mirror of
https://github.com/snipe/snipe-it.git
synced 2024-11-13 17:14:10 -08:00
e27065fe16
Signed-off-by: snipe <snipe@snipe.net> # Conflicts: # .all-contributorsrc # README.md # app/Console/Commands/ResetDemoSettings.php # app/Helpers/Helper.php # app/Http/Controllers/Api/AccessoriesController.php # app/Http/Controllers/Api/AssetsController.php # app/Http/Controllers/Api/CategoriesController.php # app/Http/Controllers/Api/ComponentsController.php # app/Http/Controllers/Api/ConsumablesController.php # app/Http/Controllers/Api/LocationsController.php # app/Http/Controllers/Api/StatuslabelsController.php # app/Http/Controllers/Api/SuppliersController.php # app/Http/Controllers/AssetMaintenancesController.php # app/Http/Controllers/Auth/ForgotPasswordController.php # app/Http/Controllers/DepreciationsController.php # app/Http/Controllers/ReportsController.php # app/Http/Controllers/SettingsController.php # app/Http/Requests/ImageUploadRequest.php # app/Http/Transformers/ActionlogsTransformer.php # app/Http/Transformers/DepreciationsTransformer.php # app/Listeners/CheckoutableListener.php # app/Models/Accessory.php # app/Models/Asset.php # app/Models/Company.php # app/Models/Ldap.php # app/Models/User.php # app/Presenters/AssetPresenter.php # app/Presenters/CategoryPresenter.php # composer.json # composer.lock # config/version.php # database/factories/AssetModelFactory.php # database/migrations/2020_10_22_233743_move_accessory_checkout_note_to_join_table.php # database/seeds/AssetModelSeeder.php # package-lock.json # public/css/build/AdminLTE.css # public/css/build/app.css # public/css/build/overrides.css # public/css/dist/all.css # public/css/dist/bootstrap-table.css # public/css/dist/skins/skin-black-dark.css # public/css/dist/skins/skin-black-dark.min.css # public/css/dist/skins/skin-black.css # public/css/dist/skins/skin-black.min.css # public/css/dist/skins/skin-blue-dark.css # public/css/dist/skins/skin-blue-dark.min.css # public/css/dist/skins/skin-blue.css # public/css/dist/skins/skin-blue.min.css # public/css/dist/skins/skin-contrast.css # public/css/dist/skins/skin-contrast.min.css # public/css/dist/skins/skin-green-dark.css # public/css/dist/skins/skin-green-dark.min.css # public/css/dist/skins/skin-green.css # public/css/dist/skins/skin-green.min.css # public/css/dist/skins/skin-orange-dark.css # public/css/dist/skins/skin-orange-dark.min.css # public/css/dist/skins/skin-orange.css # public/css/dist/skins/skin-orange.min.css # public/css/dist/skins/skin-purple-dark.css # public/css/dist/skins/skin-purple-dark.min.css # public/css/dist/skins/skin-purple.css # public/css/dist/skins/skin-purple.min.css # public/css/dist/skins/skin-red-dark.css # public/css/dist/skins/skin-red-dark.min.css # public/css/dist/skins/skin-red.css # public/css/dist/skins/skin-red.min.css # public/css/dist/skins/skin-yellow-dark.css # public/css/dist/skins/skin-yellow-dark.min.css # public/css/dist/skins/skin-yellow.css # public/css/dist/skins/skin-yellow.min.css # public/js/build/app.js # public/js/build/vendor.js # public/js/dist/all.js # public/js/dist/bootstrap-table.js # public/mix-manifest.json # resources/assets/js/vue.js # resources/lang/af/validation.php # resources/lang/ar/admin/settings/general.php # resources/lang/ar/validation.php # resources/lang/bg/admin/settings/general.php # resources/lang/bg/validation.php # resources/lang/cs/admin/settings/general.php # resources/lang/cs/validation.php # resources/lang/cy/help.php # resources/lang/cy/validation.php # resources/lang/da/admin/settings/general.php # resources/lang/da/validation.php # resources/lang/de/admin/settings/general.php # resources/lang/de/validation.php # resources/lang/el/validation.php # resources/lang/en-GB/admin/settings/general.php # resources/lang/en-GB/validation.php # resources/lang/en-ID/admin/hardware/table.php # resources/lang/en-ID/admin/settings/general.php # resources/lang/en-ID/validation.php # resources/lang/es-CO/admin/settings/general.php # resources/lang/es-CO/auth/message.php # resources/lang/es-CO/button.php # resources/lang/es-CO/help.php # resources/lang/es-CO/validation.php # resources/lang/es-ES/admin/settings/general.php # resources/lang/es-ES/auth/message.php # resources/lang/es-ES/button.php # resources/lang/es-ES/help.php # resources/lang/es-ES/validation.php # resources/lang/es-MX/admin/settings/general.php # resources/lang/es-MX/validation.php # resources/lang/es-VE/admin/settings/general.php # resources/lang/es-VE/auth/message.php # resources/lang/es-VE/button.php # resources/lang/es-VE/help.php # resources/lang/es-VE/validation.php # resources/lang/et/validation.php # resources/lang/fa/validation.php # resources/lang/fi/admin/settings/general.php # resources/lang/fi/validation.php # resources/lang/fil/validation.php # resources/lang/fr/admin/settings/general.php # resources/lang/fr/validation.php # resources/lang/ga-IE/validation.php # resources/lang/he/admin/settings/general.php # resources/lang/he/general.php # resources/lang/he/validation.php # resources/lang/hr/validation.php # resources/lang/hu/validation.php # resources/lang/id/validation.php # resources/lang/is/admin/categories/general.php # resources/lang/is/admin/companies/message.php # resources/lang/is/admin/companies/table.php # resources/lang/is/admin/components/general.php # resources/lang/is/admin/components/table.php # resources/lang/is/admin/consumables/table.php # resources/lang/is/admin/depreciations/general.php # resources/lang/is/admin/depreciations/message.php # resources/lang/is/admin/hardware/form.php # resources/lang/is/admin/hardware/general.php # resources/lang/is/admin/hardware/message.php # resources/lang/is/admin/hardware/table.php # resources/lang/is/admin/kits/general.php # resources/lang/is/admin/licenses/form.php # resources/lang/is/admin/licenses/general.php # resources/lang/is/admin/locations/table.php # resources/lang/is/admin/manufacturers/table.php # resources/lang/is/admin/reports/message.php # resources/lang/is/admin/settings/general.php # resources/lang/is/admin/settings/message.php # resources/lang/is/admin/statuslabels/message.php # resources/lang/is/admin/suppliers/message.php # resources/lang/is/admin/suppliers/table.php # resources/lang/is/admin/users/table.php # resources/lang/is/mail.php # resources/lang/is/validation.php # resources/lang/it/admin/settings/general.php # resources/lang/it/validation.php # resources/lang/iu/validation.php # resources/lang/ja/mail.php # resources/lang/ja/validation.php # resources/lang/ko/validation.php # resources/lang/lt/validation.php # resources/lang/lv/validation.php # resources/lang/mi/validation.php # resources/lang/mk/validation.php # resources/lang/ml-IN/validation.php # resources/lang/mn/validation.php # resources/lang/ms/validation.php # resources/lang/nl/admin/settings/general.php # resources/lang/nl/validation.php # resources/lang/no/validation.php # resources/lang/pl/admin/settings/general.php # resources/lang/pl/validation.php # resources/lang/pt-BR/admin/settings/general.php # resources/lang/pt-BR/mail.php # resources/lang/pt-BR/validation.php # resources/lang/pt-PT/validation.php # resources/lang/ro/validation.php # resources/lang/ru/validation.php # resources/lang/sl/validation.php # resources/lang/sr-CS/admin/settings/general.php # resources/lang/sr-CS/validation.php # resources/lang/sv-SE/admin/settings/general.php # resources/lang/sv-SE/auth/message.php # resources/lang/sv-SE/button.php # resources/lang/sv-SE/mail.php # resources/lang/sv-SE/validation.php # resources/lang/ta/validation.php # resources/lang/th/validation.php # resources/lang/tl/validation.php # resources/lang/tr/mail.php # resources/lang/tr/validation.php # resources/lang/uk/admin/accessories/table.php # resources/lang/uk/admin/asset_maintenances/message.php # resources/lang/uk/admin/asset_maintenances/table.php # resources/lang/uk/validation.php # resources/lang/ur-PK/validation.php # resources/lang/vi/admin/settings/general.php # resources/lang/vi/validation.php # resources/lang/zh-CN/admin/settings/general.php # resources/lang/zh-CN/validation.php # resources/lang/zh-HK/validation.php # resources/lang/zh-TW/validation.php # resources/lang/zu/validation.php # resources/views/partials/bootstrap-table.blade.php # resources/views/partials/forms/edit/company-select.blade.php # routes/api.php
185 lines
6.6 KiB
PHP
185 lines
6.6 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Requests;
|
|
|
|
use App\Models\SnipeModel;
|
|
use enshrined\svgSanitize\Sanitizer;
|
|
use Intervention\Image\Facades\Image;
|
|
use App\Http\Traits\ConvertsBase64ToFiles;
|
|
use Illuminate\Http\UploadedFile;
|
|
use Storage;
|
|
|
|
class ImageUploadRequest extends Request
|
|
{
|
|
use ConvertsBase64ToFiles;
|
|
|
|
/**
|
|
* Determine if the user is authorized to make this request.
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function authorize()
|
|
{
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Get the validation rules that apply to the request.
|
|
*
|
|
* @return array
|
|
*/
|
|
public function rules()
|
|
{
|
|
|
|
return [
|
|
'image' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
|
|
'avatar' => 'mimes:png,gif,jpg,jpeg,svg,bmp,svg+xml,webp',
|
|
];
|
|
}
|
|
|
|
public function response(array $errors)
|
|
{
|
|
return $this->redirector->back()->withInput()->withErrors($errors, $this->errorBag);
|
|
}
|
|
|
|
/**
|
|
* Fields that should be traited from base64 to files
|
|
*/
|
|
protected function base64FileKeys(): array
|
|
{
|
|
/**
|
|
* image_source is here just legacy reasons. Api\AssetController
|
|
* had it once to allow encoded image uploads.
|
|
*/
|
|
return [
|
|
'image' => 'auto',
|
|
'image_source' => 'auto'
|
|
];
|
|
}
|
|
|
|
/**
|
|
* Handle and store any images attached to request
|
|
* @param SnipeModel $item Item the image is associated with
|
|
* @param string $path location for uploaded images, defaults to uploads/plural of item type.
|
|
* @return SnipeModel Target asset is being checked out to.
