|
|
@ -7,9 +7,9 @@ import { |
|
|
|
Query, |
|
|
|
Query, |
|
|
|
Request, |
|
|
|
Request, |
|
|
|
Response, |
|
|
|
Response, |
|
|
|
UploadedFiles, |
|
|
|
UploadedFiles, UseGuards, |
|
|
|
UseInterceptors, |
|
|
|
UseInterceptors, |
|
|
|
} from '@nestjs/common'; |
|
|
|
} from '@nestjs/common' |
|
|
|
import multer from 'multer'; |
|
|
|
import multer from 'multer'; |
|
|
|
import { FileInterceptor, FilesInterceptor } from '@nestjs/platform-express'; |
|
|
|
import { FileInterceptor, FilesInterceptor } from '@nestjs/platform-express'; |
|
|
|
import { OrgUserRoles, ProjectRoles } from 'nocodb-sdk'; |
|
|
|
import { OrgUserRoles, ProjectRoles } from 'nocodb-sdk'; |
|
|
@ -17,44 +17,17 @@ import path from 'path'; |
|
|
|
import { NC_ATTACHMENT_FIELD_SIZE } from '../../constants'; |
|
|
|
import { NC_ATTACHMENT_FIELD_SIZE } from '../../constants'; |
|
|
|
import { NcError } from '../../helpers/catchError'; |
|
|
|
import { NcError } from '../../helpers/catchError'; |
|
|
|
import { UploadAllowedInterceptor } from '../../interceptors/is-upload-allowed/is-upload-allowed.interceptor'; |
|
|
|
import { UploadAllowedInterceptor } from '../../interceptors/is-upload-allowed/is-upload-allowed.interceptor'; |
|
|
|
|
|
|
|
import { ExtractProjectIdMiddleware } from '../../middlewares/extract-project-id/extract-project-id.middleware' |
|
|
|
import Noco from '../../Noco'; |
|
|
|
import Noco from '../../Noco'; |
|
|
|
import { MetaTable } from '../../utils/globals'; |
|
|
|
import { MetaTable } from '../../utils/globals'; |
|
|
|
import { AttachmentsService } from './attachments.service'; |
|
|
|
import { AttachmentsService } from './attachments.service'; |
|
|
|
|
|
|
|
import { AuthGuard } from '@nestjs/passport'; |
|
|
|
const isUploadAllowedMw = async (req: Request, _res: Response, next: any) => { |
|
|
|
|
|
|
|
if (!req['user']?.id) { |
|
|
|
|
|
|
|
if (!req['user']?.isPublicBase) { |
|
|
|
|
|
|
|
NcError.unauthorized('Unauthorized'); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
try { |
|
|
|
|
|
|
|
// check user is super admin or creator
|
|
|
|
|
|
|
|
if ( |
|
|
|
|
|
|
|
req['user'].roles?.includes(OrgUserRoles.SUPER_ADMIN) || |
|
|
|
|
|
|
|
req['user'].roles?.includes(OrgUserRoles.CREATOR) || |
|
|
|
|
|
|
|
req['user'].roles?.includes(ProjectRoles.EDITOR) || |
|
|
|
|
|
|
|
// if viewer then check at-least one project have editor or higher role
|
|
|
|
|
|
|
|
// todo: cache
|
|
|
|
|
|
|
|
!!(await Noco.ncMeta |
|
|
|
|
|
|
|
.knex(MetaTable.PROJECT_USERS) |
|
|
|
|
|
|
|
.where(function () { |
|
|
|
|
|
|
|
this.where('roles', ProjectRoles.OWNER); |
|
|
|
|
|
|
|
this.orWhere('roles', ProjectRoles.CREATOR); |
|
|
|
|
|
|
|
this.orWhere('roles', ProjectRoles.EDITOR); |
|
|
|
|
|
|
|
}) |
|
|
|
|
|
|
|
.andWhere('fk_user_id', req['user'].id) |
|
|
|
|
|
|
|
.first()) |
|
|
|
|
|
|
|
) |
|
|
|
|
|
|
|
return next(); |
|
|
|
|
|
|
|
} catch {} |
|
|
|
|
|
|
|
NcError.badRequest('Upload not allowed'); |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Controller() |
|
|
|
@Controller() |
|
|
|
export class AttachmentsController { |
|
|
|
export class AttachmentsController { |
|
|
|
constructor(private readonly attachmentsService: AttachmentsService) {} |
|
|
|
constructor(private readonly attachmentsService: AttachmentsService) {} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) |
|
|
|
@Post( |
|
|
|
@Post( |
|
|
|
'/api/v1/db/storage/upload', |
|
|
|
'/api/v1/db/storage/upload', |
|
|
|
// multer({
|
|
|
|
// multer({
|
|
|
@ -104,6 +77,7 @@ export class AttachmentsController { |
|
|
|
// catchError(uploadViaURL),
|
|
|
|
// catchError(uploadViaURL),
|
|
|
|
// ]
|
|
|
|
// ]
|
|
|
|
// );
|
|
|
|
// );
|
|
|
|
|
|
|
|
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) |
|
|
|
async uploadViaURL(@Body() body: any, @Query('path') path: string) { |
|
|
|
async uploadViaURL(@Body() body: any, @Query('path') path: string) { |
|
|
|
const attachments = await this.attachmentsService.uploadViaURL({ |
|
|
|
const attachments = await this.attachmentsService.uploadViaURL({ |
|
|
|
urls: body, |
|
|
|
urls: body, |
|
|
|