Mirror/filesafe
1
0
Fork 0
mirror of https://github.com/BobbyWibowo/lolisafe.git synced 2024-12-13 16:06:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
765f8c9880
filesafe/controllers/uploadController.js

767 lines
26 KiB
JavaScript
Raw Normal View History

Updates * Added VSCode settings to git repo. Now you can match yours with mine, if you want. * Added .jsbeautifyrc for js-beautify (to be used by VSCode's Beautify extension). * Refactored all instances of require('**/*.js') with require('**/*') wherever applicable (basically gotten rid of the .js extension). * Refactored path in all instances of require() wherever applicable. * Sorted instances of require() wherever applicable. * Fixed 500 HTTP error trying to load an error page for 505 HTTP error. * Removed special treatement of NoJS page from uploadsController.processFilesForDisplay(). * Updated version string of all static files. * Beautified all HTML, HANDLEBARS and CSS files. * Refactored the structure of footer links in homepage and No-JS uploader. This should now fix homepage going out-of-bound in smaller screens. * Added CSS prefixes wherever applicable. * Improved back-end side of No-JS uploader. This will now handle errors properly. * No-JS uploader will now show max file size. * No-JS uploader will now show a proper message when private mode is enabled and/or registration is disabled.
2018-04-13 16:20:57 +00:00
const config = require('./../config')
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
const crypto = require('crypto')
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
const db = require('knex')(config.database)
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
const fetch = require('node-fetch')
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
const fs = require('fs')
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
const multer = require('multer')
const path = require('path')
Moved permission-related functions to permissionController Fix: non-root staffs are now able to delete files by any users (previously they could only list them).
2018-10-13 11:06:58 +00:00
const perms = require('./permissionController')
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
const randomstring = require('randomstring')
Updates * Added VSCode settings to git repo. Now you can match yours with mine, if you want. * Added .jsbeautifyrc for js-beautify (to be used by VSCode's Beautify extension). * Refactored all instances of require('**/*.js') with require('**/*') wherever applicable (basically gotten rid of the .js extension). * Refactored path in all instances of require() wherever applicable. * Sorted instances of require() wherever applicable. * Fixed 500 HTTP error trying to load an error page for 505 HTTP error. * Removed special treatement of NoJS page from uploadsController.processFilesForDisplay(). * Updated version string of all static files. * Beautified all HTML, HANDLEBARS and CSS files. * Refactored the structure of footer links in homepage and No-JS uploader. This should now fix homepage going out-of-bound in smaller screens. * Added CSS prefixes wherever applicable. * Improved back-end side of No-JS uploader. This will now handle errors properly. * No-JS uploader will now show max file size. * No-JS uploader will now show a proper message when private mode is enabled and/or registration is disabled.
2018-04-13 16:20:57 +00:00
const utils = require('./utilsController')
First version
2017-01-13 07:34:21 +00:00
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
const uploadsController = {}
First version
2017-01-13 07:34:21 +00:00
Updates * Updated file name checker to use for-loop instead of do-while-loop. * Replaced all instances of eslint-disable-line with eslint-disable-next-line.
2018-03-18 13:13:08 +00:00
const maxTries = config.uploads.maxTries || 1
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
const uploadsDir = path.join(__dirname, '..', config.uploads.folder)
Updates (please update your config.js) NOTICE: Please update your config.js. Use config.sample.js as the template. There were a couple of renames and restructures. * Album zipper API route will now internally save its state when it's generating zip files, and any subsequent requests will silently be "postponed" until the first spawned task is finished. This will guarantee that there are no multiple zipping tasks for the same album. The method may seem a bit hackish though. * All instances of console.log(error) were replaced with console.error(error). This will guarantee that any error goes to stderr instead of stdout. * Deleting file by names will now properly remove successful files from the textarea. There was a logic flaw. * Failure to generate thumbnails will no longer print the full stack, but instead only the error message. It will also then symlink a template image from /public/images/unavailable.png (it's only a simple image that says that it failed to generate thumbnail). This haven't been tested in Windows machines, but it'll probably work fine. I thought of adding a new column to files table which will store information whether the thumbnail generation is sucessful or not, but oh well, I'll go with this method for now.
2018-05-09 08:41:30 +00:00
const chunkedUploads = Boolean(config.uploads.chunkSize)
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
const chunksDir = path.join(uploadsDir, 'chunks')
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
const maxSize = config.uploads.maxSize
const maxSizeBytes = parseInt(maxSize) * 1000000
const urlMaxSizeBytes = parseInt(config.uploads.urlMaxSize) * 1000000
Updates * Patched delete function to continue deleting the file from the database if the physical file is missing from the expected path. * Patched delete function to not print any error message if the file does not have any thumbnail. * Patched uploader to check the existence of file with the same name, then try to generate a new random name if true, up to 3 times. If it still can not generate a unique random name after 3 times, it will throw an error saying that it can not allocate a name to the client. This will be useful when shortening file name in the config file.
2018-03-13 14:51:39 +00:00
First version
2017-01-13 07:34:21 +00:00
const storage = multer.diskStorage({
Updates * Updated eslint-plugin-import dev dependency. * Added 2 new ESLint rules: "prefer-const" and "object-shorthand". * Refactor all JS files to follow the new ESLint rules. * Refactored all instances of for-i into for-of wherever applicable.
2018-04-05 10:52:57 +00:00
destination (req, file, cb) {
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
// If chunked uploads is disabled or the uploaded file is not a chunk
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!chunkedUploads || (req.body.uuid === undefined && req.body.chunkindex === undefined))
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
return cb(null, uploadsDir)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
const uuidDir = path.join(chunksDir, req.body.uuid)
Updates * Refactored all instances of "err" into "error". * Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4) * Removed fontello.css from auth.html. * Updated a bunch of styling. * Added "copy link to clipboard" button to thumbs view. * Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button. * Updated icons. * ... and perhaps some others that I can't remember?
2018-03-29 23:22:08 +00:00
fs.access(uuidDir, error => {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!error) return cb(null, uuidDir)
Updates * Refactored all instances of "err" into "error". * Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4) * Removed fontello.css from auth.html. * Updated a bunch of styling. * Added "copy link to clipboard" button to thumbs view. * Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button. * Updated icons. * ... and perhaps some others that I can't remember?
2018-03-29 23:22:08 +00:00
fs.mkdir(uuidDir, error => {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!error) return cb(null, uuidDir)
Updates (please update your config.js) NOTICE: Please update your config.js. Use config.sample.js as the template. There were a couple of renames and restructures. * Album zipper API route will now internally save its state when it's generating zip files, and any subsequent requests will silently be "postponed" until the first spawned task is finished. This will guarantee that there are no multiple zipping tasks for the same album. The method may seem a bit hackish though. * All instances of console.log(error) were replaced with console.error(error). This will guarantee that any error goes to stderr instead of stdout. * Deleting file by names will now properly remove successful files from the textarea. There was a logic flaw. * Failure to generate thumbnails will no longer print the full stack, but instead only the error message. It will also then symlink a template image from /public/images/unavailable.png (it's only a simple image that says that it failed to generate thumbnail). This haven't been tested in Windows machines, but it'll probably work fine. I thought of adding a new column to files table which will store information whether the thumbnail generation is sucessful or not, but oh well, I'll go with this method for now.
2018-05-09 08:41:30 +00:00
console.error(error)
Merge branch 'pr-retry-names' into safe.fiery.me
2018-03-18 16:59:03 +00:00
// eslint-disable-next-line standard/no-callback-literal
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
return cb('Could not process the chunked upload. Try again?')
Merge branch 'pr-retry-names' into safe.fiery.me
2018-03-18 16:59:03 +00:00
})
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
})
},
Updates * Updated eslint-plugin-import dev dependency. * Added 2 new ESLint rules: "prefer-const" and "object-shorthand". * Refactor all JS files to follow the new ESLint rules. * Refactored all instances of for-i into for-of wherever applicable.
2018-04-05 10:52:57 +00:00
filename (req, file, cb) {
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
// If chunked uploads is disabled or the uploaded file is not a chunk
if (!chunkedUploads || (req.body.uuid === undefined && req.body.chunkindex === undefined)) {
Reworked extension parsing Removed "path-complete-extname" module in favor of an in-house solution, utilsController.extname(). For now the function will attempt to preserve multi-archive extensions (.001, .002, and so on), as well as some known tarballs (.tar.gz and the likes). The function will always return lower case extension. It should be fine, but do keep it in mind.
