/views/account/view-assets.blade.php # resources/views/asset_maintenances/edit.blade.php # resources/views/auth/passwords/email.blade.php # resources/views/auth/passwords/reset.blade.php # resources/views/categories/edit.blade.php # resources/views/companies/edit.blade.php # resources/views/components/checkin.blade.php # resources/views/components/checkout.blade.php # resources/views/components/edit.blade.php # resources/views/consumables/checkout.blade.php # resources/views/consumables/edit.blade.php # resources/views/custom_fields/fields/edit.blade.php # resources/views/custom_fields/fieldsets/edit.blade.php # resources/views/dashboard.blade.php # resources/views/departments/edit.blade.php # resources/views/groups/edit.blade.php # resources/views/hardware/audit.blade.php # resources/views/hardware/bulk-checkout.blade.php # resources/views/hardware/bulk.blade.php # resources/views/hardware/checkin.blade.php # resources/views/hardware/checkout.blade.php # resources/views/hardware/edit.blade.php # resources/views/hardware/index.blade.php # resources/views/hardware/quickscan.blade.php # resources/views/hardware/view.blade.php # resources/views/importer/import.blade.php # resources/views/layouts/basic.blade.php # resources/views/layouts/default.blade.php # resources/views/layouts/edit-form.blade.php # resources/views/licenses/checkin.blade.php # resources/views/licenses/checkout.blade.php # resources/views/licenses/edit.blade.php # resources/views/locations/edit.blade.php # resources/views/manufacturers/edit.blade.php # resources/views/modals/upload-file.blade.php # resources/views/models/bulk-edit.blade.php # resources/views/models/custom_fields_form.blade.php # resources/views/models/edit.blade.php # resources/views/partials/bootstrap-table.blade.php # resources/views/partials/forms/edit/address.blade.php # resources/views/partials/forms/edit/asset-select.blade.php # resources/views/partials/forms/edit/category-select.blade.php # resources/views/partials/forms/edit/category.blade.php # resources/views/partials/forms/edit/company-select.blade.php # resources/views/partials/forms/edit/company.blade.php # resources/views/partials/forms/edit/department-select.blade.php # resources/views/partials/forms/edit/depreciation.blade.php # resources/views/partials/forms/edit/email.blade.php # resources/views/partials/forms/edit/image-upload.blade.php # resources/views/partials/forms/edit/item_number.blade.php # resources/views/partials/forms/edit/location-profile-select.blade.php # resources/views/partials/forms/edit/location-select.blade.php # resources/views/partials/forms/edit/location.blade.php # resources/views/partials/forms/edit/maintenance_type.blade.php # resources/views/partials/forms/edit/manufacturer-select.blade.php # resources/views/partials/forms/edit/manufacturer.blade.php # resources/views/partials/forms/edit/minimum_quantity.blade.php # resources/views/partials/forms/edit/model-select.blade.php # resources/views/partials/forms/edit/model_number.blade.php # resources/views/partials/forms/edit/name.blade.php # resources/views/partials/forms/edit/notes.blade.php # resources/views/partials/forms/edit/order_number.blade.php # resources/views/partials/forms/edit/phone.blade.php # resources/views/partials/forms/edit/purchase_cost.blade.php # resources/views/partials/forms/edit/purchase_date.blade.php # resources/views/partials/forms/edit/quantity.blade.php # resources/views/partials/forms/edit/serial.blade.php # resources/views/partials/forms/edit/status.blade.php # resources/views/partials/forms/edit/submit.blade.php # resources/views/partials/forms/edit/supplier-select.blade.php # resources/views/partials/forms/edit/supplier.blade.php # resources/views/partials/forms/edit/user-select.blade.php # resources/views/reports/custom.blade.php # resources/views/settings/alerts.blade.php # resources/views/settings/asset_tags.blade.php # resources/views/settings/barcodes.blade.php # resources/views/settings/branding.blade.php # resources/views/settings/general.blade.php # resources/views/settings/labels.blade.php # resources/views/settings/ldap.blade.php # resources/views/settings/localization.blade.php # resources/views/settings/security.blade.php # resources/views/setup/user.blade.php # resources/views/suppliers/edit.blade.php # resources/views/users/bulk-edit.blade.php # resources/views/users/edit.blade.php # resources/views/users/ldap.blade.php # resources/views/users/print.blade.php # resources/views/users/view.blade.php # routes/api.php # routes/web/hardware.php # webpack.mix.js
2020-04-20 23:20:34 -07:00
// Remove Current image if exists
if (($item->{$form_fieldname}!='') && (Storage::disk('public')->exists($path.'/'.$item->{$db_fieldname}))) {
try {
Storage::disk('public')->delete($path.'/'.$item->{$form_fieldname});
} catch (\Exception $e) {
Log::debug('Could not delete old file. '.$path.'/'.$file_name.' does not exist?');
}
}
$item->{$db_fieldname} = $file_name;
}
// If the user isn't uploading anything new but wants to delete their old image, do so
} elseif ($this->input('image_delete') == '1') {
Log::debug('Deleting image');
try {
Storage::disk('public')->delete($path.'/'.$item->{$db_fieldname});
$item->{$db_fieldname} = null;
} catch (\Exception $e) {
Log::debug($e);
}
}
return $item;
}
2021-07-04 03:37:05 -07:00
2016-12-27 17:31:53 -08:00
}