From 1debdc47cf6eff2c55b4286f131d629d137f65e6 Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Tue, 28 Jun 2022 22:56:18 -0700
Subject: [PATCH 1/2] Backups endpoint

Signed-off-by: snipe <snipe@snipe.net>
---
 .../Controllers/Api/SettingsController.php    | 42 ++++++++++++++
 app/Http/Transformers/BackupsTransformer.php  | 55 +++++++++++++++++++
 routes/api.php                                | 14 +++++
 3 files changed, 111 insertions(+)
 create mode 100644 app/Http/Transformers/BackupsTransformer.php

diff --git a/app/Http/Controllers/Api/SettingsController.php b/app/Http/Controllers/Api/SettingsController.php
index 9444b5980..d6ac8b826 100644
--- a/app/Http/Controllers/Api/SettingsController.php
+++ b/app/Http/Controllers/Api/SettingsController.php
@@ -2,6 +2,7 @@
 
 namespace App\Http\Controllers\Api;
 
+use App\Http\Transformers\BackupsTransformer;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Ldap;
@@ -265,4 +266,45 @@ class SettingsController extends Controller
 
         return (new LoginAttemptsTransformer)->transformLoginAttempts($login_attempt_results, $total);
     }
+
+
+    public function listBackups() {
+        $settings = Setting::getSettings();
+        $path = 'app/backups';
+        $backup_files = Storage::files($path);
+        $files_raw = [];
+        $count = 0;
+
+        if (count($backup_files) > 0) {
+
+            for ($f = 0; $f < count($backup_files); $f++) {
+
+                // Skip dotfiles like .gitignore and .DS_STORE
+                if ((substr(basename($backup_files[$f]), 0, 1) != '.')) {
+                    $file_timestamp = Storage::lastModified($backup_files[$f]);
+
+                    $files_raw[] = [
+                        'filename' => basename($backup_files[$f]),
+                        'filesize' => Setting::fileSizeConvert(Storage::size($backup_files[$f])),
+                        'modified_value' => $file_timestamp,
+                        'modified_display' => date($settings->date_display_format.' '.$settings->time_display_format, $file_timestamp),
+
+                    ];
+                    $count++;
+                }
+
+
+            }
+        }
+
+        $files = array_reverse($files_raw);
+        return (new BackupsTransformer())->transformBackups($files, $count);
+
+    }
+
+
+    public function downloadBackup($file) {
+        $path = '';
+        return response()->download($path, $file->name, $headers);
+    }
 }
\ No newline at end of file
diff --git a/app/Http/Transformers/BackupsTransformer.php b/app/Http/Transformers/BackupsTransformer.php
new file mode 100644
index 000000000..707172489
--- /dev/null
+++ b/app/Http/Transformers/BackupsTransformer.php
@@ -0,0 +1,55 @@
+<?php
+
+namespace App\Http\Transformers;
+
+use App\Helpers\Helper;
+use Gate;
+use Illuminate\Database\Eloquent\Collection;
+use Illuminate\Support\Facades\Storage;
+
+class BackupsTransformer
+{
+    public function transformBackups(Array $files, $total)
+    {
+        $array = [];
+        foreach ($files as $file) {
+            $array[] = self::transformCategory($file);
+        }
+
+        return (new DatatablesTransformer)->transformDatatables($array, $total);
+    }
+
+    public function transformCategory(Array $file = null)
+    {
+        if ($file) {
+            $array = [
+                'id' => (int) $file->id,
+                'name' => e($category->name),
+                'image' =>   ($category->image) ? Storage::disk('public')->url('categories/'.e($category->image)) : null,
+                'category_type' => ucwords(e($category->category_type)),
+                'has_eula' => ($category->getEula() ? true : false),
+                'use_default_eula' => ($category->use_default_eula=='1' ? true : false),
+                'eula' => ($category->getEula()),
+                'checkin_email' => ($category->checkin_email == '1'),
+                'require_acceptance' => ($category->require_acceptance == '1'),
+                'item_count' => (int) $category->itemCount(),
+                'assets_count' => (int) $category->assets_count,
+                'accessories_count' => (int) $category->accessories_count,
+                'consumables_count' => (int) $category->consumables_count,
+                'components_count' => (int) $category->components_count,
+                'licenses_count' => (int) $category->licenses_count,
+                'created_at' => Helper::getFormattedDateObject($category->created_at, 'datetime'),
+                'updated_at' => Helper::getFormattedDateObject($category->updated_at, 'datetime'),
+            ];
+
+            $permissions_array['available_actions'] = [
+                'update' => Gate::allows('update', Category::class),
+                'delete' => $category->isDeletable(),
+            ];
+
+            $array += $permissions_array;
+
+            return $array;
+        }
+    }
+}
diff --git a/routes/api.php b/routes/api.php
index 0b16f84ad..3c0ab53c7 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -786,6 +786,20 @@ Route::group(['prefix' => 'v1', 'middleware' => ['api', 'throttle:api']], functi
             ]
             )->name('api.settings.mailtest');
 