2018-09-17 19:32:27 +00:00
const extension = utils.extname(file.originalname)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
const length = uploadsController.getFileNameLength(req)
Init ids-cache branch
2018-12-03 09:18:52 +00:00
return uploadsController.getUniqueRandomName(length, extension, req.app.get('uploads-set'))
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
.then(name => cb(null, name))
.catch(error => cb(error))
Updates * Patched delete function to continue deleting the file from the database if the physical file is missing from the expected path. * Patched delete function to not print any error message if the file does not have any thumbnail. * Patched uploader to check the existence of file with the same name, then try to generate a new random name if true, up to 3 times. If it still can not generate a unique random name after 3 times, it will throw an error saying that it can not allocate a name to the client. This will be useful when shortening file name in the config file.
2018-03-13 14:51:39 +00:00
}
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updates * Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way. * Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container. * Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead. * Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage. * Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension. * Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably). * Some other small changes and tweaks in uploadController.js.
2018-04-08 18:30:25 +00:00
// index.extension (e.i. 0, 1, ..., n - will prepend zeros depending on the amount of chunks)
Updates Some small fixes Removed GET route of /upload/delete. I first wanted to implement a ShareX-compatible deletion URL, but then I figured I'd need to setup delete token system, and I was like, "screw that, I don't even use ShareX", so yeah.
2018-12-18 18:14:24 +00:00
const digits = req.body.totalchunkcount !== undefined ? `${req.body.totalchunkcount - 1}`.length : 1
Bug fix for chunked uploads support Previously chunks merging would end up with corrupted files if the files were chunked into more than 10 chunks. It had something to do with incorrect file names sorting. This commit would fix it by prepending zeros to the file names depending on the amount of chunks.
2018-03-28 14:10:20 +00:00
const zeros = new Array(digits + 1).join('0')
const name = (zeros + req.body.chunkindex).slice(-digits)
Updates * Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way. * Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container. * Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead. * Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage. * Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension. * Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably). * Some other small changes and tweaks in uploadController.js.
2018-04-08 18:30:25 +00:00
return cb(null, name)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
}
})
First version
2017-01-13 07:34:21 +00:00
const upload = multer({
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
storage,
limits: {
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
fileSize: maxSizeBytes
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
},
Updates * Updated eslint-plugin-import dev dependency. * Added 2 new ESLint rules: "prefer-const" and "object-shorthand". * Refactor all JS files to follow the new ESLint rules. * Refactored all instances of for-i into for-of wherever applicable.
2018-04-05 10:52:57 +00:00
fileFilter (req, file, cb) {
Reworked extension parsing Removed "path-complete-extname" module in favor of an in-house solution, utilsController.extname(). For now the function will attempt to preserve multi-archive extensions (.001, .002, and so on), as well as some known tarballs (.tar.gz and the likes). The function will always return lower case extension. It should be fine, but do keep it in mind.
2018-09-17 19:32:27 +00:00
const extname = utils.extname(file.originalname)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (uploadsController.isExtensionFiltered(extname))
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
// eslint-disable-next-line standard/no-callback-literal
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
return cb(`${extname ? `${extname.substr(1).toUpperCase()} files` : 'Files with no extension'} are not permitted.`)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updates (please update your config.js) NOTICE: Please update your config.js. Use config.sample.js as the template. There were a couple of renames and restructures. * Album zipper API route will now internally save its state when it's generating zip files, and any subsequent requests will silently be "postponed" until the first spawned task is finished. This will guarantee that there are no multiple zipping tasks for the same album. The method may seem a bit hackish though. * All instances of console.log(error) were replaced with console.error(error). This will guarantee that any error goes to stderr instead of stdout. * Deleting file by names will now properly remove successful files from the textarea. There was a logic flaw. * Failure to generate thumbnails will no longer print the full stack, but instead only the error message. It will also then symlink a template image from /public/images/unavailable.png (it's only a simple image that says that it failed to generate thumbnail). This haven't been tested in Windows machines, but it'll probably work fine. I thought of adding a new column to files table which will store information whether the thumbnail generation is sucessful or not, but oh well, I'll go with this method for now.
2018-05-09 08:41:30 +00:00
// Re-map Dropzone keys so people can manually use the API without prepending 'dz'
for (const key in req.body) {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!/^dz/.test(key)) continue
Updates (please update your config.js) NOTICE: Please update your config.js. Use config.sample.js as the template. There were a couple of renames and restructures. * Album zipper API route will now internally save its state when it's generating zip files, and any subsequent requests will silently be "postponed" until the first spawned task is finished. This will guarantee that there are no multiple zipping tasks for the same album. The method may seem a bit hackish though. * All instances of console.log(error) were replaced with console.error(error). This will guarantee that any error goes to stderr instead of stdout. * Deleting file by names will now properly remove successful files from the textarea. There was a logic flaw. * Failure to generate thumbnails will no longer print the full stack, but instead only the error message. It will also then symlink a template image from /public/images/unavailable.png (it's only a simple image that says that it failed to generate thumbnail). This haven't been tested in Windows machines, but it'll probably work fine. I thought of adding a new column to files table which will store information whether the thumbnail generation is sucessful or not, but oh well, I'll go with this method for now.
2018-05-09 08:41:30 +00:00
req.body[key.replace(/^dz/, '')] = req.body[key]
delete req.body[key]
}
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
if (req.body.chunkindex) {
if (!chunkedUploads)
Updates (please update your config.js) NOTICE: Please update your config.js. Use config.sample.js as the template. There were a couple of renames and restructures. * Album zipper API route will now internally save its state when it's generating zip files, and any subsequent requests will silently be "postponed" until the first spawned task is finished. This will guarantee that there are no multiple zipping tasks for the same album. The method may seem a bit hackish though. * All instances of console.log(error) were replaced with console.error(error). This will guarantee that any error goes to stderr instead of stdout. * Deleting file by names will now properly remove successful files from the textarea. There was a logic flaw. * Failure to generate thumbnails will no longer print the full stack, but instead only the error message. It will also then symlink a template image from /public/images/unavailable.png (it's only a simple image that says that it failed to generate thumbnail). This haven't been tested in Windows machines, but it'll probably work fine. I thought of adding a new column to files table which will store information whether the thumbnail generation is sucessful or not, but oh well, I'll go with this method for now.
2018-05-09 08:41:30 +00:00
// eslint-disable-next-line standard/no-callback-literal
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
return cb('Chunked uploads are disabled at the moment.')
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
const totalfilesize = parseInt(req.body.totalfilesize)
if (!isNaN(totalfilesize)) {
if (config.filterEmptyFile && totalfilesize === 0)
// eslint-disable-next-line standard/no-callback-literal
return cb('Empty files are not allowed.')
if (totalfilesize > maxSizeBytes)
// eslint-disable-next-line standard/no-callback-literal
return cb('Chunk error occurred. Total file size is larger than the maximum file size.')
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
}
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
}
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
return cb(null, true)
}
}).array('files[]')
First version
2017-01-13 07:34:21 +00:00
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
uploadsController.isExtensionFiltered = extname => {
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
// If empty extension needs to be filtered
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!extname && config.filterNoExtension) return true
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
// If there are extensions that have to be filtered
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
if (extname && Array.isArray(config.extensionsFilter) && config.extensionsFilter.length) {
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
const match = config.extensionsFilter.some(extension => extname === extension.toLowerCase())
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
const whitelist = config.extensionsFilterMode === 'whitelist'
if ((!whitelist && match) || (whitelist && !match)) return true
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
}
return false
}
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
uploadsController.getFileNameLength = req => {
// If the user has a preferred file length, make sure it is within the allowed range
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (req.headers.filelength)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
return Math.min(Math.max(req.headers.filelength, config.uploads.fileLength.min), config.uploads.fileLength.max)
// Let's default it to 32 characters when config key is falsy
return config.uploads.fileLength.default || 32
}
Init ids-cache branch
2018-12-03 09:18:52 +00:00
uploadsController.getUniqueRandomName = (length, extension, set) => {
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
return new Promise((resolve, reject) => {
const access = i => {
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
const identifier = randomstring.generate(length)
Updates Added a new config entry named "cacheFileIdentifiers". More info in config.sample.js file. Improved some descriptions in config.sample.js file. Added some CSS animations wherever applicable. Bumped v1 version string.
2018-12-04 11:58:53 +00:00
if (config.uploads.cacheFileIdentifiers) {
Updates Disabling cacheFileIdentifiers will now restore the old behavior of having less strict collision checks. Fulfills https://github.com/BobbyWibowo/lolisafe/issues/12.
2018-12-08 00:38:12 +00:00
// Check whether the identifier is already used in cache
Init ids-cache branch
2018-12-03 09:18:52 +00:00
if (set.has(identifier)) {
Updates Disabling cacheFileIdentifiers will now restore the old behavior of having less strict collision checks. Fulfills https://github.com/BobbyWibowo/lolisafe/issues/12.
