Add an API assets files controller

Based heavily on the Assets assets files controller.
Added errors related to to the files management.
Added the API endpoints for file upload and show, but only upload is
currently tested/works.
This commit is contained in:
Scarzy 2024-04-30 21:30:45 +01:00
parent 12e107a71b
commit 8a2ea971e1
4 changed files with 193 additions and 4 deletions

View file

@ -0,0 +1,171 @@
<?php
namespace App\Http\Controllers\Api;
use App\Helpers\StorageHelper;
use Illuminate\Support\Facades\Storage;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\Gate;
use App\Helpers\Helper;
use App\Http\Controllers\Controller;
use App\Models\Asset;
use App\Models\AssetModel;
use \Illuminate\Support\Facades\Auth;
use Carbon\Carbon;
use DB;
use Illuminate\Http\Request;
use App\Http\Requests\UploadFileRequest;
use Illuminate\Support\Facades\Log;
use Input;
use Paginator;
use Slack;
use Str;
use TCPDF;
use Validator;
use Route;
/**
* This class controls all actions related to assets for
* the Snipe-IT Asset Management application.
*
* @version v1.0
* @author [A. Gianotto] [<snipe@snipe.net>]
*/
class AssetFilesController extends Controller
{
/**
* Accepts a POST to upload a file to the server.
*
* @param \App\Http\Requests\UploadFileRequest $request
* @param int $assetId
* @return \Illuminate\Http\JsonResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
* @since [v6.0]
* @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
*/
public function store(UploadFileRequest $request, $assetId = null)
{
if (! $asset = Asset::find($assetId)) {
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 500);
}
$this->authorize('update', $asset);
\Log::warning($request);
#\Log::warning($request['name']);
#\Log::warning($request['filename']);
#\Log::warning($request['contents']);
if ($request->hasFile('file')) {
\Log::warning("So, I am actually getting in here...");
if (! Storage::exists('private_uploads/assets')) {
Storage::makeDirectory('private_uploads/assets', 775);
}
\Log::warning("File is");
\Log::warning($request->file('file'));
\Log::warning("File ends");
foreach ($request->file('file') as $file) {
\Log::warning("Handling file ");
\Log::warning($file);
$file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file);
$asset->logUpload($file_name, e($request->get('notes')));
}
\Log::warning("Done handling");
#$request->IamAnOrange();
return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.upload.success')));
}
return response()->json(Helper::formatStandardApiResponse('error', null, "Bad bananas"), 500);
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.upload.nofiles')), 500);
}
/**
* Check for permissions and display the file.
*
* @param int $assetId
* @param int $fileId
* @return \Illuminate\Http\JsonResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
* @since [v6.0]
* @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
*/
public function show($assetId = null, $fileId = null)
{
$asset = Asset::find($assetId);
// the asset is valid
if (isset($asset->id)) {
$this->authorize('view', $asset);
if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) {
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.no_match', ['id' => $fileId])), 500);
}
$file = 'private_uploads/assets/'.$log->filename;
\Log::debug('Checking for '.$file);
if ($log->action_type == 'audit') {
$file = 'private_uploads/audits/'.$log->filename;
}
if (! Storage::exists($file)) {
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.does_not_exist', ['id' => $fileId])), 404);
}
if (request('inline') == 'true') {
$headers = [
'Content-Disposition' => 'inline',
];
return Storage::download($file, $log->filename, $headers);
return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.upload.success')));
}
return StorageHelper::downloader($file);
}
// Send back an error message
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error', ['id' => $fileId])), 500);
}
/**
* Delete the associated file
*
* @param int $assetId
* @param int $fileId
* @return \Illuminate\Http\JsonResponse
* @throws \Illuminate\Auth\Access\AuthorizationException
* @since [v6.0]
* @author [T. Scarsbrook] [<snipe@scarzybrook.co.uk>]
*/
public function destroy($assetId = null, $fileId = null)
{
$asset = Asset::find($assetId);
$this->authorize('update', $asset);
$rel_path = 'private_uploads/assets';
// the asset is valid
if (isset($asset->id)) {
$this->authorize('update', $asset);
$log = Actionlog::find($fileId);
if ($log) {
if (Storage::exists($rel_path.'/'.$log->filename)) {
Storage::delete($rel_path.'/'.$log->filename);
}
$log->delete();
return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
}
return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success'));
}
// Redirect to the hardware management page
return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500);
}
}

View file

@ -2,12 +2,14 @@
namespace App\Http\Requests; namespace App\Http\Requests;
use App\Http\Traits\ConvertsBase64ToFiles;
use enshrined\svgSanitize\Sanitizer; use enshrined\svgSanitize\Sanitizer;
use Illuminate\Support\Facades\Storage; use Illuminate\Support\Facades\Storage;
use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Log;
class UploadFileRequest extends Request class UploadFileRequest extends Request
{ {
use ConvertsBase64ToFiles;
/** /**
* Determine if the user is authorized to make this request. * Determine if the user is authorized to make this request.
* *

View file

@ -51,6 +51,13 @@ return [
'invalidfiles' => 'One or more of your files is too large or is a filetype that is not allowed. Allowed filetypes are png, gif, jpg, doc, docx, pdf, and txt.', 'invalidfiles' => 'One or more of your files is too large or is a filetype that is not allowed. Allowed filetypes are png, gif, jpg, doc, docx, pdf, and txt.',
], ],
'download' => [
'error' => 'File(s) not downloaded. Please try again.',
'success' => 'File(s) successfully downloaded.',
'does_not_exist' => 'No file exists',
'no_match' => 'No matching record for that asset/file',
],
'import' => [ 'import' => [
'error' => 'Some items did not import correctly.', 'error' => 'Some items did not import correctly.',
'errorDetail' => 'The following Items were not imported because of errors.', 'errorDetail' => 'The following Items were not imported because of errors.',

View file

@ -544,13 +544,22 @@ Route::group(['prefix' => 'v1', 'middleware' => ['api', 'throttle:api']], functi
'restore' 'restore'
] ]
)->name('api.assets.restore'); )->name('api.assets.restore');
Route::post('{asset_id}/files',
[
Api\AssetFilesController::class,
'store'
]
)->name('api.assets.files');
Route::get('{asset_id}/files',
[
Api\AssetFilesController::class,
'show'
]
)->name('api.assets.files');
}); });
Route::resource('hardware', Route::resource('hardware',
Api\AssetsController::class, Api\AssetsController::class,
['names' => [ ['names' => [