画像とPDF含めて、端的には「storageにある見るファイル」を「不要な人には表示しない」様に
このコミットが含まれているのは:
コミット
3b98515560
|
@ -143,8 +143,8 @@ class ChildrenController extends Controller {
|
|||
$telact = TelActivation::where('token', $r->token)->first();
|
||||
|
||||
$image = base64_decode(substr($r->image, strpos($r->image, ',') + 1));
|
||||
Storage::disk('public')->put($filename, $image);
|
||||
$insert['image'] = '/storage/'.$filename;
|
||||
Storage::disk('private')->put($filename, $image);
|
||||
$insert['image'] = '/files/'.$filename;
|
||||
|
||||
$child->fill($insert);
|
||||
$child->push();
|
||||
|
@ -157,7 +157,7 @@ class ChildrenController extends Controller {
|
|||
// 失敗
|
||||
Log::critical($e->getMessage());
|
||||
DB::rollback();
|
||||
Storage::disk('public')->delete($filename);
|
||||
Storage::disk('private')->delete($filename);
|
||||
return ['status_code' => 400, 'error_messages' => ['登録に失敗しました。']];
|
||||
}
|
||||
|
||||
|
@ -379,10 +379,10 @@ class ChildrenController extends Controller {
|
|||
|
||||
try {
|
||||
$image = base64_decode(substr($r->image, strpos($r->image, ',') + 1));
|
||||
Storage::disk('public')->put($filename, $image);
|
||||
Storage::disk('private')->put($filename, $image);
|
||||
|
||||
$update = [
|
||||
'image' => '/storage/'.$filename,
|
||||
'image' => '/files/'.$filename,
|
||||
];
|
||||
|
||||
Child::where('id', (int)$child_id)->update($update);
|
||||
|
@ -395,7 +395,7 @@ class ChildrenController extends Controller {
|
|||
} catch (\Throwable $e) {
|
||||
// 失敗
|
||||
Log::critical($e->getMessage());
|
||||
Storage::disk('public')->delete($filename);
|
||||
Storage::disk('private')->delete($filename);
|
||||
return ['status_code' => 400, 'error_messages' => ['画像の更新に失敗しました。']];
|
||||
}
|
||||
|
||||
|
|
|
@ -168,7 +168,7 @@ class FathersController extends Controller {
|
|||
$lastid = Father::select('id')->orderBy('id', 'desc')->first();
|
||||
$filename = $this->uuidv4() . '.'.$ext;
|
||||
$image = base64_decode(substr($r->image, strpos($r->image, ',') + 1));
|
||||
Storage::disk('public')->put($filename, $image);
|
||||
Storage::disk('private')->put($filename, $image);
|
||||
}
|
||||
|
||||
try {
|
||||
|
@ -179,7 +179,7 @@ class FathersController extends Controller {
|
|||
'email' => $get->email,
|
||||
'password' => $password,
|
||||
'company' => $r->company,
|
||||
'image' => !is_null($r->image) ? '/storage/'.$filename : '/assets/default/avatar.jpg',
|
||||
'image' => !is_null($r->image) ? '/files/'.$filename : '/assets/default/avatar.jpg',
|
||||
'profile' => $r->profile,
|
||||
'tel' => $r->tel,
|
||||
];
|
||||
|
@ -202,7 +202,7 @@ class FathersController extends Controller {
|
|||
// 本登録に失敗
|
||||
Log::critical($e->getMessage());
|
||||
DB::rollback();
|
||||
if (!is_null($r->image)) Storage::disk('public')->delete($filename);
|
||||
if (!is_null($r->image)) Storage::disk('private')->delete($filename);
|
||||
return ['status_code' => 400, 'error_messages' => ['本登録に失敗しました。']];
|
||||
}
|
||||
|
||||
|
@ -322,13 +322,13 @@ class FathersController extends Controller {
|
|||
DB::beginTransaction();
|
||||
|
||||
$image = base64_decode(substr($r->image, strpos($r->image, ',') + 1));
|
||||
Storage::disk('public')->put($filename, $image);