2018-12-08 00:38:12 +00:00
console.log(`Identifier ${identifier} is already in use (${++i}/${maxTries}).`)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (i < maxTries) return access(i)
Init ids-cache branch
2018-12-03 09:18:52 +00:00
// eslint-disable-next-line prefer-promise-reject-errors
return reject('Sorry, we could not allocate a unique random name. Try again?')
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
}
Init ids-cache branch
2018-12-03 09:18:52 +00:00
set.add(identifier)
// console.log(`Added ${identifier} to identifiers cache`)
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
return resolve(identifier + extension)
Init ids-cache branch
2018-12-03 09:18:52 +00:00
} else {
Updated uploadController.js
2018-12-08 00:38:42 +00:00
// Less stricter collision check, as in the same identifier
Updates Disabling cacheFileIdentifiers will now restore the old behavior of having less strict collision checks. Fulfills https://github.com/BobbyWibowo/lolisafe/issues/12.
2018-12-08 00:38:12 +00:00
// can be used by multiple different extensions
const name = identifier + extension
fs.access(path.join(uploadsDir, name), error => {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (error) return resolve(name)
Updates Disabling cacheFileIdentifiers will now restore the old behavior of having less strict collision checks. Fulfills https://github.com/BobbyWibowo/lolisafe/issues/12.
2018-12-08 00:38:12 +00:00
console.log(`A file named ${name} already exists (${++i}/${maxTries}).`)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (i < maxTries) return access(i)
Updates Disabling cacheFileIdentifiers will now restore the old behavior of having less strict collision checks. Fulfills https://github.com/BobbyWibowo/lolisafe/issues/12.
2018-12-08 00:38:12 +00:00
// eslint-disable-next-line prefer-promise-reject-errors
return reject('Sorry, we could not allocate a unique random name. Try again?')
Init ids-cache branch
2018-12-03 09:18:52 +00:00
})
}
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
}
access(0)
})
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
}
ES6 rewrite
2017-10-04 00:13:38 +00:00
uploadsController.upload = async (req, res, next) => {
Updates * Better auth handling. * Deleting a file will no longer cause the dashboard to load the very first page of uploaded files list. It will instead reload the currently viewed page. * Updated dropzone (I guess).
2018-03-24 19:47:41 +00:00
let user
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
if (config.private === true) {
Updates * Better auth handling. * Deleting a file will no longer cause the dashboard to load the very first page of uploaded files list. It will instead reload the currently viewed page. * Updated dropzone (I guess).
2018-03-24 19:47:41 +00:00
user = await utils.authorize(req, res)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!user) return
Updates Updated ESLint rule: curly, again. Mainly to also enabled "consistent" rule, which enforces curly into else/elseif blocks, if its if block requires curly. Added support for GET requests to /api/delete route. Its usage is /api/delete/identifier, where identifier is the filename. Though just like its POST route, it needs token in the header.
2018-12-18 17:41:42 +00:00
} else if (req.headers.token) {
Updates * Better auth handling. * Deleting a file will no longer cause the dashboard to load the very first page of uploaded files list. It will instead reload the currently viewed page. * Updated dropzone (I guess).
2018-03-24 19:47:41 +00:00
user = await db.table('users').where('token', req.headers.token).first()
Updates Updated ESLint rule: curly, again. Mainly to also enabled "consistent" rule, which enforces curly into else/elseif blocks, if its if block requires curly. Added support for GET requests to /api/delete route. Its usage is /api/delete/identifier, where identifier is the filename. Though just like its POST route, it needs token in the header.
2018-12-18 17:41:42 +00:00
}
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (user && (user.enabled === false || user.enabled === 0))
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
return res.json({ success: false, description: 'This account has been disabled.' })
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (user && user.fileLength && !req.headers.filelength)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
req.headers.filelength = user.fileLength
Updates * Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones. * Refactored the way it looks into which albums the files are supposed to be added into. For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs. For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future. * Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work. * Updated error message when successful uploads could not be added to album. * "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
2018-04-05 12:54:24 +00:00
let albumid = parseInt(req.headers.albumid || req.params.albumid)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (isNaN(albumid)) albumid = null
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (req.body.urls)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
return uploadsController.actuallyUploadByUrl(req, res, user, albumid)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
else
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
return uploadsController.actuallyUpload(req, res, user, albumid)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
}
Small fix for listing
2017-01-19 06:34:48 +00:00
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
uploadsController.actuallyUpload = async (req, res, user, albumid) => {
Updates * Refactored all instances of "err" into "error". * Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4) * Removed fontello.css from auth.html. * Updated a bunch of styling. * Added "copy link to clipboard" button to thumbs view. * Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button. * Updated icons. * ... and perhaps some others that I can't remember?
2018-03-29 23:22:08 +00:00
const erred = error => {
Updates uploadController.js: * Fixed chunk uploads failing when "blockedExtensions" is missing from the config file. config.sample.js: * Renamed "blockedExtensions" to "extensionsFilter", and added a new option named "filterBlacklist". When "filterBlacklist" is set to 'true', all extensions in "extensionsFilter" array will be blacklisted, otherwise it will be a whitelist, so only files with those extensions that can be uploaded. * Renamed "uploads.chunkedUploads.maxSize" to "uploads.chunkedUploads.chunkSize". * Added "uploads.chunkedUploads.noJsMaxSize" which can be used to change the 'displayed' file size on the No-JS uploader page. * Some other phrases updates. _globals.njk: * Updated static files' version string since there is a small update to home.js. other files: * Regular code improvements/tweaks.
2018-04-25 13:16:34 +00:00
const isError = error instanceof Error
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (isError) console.error(error)
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
res.status(400).json({
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
success: false,
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
description: isError ? error.toString() : error
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
})
}
Updates * Refactored all instances of "err" into "error". * Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4) * Removed fontello.css from auth.html. * Updated a bunch of styling. * Added "copy link to clipboard" button to thumbs view. * Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button. * Updated icons. * ... and perhaps some others that I can't remember?
2018-03-29 23:22:08 +00:00
upload(req, res, async error => {
Updates * uploadController.js: expect some multer error codes and don't log their stack traces to console when they occur. * yarn.lock: added integrity field (yarn's new addition).
2018-10-08 16:14:10 +00:00
if (error) {
const expected = [
'LIMIT_FILE_SIZE',
'LIMIT_UNEXPECTED_FILE'
]
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (expected.includes(error.code)) return erred(error.toString())
Updates * uploadController.js: expect some multer error codes and don't log their stack traces to console when they occur. * yarn.lock: added integrity field (yarn's new addition).
2018-10-08 16:14:10 +00:00
return erred(error)
}
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!req.files || !req.files.length) return erred('No files.')
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updates * Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way. * Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container. * Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead. * Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage. * Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension. * Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably). * Some other small changes and tweaks in uploadController.js.
2018-04-08 18:30:25 +00:00
// If chunked uploads is enabled and the uploaded file is a chunk, then just say that it was a success
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (chunkedUploads && req.body.uuid) return res.json({ success: true })
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
const infoMap = req.files.map(file => {
Updates * Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way. * Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container. * Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead. * Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage. * Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension. * Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably). * Some other small changes and tweaks in uploadController.js.
2018-04-08 18:30:25 +00:00
file.albumid = albumid
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
return {
path: path.join(__dirname, '..', config.uploads.folder, file.filename),
data: file
}
})
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
if (config.filterEmptyFile && infoMap.some(file => file.data.size === 0)) {
infoMap.forEach(file => {
utils.deleteFile(file.data.filename, req.app.get('uploads-set')).catch(console.error)
})
return erred('Empty files are not allowed.')
}
Updated uploadController.js Fixed upload breaking when clam scanning is disabled. This was due to me forgetting to update the if-logic after switching from "clam-engine" to "clamdjs", since the latter made me have to re-format the config option due to it also having IP and port.
2018-09-14 21:40:58 +00:00
if (config.uploads.scan && config.uploads.scan.enabled) {
Updated uploadController.js scanFiles() will now remove delete allocated identifiers from cache if the files are dirty.
2018-12-08 03:56:23 +00:00
const scan = await uploadsController.scanFiles(req, infoMap)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (scan) return erred(scan)
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
}
Updates (experimental) * Possible performance improvement. Some bulk db queries will now be executed in a single query instead of spawning multiple async task for each query. This is sorta experimental though, use it at your own risk (though I'll use it right away at safe.fiery.me). * It's now possible for root user to add files to other users' albums through the API route. I don't plan on allowing root user to list other users' album list from the dashboard, I just thought that there'd be no harm in extending the API a little bit. * Kinda better error logging for uncaught exception and unhandled rejection. Their stack trace should be logged now.
