2018-05-09 08:41:30 +00:00
|
|
|
const EventEmitter = require('events')
|
2018-01-23 20:06:30 +00:00
|
|
|
const fs = require('fs')
|
2018-04-13 16:20:57 +00:00
|
|
|
const path = require('path')
|
|
|
|
const randomstring = require('randomstring')
|
2018-01-23 20:06:30 +00:00
|
|
|
const Zip = require('jszip')
|
Updates (very important to read)
Client-side CSS & JS files will now be processed with Gulp.
Gulp tasks are configured in gulpfile.js file.
CSS files will be optimized with postcss-preset-env, which will
auto-add vendor prefixes and convert any parts necessary for browsers
compatibility.
Afterwards they will be minified with cssnano.
JS files will be optimized with bublé,
likewise for browsers compatibility.
Afterwards they will be minified with terser.
Unprocessed CSS & JS files will now be located at src directory, while
the processed results will be located at dist directory.
Due to bublé, the JS files should now be compatible up to IE 11
at the minimum.
Previously the safe would not work in IE 11 due to extensive usage of
template literals.
Due to that as well, JS files in src directory will now extensively use
arrow functions for my personal comfort (as they will be converted too).
The server will use the processed files at dist directory by default.
If you want to rebuild the files by your own, you can run "yarn build".
Gulp is a development dependency, so make sure you have installed all
development dependencies (e.i. NOT using "yarn install --production").
---
yarn lint -> gulp lint
yarn build -> gulp default
yarn watch -> gulp watch
yarn develop -> env NODE_ENV=development yarn watch
---
Fixed not being able to demote staff into normal users.
/api/token/verify will no longer respond with 401 HTTP error code,
unless an error occurred (which will be 500 HTTP error code).
Fixed /nojs route not displaying file's original name when a duplicate
is found on the server.
Removed is-breeze CSS class name, in favor of Bulma's is-info.
Removed custom styling from auth page, in favor of global styling.
Removed all usage of style HTML attribute in favor of CSS classes.
Renamed js/s/ to js/misc/.
Use loading spinners on dashboard's sidebar menus.
Disable all other sidebar menus when something is loading.
Changed title HTML attribute of disabled control buttons in
uploads & users list.
Hid checkboxes and WIP controls from users list.
Better error messages handling.
Especially homepage will now support CF's HTTP error codes.
Updated various icons.
Also, added fontello config file at public/libs/fontello/config.json.
This should let you edit them more easily with fontello.
Use Gatsby icon for my blog's link in homepage's footer.
A bunch of other improvements here & there.
2019-09-15 06:20:11 +00:00
|
|
|
const paths = require('./pathsController')
|
2020-06-01 04:44:16 +00:00
|
|
|
const perms = require('./permissionController')
|
Updates (very important to read)
Client-side CSS & JS files will now be processed with Gulp.
Gulp tasks are configured in gulpfile.js file.
CSS files will be optimized with postcss-preset-env, which will
auto-add vendor prefixes and convert any parts necessary for browsers
compatibility.
Afterwards they will be minified with cssnano.
JS files will be optimized with bublé,
likewise for browsers compatibility.
Afterwards they will be minified with terser.
Unprocessed CSS & JS files will now be located at src directory, while
the processed results will be located at dist directory.
Due to bublé, the JS files should now be compatible up to IE 11
at the minimum.
Previously the safe would not work in IE 11 due to extensive usage of
template literals.
Due to that as well, JS files in src directory will now extensively use
arrow functions for my personal comfort (as they will be converted too).
The server will use the processed files at dist directory by default.
If you want to rebuild the files by your own, you can run "yarn build".
Gulp is a development dependency, so make sure you have installed all
development dependencies (e.i. NOT using "yarn install --production").
---
yarn lint -> gulp lint
yarn build -> gulp default
yarn watch -> gulp watch
yarn develop -> env NODE_ENV=development yarn watch
---
Fixed not being able to demote staff into normal users.
/api/token/verify will no longer respond with 401 HTTP error code,
unless an error occurred (which will be 500 HTTP error code).
Fixed /nojs route not displaying file's original name when a duplicate
is found on the server.
Removed is-breeze CSS class name, in favor of Bulma's is-info.
