Skip to content

Commit

Permalink
[5.x] Add allowed_extensions option to Files fieldtype (#10998)
Browse files Browse the repository at this point in the history
  • Loading branch information
duncanmcclean authored Oct 24, 2024
1 parent aa2567a commit 8ebbe61
Show file tree
Hide file tree
Showing 4 changed files with 57 additions and 18 deletions.
30 changes: 14 additions & 16 deletions resources/js/components/assets/Uploader.vue
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,11 @@ export default {
},
container: String,
path: String,
url: { type: String, default: () => cp_url('assets') }
url: { type: String, default: () => cp_url('assets') },
extraData: {
type: Object,
default: () => ({})
}
},
Expand All @@ -44,19 +48,6 @@ export default {
},
computed: {
extraData() {
return {
container: this.container,
folder: this.path,
_token: Statamic.$config.get('csrfToken')
};
}
},
mounted() {
this.$refs.nativeFileField.addEventListener('change', this.addNativeFileFieldSelections);
},
Expand Down Expand Up @@ -164,8 +155,15 @@ export default {
form.append('file', file);
for (let key in this.extraData) {
form.append(key, this.extraData[key]);
let parameters = {
...this.extraData,
container: this.container,
folder: this.path,
_token: Statamic.$config.get('csrfToken')
}
for (let key in parameters) {
form.append(key, parameters[key]);
}
for (let key in data) {
Expand Down
7 changes: 7 additions & 0 deletions resources/js/components/fieldtypes/FilesFieldtype.vue
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
<uploader
ref="uploader"
:url="meta.uploadUrl"
:extra-data="{ config: configParameter }"
:container="config.container"
@updated="uploadsUpdated"
@upload-complete="uploadComplete"
Expand Down Expand Up @@ -87,6 +88,12 @@ export default {
}
},
computed: {
configParameter() {
return utf8btoa(JSON.stringify(this.config));
},
},
methods: {
/**
Expand Down
32 changes: 31 additions & 1 deletion src/Http/Controllers/CP/Fieldtypes/FilesFieldtypeController.php
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,21 @@

namespace Statamic\Http\Controllers\CP\Fieldtypes;

use Facades\Statamic\Fields\FieldtypeRepository as Fieldtype;
use Illuminate\Http\Request;
use Statamic\Assets\FileUploader as Uploader;
use Statamic\Fields\Field;
use Statamic\Http\Controllers\CP\CpController;
use Statamic\Rules\AllowedFile;

class FilesFieldtypeController extends CpController
{
public function upload(Request $request)
{
$fieldtype = $request->config ? $this->fieldtype($request) : null;

$request->validate([
'file' => ['file', new AllowedFile],
'file' => ['file', new AllowedFile($fieldtype?->config('allowed_extensions'))],
]);

$file = $request->file('file');
Expand All @@ -21,4 +25,30 @@ public function upload(Request $request)

return ['data' => ['id' => $path]];
}

protected function fieldtype($request)
{
$config = $this->getConfig($request);

return Fieldtype::find($config['type'])->setField(
new Field('file', $config)
);
}

private function getConfig($request)
{
// The fieldtype base64-encodes the config.
$json = base64_decode($request->config);

// The json may include unicode characters, so we'll try to convert it to UTF-8.
// See https://github.com/statamic/cms/issues/566
$utf8 = mb_convert_encoding($json, 'UTF-8', mb_list_encodings());

// In PHP 8.1 there's a bug where encoding will return null. It's fixed in 8.1.2.
// In this case, we'll fall back to the original JSON, but without the encoding.
// Issue #566 may still occur, but it's better than failing completely.
$json = empty($utf8) ? $json : $utf8;

return json_decode($json, true);
}
}
6 changes: 5 additions & 1 deletion src/Rules/AllowedFile.php
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,10 @@ class AllowedFile implements ValidationRule
'zip',
];

public function __construct(public ?array $allowedExtensions = null)
{
}

public function validate(string $attribute, mixed $value, Closure $fail): void
{
if (! $this->isAllowedExtension($value)) {
Expand All @@ -118,7 +122,7 @@ public function validate(string $attribute, mixed $value, Closure $fail): void

private function isAllowedExtension(UploadedFile $file): bool
{
$extensions = array_merge(static::EXTENSIONS, config('statamic.assets.additional_uploadable_extensions', []));
$extensions = $this->allowedExtensions ?? array_merge(static::EXTENSIONS, config('statamic.assets.additional_uploadable_extensions', []));

return in_array(trim(strtolower($file->getClientOriginalExtension())), $extensions);
}
Expand Down

0 comments on commit 8ebbe61

Please sign in to comment.