2018-05-10 17:25:52 +00:00
const result = await uploadsController.formatInfoMap(req, res, user, infoMap)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
.catch(erred)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!result) return
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updated uploadController.js
2018-05-12 19:16:04 +00:00
uploadsController.processFilesForDisplay(req, res, result.files, result.existingFiles)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
})
}
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
uploadsController.actuallyUploadByUrl = async (req, res, user, albumid) => {
const erred = error => {
const isError = error instanceof Error
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (isError) console.error(error)
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
res.status(400).json({
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
success: false,
description: isError ? error.toString() : error
})
}
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!config.uploads.urlMaxSize) return erred('Upload by URLs is disabled at the moment.')
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Updated uploadController.js DuckDuckGo's proxy is no longer supported as it stops reporting Content-Length header, which is crucial so that the safe could predict the actual file size before downloading it. If you have it enabled in your config file, it will now close the safe with error code 1. You can either disable url uploads completely or just disable duckduckgo's proxy (though I believe not many will choose the latter as to begin with it was implemented to hide origin IP).
2018-12-08 17:55:04 +00:00
const urls = req.body.urls
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!urls || !(urls instanceof Array)) return erred('Missing "urls" property (Array).')
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
let iteration = 0
const infoMap = []
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
for (let url of urls) {
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
const original = path.basename(url).split(/[?#]/)[0]
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
const extname = utils.extname(original)
// Extensions filter
let filtered = false
if (['blacklist', 'whitelist'].includes(config.uploads.urlExtensionsFilterMode))
if (Array.isArray(config.uploads.urlExtensionsFilter) && config.uploads.urlExtensionsFilter.length) {
const match = config.uploads.urlExtensionsFilter.some(extension => extname === extension.toLowerCase())
const whitelist = config.uploads.urlExtensionsFilterMode === 'whitelist'
filtered = ((!whitelist && match) || (whitelist && !match))
} else {
return erred('config.uploads.urlExtensionsFilter is not an array or is an empty array, please contact site owner.')
}
else filtered = uploadsController.isExtensionFiltered(extname)
if (filtered)
return erred(`${extname ? `${extname.substr(1).toUpperCase()} files` : 'Files with no extension'} are not permitted due to security reasons.`)
if (config.uploads.urlProxy)
url = config.uploads.urlProxy
.replace(/{url}/g, encodeURIComponent(url))
.replace(/{url-noprot}/g, encodeURIComponent(url.replace(/^https?:\/\//, '')))
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
try {
const fetchHead = await fetch(url, { method: 'HEAD' })
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (fetchHead.status !== 200)
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
return erred(`${fetchHead.status} ${fetchHead.statusText}`)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
const headers = fetchHead.headers
const size = parseInt(headers.get('content-length'))
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (isNaN(size))
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
return erred('URLs with missing Content-Length HTTP header are not supported.')
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (size > urlMaxSizeBytes)
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
return erred('File too large.')
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
if (config.filterEmptyFile && size === 0)
return erred('Empty files are not allowed.')
// Limit max response body size with the size reported by Content-Length
Updates Added total size to album public pages.
2018-12-13 13:31:24 +00:00
const fetchFile = await fetch(url, { size })
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (fetchFile.status !== 200)
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
return erred(`${fetchHead.status} ${fetchHead.statusText}`)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
const file = await fetchFile.buffer()
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
const length = uploadsController.getFileNameLength(req)
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
const name = await uploadsController.getUniqueRandomName(length, extname, req.app.get('uploads-set'))
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
const destination = path.join(uploadsDir, name)
fs.writeFile(destination, file, async error => {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (error) return erred(error)
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
const data = {
filename: name,
originalname: original,
mimetype: headers.get('content-type').split(';')[0] || '',
size,
albumid
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
}
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
infoMap.push({
path: destination,
data
})
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
iteration++
if (iteration === urls.length) {
if (config.uploads.scan && config.uploads.scan.enabled) {
Updated uploadController.js scanFiles() will now remove delete allocated identifiers from cache if the files are dirty.
2018-12-08 03:56:23 +00:00
const scan = await uploadsController.scanFiles(req, infoMap)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (scan) return erred(scan)
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
}
const result = await uploadsController.formatInfoMap(req, res, user, infoMap)
.catch(erred)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!result) return
Replaced snekfetch with node-fetch
2018-09-23 16:28:15 +00:00
uploadsController.processFilesForDisplay(req, res, result.files, result.existingFiles)
}
})
Updates Updated ESLint rule: curly, again. Mainly to also enabled "consistent" rule, which enforces curly into else/elseif blocks, if its if block requires curly. Added support for GET requests to /api/delete route. Its usage is /api/delete/identifier, where identifier is the filename. Though just like its POST route, it needs token in the header.
2018-12-18 17:41:42 +00:00
} catch (error) {
erred(error)
}
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
}
}
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
uploadsController.finishChunks = async (req, res, next) => {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!chunkedUploads)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
return res.json({ success: false, description: 'Chunked upload is disabled at the moment.' })
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
let user
if (config.private === true) {
user = await utils.authorize(req, res)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!user) return
Updates Updated ESLint rule: curly, again. Mainly to also enabled "consistent" rule, which enforces curly into else/elseif blocks, if its if block requires curly. Added support for GET requests to /api/delete route. Its usage is /api/delete/identifier, where identifier is the filename. Though just like its POST route, it needs token in the header.
2018-12-18 17:41:42 +00:00
} else if (req.headers.token) {
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
user = await db.table('users').where('token', req.headers.token).first()
Updates Updated ESLint rule: curly, again. Mainly to also enabled "consistent" rule, which enforces curly into else/elseif blocks, if its if block requires curly. Added support for GET requests to /api/delete route. Its usage is /api/delete/identifier, where identifier is the filename. Though just like its POST route, it needs token in the header.
2018-12-18 17:41:42 +00:00
}
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (user && (user.enabled === false || user.enabled === 0))
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
return res.json({ success: false, description: 'This account has been disabled.' })
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (user && user.fileLength && !req.headers.filelength)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
req.headers.filelength = user.fileLength
Updates * Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones. * Refactored the way it looks into which albums the files are supposed to be added into. For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs. For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future. * Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work. * Updated error message when successful uploads could not be added to album. * "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
2018-04-05 12:54:24 +00:00
let albumid = parseInt(req.headers.albumid || req.params.albumid)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (isNaN(albumid)) albumid = null
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
return uploadsController.actuallyFinishChunks(req, res, user, albumid)
}
uploadsController.actuallyFinishChunks = async (req, res, user, albumid) => {
Updates * Refactored all instances of "err" into "error". * Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4) * Removed fontello.css from auth.html. * Updated a bunch of styling. * Added "copy link to clipboard" button to thumbs view. * Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button. * Updated icons. * ... and perhaps some others that I can't remember?
2018-03-29 23:22:08 +00:00
const erred = error => {
Updates uploadController.js: * Fixed chunk uploads failing when "blockedExtensions" is missing from the config file. config.sample.js: * Renamed "blockedExtensions" to "extensionsFilter", and added a new option named "filterBlacklist". When "filterBlacklist" is set to 'true', all extensions in "extensionsFilter" array will be blacklisted, otherwise it will be a whitelist, so only files with those extensions that can be uploaded. * Renamed "uploads.chunkedUploads.maxSize" to "uploads.chunkedUploads.chunkSize". * Added "uploads.chunkedUploads.noJsMaxSize" which can be used to change the 'displayed' file size on the No-JS uploader page. * Some other phrases updates. _globals.njk: * Updated static files' version string since there is a small update to home.js. other files: * Regular code improvements/tweaks.
2018-04-25 13:16:34 +00:00
const isError = error instanceof Error
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (isError) console.error(error)
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
res.status(400).json({
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
success: false,
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
description: isError ? error.toString() : error
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
})
}
const files = req.body.files
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!files || !(files instanceof Array) || !files.length) return erred('Invalid "files" property (Array).')
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
let iteration = 0
const infoMap = []
Updates * Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones. * Refactored the way it looks into which albums the files are supposed to be added into. For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs. For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future. * Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work. * Updated error message when successful uploads could not be added to album. * "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
2018-04-05 12:54:24 +00:00
for (const file of files) {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!file.uuid || typeof file.uuid !== 'string') return erred('Invalid "uuid" property (string).')
if (typeof file.count !== 'number' || file.count < 1) return erred('Invalid "count" property (number).')
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updated uploadController.js
2018-05-12 19:16:04 +00:00
const uuidDir = path.join(chunksDir, file.uuid)
Updates * Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way. * Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container. * Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead. * Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage. * Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension. * Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably). * Some other small changes and tweaks in uploadController.js.
2018-04-08 18:30:25 +00:00
fs.readdir(uuidDir, async (error, chunkNames) => {
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
if (error) {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (error.code === 'ENOENT') return erred('UUID is not being used.')