Removed custom styling from auth page, in favor of global styling.
Removed all usage of style HTML attribute in favor of CSS classes.
Renamed js/s/ to js/misc/.
Use loading spinners on dashboard's sidebar menus.
Disable all other sidebar menus when something is loading.
Changed title HTML attribute of disabled control buttons in
uploads & users list.
Hid checkboxes and WIP controls from users list.
Better error messages handling.
Especially homepage will now support CF's HTTP error codes.
Updated various icons.
Also, added fontello config file at public/libs/fontello/config.json.
This should let you edit them more easily with fontello.
Use Gatsby icon for my blog's link in homepage's footer.
A bunch of other improvements here & there.
2019-09-15 06:20:11 +00:00
|
|
|
const utils = require('./utilsController')
|
2021-01-08 01:44:28 +00:00
|
|
|
const ClientError = require('./utils/ClientError')
|
|
|
|
const ServerError = require('./utils/ServerError')
|
Updates (very important to read)
Client-side CSS & JS files will now be processed with Gulp.
Gulp tasks are configured in gulpfile.js file.
CSS files will be optimized with postcss-preset-env, which will
auto-add vendor prefixes and convert any parts necessary for browsers
compatibility.
Afterwards they will be minified with cssnano.
JS files will be optimized with bublé,
likewise for browsers compatibility.
Afterwards they will be minified with terser.
Unprocessed CSS & JS files will now be located at src directory, while
the processed results will be located at dist directory.
Due to bublé, the JS files should now be compatible up to IE 11
at the minimum.
Previously the safe would not work in IE 11 due to extensive usage of
template literals.
Due to that as well, JS files in src directory will now extensively use
arrow functions for my personal comfort (as they will be converted too).
The server will use the processed files at dist directory by default.
If you want to rebuild the files by your own, you can run "yarn build".
Gulp is a development dependency, so make sure you have installed all
development dependencies (e.i. NOT using "yarn install --production").
---
yarn lint -> gulp lint
yarn build -> gulp default
yarn watch -> gulp watch
yarn develop -> env NODE_ENV=development yarn watch
---
Fixed not being able to demote staff into normal users.
/api/token/verify will no longer respond with 401 HTTP error code,
unless an error occurred (which will be 500 HTTP error code).
Fixed /nojs route not displaying file's original name when a duplicate
is found on the server.
Removed is-breeze CSS class name, in favor of Bulma's is-info.
Removed custom styling from auth page, in favor of global styling.
Removed all usage of style HTML attribute in favor of CSS classes.
Renamed js/s/ to js/misc/.
Use loading spinners on dashboard's sidebar menus.
Disable all other sidebar menus when something is loading.
Changed title HTML attribute of disabled control buttons in
uploads & users list.
Hid checkboxes and WIP controls from users list.
Better error messages handling.
Especially homepage will now support CF's HTTP error codes.
Updated various icons.
Also, added fontello config file at public/libs/fontello/config.json.
This should let you edit them more easily with fontello.
Use Gatsby icon for my blog's link in homepage's footer.
A bunch of other improvements here & there.
