예제 #1
0
 /**
  * Check if file exists, both checking filtered filename and exact filename
  *
  * @param string $originalFile Filename
  * @return bool
  */
 protected function checkFileExists($originalFile)
 {
     // Check both original and safely filtered filename
     $nameFilter = FileNameFilter::create();
     $filteredFile = $nameFilter->filter($originalFile);
     // Resolve expected folder name
     $folderName = $this->getFolderName();
     $folder = Folder::find_or_make($folderName);
     $parentPath = $folder ? $folder->getFilename() : '';
     // check if either file exists
     return File::find($parentPath . $originalFile) || File::find($parentPath . $filteredFile);
 }
예제 #2
0
 /**
  * Creates a single folder, within an optional parent folder.
  *
  * @param HTTPRequest $request
  * @return HTTPRequest|HTTPResponse
  */
 public function apiCreateFolder(HTTPRequest $request)
 {
     $data = $request->postVars();
     $class = 'SilverStripe\\Assets\\Folder';
     // CSRF check
     $token = SecurityToken::inst();
     if (empty($data[$token->getName()]) || !$token->check($data[$token->getName()])) {
         return new HTTPResponse(null, 400);
     }
     // check addchildren permissions
     /** @var Folder $parentRecord */
     $parentRecord = null;
     if (!empty($data['ParentID']) && is_numeric($data['ParentID'])) {
         $parentRecord = DataObject::get_by_id($class, $data['ParentID']);
     }
     $data['Parent'] = $parentRecord;
     $data['ParentID'] = $parentRecord ? (int) $parentRecord->ID : 0;
     // Build filename
     $baseFilename = isset($data['Name']) ? basename($data['Name']) : _t('SilverStripe\\AssetAdmin\\Controller\\AssetAdmin.NEWFOLDER', "NewFolder");
     if ($parentRecord && $parentRecord->ID) {
         $baseFilename = $parentRecord->getFilename() . '/' . $baseFilename;
     }
     // Ensure name is unique
     $nameGenerator = $this->getNameGenerator($baseFilename);
     $filename = null;
     foreach ($nameGenerator as $filename) {
         if (!File::find($filename)) {
             break;
         }
     }
     $data['Name'] = basename($filename);
     // Create record
     /** @var Folder $record */
     $record = Injector::inst()->create($class);
     // check create permissions
     if (!$record->canCreate(null, $data)) {
         return (new HTTPResponse(null, 403))->addHeader('Content-Type', 'application/json');
     }
     $record->ParentID = $data['ParentID'];
     $record->Name = $record->Title = basename($data['Name']);
     $record->write();
     $result = $this->getObjectFromData($record);
     return (new HTTPResponse(json_encode($result)))->addHeader('Content-Type', 'application/json');
 }