Updates Reworked unique name generator to prevent the same unique identifier from being used if it was already used with a different extension (e.i. If a file named aBcD.jpg already exists, then files such as aBcD.png or aBcD.txt may not exist). This is mainly to deal with the fact that thumbnails are only being saved as PNG, so if the same unique name is being used by multiple image/video extensions, then only one of them will have the proper thumbnail. If you already have existing files with matching unique name but varying extensions, unfortunately you can only deal with them manually for now (either allocating new unique names or deleting them altogether). Added a new config option to filter files with no extension. Files with no extensions will no longer have their original name appended to the allocated random name (e.i. A file named "textfile" used to become something like "aBcDtextfile", where "aBcD" was the allocated random name. Now it will only just become "aBcD"). In relation to that, utils.extname() function will now always return blank string if the file name does not seem to have any extension. Though files such as '.DS_Store' (basically anything that starts with a dot) will still be accepted. Examples: .hiddenfile => .hiddenfile .hiddenfile.sh => .sh .hiddenfile.001 => .hiddenfile.001 .hiddenfile.sh.001 => .sh.001 Simplified error messages of /api/upload/finishchunks. Most, if not all, of the error responses for /api/upload* will now have HTTP status code 400 (bad request) instead of 200 (ok). I plan to generalize this for the other API routes in the future. Updated home.js to properly handle formatted error message when the response's status code is not 200 (ok). Bumped v1 version string (due to home.js).
2018-11-28 17:52:12 +00:00
return erred(error)
}
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (file.count < chunkNames.length) return erred('Chunks count mismatch.')
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
const extname = typeof file.original === 'string' ? utils.extname(file.original) : ''
if (uploadsController.isExtensionFiltered(extname))
return erred(`${extname ? `${extname.substr(1).toUpperCase()} files` : 'Files with no extension'} are not permitted due to security reasons.`)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
const length = uploadsController.getFileNameLength(req)
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
const name = await uploadsController.getUniqueRandomName(length, extname, req.app.get('uploads-set'))
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
.catch(erred)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!name) return
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
const destination = path.join(uploadsDir, name)
// Sort chunk names
chunkNames.sort()
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
// Get total chunks size
const chunksTotalSize = await uploadsController.getTotalSize(uuidDir, chunkNames)
.catch(erred)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (typeof chunksTotalSize !== 'number') return
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
const isEmpty = config.filterEmptyFile && (chunksTotalSize === 0)
const isBigger = chunksTotalSize > maxSizeBytes
if (isEmpty || isBigger) {
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
// Delete all chunks and remove chunks dir
const chunksCleaned = await uploadsController.cleanUpChunks(uuidDir, chunkNames)
.catch(erred)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!chunksCleaned) return
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
if (isEmpty)
return erred('Empty files are not allowed.')
else
return erred(`Total chunks size is bigger than ${maxSize}.`)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
}
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
// Append all chunks
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
const destFileStream = fs.createWriteStream(destination, { flags: 'a' })
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
const chunksAppended = await uploadsController.appendToStream(destFileStream, uuidDir, chunkNames)
.catch(erred)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!chunksAppended) return
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
// Delete all chunks and remove chunks dir
const chunksCleaned = await uploadsController.cleanUpChunks(uuidDir, chunkNames)
.catch(erred)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!chunksCleaned) return
Updates * Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones. * Refactored the way it looks into which albums the files are supposed to be added into. For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs. For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future. * Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work. * Updated error message when successful uploads could not be added to album. * "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
2018-04-05 12:54:24 +00:00
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
const data = {
filename: name,
originalname: file.original || '',
mimetype: file.type || '',
size: file.size || 0
}
Updates * Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones. * Refactored the way it looks into which albums the files are supposed to be added into. For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs. For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future. * Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work. * Updated error message when successful uploads could not be added to album. * "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
2018-04-05 12:54:24 +00:00
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
data.albumid = parseInt(file.albumid)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (isNaN(data.albumid)) data.albumid = albumid
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
infoMap.push({
path: destination,
data
})
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
iteration++
if (iteration === files.length) {
Updated uploadController.js Fixed upload breaking when clam scanning is disabled. This was due to me forgetting to update the if-logic after switching from "clam-engine" to "clamdjs", since the latter made me have to re-format the config option due to it also having IP and port.
2018-09-14 21:40:58 +00:00
if (config.uploads.scan && config.uploads.scan.enabled) {
Updated uploadController.js scanFiles() will now remove delete allocated identifiers from cache if the files are dirty.
2018-12-08 03:56:23 +00:00
const scan = await uploadsController.scanFiles(req, infoMap)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (scan) return erred(scan)
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
}
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
const result = await uploadsController.formatInfoMap(req, res, user, infoMap)
.catch(erred)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!result) return
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
Updated uploadController.js
2018-05-12 19:16:04 +00:00
uploadsController.processFilesForDisplay(req, res, result.files, result.existingFiles)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
}
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
})
Updated uploadController.js Refactored all instances of forEach() to for-loop (there were 3 instances). To be honest I kinda liked forEach() better in terms of readability, but oh well, let's aim for that likely tiny performance boost.
2018-04-05 10:31:07 +00:00
}
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
}
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
uploadsController.getTotalSize = (uuidDir, chunkNames) => {
return new Promise((resolve, reject) => {
let size = 0
const stat = i => {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (i === chunkNames.length) return resolve(size)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
fs.stat(path.join(uuidDir, chunkNames[i]), (error, stats) => {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (error) return reject(error)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
size += stats.size
stat(i + 1)
})
}
stat(0)
})
}
Updates Regular code improvements.
2018-04-20 21:39:06 +00:00
uploadsController.appendToStream = (destFileStream, uuidDr, chunkNames) => {
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
return new Promise((resolve, reject) => {
const append = i => {
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
if (i === chunkNames.length) {
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
destFileStream.end()
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
return resolve(true)
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
}
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
fs.createReadStream(path.join(uuidDr, chunkNames[i]))
.on('end', () => {
append(i + 1)
})
.on('error', error => {
console.error(error)
destFileStream.end()
return reject(error)
})
.pipe(destFileStream, { end: false })
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
}
append(0)
})
}
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
uploadsController.cleanUpChunks = (uuidDir, chunkNames) => {
return new Promise(async (resolve, reject) => {
await Promise.all(chunkNames.map(chunkName => {
return new Promise((resolve, reject) => {
const chunkPath = path.join(uuidDir, chunkName)
fs.unlink(chunkPath, error => {
if (error && error.code !== 'ENOENT') {
console.error(error)
return reject(error)
}
resolve()
})
})
})).catch(reject)
fs.rmdir(uuidDir, error => {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (error) return reject(error)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
resolve(true)
})
})
}
Updates (experimental) * Possible performance improvement. Some bulk db queries will now be executed in a single query instead of spawning multiple async task for each query. This is sorta experimental though, use it at your own risk (though I'll use it right away at safe.fiery.me). * It's now possible for root user to add files to other users' albums through the API route. I don't plan on allowing root user to list other users' album list from the dashboard, I just thought that there'd be no harm in extending the API a little bit. * Kinda better error logging for uncaught exception and unhandled rejection. Their stack trace should be logged now.
2018-05-10 17:25:52 +00:00
uploadsController.formatInfoMap = (req, res, user, infoMap) => {
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
return new Promise(async resolve => {
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
let iteration = 0
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
const files = []
const existingFiles = []
Updates * Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way. * Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container. * Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead. * Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage. * Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension. * Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably). * Some other small changes and tweaks in uploadController.js.
2018-04-08 18:30:25 +00:00
const albumsAuthorized = {}
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Updates * Updated eslint-plugin-import dev dependency. * Added 2 new ESLint rules: "prefer-const" and "object-shorthand". * Refactor all JS files to follow the new ESLint rules. * Refactored all instances of for-i into for-of wherever applicable.
2018-04-05 10:52:57 +00:00
for (const info of infoMap) {
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
// Check if the file exists by checking hash and size
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
const hash = crypto.createHash('md5')
const stream = fs.createReadStream(info.path)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
stream.on('data', data => {
hash.update(data, 'utf8')
})
stream.on('end', async () => {
const fileHash = hash.digest('hex')
const dbFile = await db.table('files')
.where(function () {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (user === undefined)
Updates * Switched standard to eslint with eslint-config-standard (and 4 more eslint plugins needed by standard). * Added "curly" eslint rule with "all" option. I like it. * Refactored all JS files to apply the new "curly" eslint rule. * Renewed axios.min.js, dropzone.min.js and sweetalert.min.js. Re-minified and added a small comment stating their version and copyright statement. * Some buttons in dashboard will now show loading icon whenever they're waiting for response from the server. * Updated README.md and .gitignore.
2018-03-28 17:40:50 +00:00
this.whereNull('userid')
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
else
Updates * Switched standard to eslint with eslint-config-standard (and 4 more eslint plugins needed by standard). * Added "curly" eslint rule with "all" option. I like it. * Refactored all JS files to apply the new "curly" eslint rule. * Renewed axios.min.js, dropzone.min.js and sweetalert.min.js. Re-minified and added a small comment stating their version and copyright statement. * Some buttons in dashboard will now show loading icon whenever they're waiting for response from the server. * Updated README.md and .gitignore.