|
||||
Storage::disk('private')->put($filename, $image);
|
||||
|
||||
$father = Father::find((int)$father_id);
|
||||
if (!is_null($father->image)) {
|
||||
$oldimg = $father->image;
|
||||
}
|
||||
$father->image = '/storage/'.$filename;
|
||||
$father->image = '/files/'.$filename;
|
||||
$father->save();
|
||||
|
||||
$login_user_datum = $father->toArray();
|
||||
|
@ -342,12 +342,12 @@ class FathersController extends Controller {
|
|||
// 親プロフィール画像のアップロードに失敗
|
||||
Log::critical($e->getMessage());
|
||||
DB::rollback();
|
||||
Storage::disk('public')->delete($filename);
|
||||
Storage::disk('private')->delete($filename);
|
||||
return ['status_code' => 400, 'error_messages' => ['親の更新に失敗しました。']];
|
||||
}
|
||||
|
||||
if (!is_null($oldimg)) {
|
||||
$stor = Storage::disk('public')->delete($oldimg);
|
||||
$stor = Storage::disk('private')->delete($oldimg);
|
||||
}
|
||||
|
||||
// 親プロフィール画像のアップロードに成功
|
||||
|
@ -483,7 +483,7 @@ class FathersController extends Controller {
|
|||
$father->delete();
|
||||
|
||||
if (!is_null($img)) {
|
||||
Storage::disk('public')->delete($img);
|
||||
Storage::disk('private')->delete($img);
|
||||
}
|
||||
Session::forget($this->getGuard());
|
||||
} catch (\Throwable $e) {
|
||||
|
|
|
@ -0,0 +1,52 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Api;
|
||||
|
||||
use App\Http\Controllers\Controller, Session;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Storage;
|
||||
use Symfony\Component\HttpFoundation\StreamedResponse;
|
||||
|
||||
use App\Models\Meeting;
|
||||
use App\Models\MeetingImage;
|
||||
use App\Models\Child;
|
||||
use App\Models\Father;
|
||||
use App\Models\FatherRelations;
|
||||
|
||||
class FilesController extends Controller {
|
||||
public function __invoke (Request $request, $path) {
|
||||
$err = 'このファイルは存在しません。パスをご確認下さい。';
|
||||
abort_if(!Storage::disk('private')->exists($path), 404, $err);
|
||||
abort_if(!session()->has('children') && !session()->has('fathers') && !session()->has('admins'), 404, $err);
|
||||
|
||||
if (substr($path, -4) == '.pdf') {
|
||||
if (session()->has('children')) {
|
||||
abort_if(null === ($rel = FatherRelations::where('child_id', (int)session()->get('children')['id'])->first()), 404, $err);
|
||||
abort_if(null === (Meeting::where('father_id', $rel->father_id)->where('pdf', '/files/'.$path)->first()), 404, $err);
|
||||
}
|
||||
else if (session()->has('fathers')) {
|
||||
abort_if(null === (Meeting::where('father_id', (int)session()->get('fathers')['id'])->where('pdf', '/files/'.$path)->first()), 404, $err);
|
||||
}
|
||||
}
|
||||
else {
|
||||
if (null !== ($meetimg = MeetingImage::where('image', '/files/'.$path)->first())) {
|
||||
if (session()->has('children')) {
|
||||
abort_if(null === ($rel = FatherRelations::where('child_id', (int)session()->get('children')['id'])->first()), 404, $err);
|
||||
abort_if(null === (Meeting::where('father_id', $rel->father_id)->first()), 404, $err);
|
||||
}
|
||||
if (session()->has('fathers')) {
|
||||
abort_if(null === (Meeting::where('father_id', (int)session()->get('fathers')['id'])->first()), 404, $err);
|
||||
}
|
||||
}
|
||||
|
||||
if (session()->has('children')) {
|
||||
