138 lines
4.8 KiB
JavaScript
138 lines
4.8 KiB
JavaScript
|
const Controller = require('libflitter/controller/Controller')
|
||
|
const Page = require('../../../models/api/Page.model')
|
||
|
const Node = require('../../../models/api/Node.model')
|
||
|
const FileGroup = require('../../../models/api/FileGroup.model')
|
||
|
const { ObjectId } = require('mongodb')
|
||
|
|
||
|
/*
|
||
|
* File Controller
|
||
|
* -------------------------------------------------------------
|
||
|
* Put some description here!
|
||
|
*/
|
||
|
class File extends Controller {
|
||
|
static get services() {
|
||
|
return [...super.services, 'models']
|
||
|
}
|
||
|
|
||
|
async create_config(req, res) {
|
||
|
const PageId = req.params.PageId
|
||
|
|
||
|
let page = await Page.findOne({UUID: PageId})
|
||
|
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||
|
if ( !page.accessible_by(req.user) ) return req.security.deny()
|
||
|
|
||
|
const NodeId = req.params.NodeId
|
||
|
|
||
|
let node = await Node.findOne({UUID: NodeId})
|
||
|
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||
|
|
||
|
const group = new FileGroup({
|
||
|
NodeId: node.UUID,
|
||
|
PageId: page.UUID,
|
||
|
FileIds: [],
|
||
|
})
|
||
|
|
||
|
await group.save()
|
||
|
req.user.allow(`files:${group.UUID}`)
|
||
|
await req.user.save()
|
||
|
|
||
|
return res.api(group)
|
||
|
}
|
||
|
|
||
|
async get_config(req, res) {
|
||
|
const PageId = req.params.PageId
|
||
|
|
||
|
let page = await Page.findOne({UUID: PageId})
|
||
|
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||
|
if ( !page.accessible_by(req.user) ) return req.security.deny()
|
||
|
|
||
|
const NodeId = req.params.NodeId
|
||
|
|
||
|
let node = await Node.findOne({UUID: NodeId})
|
||
|
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||
|
|
||
|
const group = await FileGroup.findOne({UUID: req.params.FilesId})
|
||
|
if ( !group ) return res.status(404).message('Invalid file group.').api({})
|
||
|
if ( !group.accessible_by(req.user) ) return req.security.deny()
|
||
|
|
||
|
const File = this.models.get('upload::File')
|
||
|
const files = await File.find({_id: {$in: group.FileIds.map(x => ObjectId(x))}})
|
||
|
group.files = files
|
||
|
|
||
|
return res.api(group)
|
||
|
}
|
||
|
|
||
|
async save_upload(req, res) {
|
||
|
const PageId = req.params.PageId
|
||
|
|
||
|
let page = await Page.findOne({UUID: PageId})
|
||
|
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||
|
if ( !page.accessible_by(req.user) ) return req.security.deny()
|
||
|
|
||
|
const NodeId = req.params.NodeId
|
||
|
|
||
|
let node = await Node.findOne({UUID: NodeId})
|
||
|
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||
|
|
||
|
const group = await FileGroup.findOne({UUID: req.params.FilesId})
|
||
|
if ( !group ) return res.status(404).message('Invalid file group.').api({})
|
||
|
if ( !group.accessible_by(req.user) ) return req.security.deny()
|
||
|
|
||
|
if ( req.uploads.uploaded_file ) {
|
||
|
group.FileIds.push(req.uploads.uploaded_file.id)
|
||
|
}
|
||
|
|
||
|
await group.save()
|
||
|
return res.redirect('/')
|
||
|
}
|
||
|
|
||
|
async download(req, res) {
|
||
|
const PageId = req.params.PageId
|
||
|
|
||
|
let page = await Page.findOne({UUID: PageId})
|
||
|
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||
|
if ( !page.accessible_by(req.user) ) return req.security.deny()
|
||
|
|
||
|
const NodeId = req.params.NodeId
|
||
|
|
||
|
let node = await Node.findOne({UUID: NodeId})
|
||
|
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||
|
|
||
|
const group = await FileGroup.findOne({UUID: req.params.FilesId})
|
||
|
if ( !group ) return res.status(404).message('Invalid file group.').api({})
|
||
|
if ( !group.accessible_by(req.user) ) return req.security.deny()
|
||
|
|
||
|
if ( !group.FileIds.includes(req.params.FileId) ) {
|
||
|
return req.security.deny()
|
||
|
}
|
||
|
|
||
|
const File = this.models.get('upload::File')
|
||
|
const file = await File.findOne({_id: ObjectId(req.params.FileId)})
|
||
|
if ( !file ) return res.status(404).api({})
|
||
|
|
||
|
return file.send(res)
|
||
|
}
|
||
|
|
||
|
async delete_group(req, res) {
|
||
|
const PageId = req.params.PageId
|
||
|
|
||
|
let page = await Page.findOne({UUID: PageId})
|
||
|
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
|
||
|
if ( !page.accessible_by(req.user) ) return req.security.deny()
|
||
|
|
||
|
const NodeId = req.params.NodeId
|
||
|
|
||
|
let node = await Node.findOne({UUID: NodeId})
|
||
|
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
|
||
|
|
||
|
const group = await FileGroup.findOne({UUID: req.params.FilesId})
|
||
|
if ( !group ) return res.status(404).message('Invalid file group.').api({})
|
||
|
if ( !group.accessible_by(req.user) ) return req.security.deny()
|
||
|
|
||
|
await group.delete()
|
||
|
return res.api({})
|
||
|
}
|
||
|
}
|
||
|
|
||
|
module.exports = exports = File
|