[NF] - docstore file

bcix · Feb 17, 2020 · 4e2dfe6 · 4e2dfe6
1 parent 3b6622c
commit 4e2dfe6
Show file tree

Hide file tree

Showing 17 changed files with 110,463 additions and 273 deletions.
diff --git a/app/Http/Controllers/Docstore/FileController.php b/app/Http/Controllers/Docstore/FileController.php
@@ -23,18 +23,128 @@
  * http://www.gnu.org/licenses/gpl-2.0.html
  */
 
-use Illuminate\Http\Request;
+use Former;
+use Illuminate\Http\{
+    RedirectResponse,
+    Request
+};
 
+use Illuminate\View\View;
 use IXP\Http\Controllers\Controller;
 
-use IXP\Models\{
-    DocstoreFile, DocstoreLog
+use IXP\Models\{DocstoreDirectory, DocstoreFile, DocstoreLog, User};
+
+use IXP\Utils\View\Alert\{
+    Alert,
+    Container as AlertContainer
 };
 
 use Storage;
 
 class FileController extends Controller
 {
+    /**
+     * Create a new docstore file
+     *
+     * @param Request $request
+     *
+     * @return View
+     *
+     * @throws
+     */
+    public function create( Request $request )
+    {
+        $this->authorize( 'create', DocstoreFile::class );
+
+        return view( 'docstore/file/create', [
+            'file'          => false,
+            'dirs'          => DocstoreDirectory::getListingForDropdown( DocstoreDirectory::getListing( null, $request->user() )  ),
+        ] );
+    }
+
+    /**
+     * Edit a docstore file
+     *
+     * @param Request           $request
+     * @param DocstoreFile      $file
+     *
+     * @return View
+     *
+     * @throws
+     */
+    public function edit( Request $request , DocstoreFile $file ): View
+    {
+        $this->authorize( 'update', $file );
+
+        Former::populate([
+            'name'                  => $request->old( 'name',           $file->name         ),
+            'description'           => $request->old( 'descripton',     $file->description  ),
+            'min_privs'             => $request->old( 'min_privs',      $file->min_privs    ),
+            'docstore_directory_id' => $request->old( 'docstore_directory_id',$file->docstore_directory_id ?? '' ),
+        ]);
+
+        return view( 'docstore/file/create', [
+            'file'                      => $file,
+            'dirs'                      => DocstoreDirectory::getListingForDropdown( DocstoreDirectory::getListing( null, $request->user() ) )
+        ] );
+    }
+
+    /**
+     * Store a docstore file
+     *
+     * @param Request $request
+     *
+     * @return RedirectResponse
+     *
+     * @throws
+     */
+    public function store( Request $request ): RedirectResponse
+    {
+        $this->authorize( 'create', DocstoreFile::class );
+
+        $this->checkForm( $request, false );
+
+        $path = $request->file('uploadedFile')[ 0 ]->store( '', 'docstore' );
+
+        $file = DocstoreFile::create( [
+            'name'                  => $request->name,
+            'description'           => $request->description,
+            'docstore_directory_id' => $request->docstore_directory_id,
+            'min_privs'             => $request->min_privs,
+            'path'                  => $path
+        ] );
+
+        AlertContainer::push( "File <em>{$request->name}</em> created.", Alert::SUCCESS );
+        return redirect( route( 'docstore-dir@list', [ 'dir' => $file->docstore_directory_id ] ) );
+    }
+
+    /**
+     * Update a docstore file
+     *
+     * @param Request $request
+     * @param DocstoreFile $file
+     *
+     * @return RedirectResponse
+     *
+     * @throws
+     */
+    public function update( Request $request , DocstoreFile $file ): RedirectResponse
+    {
+        $this->authorize( 'update', $file );
+
+        $this->checkForm( $request, $file );
+
+        $file->update( [
+            'name'                  => $request->name,
+            'description'           => $request->description,
+            'docstore_directory_id' => $request->docstore_directory_id,
+            'min_privs'             => $request->min_privs,
+        ] );
+
+        AlertContainer::push( "File <em>{$request->name}</em> updated.", Alert::SUCCESS );
+        return redirect( route( 'docstore-dir@list', [ 'dir' => $file->docstore_directory_id ] ) );
+    }
+
     /**
      * Download a docstore file
      *
@@ -55,4 +165,58 @@ public function download( Request $request, DocstoreFile $file )
 
