All files / lib/controllers attachment.ts

13.04% Statements 12/92
0% Branches 0/32
5.88% Functions 1/17
13.19% Lines 12/91

Press n or j to go to the next uncovered block, b, p or k for the previous block.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219                16x 16x 16x 16x 16x 16x   16x   16x                                                                                               16x                                                           16x                                                                                                                                                                                                     16x                                           16x    
import { Express } from 'express'
import Crowi from 'server/crowi'
import Debug from 'debug'
import fs from 'fs'
import FileUploader from '../util/fileUploader'
import ApiResponse from '../util/apiResponse'
 
export default (crowi: Crowi, app: Express) => {
  const debug = Debug('crowi:routs:attachment')
  const Attachment = crowi.model('Attachment')
  const Page = crowi.model('Page')
  const fileUploader = FileUploader(crowi)
  const actions = {} as any
  const api = {} as any
 
  actions.api = api
 
  api.redirector = function(req, res, next) {
    var id = req.params.id
 
    Attachment.findById(id)
      .then(function(data) {
        if (!data) {
          throw new Error('File not found')
        }
        // TODO: file delivery plugin for cdn
        Attachment.findDeliveryFile(data)
          .then(fileName => {
            const encodedFileName = encodeURIComponent(data.originalName)
 
            var deliveryFile = {
              fileName: fileName,
              options: {
                headers: {
                  'Content-Type': data.fileFormat,
                  'Content-Disposition': `inline;filename*=UTF-8''${encodedFileName}`,
                },
              },
            }
 
            if (deliveryFile.fileName.match(/^\/uploads/)) {
              debug('Using loacal file module, just redirecting.')
              return res.redirect(deliveryFile.fileName)
            } else {
              return res.sendFile(deliveryFile.fileName, deliveryFile.options)
            }
          })
          .catch(err => {
            // debug('error', err);
          })
      })
      .catch(err => {
        // debug('err', err);
        // not found
        return res.status(404).sendFile(crowi.publicDir + '/images/file-not-found.png')
      })
  }
 
  /**
   * @api {get} /attachments.list Get attachments of the page
   * @apiName ListAttachments
   * @apiGroup Attachment
   *
   * @apiParam {String} page_id
   */
  api.list = function(req, res) {
    var id = req.query.page_id || null
    if (!id) {
      return res.json(ApiResponse.error('Parameters page_id is required.'))
    }
 
    Attachment.getListByPageId(id).then(function(attachments) {
      var config = crowi.getConfig()
      var baseUrl = config.crowi['app:url'] || ''
      return res.json(
        ApiResponse.success({
          attachments: attachments.map(at => {
            var fileUrl = at.fileUrl
            at = at.toObject()
            at.url = baseUrl + fileUrl
            return at
          }),
        }),
      )
    })
  }
 
  /**
   * @api {post} /attachments.add Add attachment to the page
   * @apiName AddAttachments
   * @apiGroup Attachment
   *
   * @apiParam {String} page_id
   * @apiParam {File} file
   */
  api.add = async function(req, res) {
    const id = req.body.page_id || 0
    const path = decodeURIComponent(req.body.path) || null
    let pageCreated = false
    const page = {}
 
    debug('id and path are: ', id, path)
 
    const tmpFile = req.file || null
    debug('Uploaded tmpFile: ', tmpFile)
    if (!tmpFile) {
      return res.json(ApiResponse.error('File error.'))
    }
 
    try {
      let pageData
      if (id == 0) {
        if (path === null) {
          throw new Error('path required if page_id is not specified.')
        }
        debug('Create page before file upload')
        pageData = await Page.createPage(path, '# ' + path, req.user, { grant: Page.GRANT_OWNER })
        pageCreated = true
      } else {
        pageData = await Page.findPageById(id)
      }
 
      const tmpPath = tmpFile.path
      const originalName = tmpFile.originalname
      const fileName = tmpFile.filename + tmpFile.originalname
      const fileType = tmpFile.mimetype
      const fileSize = tmpFile.size
      const pageId = pageData._id
      const creator = req.user.id
      const fileFormat = fileType
 
      try {
        const filePath = Attachment.createAttachmentFilePath(pageId, fileName, fileType)
        const tmpFileStream = fs.createReadStream(tmpPath, {
          flags: 'r',
          mode: 666,
          autoClose: true,
        })
 
        const data = await fileUploader.uploadFile(filePath, fileType, tmpFileStream, {})
        debug('Uploaded data is: ', data)
 
        // TODO size
        const attachment = await Attachment.create({ pageId, creator, filePath, originalName, fileName, fileFormat, fileSize })
        let fileUrl = attachment.fileUrl
        const config = crowi.getConfig()
 
        // isLocalUrl??
        if (!fileUrl.match(/^https?/)) {
          fileUrl = (config.crowi['app:url'] || '') + fileUrl
        }
 
        const result = {
          page: pageData.toObject(),
          attachment: attachment.toObject(),
          url: fileUrl,
          pageCreated: pageCreated,
        }
 
        // delete anyway
        fs.unlink(tmpPath, function(err) {
          if (err) {
            debug('Error while deleting tmp file.')
          }
        })
 
        return res.json(ApiResponse.success(result))
      } catch (err) {
        debug('Error on saving attachment data', err)
        // @TODO
        // Remove from S3
 
        // delete anyway
        fs.unlink(tmpPath, function(err) {
          if (err) {
            debug('Error while deleting tmp file.')
          }
        })
 
        return res.json(ApiResponse.error('Error while uploading.'))
      }
    } catch (err) {
      debug('Attachement upload error', err)
      return res.json(ApiResponse.error('Error.'))
    }
  }
 
  /**
   * @api {post} /attachments.remove Remove attachments
   * @apiName RemoveAttachments
   * @apiGroup Attachment
   *
   * @apiParam {String} attachment_id
   */
  api.remove = function(req, res) {
    const id = req.body.attachment_id
 
    Attachment.findById(id)
      .then(function(attachment) {
        if (!attachment) throw new Error('Attachment not found')
 
        Attachment.removeAttachment(attachment)
          .then(data => {
            debug('removeAttachment', data)
            return res.json(ApiResponse.success({}))
          })
          .catch(err => {
            return res.status(500).json(ApiResponse.error('Error while deleting file'))
          })
      })
      .catch(err => {
        debug('Error', err)
        return res.status(404)
      })
  }
 
  return actions
}