abort_if(null === (Child::where('id', (int)session()->get('children')['id'])->where('image', '/files/'.$path)->first()), 404, $err);
|
||||
}
|
||||
else if (session()->has('fathers')) {
|
||||
abort_if(null === (Father::where('id', (int)session()->get('fathers')['id'])->where('image', '/files/'.$path)->first()), 404, $err);
|
||||
}
|
||||
}
|
||||
|
||||
return Storage::disk('private')->response($path);
|
||||
}
|
||||
}
|
|
@ -45,11 +45,11 @@ class MeetingImagesController extends Controller {
|
|||
$filename = $this->uuidv4() . '.'.$ext;
|
||||
$fname[] = $this->uuidv4() . '.'.$ext;
|
||||
$image = base64_decode(substr($img, strpos($img, ',') + 1));
|
||||
Storage::disk('public')->put($filename, $image);
|
||||
Storage::disk('private')->put($filename, $image);
|
||||
|
||||
$insert = [
|
||||
'meeting_id' => (int)$r->meeting_id,
|
||||
'image' => '/storage/'.$filename,
|
||||
'image' => '/files/'.$filename,
|
||||
];
|
||||
|
||||
MeetingImage::create($insert);
|
||||
|
@ -58,7 +58,7 @@ class MeetingImagesController extends Controller {
|
|||
// 失敗
|
||||
Log::critical($e->getMessage());
|
||||
foreach ($fname as $filename) {
|
||||
Storage::disk('public')->delete($filename);
|
||||
Storage::disk('private')->delete($filename);
|
||||
}
|
||||
return ['status_code' => 400];
|
||||
}
|
||||
|
@ -83,7 +83,7 @@ class MeetingImagesController extends Controller {
|
|||
|
||||
try {
|
||||
MeetingImage::where('id', (int)$r->image_id)->delete();
|
||||
Storage::disk('public')->delete($get->image);
|
||||
Storage::disk('private')->delete($get->image);
|
||||
} catch (\Throwable $e) {
|
||||
// 失敗
|
||||
Log::critical($e->getMessage());
|
||||
|
|
|
@ -67,12 +67,12 @@ class MeetingsController extends Controller {
|
|||
try {
|
||||
if (isset($r->pdf)) {
|
||||
$filename = $this->uuidv4() . '.pdf';
|
||||
$insert['pdf'] = '/storage/'.$filename;
|
||||
$insert['pdf'] = '/files/'.$filename;
|
||||
|
||||
if (substr($r->pdf, -4) != '.pdf') {
|
||||
$pdf = base64_decode(substr($r->pdf, strpos($r->pdf, ',') + 1));
|
||||
|
||||
Storage::disk('public')->put($filename, $pdf);
|
||||
Storage::disk('private')->put($filename, $pdf);
|
||||
}
|
||||
else {
|
||||
$insert['pdf'] = $r->pdf;
|
||||
|
@ -89,9 +89,9 @@ class MeetingsController extends Controller {
|
|||
$fname = $this->uuidv4() . '.'.$ext;
|
||||
$fnames[] = $fname;
|
||||
$image = base64_decode(substr($img, strpos($img, ',') + 1));
|
||||
Storage::disk('public')->put($fname, $image);
|
||||
Storage::disk('private')->put($fname, $image);
|
||||
|
||||
$imgname = '/storage/'.$fname;
|
||||
$imgname = '/files/'.$fname;
|
||||
|
||||
}
|
||||
else {
|
||||
|
@ -123,11 +123,11 @@ class MeetingsController extends Controller {
|
|||
Log::critical($e->getMessage());
|
||||
if (!is_null($meeting) && $meeting != 0) {
|
||||
if (isset($r->pdf)) {
|
||||
Storage::disk('public')->delete($filename);
|
||||
Storage::disk('private')->delete($filename);
|
||||
}
|
||||
if (isset($r->image)) {
|
||||
foreach ($fnames as $f) {
|
||||
Storage::disk('public')->delete($f);
|
||||
Storage::disk('private')->delete($f);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -704,29 +704,29 @@ class MeetingsController extends Controller {