+            Route::get('backups',
+                [
+                    Api\SettingsController::class,
+                    'listBackups'
+                ]
+            )->name('api.settings.backups.index');
+
+            Route::get('backups/download/{file}',
+                [
+                    Api\SettingsController::class,
+                    'downloadBackup'
+                ]
+            )->name('api.settings.backups.download');
+
         }); 
         
         Route::resource('settings', 

From b590f29f33fe7b2d298a7a7a457cc25cd4d23b2e Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Tue, 28 Jun 2022 23:59:13 -0700
Subject: [PATCH 2/2] Attempt a download via API

Signed-off-by: snipe <snipe@snipe.net>
---
 .../Controllers/Api/SettingsController.php    | 17 ++++--
 app/Http/Transformers/BackupsTransformer.php  | 55 -------------------
 2 files changed, 13 insertions(+), 59 deletions(-)
 delete mode 100644 app/Http/Transformers/BackupsTransformer.php

diff --git a/app/Http/Controllers/Api/SettingsController.php b/app/Http/Controllers/Api/SettingsController.php
index d6ac8b826..62380b221 100644
--- a/app/Http/Controllers/Api/SettingsController.php
+++ b/app/Http/Controllers/Api/SettingsController.php
@@ -2,7 +2,9 @@
 
 namespace App\Http\Controllers\Api;
 
-use App\Http\Transformers\BackupsTransformer;
+use App\Helpers\Helper;
+use App\Helpers\StorageHelper;
+use App\Http\Transformers\DatatablesTransformer;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
 use App\Models\Ldap;
@@ -298,13 +300,20 @@ class SettingsController extends Controller
         }
 
         $files = array_reverse($files_raw);
-        return (new BackupsTransformer())->transformBackups($files, $count);
+        return (new DatatablesTransformer)->transformDatatables($files, $count);
 
     }
 
 
     public function downloadBackup($file) {
-        $path = '';
-        return response()->download($path, $file->name, $headers);
+
+        $path = 'app/backups';
+        if (Storage::exists($path.'/'.$file)) {
+            $headers = ['ContentType' => 'application/zip'];
+            return Storage::download($path.'/'.$file, $file, $headers);
+        } else {
+            return response()->json(Helper::formatStandardApiResponse('error', null, 'File not found'));
+        }
+
     }
 }
\ No newline at end of file
diff --git a/app/Http/Transformers/BackupsTransformer.php b/app/Http/Transformers/BackupsTransformer.php
deleted file mode 100644
index 707172489..000000000
--- a/app/Http/Transformers/BackupsTransformer.php
+++ /dev/null
@@ -1,55 +0,0 @@
-<?php
-
-namespace App\Http\Transformers;
-
-use App\Helpers\Helper;
-use Gate;
-use Illuminate\Database\Eloquent\Collection;
-use Illuminate\Support\Facades\Storage;
-
-class BackupsTransformer
-{
-    public function transformBackups(Array $files, $total)
-    {
-        $array = [];
-        foreach ($files as $file) {
-            $array[] = self::transformCategory($file);
-        }
-
-        return (new DatatablesTransformer)->transformDatatables($array, $total);
-    }
-
-    public function transformCategory(Array $file = null)
-    {
-        if ($file) {
-            $array = [
-                'id' => (int) $file->id,
-                'name' => e($category->name),
-                'image' =>   ($category->image) ? Storage::disk('public')->url('categories/'.e($category->image)) : null,
-                'category_type' => ucwords(e($category->category_type)),
-                'has_eula' => ($category->getEula() ? true : false),
-                'use_default_eula' => ($category->use_default_eula=='1' ? true : false),
-                'eula' => ($category->getEula()),
-                'checkin_email' => ($category->checkin_email == '1'),
-                'require_acceptance' => ($category->require_acceptance == '1'),
-                'item_count' => (int) $category->itemCount(),
-                'assets_count' => (int) $category->assets_count,
-                'accessories_count' => (int) $category->accessories_count,
-                'consumables_count' => (int) $category->consumables_count,
-                'components_count' => (int) $category->components_count,
-                'licenses_count' => (int) $category->licenses_count,
-                'created_at' => Helper::getFormattedDateObject($category->created_at, 'datetime'),
-                'updated_at' => Helper::getFormattedDateObject($category->updated_at, 'datetime'),
-            ];
-
-            $permissions_array['available_actions'] = [
-                'update' => Gate::allows('update', Category::class),
-                'delete' => $category->isDeletable(),
-            ];
-
-            $array += $permissions_array;
-
-            return $array;
-        }
-    }
-}