Refactor the UserFilesController show method for simpler inlining

Signed-off-by: snipe <snipe@snipe.net>
This commit is contained in:
snipe 2024-10-17 00:08:38 +01:00
parent ccd2019448
commit c49abb6aea

View file

@ -113,6 +113,9 @@ class UserFilesController extends Controller
public function show($userId = null, $fileId = null) public function show($userId = null, $fileId = null)
{ {
if (empty($fileId)) { if (empty($fileId)) {
return redirect()->route('users.show')->with('error', 'Invalid file request'); return redirect()->route('users.show')->with('error', 'Invalid file request');
} }
@ -126,15 +129,21 @@ class UserFilesController extends Controller
if ($log = Actionlog::whereNotNull('filename')->where('item_id', $user->id)->find($fileId)) { if ($log = Actionlog::whereNotNull('filename')->where('item_id', $user->id)->find($fileId)) {
// Display the file inline $file = 'private_uploads/users/'.$log->filename;
if (request('inline') == 'true') {
if ((request('inline') == 'true') && (StorageHelper::allowSafeInline($file) === false)) {
// Display the file as text is not allowed for security reasons
$headers = [ $headers = [
'Content-Disposition' => 'inline', 'Content-Disposition' => 'inline',
'Content-Type' => 'text/plain',
]; ];
return Storage::download('private_uploads/users/'.$log->filename, $log->filename, $headers); return Storage::download($file, $log->filename, $headers);
} }
return Storage::download('private_uploads/users/'.$log->filename); return Storage::download($file);
} }
return redirect()->route('users.index')->with('error', trans('admin/users/message.log_record_not_found')); return redirect()->route('users.index')->with('error', trans('admin/users/message.log_record_not_found'));