Merge pull request #38 from freebuu/fix-upload-functional

fixes in upload functional

Author: murdercode

routes/api.php

@@ -1,11 +1,11 @@
 <?php
 
-use App\Http\Middleware\VerifyCsrfToken;
+use \Illuminate\Foundation\Http\Middleware\VerifyCsrfToken;
 use Illuminate\Support\Facades\Route;
 use Murdercode\TinymceEditor\Http\Controllers\TinyImageController;
 use Murdercode\TinymceEditor\Http\Middleware\TinymceMiddleware;
 
 // Without CSRF protection
-Route::post('/upload', [TinyImageController::class, 'upload'])->name('tinymce.upload')
+Route::post('/upload', TinyImageController::class)->name('tinymce.upload')
     ->withoutMiddleware([VerifyCsrfToken::class])
     ->middleware(TinymceMiddleware::class);

src/Http/Controllers/TinyImageController.php

@@ -9,33 +9,28 @@
 
 class TinyImageController
 {
-    public function upload(Request $request): JsonResponse
-    {
-        $validator = $this->validateRequest($request);
-        if ($validator->fails()) {
-            return response()->json(['error' => $validator->errors()->first()]);
-        }
-
-        $imageFolder = config('nova-tinymce-editor.extra.upload_images.folder', 'images');
-        reset($_FILES);
-        $temp = current($_FILES);
-        if (is_uploaded_file($temp['tmp_name'])) {
-            $file = Storage::disk(config('nova-tinymce-editor.extra.upload_images.disk', 'public'))->putFile($imageFolder, $temp['tmp_name']);
-
-            return response()->json(['location' => Storage::disk(config('nova-tinymce-editor.extra.upload_images.disk', 'public'))->url($file)]);
-        } else {
-            return response()->json(['error' => 'Failed to move uploaded file.']);
-        }
 
-    }
-
-    public function validateRequest(Request $request): \Illuminate\Validation\Validator
+    public function __invoke(Request $request): JsonResponse
     {
-        $maxSize = config('nova-tinymce-editor.extra.upload_images.maxSize', 2048);
-        $validator = Validator::make($request->all(), [
-            'file' => 'required|image|mimes:jpeg,png,jpg,gif|max:'.$maxSize,
+        $request->validate([
+            'file' => [
+                'required',
+                'image',
+                'mimes:jpeg,png,jpg,gif',
+                'max:' . config('nova-tinymce-editor.extra.upload_images.maxSize', 2048),
+            ],
         ]);
-
-        return $validator;
+        $disk = config('nova-tinymce-editor.extra.upload_images.disk');
+        try{
+            $file = $request->file('file')
+                ->storePublicly(
+                    config('nova-tinymce-editor.extra.upload_images.folder'),
+                    compact('disk')
+                );
+        }catch (\Throwable $e){
+            report($e);
+            return response()->json(['error' => 'Failed to move uploaded file.']);
+        }
+        return response()->json(['location' => Storage::disk($disk)->url($file)]);
     }
 }

src/Http/Middleware/TinymceMiddleware.php

@@ -3,6 +3,7 @@
 namespace Murdercode\TinymceEditor\Http\Middleware;
 
 use Closure;
+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 
 class TinymceMiddleware
 {
@@ -14,27 +15,9 @@ public function handle($request, Closure $next)
          */
         $isActive = config('nova-tinymce-editor.extra.upload_images.enabled') ?? false;
         if (! $isActive) {
-            header('HTTP/1.1 500 Server Error');
-
-            return response()->json(['error' => 'Server error']);
-        }
-
-        /**
-         * Check if the request coming from the same origin
-         */
-        $accepted_origins = [rtrim(config('app.url'), '/')];
-        $origin = rtrim($_SERVER['HTTP_ORIGIN'], '/');
-        
-        if (isset($origin)) {
-            if (in_array($origin, $accepted_origins)) {
-                header('Access-Control-Allow-Origin: ' . $origin);
-            } else {
-                header('HTTP/1.1 403 Origin Denied');
-                return response()->json(['error' => 'Origin denied']);
-            }
+            throw new NotFoundHttpException();
         }
 
-
         return $next($request);
     }
 }