DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-11-13 17:14:10 -08:00
Code Issues Actions 13 Packages Projects Releases Wiki Activity

Refactor the UserFilesController show method for simpler inlining

Browse source 
Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2024-10-17 00:08:38 +01:00
parent ccd2019448
commit c49abb6aea
1 changed files with 13 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
app/Http/Controllers/Users/UserFilesController.php
View file

@ -113,6 +113,9 @@ class UserFilesController extends Controller
public function show($userId = null, $fileId = null)
{
if (empty($fileId)) {
return redirect()->route('users.show')->with('error', 'Invalid file request');
}
@ -126,15 +129,21 @@ class UserFilesController extends Controller
if ($log = Actionlog::whereNotNull('filename')->where('item_id', $user->id)->find($fileId)) {
// Display the file inline
if (request('inline') == 'true') {
$file = 'private_uploads/users/'.$log->filename;
if ((request('inline') == 'true') && (StorageHelper::allowSafeInline($file) === false)) {
// Display the file as text is not allowed for security reasons
$headers = [
'Content-Disposition' => 'inline',
'Content-Type' => 'text/plain',
];
return Storage::download('private_uploads/users/'.$log->filename, $log->filename, $headers);
return Storage::download($file, $log->filename, $headers);
}
return Storage::download('private_uploads/users/'.$log->filename);
return Storage::download($file);
}
return redirect()->route('users.index')->with('error', trans('admin/users/message.log_record_not_found'));