From 1476104b301f47cc4ba3465ceb1fe16e78e200bd Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Sun, 7 Mar 2021 09:45:27 -0800
Subject: [PATCH] Fix inability to download files from the panel; closes #3151

Co-Authored-By: xcgc <74693042+xcgc@users.noreply.github.com>
---
 .../Api/Client/Servers/BackupController.php   | 22 +++++++++++--------
 app/Models/AuditLog.php                       |  1 +
 app/Services/Backups/DownloadLinkService.php  |  2 +-
 3 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/app/Http/Controllers/Api/Client/Servers/BackupController.php b/app/Http/Controllers/Api/Client/Servers/BackupController.php
index 86aef1e24..3457e1cc2 100644
--- a/app/Http/Controllers/Api/Client/Servers/BackupController.php
+++ b/app/Http/Controllers/Api/Client/Servers/BackupController.php
@@ -149,6 +149,7 @@ class BackupController extends ClientApiController
      * will be streamed back through the Panel. For AWS S3 files, a signed URL will be generated
      * which the user is redirected to.
      *
+     * @throws \Throwable
      * @throws \Illuminate\Auth\Access\AuthorizationException
      */
     public function download(Request $request, Server $server, Backup $backup): JsonResponse
@@ -157,16 +158,19 @@ class BackupController extends ClientApiController
             throw new AuthorizationException();
         }
 
-        switch ($backup->disk) {
-            case Backup::ADAPTER_WINGS:
-            case Backup::ADAPTER_AWS_S3:
-                return new JsonResponse([
-                    'object' => 'signed_url',
-                    'attributes' => ['url' => ''],
-                ]);
-            default:
-                throw new BadRequestHttpException();
+        if ($backup->disk !== Backup::ADAPTER_AWS_S3 && $backup->disk !== Backup::ADAPTER_WINGS) {
+            throw new BadRequestHttpException('The backup requested references an unknown disk driver type and cannot be downloaded.');
         }
+
+        $url = $this->downloadLinkService->handle($backup, $request->user());
+        $server->audit(AuditLog::SERVER__BACKUP_DOWNLOADED, function (AuditLog $audit) use ($backup) {
+            $audit->metadata = ['backup_uuid' => $backup->uuid];
+        });
+
+        return new JsonResponse([
+            'object' => 'signed_url',
+            'attributes' => ['url' => $url],
+        ]);
     }
 
     /**
diff --git a/app/Models/AuditLog.php b/app/Models/AuditLog.php
index c56eae4a8..88e8c1d8d 100644
--- a/app/Models/AuditLog.php
+++ b/app/Models/AuditLog.php
@@ -35,6 +35,7 @@ class AuditLog extends Model
     public const SERVER__BACKUP_FAILED = 'server:backup.failed';
     public const SERVER__BACKUP_COMPELTED = 'server:backup.completed';
     public const SERVER__BACKUP_DELETED = 'server:backup.deleted';
+    public const SERVER__BACKUP_DOWNLOADED = 'server:backup.downloaded';
     public const SERVER__BACKUP_RESTORE_STARTED = 'server:backup.restore.started';
     public const SERVER__BACKUP_RESTORE_COMPLETED = 'server:backup.restore.completed';
     public const SERVER__BACKUP_RESTORE_FAILED = 'server:backup.restore.failed';
diff --git a/app/Services/Backups/DownloadLinkService.php b/app/Services/Backups/DownloadLinkService.php
index 509c79ca2..7d5af4ca0 100644
--- a/app/Services/Backups/DownloadLinkService.php
+++ b/app/Services/Backups/DownloadLinkService.php
@@ -47,7 +47,7 @@ class DownloadLinkService
             ])
             ->handle($backup->server->node, $user->id . $backup->server->uuid);
 
-        return sprintf('%s/download/backup?token=%s', $backup->server->node->getConnectionAddress(), $token->__toString());
+        return sprintf('%s/download/backup?token=%s', $backup->server->node->getConnectionAddress(), $token->toString());
     }
 
     /**