2018-03-28 17:40:50 +00:00
this.where('userid', user.id)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
})
.where({
hash: fileHash,
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
size: info.data.size
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
})
.first()
if (!dbFile) {
Updates * Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones. * Refactored the way it looks into which albums the files are supposed to be added into. For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs. For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future. * Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work. * Updated error message when successful uploads could not be added to album. * "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
2018-04-05 12:54:24 +00:00
if (info.data.albumid && albumsAuthorized[info.data.albumid] === undefined) {
const authorized = await db.table('albums')
.where({
id: info.data.albumid,
userid: user.id
})
.first()
albumsAuthorized[info.data.albumid] = Boolean(authorized)
}
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
files.push({
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
name: info.data.filename,
original: info.data.originalname,
type: info.data.mimetype,
size: info.data.size,
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
hash: fileHash,
ip: req.ip,
Updates * Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones. * Refactored the way it looks into which albums the files are supposed to be added into. For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs. For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future. * Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work. * Updated error message when successful uploads could not be added to album. * "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
2018-04-05 12:54:24 +00:00
albumid: albumsAuthorized[info.data.albumid] ? info.data.albumid : null,
Updates * Better auth handling. * Deleting a file will no longer cause the dashboard to load the very first page of uploaded files list. It will instead reload the currently viewed page. * Updated dropzone (I guess).
2018-03-24 19:47:41 +00:00
userid: user !== undefined ? user.id : null,
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
timestamp: Math.floor(Date.now() / 1000)
})
} else {
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
utils.deleteFile(info.data.filename, req.app.get('uploads-set')).catch(console.error)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
existingFiles.push(dbFile)
}
iteration++
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (iteration === infoMap.length)
Updates, now supports uploading by URLs! * Added upload by URLs. It has its own max size (config.uploads.urlMaxSize), make sure your config matches config.sample.js. Here's a brief video showing it in action: https://i.fiery.me/CUhQ.mp4. * /api/upload now supports uploading by URLs. Devs will only need to POST a JSON request containing a key named "urls", which is an array of the urls to upload. * Added file extension filter to /api/upload/finishchunks. * Added proper total chunks size check to /api/upload/finishchunks. * Various code improvements.
2018-05-11 14:34:13 +00:00
resolve({ files, existingFiles })
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
})
Updated uploadController.js Refactored all instances of forEach() to for-loop (there were 3 instances). To be honest I kinda liked forEach() better in terms of readability, but oh well, let's aim for that likely tiny performance boost.
2018-04-05 10:31:07 +00:00
}
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
})
}
ES6 rewrite
2017-10-04 00:13:38 +00:00
Updated uploadController.js scanFiles() will now remove delete allocated identifiers from cache if the files are dirty.
2018-12-08 03:56:23 +00:00
uploadsController.scanFiles = (req, infoMap) => {
Updated uploadController.js Updated virus scan handling. Virus name will now be reported to its uploader. On the rare chance clamd suddenly dies while the safe is still running, it will now print a message to uploader with the error code, and telling them to contact sysadmin.
2018-09-20 10:45:16 +00:00
return new Promise(async (resolve, reject) => {
Updated uploadController.js scanFiles() will now remove delete allocated identifiers from cache if the files are dirty.
2018-12-08 03:56:23 +00:00
const scanner = req.app.get('clam-scanner')
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
let iteration = 0
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
for (const info of infoMap)
Init 'clamdjs' branch (#8) Use clamdjs module instead of clam-engine. This module connects to clam daemon server.
2018-09-04 15:48:24 +00:00
scanner.scanFile(info.path).then(reply => {
if (!reply.includes('OK') || reply.includes('FOUND')) {
Updates
2018-12-20 12:25:41 +00:00
// eslint-disable-next-line no-control-regex
Updated uploadController.js Updated virus scan handling. Virus name will now be reported to its uploader. On the rare chance clamd suddenly dies while the safe is still running, it will now print a message to uploader with the error code, and telling them to contact sysadmin.
2018-09-20 10:45:16 +00:00
const virus = reply.replace(/^stream: /, '').replace(/ FOUND\u0000$/, '')
console.log(`ClamAV: ${info.data.filename}: ${virus} FOUND.`)
return resolve(virus)
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
}
iteration++
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (iteration === infoMap.length)
Updated uploadController.js Updated virus scan handling. Virus name will now be reported to its uploader. On the rare chance clamd suddenly dies while the safe is still running, it will now print a message to uploader with the error code, and telling them to contact sysadmin.
2018-09-20 10:45:16 +00:00
resolve(null)
}).catch(reject)
}).then(virus => {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!virus) return false
Updated uploadController.js scanFiles() will now remove delete allocated identifiers from cache if the files are dirty.
2018-12-08 03:56:23 +00:00
// If there is at least one dirty file, then delete all files
const set = req.app.get('uploads-set')
infoMap.forEach(info => {
utils.deleteFile(info.data.filename).catch(console.error)
if (set) {
const identifier = info.data.filename.split('.')[0]
set.delete(identifier)
// console.log(`Removed ${identifier} from identifiers cache (formatInfoMap)`)
}
})
// Unfortunately, we will only be returning name of the first virus
// even if the current session was made up by multiple virus types
Updated uploadController.js Updated virus scan handling. Virus name will now be reported to its uploader. On the rare chance clamd suddenly dies while the safe is still running, it will now print a message to uploader with the error code, and telling them to contact sysadmin.
2018-09-20 10:45:16 +00:00
return `Virus detected: ${virus}.`
}).catch(error => {
console.error(`ClamAV: ${error.toString()}.`)
Updated uploadController.js scanFiles() will now remove delete allocated identifiers from cache if the files are dirty.
2018-12-08 03:56:23 +00:00
return `ClamAV: ${error.code}, please contact site owner.`
Updates * Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine. * File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed. Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
2018-09-01 20:37:26 +00:00
})
}
Updates * Refactored all instances of "failedIds" and "albumIds" to "failedids" and "albumids" respectively. Abandoning camel case for these ones. * Refactored the way it looks into which albums the files are supposed to be added into. For /api/upload/finishchunks, you can add "albumid" to each object in files[] to specify which album you want the finsihed chunks to be added into. Each object may have different album IDs. For /api/upload, which is regular uploads, unfortunately you can only choose one album at a time (by adding "albumid" to the request headers, like usual). It uses the same function as the one used for finishchunks to add the files into album, so it shouldn't be hard to extend this ability to regular uploads, someday in the future. * Fixed a bug in /api/upload/finishchunks. Previously you couldn't ever get it to work. * Updated error message when successful uploads could not be added to album. * "albumid" will no longer be added to request headers if they are chunked uploads. They'd have been ignored anyways.
2018-04-05 12:54:24 +00:00
uploadsController.processFilesForDisplay = async (req, res, files, existingFiles) => {
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
const responseFiles = []
Updates (YAY, CHUNKED UPLOADS!) * Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files. * Added chunked uploads support :3 * Updated Dropzone to 5.2.0. * More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default. * Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though. * Refactored home.js to use const/let and some other stuff. * Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle. * Updated some version strings. * And maybe some others that I can't remember.
2018-03-28 11:36:28 +00:00
Updates * Added No-JS uploader page (it's on /nojs). * Updated uploadsController.processFilesForDisplay() to support requests from No-JS uploader page. * Added "Bash uploader" link to footer. * Updated icons (added terminal icon for "Bash uploader" footer link).
2018-04-12 14:37:42 +00:00
if (files.length) {
// Insert new files to DB
await db.table('files').insert(files)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
for (const file of files)
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
responseFiles.push(file)
}
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (existingFiles.length)
for (const file of existingFiles)
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
responseFiles.push(file)
Updates * If files have to be added to an album on upload, it will now wait until they have either been succesfully added to the album or errored. * File names in thumb view will now show their full URL on their tooltip.
2018-04-04 17:38:15 +00:00
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
// We send response first before generating thumbnails and updating album timestamps
res.json({
success: true,
files: responseFiles.map(file => {
Updates * Added No-JS uploader page (it's on /nojs). * Updated uploadsController.processFilesForDisplay() to support requests from No-JS uploader page. * Added "Bash uploader" link to footer. * Updated icons (added terminal icon for "Bash uploader" footer link).
2018-04-12 14:37:42 +00:00
return {
name: file.name,
size: file.size,
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
url: `${config.domain}/${file.name}`
Updates * If files have to be added to an album on upload, it will now wait until they have either been succesfully added to the album or errored. * File names in thumb view will now show their full URL on their tooltip.
