From 5ff1ba7c6a84de5b0403673748e93d6d9dcf04b0 Mon Sep 17 00:00:00 2001 From: Arno Kaimbacher Date: Fri, 13 Sep 2019 13:28:28 +0200 Subject: [PATCH] - everyone is allowed to download published files --- resources/views/errors/403.blade.php | 16 +++++---- .../views/frontend/dataset/show.blade.php | 2 +- routes/web.php | 34 +++++++++++-------- 3 files changed, 30 insertions(+), 22 deletions(-) diff --git a/resources/views/errors/403.blade.php b/resources/views/errors/403.blade.php index e57fbf6..bd9b853 100644 --- a/resources/views/errors/403.blade.php +++ b/resources/views/errors/403.blade.php @@ -2,15 +2,17 @@ @extends('layouts.app') @section('content') -
-

403
- ACCESS DENIED

+
+
+ +

+
403
+ ACCESS DENIED
+

Back

{{ $exception->getMessage() }}

+
-@endsection - - - +@endsection \ No newline at end of file diff --git a/resources/views/frontend/dataset/show.blade.php b/resources/views/frontend/dataset/show.blade.php index 0349694..7c20f68 100644 --- a/resources/views/frontend/dataset/show.blade.php +++ b/resources/views/frontend/dataset/show.blade.php @@ -44,7 +44,7 @@ @if($file->exists() === true) - {{ $file->path_name }} + {{ $file->path_name }} @else missing file: {{ $file->path_name }} @endif diff --git a/routes/web.php b/routes/web.php index 2e942f9..2fd27ad 100644 --- a/routes/web.php +++ b/routes/web.php @@ -25,6 +25,12 @@ Route::get( ] ); +//============================================================================================================= +//=================================================file download============================================= +Route::get('file/download/{id}', [ + 'as' => 'file.download', 'uses' => 'Settings\FileController@download', +]); + //=================================================publish datasets================================================ Route::group( [ @@ -83,7 +89,7 @@ Route::group( 'middleware' => ['isUserDatasetAdmin:true'], 'as' => 'workflow.submit.deleteUpdate', 'uses' => 'SubmitController@deleteUpdate', ]); - + //editor Route::get('workflow/editor/index', [ 'middleware' => ['permission:dataset-editor-list'], @@ -188,16 +194,16 @@ Route::group( 'as' => 'user.create', 'uses' => 'UserController@create', 'middleware' => ['permission:settings'], ]); Route::post('user/store', [ - 'as' => 'user.store', 'uses' => 'UserController@store','middleware' => ['permission:settings'], + 'as' => 'user.store', 'uses' => 'UserController@store', 'middleware' => ['permission:settings'], ]); Route::get('user/edit/{id}', [ - 'as' => 'user.edit', 'uses' => 'UserController@edit', 'middleware' => ['auth'] + 'as' => 'user.edit', 'uses' => 'UserController@edit', 'middleware' => ['auth'], ]); Route::patch('user/update/{id}', [ - 'as' => 'user.update', 'uses' => 'UserController@update', 'middleware' => ['auth'] + 'as' => 'user.update', 'uses' => 'UserController@update', 'middleware' => ['auth'], ]); Route::get('user/destroy/{id}', [ - 'as' => 'user.destroy', 'uses' => 'UserController@destroy','middleware' => ['permission:settings'], + 'as' => 'user.destroy', 'uses' => 'UserController@destroy', 'middleware' => ['permission:settings'], ]); //Route::resource('users','RoleController'); @@ -205,16 +211,16 @@ Route::group( 'as' => 'role.index', 'uses' => 'RoleController@index', 'middleware' => ['permission:settings'], ]); Route::get('role/create', [ - 'as' => 'role.create', 'uses' => 'RoleController@create','middleware' => ['permission:settings'], + 'as' => 'role.create', 'uses' => 'RoleController@create', 'middleware' => ['permission:settings'], ]); Route::post('role/store', [ - 'as' => 'role.store', 'uses' => 'RoleController@store','middleware' => ['permission:settings'], + 'as' => 'role.store', 'uses' => 'RoleController@store', 'middleware' => ['permission:settings'], ]); Route::get('role/edit/{id}', [ - 'as' => 'role.edit', 'uses' => 'RoleController@edit','middleware' => ['permission:settings'], + 'as' => 'role.edit', 'uses' => 'RoleController@edit', 'middleware' => ['permission:settings'], ]); Route::patch('role/update/{id}', [ - 'as' => 'role.update', 'uses' => 'RoleController@update','middleware' => ['permission:settings'], + 'as' => 'role.update', 'uses' => 'RoleController@update', 'middleware' => ['permission:settings'], ]); } ); @@ -269,11 +275,11 @@ Route::group(['middleware' => ['permission:settings']], function () { Route::get('settings/file/download/{id}', [ 'as' => 'settings.file.download', 'uses' => 'Settings\DatasetController@download', ]); - //============================================================================================================= - //=================================================setting file============================================= - Route::get('settings/file/download/{id}', [ - 'as' => 'settings.file.download', 'uses' => 'Settings\FileController@download', - ]); + // //============================================================================================================= + // //=================================================setting file============================================= + // Route::get('settings/file/download/{id}', [ + // 'as' => 'file.download', 'uses' => 'Settings\FileController@download', + // ]); //=================================================setting mimetype============================================= Route::get('/settings/mimetype', [