fixed #226
This commit is contained in:
denisdulici
parent
09e66c52cd
commit
b19b3c378d
@ -4,17 +4,16 @@ namespace App\Http\Controllers\Common;
|
|||||||
|
|
||||||
use App\Http\Controllers\Controller;
|
use App\Http\Controllers\Controller;
|
||||||
use App\Models\Common\Media;
|
use App\Models\Common\Media;
|
||||||
use Storage;
|
|
||||||
use File;
|
use File;
|
||||||
|
use Storage;
|
||||||
|
|
||||||
class Uploads extends Controller
|
class Uploads extends Controller
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* Get the specified resource.
|
* Get the specified resource.
|
||||||
*
|
*
|
||||||
* @param $folder
|
* @param $id
|
||||||
* @param $file
|
* @return mixed
|
||||||
* @return boolean|Response
|
|
||||||
*/
|
*/
|
||||||
public function get($id)
|
public function get($id)
|
||||||
{
|
{
|
||||||
@ -31,9 +30,8 @@ class Uploads extends Controller
|
|||||||
/**
|
/**
|
||||||
* Download the specified resource.
|
* Download the specified resource.
|
||||||
*
|
*
|
||||||
* @param $folder
|
* @param $id
|
||||||
* @param $file
|
* @return mixed
|
||||||
* @return boolean|Response
|
|
||||||
*/
|
*/
|
||||||
public function download($id)
|
public function download($id)
|
||||||
{
|
{
|
||||||
@ -50,8 +48,7 @@ class Uploads extends Controller
|
|||||||
/**
|
/**
|
||||||
* Destroy the specified resource.
|
* Destroy the specified resource.
|
||||||
*
|
*
|
||||||
* @param $folder
|
* @param $id
|
||||||
* @param $file
|
|
||||||
* @return callable
|
* @return callable
|
||||||
*/
|
*/
|
||||||
public function destroy($id)
|
public function destroy($id)
|
||||||
@ -77,8 +74,7 @@ class Uploads extends Controller
|
|||||||
/**
|
/**
|
||||||
* Get the full path of resource.
|
* Get the full path of resource.
|
||||||
*
|
*
|
||||||
* @param $folder
|
* @param $media
|
||||||
* @param $file
|
|
||||||
* @return boolean|string
|
* @return boolean|string
|
||||||
*/
|
*/
|
||||||
protected function getPath($media)
|
protected function getPath($media)
|
||||||
@ -86,6 +82,13 @@ class Uploads extends Controller
|
|||||||
$path = $media->basename;
|
$path = $media->basename;
|
||||||
|
|
||||||
if (!empty($media->directory)) {
|
if (!empty($media->directory)) {
|
||||||
|
$folders = explode('/', $media->directory);
|
||||||
|
|
||||||
|
// Check if company can access media
|
||||||
|
if ($folders[0] != session('company_id')) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$path = $media->directory . '/' . $media->basename;
|
$path = $media->directory . '/' . $media->basename;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user