2e24a40d68
- Fix: Notifiable-Trait zum User-Model hinzugefuegt (behebt notify()-500er) - Installer: SMTP-Verbindungstest mit EsmtpTransport + Ueberspringen-Link - Admin: Neuer E-Mail-Tab mit SMTP-Konfiguration + Verbindungstest - Admin: Lazy Quill-Initialisierung (nur sichtbare Locale wird geladen) - Uebersetzungen: 17 neue Mail-Keys in allen 6 Sprachen Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
84 lines
2.9 KiB
PHP
84 lines
2.9 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Admin;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Models\ActivityLog;
|
|
use App\Models\File;
|
|
use App\Models\FileCategory;
|
|
use Illuminate\Http\RedirectResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Storage;
|
|
use Illuminate\Support\Str;
|
|
use Illuminate\View\View;
|
|
|
|
class FileController extends Controller
|
|
{
|
|
public function index(Request $request): View
|
|
{
|
|
$categories = FileCategory::ordered()->withCount('files')->get();
|
|
$activeCategory = $request->query('category');
|
|
|
|
$query = File::with(['category', 'uploader'])->latest();
|
|
|
|
if ($activeCategory) {
|
|
$query->whereHas('category', fn ($q) => $q->where('slug', $activeCategory));
|
|
}
|
|
|
|
$files = $query->paginate(25)->withQueryString();
|
|
|
|
return view('admin.files.index', compact('categories', 'files', 'activeCategory'));
|
|
}
|
|
|
|
public function create(): View
|
|
{
|
|
$categories = FileCategory::active()->ordered()->get();
|
|
return view('admin.files.create', compact('categories'));
|
|
}
|
|
|
|
public function store(Request $request): RedirectResponse
|
|
{
|
|
$request->validate([
|
|
'file' => ['required', 'file', 'max:10240', 'mimes:pdf,docx,xlsx,jpg,jpeg,png,gif,webp'],
|
|
'file_category_id' => ['required', 'exists:file_categories,id'],
|
|
]);
|
|
|
|
$uploadedFile = $request->file('file');
|
|
$extension = $uploadedFile->guessExtension();
|
|
$storedName = Str::uuid() . '.' . $extension;
|
|
|
|
Storage::disk('local')->putFileAs('files', $uploadedFile, $storedName);
|
|
|
|
$file = new File([
|
|
'file_category_id' => $request->file_category_id,
|
|
'original_name' => $uploadedFile->getClientOriginalName(),
|
|
'mime_type' => $uploadedFile->getClientMimeType(),
|
|
'size' => $uploadedFile->getSize(),
|
|
]);
|
|
$file->stored_name = $storedName;
|
|
$file->disk = 'private';
|
|
$file->uploaded_by = auth()->id();
|
|
$file->save();
|
|
|
|
ActivityLog::logWithChanges('uploaded', __('admin.log_file_uploaded', ['name' => $file->original_name]), 'File', $file->id, null, ['name' => $file->original_name, 'category' => $file->category->name ?? '']);
|
|
|
|
return redirect()->route('admin.files.index')
|
|
->with('success', __('admin.file_uploaded'));
|
|
}
|
|
|
|
public function destroy(File $file): RedirectResponse
|
|
{
|
|
// Path-Traversal-Schutz (V15)
|
|
if (str_contains($file->stored_name, '..') || str_contains($file->stored_name, '/')) {
|
|
abort(403);
|
|
}
|
|
|
|
ActivityLog::logWithChanges('deleted', __('admin.log_file_deleted', ['name' => $file->original_name]), 'File', $file->id, ['name' => $file->original_name, 'category' => $file->category->name ?? ''], null);
|
|
|
|
Storage::disk('local')->delete('files/' . $file->stored_name);
|
|
$file->delete();
|
|
|
|
return back()->with('success', __('admin.file_deleted'));
|
|
}
|
|
}
|