] */ class AssetFilesController extends Controller { /** * Accepts a POST to upload a file to the server. * * @param \App\Http\Requests\UploadFileRequest $request * @param int $assetId * @return \Illuminate\Http\JsonResponse * @throws \Illuminate\Auth\Access\AuthorizationException * @since [v6.0] * @author [T. Scarsbrook] [] */ public function store(UploadFileRequest $request, $assetId = null) { if (! $asset = Asset::find($assetId)) { return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 500); } $this->authorize('update', $asset); if ($request->hasFile('file')) { if (! Storage::exists('private_uploads/assets')) { Storage::makeDirectory('private_uploads/assets', 775); } foreach ($request->file('file') as $file) { $file_name = $request->handleFile('private_uploads/assets/','hardware-'.$asset->id, $file); $asset->logUpload($file_name, e($request->get('notes'))); } return response()->json(Helper::formatStandardApiResponse('success', $asset, trans('admin/hardware/message.upload.success'))); } return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.upload.nofiles')), 500); } /** * List the files for an asset. * * @param int $assetId * @return \Illuminate\Http\JsonResponse * @throws \Illuminate\Auth\Access\AuthorizationException * @since [v6.0] * @author [T. Scarsbrook] [] */ public function list($assetId = null) { if (! $asset = Asset::find($assetId)) { return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 500); } // the asset is valid if (isset($asset->id)) { $this->authorize('view', $asset); if ($asset->uploads->count() > 0) { $files = array(); foreach ($asset->uploads as $upload) { array_push($files, $upload); } return response()->json(Helper::formatStandardApiResponse('success', $files, trans('admin/hardware/message.upload.success'))); } return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.no_match', ['id' => $fileId])), 500); } // Send back an error message return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error', ['id' => $fileId])), 500); } /** * Check for permissions and display the file. * * @param int $assetId * @param int $fileId * @return \Illuminate\Http\JsonResponse * @throws \Illuminate\Auth\Access\AuthorizationException * @since [v6.0] * @author [T. Scarsbrook] [] */ public function show($assetId = null, $fileId = null) { if (! $asset = Asset::find($assetId)) { return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 500); } // the asset is valid if (isset($asset->id)) { $this->authorize('view', $asset); if (! $log = Actionlog::whereNotNull('filename')->where('item_id', $asset->id)->find($fileId)) { return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.no_match', ['id' => $fileId])), 500); } $file = 'private_uploads/assets/'.$log->filename; \Log::debug('Checking for '.$file); if ($log->action_type == 'audit') { $file = 'private_uploads/audits/'.$log->filename; } if (! Storage::exists($file)) { return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.does_not_exist', ['id' => $fileId])), 404); } if (request('inline') == 'true') { $headers = [ 'Content-Disposition' => 'inline', ]; return Storage::download($file, $log->filename, $headers); } return StorageHelper::downloader($file); } // Send back an error message return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.download.error', ['id' => $fileId])), 500); } /** * Delete the associated file * * @param int $assetId * @param int $fileId * @return \Illuminate\Http\JsonResponse * @throws \Illuminate\Auth\Access\AuthorizationException * @since [v6.0] * @author [T. Scarsbrook] [] */ public function destroy($assetId = null, $fileId = null) { if (! $asset = Asset::find($assetId)) { return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.does_not_exist')), 500); } $rel_path = 'private_uploads/assets'; // the asset is valid if (isset($asset->id)) { $this->authorize('update', $asset); $log = Actionlog::find($fileId); if ($log) { if (Storage::exists($rel_path.'/'.$log->filename)) { Storage::delete($rel_path.'/'.$log->filename); } $log->delete(); return response()->json(Helper::formatStandardApiResponse('success', null, trans('admin/hardware/message.deletefile.success')), 200); } return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500); } return response()->json(Helper::formatStandardApiResponse('error', null, trans('admin/hardware/message.deletefile.error')), 500); } }