2019-09-15 06:20:11 +00:00
|
|
|
const config = require('./../config')
|
|
|
|
const logger = require('./../logger')
|
2018-04-13 16:20:57 +00:00
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
const self = {
|
2019-09-17 04:13:41 +00:00
|
|
|
// Don't forget to update max length of text inputs in
|
|
|
|
// home.js & dashboard.js when changing these values
|
2019-09-19 01:27:19 +00:00
|
|
|
titleMaxLength: 70,
|
2019-09-17 04:13:41 +00:00
|
|
|
descMaxLength: 4000,
|
|
|
|
|
2022-07-30 01:01:19 +00:00
|
|
|
onHold: new Set() // temporarily held random album identifiers
|
2019-09-08 01:56:29 +00:00
|
|
|
}
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-31 08:51:32 +00:00
|
|
|
/** Preferences */
|
|
|
|
|
2022-06-22 06:27:38 +00:00
|
|
|
const homeDomain = utils.conf.homeDomain || utils.conf.domain
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-31 08:51:32 +00:00
|
|
|
const albumsPerPage = config.dashboard
|
|
|
|
? Math.max(Math.min(config.dashboard.albumsPerPage || 0, 100), 1)
|
|
|
|
: 25
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
const zipMaxTotalSize = parseInt(config.cloudflare.zipMaxTotalSize)
|
2019-09-19 01:27:19 +00:00
|
|
|
const zipMaxTotalSizeBytes = zipMaxTotalSize * 1e6
|
2019-07-17 23:22:47 +00:00
|
|
|
const zipOptions = config.uploads.jsZipOptions
|
|
|
|
|
|
|
|
// Force 'type' option to 'nodebuffer'
|
|
|
|
zipOptions.type = 'nodebuffer'
|
|
|
|
|
|
|
|
// Apply fallbacks for missing config values
|
2020-10-30 18:12:09 +00:00
|
|
|
if (zipOptions.streamFiles === undefined) zipOptions.streamFiles = true
|
|
|
|
if (zipOptions.compression === undefined) zipOptions.compression = 'DEFLATE'
|
|
|
|
if (zipOptions.compressionOptions === undefined) zipOptions.compressionOptions = {}
|
|
|
|
if (zipOptions.compressionOptions.level === undefined) zipOptions.compressionOptions.level = 1
|
2018-05-09 08:41:30 +00:00
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
self.zipEmitters = new Map()
|
2018-05-09 08:41:30 +00:00
|
|
|
|
|
|
|
class ZipEmitter extends EventEmitter {
|
|
|
|
constructor (identifier) {
|
|
|
|
super()
|
|
|
|
this.identifier = identifier
|
2019-09-08 01:56:29 +00:00
|
|
|
this.once('done', () => self.zipEmitters.delete(this.identifier))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-07-30 01:01:19 +00:00
|
|
|
self.getUniqueAlbumIdentifier = async res => {
|
2019-09-08 01:56:29 +00:00
|
|
|
for (let i = 0; i < utils.idMaxTries; i++) {
|
|
|
|
const identifier = randomstring.generate(config.uploads.albumIdentifierLength)
|
2022-07-30 01:01:19 +00:00
|
|
|
|
|
|
|
if (self.onHold.has(identifier)) {
|
2022-07-30 01:35:26 +00:00
|
|
|
logger.debug(`Identifier ${identifier} is currently held by another album (${i + 1}/${utils.idMaxTries}).`)
|
2022-07-30 01:01:19 +00:00
|
|
|
continue
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
|
|
|
|
// Put token on-hold (wait for it to be inserted to DB)
|
|
|
|
self.onHold.add(identifier)
|
|
|
|
|
2022-06-03 21:21:56 +00:00
|
|
|
const album = await utils.db.table('albums')
|
2019-09-08 01:56:29 +00:00
|
|
|
.where('identifier', identifier)
|
|
|
|
.select('id')
|
|
|
|
.first()
|
|
|
|
if (album) {
|
|
|
|
self.onHold.delete(identifier)
|
2022-07-30 01:35:26 +00:00
|
|
|
logger.debug(`Album with identifier ${identifier} already exists (${i + 1}/${utils.idMaxTries}).`)
|
2019-09-08 01:56:29 +00:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
2022-09-23 23:35:41 +00:00
|
|
|
if (utils.devmode) {
|
|
|
|
logger.debug(`albums.onHold: ${utils.inspect(self.onHold)}`)
|
|
|
|
}
|
|
|
|
|
2022-07-30 01:01:19 +00:00
|
|
|
// Unhold identifier once the Response has been sent
|
|
|
|
if (res) {
|
2022-07-30 01:35:26 +00:00
|
|
|
// Keep in an array for future-proofing
|
|
|
|
// if a single Request needs to generate multiple album identifiers
|
2022-07-30 01:01:19 +00:00
|
|
|
if (!res.locals.identifiers) {
|
|
|
|
res.locals.identifiers = []
|
|
|
|
res.once('finish', () => { self.unholdAlbumIdentifiers(res) })
|
|
|
|
}
|
|
|
|
res.locals.identifiers.push(identifier)
|
|
|
|
}
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
return identifier
|
2018-05-09 08:41:30 +00:00
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2021-01-08 01:44:28 +00:00
|
|
|
throw new ServerError('Failed to allocate a unique identifier for the album. Try again?')
