mirror of
https://gitee.com/ulthon/ulthon_information.git
synced 2026-07-02 01:32:48 +08:00
- Articles API: list/detail/create/update/delete with source-based permission control - Attachments API: upload/list/delete with source-based permission control - ApiKeyInfo API: query current key permissions - Admin ApiKey management: generate/regenerate/toggle/permission settings with layui UI - Frontend API documentation page with complete interface reference
125 lines
3.3 KiB
PHP
125 lines
3.3 KiB
PHP
<?php
|
|
|
|
namespace app\api\controller;
|
|
|
|
use app\BaseController;
|
|
use app\UploadFiles as AppUploadFiles;
|
|
use app\model\UploadFiles as UploadFilesModel;
|
|
use app\middleware\ApiKeyAuth;
|
|
|
|
class Attachments extends BaseController
|
|
{
|
|
protected $middleware = [ApiKeyAuth::class];
|
|
|
|
/**
|
|
* 附件列表
|
|
*/
|
|
public function index()
|
|
{
|
|
$page = $this->request->param('page', 1, 'intval');
|
|
$limit = $this->request->param('limit', 20, 'intval');
|
|
$type = $this->request->param('type', '');
|
|
|
|
$query = UploadFilesModel::order('id desc');
|
|
|
|
if (!empty($type)) {
|
|
$query->where('type', $type);
|
|
}
|
|
|
|
$list = $query->paginate([
|
|
'list_rows' => $limit,
|
|
'page' => $page,
|
|
]);
|
|
|
|
$items = [];
|
|
foreach ($list as $item) {
|
|
$items[] = [
|
|
'id' => $item->id,
|
|
'name' => $item->getData('file_name'),
|
|
'save_name' => $item->getData('save_name'),
|
|
'url' => $item->src,
|
|
'type' => $item->getData('type'),
|
|
'size' => $item->getData('file_size'),
|
|
'source' => $item->getData('source'),
|
|
'create_time' => $item->create_time,
|
|
];
|
|
}
|
|
|
|
return json_message([
|
|
'list' => $items,
|
|
'total' => $list->total(),
|
|
'page' => $page,
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* 上传附件
|
|
*/
|
|
public function upload()
|
|
{
|
|
if (empty($this->request->can_write_own)) {
|
|
return json_message('无权操作', 403);
|
|
}
|
|
|
|
$file = $this->request->file('file');
|
|
if (empty($file)) {
|
|
return json_message('请选择上传文件');
|
|
}
|
|
|
|
try {
|
|
AppUploadFiles::fileScan($file);
|
|
$model_file = AppUploadFiles::saveFile($file, 'api_upload');
|
|
|
|
$upload_model = UploadFilesModel::where('save_name', $model_file->getData('save_name'))->find();
|
|
if ($upload_model) {
|
|
$upload_model->source = 'api';
|
|
$upload_model->save();
|
|
}
|
|
|
|
return json_message([
|
|
'id' => $model_file->id,
|
|
'name' => $model_file->getData('file_name'),
|
|
'url' => $model_file->src,
|
|
'size' => $model_file->getData('file_size'),
|
|
], 0, '上传成功');
|
|
} catch (\Throwable $th) {
|
|
return json_message($th->getMessage());
|
|
}
|
|
}
|
|
|
|
/**
|
|
* 删除附件
|
|
*/
|
|
public function delete()
|
|
{
|
|
$id = $this->request->param('id', 0, 'intval');
|
|
if (empty($id)) {
|
|
return json_message('缺少参数');
|
|
}
|
|
|
|
$file = UploadFilesModel::find($id);
|
|
if (empty($file)) {
|
|
return json_message('附件不存在');
|
|
}
|
|
|
|
$source = $file->getData('source');
|
|
$can_delete = $this->request->can_delete;
|
|
|
|
if ($source === 'api' && $can_delete < 1) {
|
|
return json_message('无权操作', 403);
|
|
}
|
|
|
|
if ($source === 'admin' && $can_delete != 2) {
|
|
return json_message('无权操作', 403);
|
|
}
|
|
|
|
if (!in_array($source, ['api', 'admin']) && $can_delete < 2) {
|
|
return json_message('无权操作', 403);
|
|
}
|
|
|
|
$file->delete();
|
|
|
|
return json_message('', 0, '删除成功');
|
|
}
|
|
}
|