         return Storage::disk( $file->disk )->download( $file->path, $file->name );
     }
+
+    /**
+     * Delete a file
+     *
+     * @param Request $request
+     *
+     * @param DocstoreFile $file
+     * @return RedirectResponse
+     *
+     * @throws
+     */
+    public function delete( Request $request , DocstoreFile $file ): RedirectResponse
+    {
+        $this->authorize( 'delete', $file );
+
+        $dir = $file->docstore_directory_id;
+
+        Storage::disk($file->disk )->delete($file->path );
+
+        $file->logs()->delete();
+
+        $file->delete();
+
+        AlertContainer::push( "File <em>{$request->name}</em> deleted.", Alert::SUCCESS );
+        return redirect( route( 'docstore-dir@list', [ 'dir' => $dir ] ) );
+    }
+
+    /**
+     * Check if the form is valid
+     *
+     * @param Request $request
+     * @param DocstoreFile $file
+     */
+    private function checkForm( Request $request, DocstoreFile $file )
+    {
+        // Display a message as the input file is hidden
+        if( !$file && !$request->uploadedFile ){
+            AlertContainer::push( "You need to upload a file.", Alert::DANGER );
+        }
+
+        $request->validate( [
+            'name'          => 'required|max:100',
+            'description'   => 'nullable',
+            'uploadedFile'  => ( $file ? 'nullable' : 'required'),
+            'min_privs'     => 'required|integer|in:' . implode( ',', array_keys( User::$PRIVILEGES_TEXT_ALL ) ),
+            'docstore_directory_id' => [ 'nullable', 'integer',
+                function ($attribute, $value, $fail) {
+                    if( !DocstoreDirectory::where( 'id', $value )->exists() ) {
+                        return $fail( $attribute.' is invalid.' );
+                    }
+                },
+            ]
+        ] );
+    }
 }
diff --git a/app/Models/DocstoreFile.php b/app/Models/DocstoreFile.php
@@ -21,7 +21,7 @@
  * along with IXP Manager.  If not, see:
  *
  * http://www.gnu.org/licenses/gpl-2.0.html
- */
+*/
 
 use DB, Eloquent;
 
@@ -73,6 +73,13 @@
 class DocstoreFile extends Model
 {
 
+    /**
+     * The attributes that aren't mass assignable.
+     *
+     * @var array
+     */
+    protected $fillable = [ 'name', 'description', 'docstore_directory_id', 'path', 'min_privs',  ];
+
     /**
      * Get the directory that owns the file.
      */

