Files
ulthon_information/app/api/controller/Attachments.php
augushong dc116a1c77 feat(api): add article/attachment API endpoints, admin management, and API docs
- Articles API: list/detail/create/update/delete with source-based permission control
- Attachments API: upload/list/delete with source-based permission control
- ApiKeyInfo API: query current key permissions
- Admin ApiKey management: generate/regenerate/toggle/permission settings with layui UI
- Frontend API documentation page with complete interface reference
2026-04-27 00:38:57 +08:00

125 lines
3.3 KiB
PHP

<?php
namespace app\api\controller;
use app\BaseController;
use app\UploadFiles as AppUploadFiles;
use app\model\UploadFiles as UploadFilesModel;
use app\middleware\ApiKeyAuth;
class Attachments extends BaseController
{
protected $middleware = [ApiKeyAuth::class];
/**
* 附件列表
*/
public function index()
{
$page = $this->request->param('page', 1, 'intval');
$limit = $this->request->param('limit', 20, 'intval');
$type = $this->request->param('type', '');
$query = UploadFilesModel::order('id desc');
if (!empty($type)) {
$query->where('type', $type);
}
$list = $query->paginate([
'list_rows' => $limit,
'page' => $page,
]);
$items = [];
foreach ($list as $item) {
$items[] = [
'id' => $item->id,
'name' => $item->getData('file_name'),
'save_name' => $item->getData('save_name'),
'url' => $item->src,
'type' => $item->getData('type'),
'size' => $item->getData('file_size'),
'source' => $item->getData('source'),
'create_time' => $item->create_time,
];
}
return json_message([
'list' => $items,
'total' => $list->total(),
'page' => $page,
]);
}
/**
* 上传附件
*/
public function upload()
{
if (empty($this->request->can_write_own)) {
return json_message('无权操作', 403);
}
$file = $this->request->file('file');
if (empty($file)) {
return json_message('请选择上传文件');
}
try {
AppUploadFiles::fileScan($file);
$model_file = AppUploadFiles::saveFile($file, 'api_upload');
$upload_model = UploadFilesModel::where('save_name', $model_file->getData('save_name'))->find();
if ($upload_model) {
$upload_model->source = 'api';
$upload_model->save();
}
return json_message([
'id' => $model_file->id,
'name' => $model_file->getData('file_name'),
'url' => $model_file->src,
'size' => $model_file->getData('file_size'),
], 0, '上传成功');
} catch (\Throwable $th) {
return json_message($th->getMessage());
}
}
/**
* 删除附件
*/
public function delete()
{
$id = $this->request->param('id', 0, 'intval');
if (empty($id)) {
return json_message('缺少参数');
}
$file = UploadFilesModel::find($id);
if (empty($file)) {
return json_message('附件不存在');
}
$source = $file->getData('source');
$can_delete = $this->request->can_delete;
if ($source === 'api' && $can_delete < 1) {
return json_message('无权操作', 403);
}
if ($source === 'admin' && $can_delete != 2) {
return json_message('无权操作', 403);
}
if (!in_array($source, ['api', 'admin']) && $can_delete < 2) {
return json_message('无权操作', 403);
}
$file->delete();
return json_message('', 0, '删除成功');
}
}