2018-04-04 17:38:15 +00:00
}
})
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
})
const albumids = []
for (const file of files) {
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (file.albumid && !albumids.includes(file.albumid))
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
albumids.push(file.albumid)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (utils.mayGenerateThumb(utils.extname(file.name)))
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
utils.generateThumbs(file.name)
Updates * Added No-JS uploader page (it's on /nojs). * Updated uploadsController.processFilesForDisplay() to support requests from No-JS uploader page. * Added "Bash uploader" link to footer. * Updated icons (added terminal icon for "Bash uploader" footer link).
2018-04-12 14:37:42 +00:00
}
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (albumids.length)
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
await db.table('albums')
.whereIn('id', albumids)
.update('editedAt', Math.floor(Date.now() / 1000))
.catch(console.error)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
}
Added thumbnail processing while uploading
2017-03-17 00:53:29 +00:00
ES6 rewrite
2017-10-04 00:13:38 +00:00
uploadsController.delete = async (req, res) => {
Updates Some small fixes Removed GET route of /upload/delete. I first wanted to implement a ShareX-compatible deletion URL, but then I figured I'd need to setup delete token system, and I was like, "screw that, I don't even use ShareX", so yeah.
2018-12-18 18:14:24 +00:00
const id = parseInt(req.body.id)
Updates Added pagination to uploads and users list. With that, /api/uploads and /api/users API routes will now add "count" property to their response object. Enabled Delete user button in users list. With that also added /api/users/disable API route. As usual, you can only disable users whose usergroup is lower than your own. Click event will no longer trigger on "disabled" elements (basically any elements with "disabled" attribute). Changed all arrow functions into regular functions in public JS files (there were only a few that I somehow missed). Bumped v1 version string.
2019-01-01 19:39:08 +00:00
const body = {
field: 'id',
values: isNaN(id) ? undefined : [id]
}
req.body = body
Updates * Added Cloudflare purge cache support. Check configuration sample at config.sample.js. When it's enabled, whenever files are being deleted, it will send a POST request to Cloudflare's API to purge cache of the deleted files. This adds a new dependency called "snekfetch". It's lightweight though. * uploadsController.delete() will now wrap uploadsController.bulkDelete() instead.
2018-05-09 09:53:27 +00:00
return uploadsController.bulkDelete(req, res)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
}
Updates * Refactored all instances of "err" into "error". * Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4) * Removed fontello.css from auth.html. * Updated a bunch of styling. * Added "copy link to clipboard" button to thumbs view. * Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button. * Updated icons. * ... and perhaps some others that I can't remember?
2018-03-29 23:22:08 +00:00
uploadsController.bulkDelete = async (req, res) => {
const user = await utils.authorize(req, res)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!user) return
Updates (breaking changes!) * Updated API route: /upload/bulkdelete. It now accepts an additional property named "field". In it you can now enter either "id" or "name", which will set whether it will bulk delete by ids or names respectively. It also no longer accepts property named "ids", instead it has to be named "values" (which of course is an array of either ids or names). So yeah, now the API route can be used to bulk delete by ids and names. In the future this will be expanded to bulk deleting files by username (only accessible by root of course). * Added a form to bulk delete files by names for the hardcore user, like me (https://i.fiery.me/AHph.png). * Some design update. Mainly forms restructuring aimed at tight screens. * Changing file name length, requesting new token and setting new password will no longer reload the dashboard page on success. Instead it will simply silently reload the form. * utils.bulkDeleteFilesByIds() replaced by utils.bulkDeleteFiles() which now can either by ids or names. This will be the one that will eventually be extended for deleting by username. * Various other code improvements.
2018-05-05 19:44:58 +00:00
const field = req.body.field || 'id'
const values = req.body.values
Init 'browser-ecma5' branch (#7) * Downgraded ecma version of client-side scripts to v5. This change means no more backtick strings and some others. * Massively modified auth.js, dashboard.js and home.js to support the downgrade (dashboard.js had the most changes). * Removed enter key event handler from auth page. The previous code had some small issues. I'd rather not have the handler than let the issues persist. I'll eventually look into adding this again in the future. * Updated uploadController.js to handle some invalid requests into /api/delete and /api/bulkdelete.
2018-09-04 15:49:37 +00:00
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!values || !Array.isArray(values) || !values.length)
Init 'browser-ecma5' branch (#7) * Downgraded ecma version of client-side scripts to v5. This change means no more backtick strings and some others. * Massively modified auth.js, dashboard.js and home.js to support the downgrade (dashboard.js had the most changes). * Removed enter key event handler from auth page. The previous code had some small issues. I'd rather not have the handler than let the issues persist. I'll eventually look into adding this again in the future. * Updated uploadController.js to handle some invalid requests into /api/delete and /api/bulkdelete.
2018-09-04 15:49:37 +00:00
return res.json({ success: false, description: 'No array of files specified.' })
Updates * Refactored all instances of "err" into "error". * Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4) * Removed fontello.css from auth.html. * Updated a bunch of styling. * Added "copy link to clipboard" button to thumbs view. * Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button. * Updated icons. * ... and perhaps some others that I can't remember?
2018-03-29 23:22:08 +00:00
Init ids-cache branch
2018-12-03 09:18:52 +00:00
const failed = await utils.bulkDeleteFiles(field, values, user, req.app.get('uploads-set'))
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (failed.length < values.length)
Updates (breaking changes!) * Updated API route: /upload/bulkdelete. It now accepts an additional property named "field". In it you can now enter either "id" or "name", which will set whether it will bulk delete by ids or names respectively. It also no longer accepts property named "ids", instead it has to be named "values" (which of course is an array of either ids or names). So yeah, now the API route can be used to bulk delete by ids and names. In the future this will be expanded to bulk deleting files by username (only accessible by root of course). * Added a form to bulk delete files by names for the hardcore user, like me (https://i.fiery.me/AHph.png). * Some design update. Mainly forms restructuring aimed at tight screens. * Changing file name length, requesting new token and setting new password will no longer reload the dashboard page on success. Instead it will simply silently reload the form. * utils.bulkDeleteFilesByIds() replaced by utils.bulkDeleteFiles() which now can either by ids or names. This will be the one that will eventually be extended for deleting by username. * Various other code improvements.
2018-05-05 19:44:58 +00:00
return res.json({ success: true, failed })
Updates * Refactored all instances of "err" into "error". * Added bulk delete feature (API route: /api/uploads/bulkdelete). It accepts an array of IDs (its key must be "ids" in the JSON POST request). Don't forget it still requires a token in the headers. (https://s.fiery.me/6rjMAYoC.mp4) * Removed fontello.css from auth.html. * Updated a bunch of styling. * Added "copy link to clipboard" button to thumbs view. * Added "view thumbnail" button to list view. Clicking the row will no longer trigger thumb view, instead you have to press that button. * Updated icons. * ... and perhaps some others that I can't remember?
2018-03-29 23:22:08 +00:00
Updates (breaking changes!) * Updated API route: /upload/bulkdelete. It now accepts an additional property named "field". In it you can now enter either "id" or "name", which will set whether it will bulk delete by ids or names respectively. It also no longer accepts property named "ids", instead it has to be named "values" (which of course is an array of either ids or names). So yeah, now the API route can be used to bulk delete by ids and names. In the future this will be expanded to bulk deleting files by username (only accessible by root of course). * Added a form to bulk delete files by names for the hardcore user, like me (https://i.fiery.me/AHph.png). * Some design update. Mainly forms restructuring aimed at tight screens. * Changing file name length, requesting new token and setting new password will no longer reload the dashboard page on success. Instead it will simply silently reload the form. * utils.bulkDeleteFilesByIds() replaced by utils.bulkDeleteFiles() which now can either by ids or names. This will be the one that will eventually be extended for deleting by username. * Various other code improvements.
2018-05-05 19:44:58 +00:00
return res.json({ success: false, description: 'Could not delete any files.' })
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
}
ES6 rewrite
2017-10-04 00:13:38 +00:00
uploadsController.list = async (req, res) => {
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
const user = await utils.authorize(req, res)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!user) return
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Init account-manager branch
2018-10-09 19:52:41 +00:00
// Headers is string-only, this seem to be the safest and lightest
const all = req.headers.all === '1'
Moved permission-related functions to permissionController Fix: non-root staffs are now able to delete files by any users (previously they could only list them).
2018-10-13 11:06:58 +00:00
const ismoderator = perms.is(user, 'moderator')
Updates Some small fixes Removed GET route of /upload/delete. I first wanted to implement a ShareX-compatible deletion URL, but then I figured I'd need to setup delete token system, and I was like, "screw that, I don't even use ShareX", so yeah.