diff --git a/app/Models/User.php b/app/Models/User.php
@@ -0,0 +1,126 @@
+<?php
+
+namespace IXP\Models;
+
+/*
+ * Copyright (C) 2009 - 2020 Internet Neutral Exchange Association Company Limited By Guarantee.
+ * All Rights Reserved.
+ *
+ * This file is part of IXP Manager.
+ *
+ * IXP Manager is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation, version v2.0 of the License.
+ *
+ * IXP Manager is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License v2.0
+ * along with IXP Manager.  If not, see:
+ *
+ * http://www.gnu.org/licenses/gpl-2.0.html
+ */
+
+use Eloquent;
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Carbon;
+
+/**
+ * IXP\Models\User
+ *
+ * @property int            $id
+ * @property int            $custid
+ * @property string|null    $username
+ * @property string|null    $password
+ * @property string|null    $email
+ * @property string|null    $authorisedMobile
+ * @property int|null       $uid
+ * @property int|null       $privs
+ * @property bool           $disabled
+ * @property Carbon|null    $lastupdated
+ * @property int|null       $lastupdatedby
+ * @property string|null    $creator
+ * @property Carbon|null    $created
+ * @property string|null    $name
+ * @property integer|null   $peeringdb_id
+ * @property json|null      $extra_attributes
+ * @method static Builder|User newModelQuery()
+ * @method static Builder|User newQuery()
+ * @method static Builder|User query()
+ * @method static Builder|User whereId($value)
+ * @method static Builder|User whereCustId($value)
+ * @method static Builder|User whereUsername($value)
+ * @method static Builder|User wherePassword($value)
+ * @method static Builder|User whereEmail($value)
+ * @method static Builder|User whereAuthorisedMobile($value)
+ * @method static Builder|User whereUid($value)
+ * @method static Builder|User wherePrivs($value)
+ * @method static Builder|User whereDisabled($value)
+ * @method static Builder|User whereLastUpdated($value)
+ * @method static Builder|User whereLastUpdatedBy($value)
+ * @method static Builder|User whereCreator($value)
+ * @method static Builder|User whereCreated($value)
+ * @method static Builder|User whereName($value)
+ * @method static Builder|User wherePeeringdbId($value)
+ * @method static Builder|User whereExtraAttributes($value)
+ * @mixin Eloquent
+ */
+class User extends Model
+{
+    /**
+     * The table associated with the model.
+     *
+     * @var string
+     */
+    protected $table = 'user';
+
+    /**
+     * The storage format of the model's date columns.
+     *
+     * @var string
+     */
+    protected $dateFormat = 'Y-m-d';
+
+    const AUTH_PUBLIC    = 0;
+    const AUTH_CUSTUSER  = 1;
+    const AUTH_CUSTADMIN = 2;
+    const AUTH_SUPERUSER = 3;
+
+    public static $PRIVILEGES = array(
+        User::AUTH_CUSTUSER  => 'CUSTUSER',
+        User::AUTH_CUSTADMIN => 'CUSTADMIN',
+        User::AUTH_SUPERUSER => 'SUPERUSER',
+    );
+
+    public static $PRIVILEGES_ALL = array(
+        User::AUTH_PUBLIC    => 'PUBLIC',
+        User::AUTH_CUSTUSER  => 'CUSTUSER',
+        User::AUTH_CUSTADMIN => 'CUSTADMIN',
+        User::AUTH_SUPERUSER => 'SUPERUSER',
+    );
+
+    public static $PRIVILEGES_TEXT = array(
+        User::AUTH_CUSTUSER  => 'Customer User',
+        User::AUTH_CUSTADMIN => 'Customer Administrator',
+        User::AUTH_SUPERUSER => 'Superuser',
+    );
+
+    public static $PRIVILEGES_TEXT_ALL = array(
+        User::AUTH_PUBLIC    => 'Public / Non-User',
+        User::AUTH_CUSTUSER  => 'Customer User',
+        User::AUTH_CUSTADMIN => 'Customer Administrator',
+        User::AUTH_SUPERUSER => 'Superuser',
+    );
+
+    /**
+     * Get the customer
+     */
+    public function customer()
+    {
+        return $this->belongsTo('IXP\Models\Customer', 'custid');
+    }
+
+}
diff --git a/app/Policies/DocstoreFilePolicy.php b/app/Policies/DocstoreFilePolicy.php
@@ -66,7 +66,7 @@ public function view( ?UserEntity $user, DocstoreFile $docstoreFile )
      */
     public function create( UserEntity $user )
     {
-        //
+        return $user->isSuperUser();
     }
 
     /**
@@ -79,7 +79,7 @@ public function create( UserEntity $user )
      */
     public function update( UserEntity $user, DocstoreFile $docstoreFile )
     {
-        //
+        return $user->isSuperUser() || $docstoreFile->exists;
     }
 
     /**
@@ -92,7 +92,7 @@ public function update( UserEntity $user, DocstoreFile $docstoreFile )
      */
     public function delete( UserEntity $user, DocstoreFile $docstoreFile )
     {
-        //
+        return $user->isSuperUser();
     }
 
     /**