2FAuth/app/Api/v1/Controllers/IconController.php

<?php

namespace App\Api\v1\Controllers;

use App\Api\v1\Requests\IconFetchRequest;
use App\Facades\IconStore;
use App\Helpers\Helpers;
use App\Http\Controllers\Controller;
use App\Models\TwoFAccount;
use App\Services\LogoService;
use Exception;
use Illuminate\Http\Request;
use Illuminate\Http\UploadedFile;

class IconController extends Controller
{
    /**
     * Handle uploaded icon image
     *
     * @return \Illuminate\Http\JsonResponse
     */
    public function upload(Request $request)
    {
        $this->validate($request, [
            'icon' => 'required|image',
        ]);

        $icon     = $request->file('icon');
        $isStored = $name = false;

        if ($icon instanceof UploadedFile) {
            try {
                if ($content = $icon->get()) {
                    $name     = Helpers::getRandomFilename($icon->extension());
                    $isStored = IconStore::store($name, $content);
                }
            } catch (Exception) {
            }
        }

        return $isStored
                ? response()->json(['filename' => $name], 201)
                : response()->json(['message' => __('errors.file_upload_failed')], 500);
    }

    /**
     * Fetch a logo
     *
     * @return \Illuminate\Http\JsonResponse
     */
    public function fetch(IconFetchRequest $request, LogoService $logoService)
    {
        $validated = $request->validated();

        $icon = $logoService->getIcon($validated['service']);

        return $icon
            ? response()->json(['filename' => $icon], 201)
            : response()->json(null, 204);
    }

    /**
     * delete an icon
     *
     * @return \Illuminate\Http\JsonResponse
     */
    public function delete(string $icon, Request $request)
    {
        // An icon affected to someone else's twofaccount cannot be deleted
        if ($icon && TwoFAccount::where('icon', $icon)->where('user_id', '<>', $request->user()->id)->count() > 0) {
            abort(403, 'unauthorized');
        }

        IconStore::delete($icon);

        return response()->json(null, 204);
    }
}
Icon controller 2020-01-05 23:23:48 +01:00			`<?php`

Set up paths & namespace to match versioned routes 2021-11-07 21:57:22 +01:00			`namespace App\Api\v1\Controllers;`
Icon controller 2020-01-05 23:23:48 +01:00
Fix various possible XSS attacks 2023-06-30 14:50:57 +02:00			`use App\Api\v1\Requests\IconFetchRequest;`
Add Store icons to database feature 2024-10-18 14:28:45 +02:00			`use App\Facades\IconStore;`
			`use App\Helpers\Helpers;`
Set up paths & namespace to match versioned routes 2021-11-07 21:57:22 +01:00			`use App\Http\Controllers\Controller;`
Bind Groups to Users & Add relevant authorizations with policies 2023-02-23 16:40:53 +01:00			`use App\Models\TwoFAccount;`
Add the logo fetching feature to the Create/Edit forms 2022-07-20 13:32:31 +02:00			`use App\Services\LogoService;`
Add Store icons to database feature 2024-10-18 14:28:45 +02:00			`use Exception;`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`use Illuminate\Http\Request;`
Add Store icons to database feature 2024-10-18 14:28:45 +02:00			`use Illuminate\Http\UploadedFile;`
Icon controller 2020-01-05 23:23:48 +01:00
			`class IconController extends Controller`
			`{`
Add the logo fetching feature to the Create/Edit forms 2022-07-20 13:32:31 +02:00			`/**`
Delete icon backend 2020-01-08 15:24:34 +01:00			`* Handle uploaded icon image`
Icon controller 2020-01-05 23:23:48 +01:00			`*`
Update controllers doc block 2021-11-26 11:18:58 +01:00			`* @return \Illuminate\Http\JsonResponse`
Icon controller 2020-01-05 23:23:48 +01:00			`*/`
			`public function upload(Request $request)`
			`{`
Use and handle default Laravel validation errors response 2020-01-19 23:02:20 +01:00			`$this->validate($request, [`
Validate 2FAccount create form only with backend 2020-01-09 16:33:32 +01:00			`'icon' => 'required\|image',`
All hardcoded strings replaced by i18n translation 2020-01-12 19:55:17 +01:00			`]);`
Validate 2FAccount create form only with backend 2020-01-09 16:33:32 +01:00
Add Store icons to database feature 2024-10-18 14:28:45 +02:00			`$icon = $request->file('icon');`
			`$isStored = $name = false;`
Handle icon & qrcode upload failure gracefully 2022-09-02 14:28:57 +02:00
Add Store icons to database feature 2024-10-18 14:28:45 +02:00			`if ($icon instanceof UploadedFile) {`
			`try {`
			`if ($content = $icon->get()) {`
			`$name = Helpers::getRandomFilename($icon->extension());`
			`$isStored = IconStore::store($name, $content);`
			`}`
Fix pint issues 2024-11-09 10:18:45 +01:00			`} catch (Exception) {`
Add Store icons to database feature 2024-10-18 14:28:45 +02:00			`}`
			`}`

			`return $isStored`
			`? response()->json(['filename' => $name], 201)`
Handle icon & qrcode upload failure gracefully 2022-09-02 14:28:57 +02:00			`: response()->json(['message' => __('errors.file_upload_failed')], 500);`
Icon controller 2020-01-05 23:23:48 +01:00			`}`
Add the logo fetching feature to the Create/Edit forms 2022-07-20 13:32:31 +02:00
			`/**`
			`* Fetch a logo`
			`*`
			`* @return \Illuminate\Http\JsonResponse`
			`*/`
Fix various possible XSS attacks 2023-06-30 14:50:57 +02:00			`public function fetch(IconFetchRequest $request, LogoService $logoService)`
Add the logo fetching feature to the Create/Edit forms 2022-07-20 13:32:31 +02:00			`{`
Fix various possible XSS attacks 2023-06-30 14:50:57 +02:00			`$validated = $request->validated();`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00
Fix various possible XSS attacks 2023-06-30 14:50:57 +02:00			`$icon = $logoService->getIcon($validated['service']);`
Add the logo fetching feature to the Create/Edit forms 2022-07-20 13:32:31 +02:00
			`return $icon`
			`? response()->json(['filename' => $icon], 201)`
			`: response()->json(null, 204);`
			`}`
Delete icon backend 2020-01-08 15:24:34 +01:00
Add the logo fetching feature to the Create/Edit forms 2022-07-20 13:32:31 +02:00			`/**`
Delete icon backend 2020-01-08 15:24:34 +01:00			`* delete an icon`
			`*`
Update controllers doc block 2021-11-26 11:18:58 +01:00			`* @return \Illuminate\Http\JsonResponse`
Delete icon backend 2020-01-08 15:24:34 +01:00			`*/`
Bind Groups to Users & Add relevant authorizations with policies 2023-02-23 16:40:53 +01:00			`public function delete(string $icon, Request $request)`
Delete icon backend 2020-01-08 15:24:34 +01:00			`{`
Bind Groups to Users & Add relevant authorizations with policies 2023-02-23 16:40:53 +01:00			`// An icon affected to someone else's twofaccount cannot be deleted`
			`if ($icon && TwoFAccount::where('icon', $icon)->where('user_id', '<>', $request->user()->id)->count() > 0) {`
			`abort(403, 'unauthorized');`
			`}`

Add Store icons to database feature 2024-10-18 14:28:45 +02:00			`IconStore::delete($icon);`
Delete icon backend 2020-01-08 15:24:34 +01:00
			`return response()->json(null, 204);`
			`}`
Apply Laravel Pint fixes 2022-11-22 15:15:52 +01:00			`}`