HEX
Server: LiteSpeed
System: Linux s1049.use1.mysecurecloudhost.com 4.18.0-477.27.2.lve.el8.x86_64 #1 SMP Wed Oct 11 12:32:56 UTC 2023 x86_64
User: xedaptot (3356)
PHP: 8.3.31
Disabled: NONE
Upload Files
File: /home/xedaptot/ai.naniguide.com/app/Http/Controllers/Api/FileManagerApiController.php
<?php

namespace App\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use App\Library\Assets\AssetManagerInterface;
use App\Library\Assets\AssetRepositoryInterface;
use App\Library\Assets\CustomerAssetManager;
use App\Model\Customer;
use App\Model\User;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;

/**
 * Backend for the scalable-filemanager library's /api/v1/filemanager/* contract.
 * See /home/nghi/scalable-filemanager/README.md → "Backend contract".
 */
class FileManagerApiController extends Controller
{
    public function list(Request $request): JsonResponse
    {
        $manager = $this->resolveManager($request);

        $result = $manager->list([
            'path'    => $request->input('path'),
            'search'  => $request->input('search'),
            'kind'    => $request->input('kind'),
            'sort'    => $request->input('sort'),
            'order'   => $request->input('order'),
            'page'    => (int) $request->input('page', 1),
            'perPage' => (int) $request->input('per_page', 50),
        ]);

        return response()->json([
            'success' => true,
            'data'    => [
                'items'       => array_map(fn ($e) => $e->toArray(), $result['items']),
                'breadcrumbs' => $result['breadcrumbs'] ?? [['label' => 'Home', 'path' => '', 'isCurrent' => true]],
                'total'       => $result['total'],
                'page'        => $result['page'],
                'perPage'     => $result['perPage'],
                'currentPath' => $result['currentPath'] ?? '',
            ],
        ]);
    }

    public function upload(Request $request): JsonResponse
    {
        $request->validate([
            'file' => 'required|file|max:10240',
        ]);

        $manager = $this->resolveManager($request);
        $entry   = $manager->upload($request->file('file'), $request->input('path'));

        return response()->json([
            'success' => true,
            'data'    => $entry->toArray(),
        ]);
    }

    public function delete(Request $request): JsonResponse
    {
        $request->validate(['id' => 'required|string']);

        $manager = $this->resolveManager($request);
        $manager->delete($request->input('id'));

        return response()->json(['success' => true]);
    }

    public function rename(Request $request): JsonResponse
    {
        $request->validate([
            'id'   => 'required|string',
            'name' => 'required|string|max:255',
        ]);

        $manager = $this->resolveManager($request);
        $entry   = $manager->rename($request->input('id'), $request->input('name'));

        return response()->json([
            'success' => true,
            'data'    => $entry->toArray(),
        ]);
    }

    public function view(Request $request)
    {
        $request->validate(['id' => 'required|string']);

        $manager = $this->resolveManager($request);
        $entry   = $manager->view($request->input('id'));

        if (!$entry->url) {
            abort(Response::HTTP_NOT_FOUND, 'No URL available for this entry');
        }

        return redirect($entry->url);
    }

    public function createFile(Request $request): JsonResponse
    {
        $request->validate([
            'name' => 'required|string|max:255',
        ]);

        $manager = $this->resolveManager($request);
        $entry   = $manager->createFile($request->input('name'), $request->input('path'));

        return response()->json([
            'success' => true,
            'data'    => $entry->toArray(),
        ]);
    }

    protected function resolveManager(Request $request): AssetManagerInterface
    {
        $user = \Auth::guard('api')->user();
        if (!$user instanceof User) {
            abort(Response::HTTP_UNAUTHORIZED, 'Unauthorized');
        }

        $scopeType = (string) $request->input('scope_type', 'customer');

        if ($scopeType !== 'customer') {
            abort(Response::HTTP_BAD_REQUEST, 'Unsupported scope_type');
        }

        $scopeId  = $request->input('scope_id');
        $customer = $user->customer()->first();
        if (!$customer instanceof Customer) {
            abort(Response::HTTP_FORBIDDEN, 'Authenticated user has no customer profile');
        }

        if ($scopeId !== null && (int) $scopeId !== (int) $customer->id) {
            abort(Response::HTTP_FORBIDDEN, 'scope_id mismatch');
        }

        return new CustomerAssetManager($customer, app(AssetRepositoryInterface::class));
    }
}