middleware(['admin', '2fa']); } public function upload(Request $request, $versionId) { if (! auth()->user()->isPermission('offers-w')) { abort(403, 'Fehlende Berechtigung: offers-w'); } $version = OfferVersion::findOrFail($versionId); if (! $version->isEditable()) { return response()->json([ 'error' => true, 'message' => 'Diese Version ist nicht mehr bearbeitbar.', 'code' => 403, ], 403); } $repo = new OfferFileRepository(new OfferFile()); $repo->_set('disk', 'offer'); $repo->_set('offer_version_id', (int) $versionId); $repo->_set('dir', '/files/' . date('Y/m') . '/'); $repo->_set('identifier', 'offer'); if ($request->has('include_in_pdf')) { $repo->_set('include_in_pdf', filter_var($request->input('include_in_pdf'), FILTER_VALIDATE_BOOL)); } return $repo->uploadFile($request->all()); } public function delete($id) { if (! auth()->user()->isPermission('offers-w')) { abort(403, 'Fehlende Berechtigung: offers-w'); } $file = OfferFile::query()->with('offerVersion')->findOrFail($id); if ($file->offerVersion && ! $file->offerVersion->isEditable()) { \Session::flash('alert-warning', 'Datei gehört zu einer gesperrten Version.'); return redirect()->back(); } $repo = new OfferFileRepository($file); $repo->_set('disk', 'offer'); if ($repo->delete()) { \Session::flash('alert-success', 'Datei gelöscht'); } else { \Session::flash('alert-warning', 'Löschen fehlgeschlagen'); } return redirect()->back(); } }