|
|||
// DBにミーティングがある場合
|
||||
if ($chk = Meeting::select('pdf')->where('id', (int)$meeting_id)->first()) {
|
||||
// base64の場合(ファイルパスだったら、スキップ)
|
||||
if (!preg_match('/\/storage\/(.*).pdf/', $r->pdf)) {
|
||||
if (!preg_match('/\/files\/(.*).pdf/', $r->pdf)) {
|
||||
// もう存在しているPDFのファイル名からパスを外します。
|
||||
$opdf = str_replace('/storage/', '', $chk->pdf);
|
||||
$opdf = str_replace('/files/', '', $chk->pdf);
|
||||
|
||||
// PDFのbase64をGETします。
|
||||
$pdf = base64_decode(substr($r->pdf, strpos($r->pdf, ',') + 1));
|
||||
|
||||
// 既にPDFが存在する場合(なければ、スキップ)
|
||||
if (Storage::disk('public')->exists($opdf)) {
|
||||
if (Storage::disk('private')->exists($opdf)) {
|
||||
// 既に存在しているPDFとアップロードしているPDFを比べてみます。異なる場合、存在しているPDFを削除します。
|
||||
if (strcmp(Storage::disk('public')->get($opdf), $pdf) !== 0) {
|
||||
Storage::disk('public')->delete($opdf);
|
||||
if (strcmp(Storage::disk('private')->get($opdf), $pdf) !== 0) {
|
||||
Storage::disk('private')->delete($opdf);
|
||||
}
|
||||
}
|
||||
|
||||
$update['pdf'] = '/storage/'.$filename;
|
||||
Storage::disk('public')->put($filename, $pdf);
|
||||
$update['pdf'] = '/files/'.$filename;
|
||||
Storage::disk('private')->put($filename, $pdf);
|
||||
}
|
||||
}
|
||||
// なければ、そのままストレージに保存します。
|
||||
else {
|
||||
$update['pdf'] = '/storage/'.$filename;
|
||||
Storage::disk('public')->put($filename, $pdf);
|
||||
$update['pdf'] = '/files/'.$filename;
|
||||
Storage::disk('private')->put($filename, $pdf);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -735,7 +735,7 @@ class MeetingsController extends Controller {
|
|||
} catch (\Throwable $e) {
|
||||
Log::critical($e->getMessage());
|
||||
if (isset($r->pdf) && !is_null($r->pdf)) {
|
||||
Storage::disk('public')->delete($filename);
|
||||
Storage::disk('private')->delete($filename);
|
||||
}
|
||||
return ['status_code' => 400];
|
||||
}
|
||||
|
|
|
@ -42,7 +42,7 @@ class Controller extends BaseController
|
|||
|
||||
public function imagesize ($value) {
|
||||
try {
|
||||
return strlen($value) < env('PDF_MAX_SIZE');
|
||||
return strlen($value) < (int)env('PDF_MAX_SIZE');
|
||||
} catch (\Throwable $e) {
|
||||
Log::critical($e->getMessage());
|
||||
return false;
|
||||
|
@ -123,7 +123,7 @@ class Controller extends BaseController
|
|||
try {
|
||||
$ok = true;
|
||||
foreach (json_decode($value) as $v) {
|
||||
if (strlen(base64_decode($v)) > env('PDF_MAX_SIZE')) {
|
||||
if (strlen(base64_decode($v)) > (int)env('PDF_MAX_SIZE')) {
|
||||
$ok = false;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -42,6 +42,13 @@ return [
|
|||
'visibility' => 'public',
|
||||
],
|
||||
|
||||
'private' => [
|
||||
'driver' => 'local',
|
||||
'root' => storage_path('app/private'),
|
||||
'url' => env('APP_URL').'/storage',
|
||||
'visibility' => 'private',
|
||||
],
|
||||
|
||||
's3' => [
|
||||
'driver' => 's3',
|
||||
'key' => env('AWS_ACCESS_KEY_ID'),
|
||||
|
|
|
@ -128,3 +128,5 @@ Route::group(['prefix' => 'admin'], function () {
|
|||
Route::get('/child/edit/password/{child_id}', function () { return view('admin.index'); });
|
||||
});
|
||||
});
|
||||
|
||||
Route::get('/files/{path}', \App\Http\Controllers\Api\FilesController::class);
|
||||
|
|
新しいイシューから参照