2018-12-18 18:14:24 +00:00
if (all && !ismoderator) return res.status(403).end()
Init account-manager branch
2018-10-09 19:52:41 +00:00
Updates Added pagination to uploads and users list. With that, /api/uploads and /api/users API routes will now add "count" property to their response object. Enabled Delete user button in users list. With that also added /api/users/disable API route. As usual, you can only disable users whose usergroup is lower than your own. Click event will no longer trigger on "disabled" elements (basically any elements with "disabled" attribute). Changed all arrow functions into regular functions in public JS files (there were only a few that I somehow missed). Bumped v1 version string.
2019-01-01 19:39:08 +00:00
function filter () {
if (req.params.id === undefined)
this.where('id', '<>', '')
else
this.where('albumid', req.params.id)
if (!all || !ismoderator)
this.where('userid', user.id)
}
const count = await db.table('files')
.where(filter)
.count('id as count')
.then(rows => rows[0].count)
if (!count) return res.json({ success: true, files: [], count })
let offset = req.params.page
if (offset === undefined) offset = 0
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
const files = await db.table('files')
Updates Added pagination to uploads and users list. With that, /api/uploads and /api/users API routes will now add "count" property to their response object. Enabled Delete user button in users list. With that also added /api/users/disable API route. As usual, you can only disable users whose usergroup is lower than your own. Click event will no longer trigger on "disabled" elements (basically any elements with "disabled" attribute). Changed all arrow functions into regular functions in public JS files (there were only a few that I somehow missed). Bumped v1 version string.
2019-01-01 19:39:08 +00:00
.where(filter)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
.orderBy('id', 'DESC')
.limit(25)
.offset(25 * offset)
Updates * Added "Size" column to list view of uploaded files. The size will be use 'pretty' view (kB, MB, etc). * Added delete button to thumbs view of uploaded files. * All instances of "file length" in public views renamed to "file name length". The latter makes more sense.
2018-03-24 16:45:51 +00:00
.select('id', 'albumid', 'timestamp', 'name', 'userid', 'size')
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
const albums = await db.table('albums')
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
.where(function () {
this.where('enabled', 1)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (!all || !ismoderator)
More improvements to albums, and others Improvements related to albums: * Changed "rename album" option with a better "edit album" feature. With it you can also disable download or public link and even request a new public link (https://i.fiery.me/fz1y.png). This also adds a new API route: /api/albums/edit. The old API route, /api/albums/rename, is still available but will silently be using the new API in backend. * Deleting album will now also delete its zip archive if exists. * Renaming albums will also rename its zip archive if exists. * Generating zip will use async fs.readFile instead of fs.readFileSync. This should improve generating speed somewhat. * The codes that tries to generate random identifier for album will now check whether an album with the same identifier already exists. It will also rely on "uploads.maxTries" config option to limit how many times it will try to re-generate a new random identifier. * Added a new config option "uploads.albumIdentifierLength" which sets the length of the randomly generated identifier. * Added "download" and "public" columns to "albums" table in database/db.js. Existing users can run "node database/migration.js" to add the columns. Others: * uploadsController.getUniqueRandomName will no longer accept 3 paramters (previously it would accept a callback in the third parameter). It will now instead return a Promise. * Album name of disabled/deleted albums will no longer be shown in uploads list. * Added "fileLength" column to "users" table in database/db.js. * Renamed HTTP404.html and HTTP500.html in /pages/error to 404.html and 500.html respectively. I'm still using symlinks though. * Added a new CSS named sweetalert.css which will be used in homepage, auth and dashboard. It will style all sweetalert modals with dark theme (matching the current color scheme used in this branch). * Updated icons (added download icon). * Some other improvements/tweaks here and there.
2018-04-28 17:26:39 +00:00
this.where('userid', user.id)
})
Updates * Updated eslint-plugin-import dev dependency. * Added 2 new ESLint rules: "prefer-const" and "object-shorthand". * Refactor all JS files to follow the new ESLint rules. * Refactored all instances of for-i into for-of wherever applicable.
2018-04-05 10:52:57 +00:00
const basedomain = config.domain
const userids = []
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Updates * Updated eslint-plugin-import dev dependency. * Added 2 new ESLint rules: "prefer-const" and "object-shorthand". * Refactor all JS files to follow the new ESLint rules. * Refactored all instances of for-i into for-of wherever applicable.
2018-04-05 10:52:57 +00:00
for (const file of files) {
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
file.file = `${basedomain}/${file.name}`
file.album = ''
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (file.albumid !== undefined)
for (const album of albums)
if (file.albumid === album.id)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
file.album = album.name
Init account-manager branch
2018-10-09 19:52:41 +00:00
// Only push usernames if we are a moderator
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (all && ismoderator)
Updates [!! update config.js !!] Added extended support for URL uploads. Namely URL proxy support and separate extensions filter (as in separate from the primary extensions filter). There's also a new option to set a disclaimer message that will be printed underneath the URL uploads form. Trust proxy is now toggleable from the configuration file. I think they should only be enabled when you're behind proxy such as Cloudflare or Incapsula. I'm not sure how it behaves with only a bare nginx reverse proxy though. Empty files can now be filtered. Sorted preset extensions filter in config.sample.js. Rephrased some options in config.sample.js as well. maxTries now default to 3 in config.sample.js. Various other small changes.
2018-12-20 11:53:37 +00:00
if (file.userid !== undefined && file.userid !== null && file.userid !== '')
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
userids.push(file.userid)
Reworked extension parsing Removed "path-complete-extname" module in favor of an in-house solution, utilsController.extname(). For now the function will attempt to preserve multi-archive extensions (.001, .002, and so on), as well as some known tarballs (.tar.gz and the likes). The function will always return lower case extension. It should be fine, but do keep it in mind.
2018-09-17 19:32:27 +00:00
file.extname = utils.extname(file.name)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
if (utils.mayGenerateThumb(file.extname))
Updates * Faster upload response. Back-end will no longer wait for album timestamps to be updated before sending out response. * Added a simple thumbnail generation script at scripts/thumbs.js. You can use this to generate thumbnails for existing files before enabling the option in config.js. * Various other code improvements.
2018-05-12 14:01:14 +00:00
file.thumb = `${basedomain}/thumbs/${file.name.slice(0, -file.extname.length)}.png`
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
}
// If we are a normal user, send response
Updates Added pagination to uploads and users list. With that, /api/uploads and /api/users API routes will now add "count" property to their response object. Enabled Delete user button in users list. With that also added /api/users/disable API route. As usual, you can only disable users whose usergroup is lower than your own. Click event will no longer trigger on "disabled" elements (basically any elements with "disabled" attribute). Changed all arrow functions into regular functions in public JS files (there were only a few that I somehow missed). Bumped v1 version string.
2019-01-01 19:39:08 +00:00
if (!ismoderator) return res.json({ success: true, files, count })
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Init account-manager branch
2018-10-09 19:52:41 +00:00
// If we are a moderator but there are no uploads attached to a user, send response
Updates Added pagination to uploads and users list. With that, /api/uploads and /api/users API routes will now add "count" property to their response object. Enabled Delete user button in users list. With that also added /api/users/disable API route. As usual, you can only disable users whose usergroup is lower than your own. Click event will no longer trigger on "disabled" elements (basically any elements with "disabled" attribute). Changed all arrow functions into regular functions in public JS files (there were only a few that I somehow missed). Bumped v1 version string.
2019-01-01 19:39:08 +00:00
if (userids.length === 0) return res.json({ success: true, files, count })
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
Init account-manager branch
2018-10-09 19:52:41 +00:00
const users = await db.table('users').whereIn('id', userids)
Updated ESLint rule: curly No more enforced curly for if/else/for/while/do blocks w/ one statement. With that said, auto-fixed all JS files to follow the rule. I'd also like to apologize for the inconveniences this commit cause, after all it was me who intentionally enforced curly rule back then. Why the change of heart? After doing some more non-JS codes recently, I realized it was pretty stupid of me to enforce that.
2018-12-18 17:01:28 +00:00
for (const dbUser of users)
for (const file of files)
if (file.userid === dbUser.id)
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
file.username = dbUser.username
Updates Added pagination to uploads and users list. With that, /api/uploads and /api/users API routes will now add "count" property to their response object. Enabled Delete user button in users list. With that also added /api/users/disable API route. As usual, you can only disable users whose usergroup is lower than your own. Click event will no longer trigger on "disabled" elements (basically any elements with "disabled" attribute). Changed all arrow functions into regular functions in public JS files (there were only a few that I somehow missed). Bumped v1 version string.
2019-01-01 19:39:08 +00:00
return res.json({ success: true, files, count })
Various updates * Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too. * Lots of refactors to follow the rules of Standard. * Fixed issue with uploading as a not logged in user.
2018-01-23 20:06:30 +00:00
}
module.exports = uploadsController
Reference in New Issue Copy Permalink