This commit is contained in:
@@ -1,4 +1,5 @@
|
||||
const { Middleware } = require('libflitter')
|
||||
const { ObjectId } = require('mongodb')
|
||||
|
||||
class DataInjectionMiddleware extends Middleware {
|
||||
static get services() {
|
||||
@@ -103,6 +104,45 @@ class DataInjectionMiddleware extends Middleware {
|
||||
req.form.file_group = file_group
|
||||
}
|
||||
|
||||
// Try to load in the file box
|
||||
if ( req.params.FileBoxId ) {
|
||||
const FileBox = this.models.get('api:files:FileBox')
|
||||
const file_box = await FileBox.findOne({
|
||||
UUID: req.params.FileBoxId,
|
||||
pageId: req.params.PageId,
|
||||
active: true,
|
||||
})
|
||||
|
||||
if ( !file_box ) {
|
||||
return res.status(404)
|
||||
.message('Invalid file box ID.')
|
||||
.api()
|
||||
}
|
||||
|
||||
req.form.file_box = file_box
|
||||
|
||||
if ( req.params.FileBoxFileId ) {
|
||||
const File = this.models.get('upload::File')
|
||||
if ( !file_box.fileIds.includes(req.params.FileBoxFileId) ) {
|
||||
return res.status(400)
|
||||
.message('Invalid file box file ID.')
|
||||
.api()
|
||||
}
|
||||
|
||||
const file = await File.findOne({
|
||||
_id: ObjectId(req.params.FileBoxFileId),
|
||||
})
|
||||
|
||||
if ( !file ) {
|
||||
return res.status(400)
|
||||
.message('Invalid file box file ID.')
|
||||
.api()
|
||||
}
|
||||
|
||||
req.form.file = file
|
||||
}
|
||||
}
|
||||
|
||||
return next()
|
||||
}
|
||||
}
|
||||
|
||||
56
app/routing/routers/api/v1/file-box.routes.js
Normal file
56
app/routing/routers/api/v1/file-box.routes.js
Normal file
@@ -0,0 +1,56 @@
|
||||
module.exports = exports = {
|
||||
|
||||
prefix: '/api/v1/file-box',
|
||||
|
||||
middleware: [],
|
||||
|
||||
get: {
|
||||
'/:PageId/:FileBoxId': [
|
||||
'middleware::auth:ApiRoute',
|
||||
['middleware::api:DataInjection', { access_level: 'view' }],
|
||||
'controller::api:v1:FileBox.get_box',
|
||||
],
|
||||
'/:PageId/:FileBoxId/files': [
|
||||
'middleware::auth:ApiRoute',
|
||||
['middleware::api:DataInjection', { access_level: 'view' }],
|
||||
'controller::api:v1:FileBox.get_files',
|
||||
],
|
||||
},
|
||||
|
||||
post: {
|
||||
'/:PageId/create': [
|
||||
'middleware::auth:ApiRoute',
|
||||
['middleware::api:DataInjection', { access_level: 'update' }],
|
||||
'controller::api:v1:FileBox.create',
|
||||
],
|
||||
'/:PageId/:FileBoxId': [
|
||||
'middleware::auth:ApiRoute',
|
||||
['middleware::api:DataInjection', { access_level: 'update' }],
|
||||
'controller::api:v1:FileBox.update',
|
||||
],
|
||||
'/:PageId/:FileBoxId/files': [
|
||||
'middleware::auth:ApiRoute',
|
||||
['middleware::api:DataInjection', { access_level: 'update' }],
|
||||
['middleware::upload:UploadFile', { tag: 'file_box_file' }],
|
||||
'controller::api:v1:FileBox.upload_files',
|
||||
],
|
||||
'/:PageId/:FileBoxId/files/:FileBoxFileId': [
|
||||
'middleware::auth:ApiRoute',
|
||||
['middleware::api:DataInjection', { access_level: 'update' }],
|
||||
'controller::api:v1:FileBox.update_file',
|
||||
],
|
||||
},
|
||||
|
||||
delete: {
|
||||
'/:PageId/:FileBoxId': [
|
||||
'middleware::auth:ApiRoute',
|
||||
['middleware::api:DataInjection', { access_level: 'update' }],
|
||||
'controller::api:v1:FileBox.delete_box',
|
||||
],
|
||||
'/:PageId/:FileBoxId/files/:FileBoxFileId': [
|
||||
'middleware::auth:ApiRoute',
|
||||
['middleware::api:DataInjection', { access_level: 'update' }],
|
||||
'controller::api:v1:FileBox.delete_file',
|
||||
],
|
||||
},
|
||||
}
|
||||
Reference in New Issue
Block a user