From 0cae24e971db6609fc77edc9b070d1ca81ff4fcc Mon Sep 17 00:00:00 2001
From: soufiane <soufiane@cubedesigners.com>
Date: Thu, 22 Feb 2024 13:40:37 +0100
Subject: [PATCH] wait #6717 @0:05 refacto

---
 .../SettingsExportOperation.php               | 14 +++++++-----
 .../SettingsExportOperation.php               | 22 ++++++++++++++-----
 app/Jobs/FluidbookSettingsExport.php          |  4 ----
 3 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/app/Http/Controllers/Admin/Operations/FluidbookCollection/SettingsExportOperation.php b/app/Http/Controllers/Admin/Operations/FluidbookCollection/SettingsExportOperation.php
index 3efb4efcb..de5690ab0 100644
--- a/app/Http/Controllers/Admin/Operations/FluidbookCollection/SettingsExportOperation.php
+++ b/app/Http/Controllers/Admin/Operations/FluidbookCollection/SettingsExportOperation.php
@@ -12,14 +12,18 @@ trait SettingsExportOperation
 {
     protected function setupSettingsRoutes($segment, $routeName, $controller)
     {
-        Route::match(['get','post'], $segment . '/{id}/download_settings', $controller . '@collectionSettings')->name("download_settings_by_ids");
+        Route::match(['get', 'post'], $segment . '/{id}/download_settings', $controller . '@collectionSettings')->name("download_settings_by_ids");
     }
 
-    protected function collectionSettings($id) {
+    protected function collectionSettings($id)
+    {
+        if (!can('fluidbook-publication:admin')) {
+            abort('403');
+        }
         $userId = backpack_user()->id;
-        $publications = Arr::flatten(FluidbookCollection::where('id',$id)->get('publications')->toArray(), 2);
-        $ids = Arr::join(array_column($publications,'fluidbook'), ',');
-        $file = (new FluidbookSettingsExport($ids,$userId,true))->handle();
+        $publications = Arr::flatten(FluidbookCollection::where('id', $id)->get('publications')->toArray(), 2);
+        $ids = Arr::join(array_column($publications, 'fluidbook'), ',');
+        $file = (new FluidbookSettingsExport($ids, $userId, true))->handle();
         return response()->download($file, 'settings_export.xlsx')->deleteFileAfterSend();
     }
 }
diff --git a/app/Http/Controllers/Admin/Operations/FluidbookPublication/SettingsExportOperation.php b/app/Http/Controllers/Admin/Operations/FluidbookPublication/SettingsExportOperation.php
index a6eb20e81..abe472002 100644
--- a/app/Http/Controllers/Admin/Operations/FluidbookPublication/SettingsExportOperation.php
+++ b/app/Http/Controllers/Admin/Operations/FluidbookPublication/SettingsExportOperation.php
@@ -10,19 +10,29 @@ trait SettingsExportOperation
 {
     protected function setupSettingsRoutes($segment, $routeName, $controller)
     {
-        Route::match(['get','post'], $segment . '/download_settings/{file}', $controller . '@fluidbookSettings')->withoutMiddleware([CheckIfAdmin::class])->name("download_settings");
+        Route::match(['get', 'post'], $segment . '/download_settings/{file}', $controller . '@fluidbookSettings')->withoutMiddleware([CheckIfAdmin::class])->name("download_settings");
         Route::match(['post'], $segment . '/send_link/{ids}', $controller . '@sendLinkForDownload')->name("send_link");
     }
 
-    protected function fluidbookSettings($file) {
+    protected function fluidbookSettings($file)
+    {
+        if (!can('fluidbook-publication:admin')) {
+            abort('403');
+        }
         $name = "settings_export";
-        $path = "/tmp/cubist".base64_decode($file);
-        if (!file_exists($path)) abort(404);
+        $path = "/tmp/cubist" . base64_decode($file);
+        if (!file_exists($path)) {
+            abort(404);
+        }
         return response()->download($path, $name . '.xlsx');
     }
 
-    protected function sendLinkForDownload($ids) {
+    protected function sendLinkForDownload($ids)
+    {
+        if (!can('fluidbook-publication:admin')) {
+            abort('403');
+        }
         $userId = backpack_user()->id;
-        dispatch_sync(new FluidbookSettingsExport($ids,$userId));
+        dispatch_sync(new FluidbookSettingsExport($ids, $userId));
     }
 }
diff --git a/app/Jobs/FluidbookSettingsExport.php b/app/Jobs/FluidbookSettingsExport.php
index fde7ac4b5..b429f0253 100644
--- a/app/Jobs/FluidbookSettingsExport.php
+++ b/app/Jobs/FluidbookSettingsExport.php
@@ -35,10 +35,6 @@ class FluidbookSettingsExport extends Base
     {
         $user = User::withoutGlobalScopes()->find($this->userID); //5908
 
-        if(!can('fluidbook-publication:admin')){
-            abort('403');
-        }
-
         //
         $model = FluidbookPublication::whereIn('id', $this->listID);
 
-- 
2.39.5