|
|
@ -2,15 +2,41 @@ |
|
|
|
import { Request, Response, Router } from 'express'; |
|
|
|
import { Request, Response, Router } from 'express'; |
|
|
|
import multer from 'multer'; |
|
|
|
import multer from 'multer'; |
|
|
|
import { nanoid } from 'nanoid'; |
|
|
|
import { nanoid } from 'nanoid'; |
|
|
|
|
|
|
|
import { OrgUserRoles, ProjectRoles } from 'nocodb-sdk'; |
|
|
|
import path from 'path'; |
|
|
|
import path from 'path'; |
|
|
|
import slash from 'slash'; |
|
|
|
import slash from 'slash'; |
|
|
|
|
|
|
|
import Noco from '../../Noco'; |
|
|
|
|
|
|
|
import { MetaTable } from '../../utils/globals'; |
|
|
|
import mimetypes, { mimeIcons } from '../../utils/mimeTypes'; |
|
|
|
import mimetypes, { mimeIcons } from '../../utils/mimeTypes'; |
|
|
|
import { Tele } from 'nc-help'; |
|
|
|
import { Tele } from 'nc-help'; |
|
|
|
import ncMetaAclMw from '../helpers/ncMetaAclMw'; |
|
|
|
import extractProjectIdAndAuthenticate from '../helpers/extractProjectIdAndAuthenticate'; |
|
|
|
import catchError from '../helpers/catchError'; |
|
|
|
import catchError, { NcError } from '../helpers/catchError'; |
|
|
|
import NcPluginMgrv2 from '../helpers/NcPluginMgrv2'; |
|
|
|
import NcPluginMgrv2 from '../helpers/NcPluginMgrv2'; |
|
|
|
import { NC_ATTACHMENT_FIELD_SIZE } from '../../constants'; |
|
|
|
import { NC_ATTACHMENT_FIELD_SIZE } from '../../constants'; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
const isUploadAllowed = async (req: Request, _res: Response, next: any) => { |
|
|
|
|
|
|
|
try { |
|
|
|
|
|
|
|
// check user is super admin or creator
|
|
|
|
|
|
|
|
if ( |
|
|
|
|
|
|
|
req['user']?.roles?.includes(OrgUserRoles.SUPER_ADMIN) || |
|
|
|
|
|
|
|
req['user']?.roles?.includes(OrgUserRoles.CREATOR) || |
|
|
|
|
|
|
|
// if viewer then check at-least one project have editor or higher role
|
|
|
|
|
|
|
|
// todo: cache
|
|
|
|
|
|
|
|
!!(await Noco.ncMeta |
|
|
|
|
|
|
|
.knex(MetaTable.PROJECT_USERS) |
|
|
|
|
|
|
|
.where(function () { |
|
|
|
|
|
|
|
this.where('roles', ProjectRoles.OWNER); |
|
|
|
|
|
|
|
this.orWhere('roles', ProjectRoles.CREATOR); |
|
|
|
|
|
|
|
this.orWhere('roles', ProjectRoles.EDITOR); |
|
|
|
|
|
|
|
}) |
|
|
|
|
|
|
|
.andWhere('fk_user_id', req['user']?.id) |
|
|
|
|
|
|
|
.first()) |
|
|
|
|
|
|
|
) |
|
|
|
|
|
|
|
return next(); |
|
|
|
|
|
|
|
} catch {} |
|
|
|
|
|
|
|
NcError.badRequest('Upload not allowed'); |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
// const storageAdapter = new Local();
|
|
|
|
// const storageAdapter = new Local();
|
|
|
|
export async function upload(req: Request, res: Response) { |
|
|
|
export async function upload(req: Request, res: Response) { |
|
|
|
const filePath = sanitizeUrlPath( |
|
|
|
const filePath = sanitizeUrlPath( |
|
|
@ -156,11 +182,12 @@ router.post( |
|
|
|
fieldSize: NC_ATTACHMENT_FIELD_SIZE, |
|
|
|
fieldSize: NC_ATTACHMENT_FIELD_SIZE, |
|
|
|
}, |
|
|
|
}, |
|
|
|
}).any(), |
|
|
|
}).any(), |
|
|
|
ncMetaAclMw(upload, 'upload') |
|
|
|
[extractProjectIdAndAuthenticate, isUploadAllowed, catchError(upload)] |
|
|
|
); |
|
|
|
); |
|
|
|
router.post( |
|
|
|
router.post( |
|
|
|
'/api/v1/db/storage/upload-by-url', |
|
|
|
'/api/v1/db/storage/upload-by-url', |
|
|
|
ncMetaAclMw(uploadViaURL, 'uploadViaURL') |
|
|
|
|
|
|
|
|
|
|
|
[extractProjectIdAndAuthenticate, isUploadAllowed, catchError(uploadViaURL)] |
|
|
|
); |
|
|
|
); |
|
|
|
router.get(/^\/download\/(.+)$/, catchError(fileRead)); |
|
|
|
router.get(/^\/download\/(.+)$/, catchError(fileRead)); |
|
|
|
|
|
|
|
|
|
|
|