Spaces:
Runtime error
Runtime error
File size: 3,504 Bytes
1307964 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
const path = require('path');
const fs = require('fs');
const writeFileSyncAtomic = require('write-file-atomic').sync;
const express = require('express');
const sanitize = require('sanitize-filename');
const router = express.Router();
const { validateAssetFileName } = require('./assets');
const { jsonParser } = require('../express-common');
const { clientRelativePath } = require('../util');
router.post('/sanitize-filename', jsonParser, async (request, response) => {
try {
const fileName = String(request.body.fileName);
if (!fileName) {
return response.status(400).send('No fileName specified');
}
const sanitizedFilename = sanitize(fileName);
return response.send({ fileName: sanitizedFilename });
} catch (error) {
console.log(error);
return response.sendStatus(500);
}
});
router.post('/upload', jsonParser, async (request, response) => {
try {
if (!request.body.name) {
return response.status(400).send('No upload name specified');
}
if (!request.body.data) {
return response.status(400).send('No upload data specified');
}
// Validate filename
const validation = validateAssetFileName(request.body.name);
if (validation.error)
return response.status(400).send(validation.message);
const pathToUpload = path.join(request.user.directories.files, request.body.name);
writeFileSyncAtomic(pathToUpload, request.body.data, 'base64');
const url = clientRelativePath(request.user.directories.root, pathToUpload);
console.log(`Uploaded file: ${url} from ${request.user.profile.handle}`);
return response.send({ path: url });
} catch (error) {
console.log(error);
return response.sendStatus(500);
}
});
router.post('/delete', jsonParser, async (request, response) => {
try {
if (!request.body.path) {
return response.status(400).send('No path specified');
}
const pathToDelete = path.join(request.user.directories.root, request.body.path);
if (!pathToDelete.startsWith(request.user.directories.files)) {
return response.status(400).send('Invalid path');
}
if (!fs.existsSync(pathToDelete)) {
return response.status(404).send('File not found');
}
fs.rmSync(pathToDelete);
console.log(`Deleted file: ${request.body.path} from ${request.user.profile.handle}`);
return response.sendStatus(200);
} catch (error) {
console.log(error);
return response.sendStatus(500);
}
});
router.post('/verify', jsonParser, async (request, response) => {
try {
if (!Array.isArray(request.body.urls)) {
return response.status(400).send('No URLs specified');
}
const verified = {};
for (const url of request.body.urls) {
const pathToVerify = path.join(request.user.directories.root, url);
if (!pathToVerify.startsWith(request.user.directories.files)) {
console.debug(`File verification: Invalid path: ${pathToVerify}`);
continue;
}
const fileExists = fs.existsSync(pathToVerify);
verified[url] = fileExists;
}
return response.send(verified);
} catch (error) {
console.log(error);
return response.sendStatus(500);
}
});
module.exports = { router };
|