|
|
*/
|
|
public function handleImages($item, $w = 600, $form_fieldname = null, $path = null, $db_fieldname = 'image')
|
|
{
|
|
$type = strtolower(class_basename(get_class($item)));
|
|
|
|
if (is_null($path)) {
|
|
$path = str_plural($type);
|
|
|
|
if ($type == 'assetmodel') {
|
|
$path = 'models';
|
|
}
|
|
|
|
if ($type == 'user') {
|
|
$path = 'avatars';
|
|
}
|
|
}
|
|
|
|
if (is_null($form_fieldname)) {
|
|
$form_fieldname = 'image';
|
|
}
|
|
|
|
// This is dumb, but we need it for overriding field names for exceptions like avatars and logo uploads
|
|
if (is_null($db_fieldname)) {
|
|
$use_db_field = $form_fieldname;
|
|
} else {
|
|
$use_db_field = $db_fieldname;
|
|
}
|
|
|
|
\Log::info('Image path is: '.$path);
|
|
\Log::debug('Type is: '.$type);
|
|
\Log::debug('Form fieldname is: '.$form_fieldname);
|
|
\Log::debug('DB fieldname is: '.$use_db_field);
|
|
\Log::debug('Trying to upload to '. $path);
|
|
|
|
// ConvertBase64ToFiles just changes object type,
|
|
// as it cannot currently insert files to $this->files
|
|
if ($this->offsetGet($form_fieldname) instanceof UploadedFile) {
|
|
$image=$this->offsetGet($form_fieldname);
|
|
} else {
|
|
if ($this->hasFile($form_fieldname)) {
|
|
$image = $this->file($form_fieldname);
|
|
}
|
|
}
|
|
|
|
if (isset($image)) {
|
|
\Log::debug($image);
|
|
|
|
if (!config('app.lock_passwords')) {
|
|
|
|
$ext = $image->getClientOriginalExtension();
|
|
$file_name = $type.'-'.$form_fieldname.'-'.str_random(10).'.'.$ext;
|
|
|
|
\Log::info('File name will be: '.$file_name);
|
|
\Log::debug('File extension is: '.$ext);
|
|
|
|
if (($image->getClientOriginalExtension() !== 'webp') && ($image->getClientOriginalExtension() !== 'svg')) {
|
|
\Log::debug('Not an SVG or webp - resize');
|
|
\Log::debug('Trying to upload to: '.$path.'/'.$file_name);
|
|
$upload = Image::make($image->getRealPath())->resize(null, $w, function ($constraint) {
|
|
$constraint->aspectRatio();
|
|
$constraint->upsize();
|
|
});
|
|
|
|
// This requires a string instead of an object, so we use ($string)
|
|
Storage::disk('public')->put($path.'/'.$file_name, (string) $upload->encode());
|
|
} else {
|
|
// If the file is a webp, we need to just move it since webp support
|
|
// needs to be compiled into gd for resizing to be available
|
|
if ($image->getClientOriginalExtension() == 'webp') {
|
|
\Log::debug('This is a webp, just move it');
|
|
Storage::disk('public')->put($path.'/'.$file_name, file_get_contents($image));
|
|
// If the file is an SVG, we need to clean it and NOT encode it
|
|
} else {
|
|
\Log::debug('This is an SVG');
|
|
$sanitizer = new Sanitizer();
|
|
$dirtySVG = file_get_contents($image->getRealPath());
|
|
$cleanSVG = $sanitizer->sanitize($dirtySVG);
|
|
|
|
try {
|
|
\Log::debug('Trying to upload to: '.$path.'/'.$file_name);
|
|
Storage::disk('public')->put($path.'/'.$file_name, $cleanSVG);
|
|
} catch (\Exception $e) {
|
|
\Log::debug('Upload no workie :( ');
|
|
\Log::debug($e);
|
|
}
|
|
}
|
|
}
|
|
|
|
// Remove Current image if exists
|
|
if (Storage::disk('public')->exists($path.'/'.$item->{$use_db_field})) {
|
|
\Log::debug('A file already exists that we are replacing - we should delete the old one.');
|
|
try {
|
|
Storage::disk('public')->delete($path.'/'.$item->{$use_db_field});
|
|
\Log::debug('Old file '.$path.'/'.$file_name.' has been deleted.');
|
|
} catch (\Exception $e) {
|
|
\Log::debug('Could not delete old file. '.$path.'/'.$file_name.' does not exist?');
|
|
}
|
|
}
|
|
|
|
$item->{$use_db_field} = $file_name;
|
|
}
|
|
|
|
// If the user isn't uploading anything new but wants to delete their old image, do so
|
|
} else {
|
|
\Log::debug('No file passed for '.$form_fieldname);
|
|
if ($this->input('image_delete') == '1') {
|
|
\Log::debug('Deleting image');
|
|
try {
|
|
Storage::disk('public')->delete($path.'/'.$item->{$use_db_field});
|
|
$item->{$use_db_field} = null;
|
|
} catch (\Exception $e) {
|
|
\Log::debug($e);
|
|
}
|
|
}
|
|
}
|
|
|
|
return $item;
|
|
}
|
|
|
|
}
|