|
2018-05-09 08:41:30 +00:00
|
|
|
}
|
2018-04-18 21:00:36 +00:00
|
|
|
|
2022-07-30 01:01:19 +00:00
|
|
|
self.unholdAlbumIdentifiers = res => {
|
|
|
|
if (!res.locals.identifiers) return
|
|
|
|
|
|
|
|
for (const identifier of res.locals.identifiers) {
|
|
|
|
self.onHold.delete(identifier)
|
2022-09-23 23:35:41 +00:00
|
|
|
|
|
|
|
if (utils.devmode) {
|
|
|
|
logger.debug(`albums.onHold: ${utils.inspect(self.onHold)} -> ${utils.inspect(identifier)}`)
|
|
|
|
}
|
2022-07-30 01:01:19 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
delete res.locals.identifiers
|
|
|
|
}
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.list = async (req, res) => {
|
|
|
|
const all = req.headers.all === '1'
|
|
|
|
const simple = req.headers.simple
|
2022-08-04 14:59:06 +00:00
|
|
|
const ismoderator = perms.is(req.locals.user, 'moderator')
|
|
|
|
if (all && !ismoderator) {
|
|
|
|
return res.status(403).end()
|
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
|
|
|
|
const filter = function () {
|
|
|
|
if (!all) {
|
|
|
|
this.where({
|
|
|
|
enabled: 1,
|
2022-08-04 14:59:06 +00:00
|
|
|
userid: req.locals.user.id
|
2022-07-10 12:46:25 +00:00
|
|
|
})
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
|
|
|
|
2022-07-31 08:51:32 +00:00
|
|
|
// Base result object
|
|
|
|
const result = { success: true, albums: [], albumsPerPage, count: 0, homeDomain }
|
|
|
|
|
2022-07-31 08:55:27 +00:00
|
|
|
// If simple listing (for dashboard sidebar)
|
|
|
|
if (simple) {
|
|
|
|
result.albums = await utils.db.table('albums')
|
|
|
|
.where(filter)
|
|
|
|
.select('id', 'name')
|
|
|
|
result.count = result.albums.length
|
|
|
|
|
|
|
|
return res.json(result)
|
|
|
|
}
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
// Query albums count for pagination
|
2022-07-31 08:51:32 +00:00
|
|
|
result.count = await utils.db.table('albums')
|
2022-07-10 12:46:25 +00:00
|
|
|
.where(filter)
|
|
|
|
.count('id as count')
|
|
|
|
.then(rows => rows[0].count)
|
2022-07-31 08:51:32 +00:00
|
|
|
if (!result.count) {
|
|
|
|
return res.json(result)
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-07-31 08:51:32 +00:00
|
|
|
let offset = req.path_parameters && Number(req.path_parameters.page)
|
|
|
|
if (isNaN(offset)) {
|
|
|
|
offset = 0
|
|
|
|
} else if (offset < 0) {
|
|
|
|
offset = Math.max(0, Math.ceil(result.count / albumsPerPage) + offset)
|
|
|
|
}
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-31 08:55:27 +00:00
|
|
|
const fields = ['id', 'name', 'identifier', 'enabled', 'timestamp', 'editedAt', 'zipGeneratedAt', 'download', 'public', 'description']
|
2022-07-31 08:51:32 +00:00
|
|
|
if (all) {
|
|
|
|
fields.push('userid')
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-31 08:51:32 +00:00
|
|
|
result.albums = await utils.db.table('albums')
|
|
|
|
.where(filter)
|
|
|
|
.limit(albumsPerPage)
|
|
|
|
.offset(albumsPerPage * offset)
|
|
|
|
.select(fields)
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const albumids = {}
|
2022-07-31 08:51:32 +00:00
|
|
|
for (const album of result.albums) {
|
2022-07-10 12:46:25 +00:00
|
|
|
album.download = album.download !== 0
|
|
|
|
album.public = album.public !== 0
|
|
|
|
album.uploads = 0
|
|
|
|
album.size = 0
|
|
|
|
album.zipSize = null
|
|
|
|
album.descriptionHtml = album.description
|
|
|
|
? utils.md.instance.render(album.description)
|
|
|
|
: ''
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
// Map by IDs
|
|
|
|
albumids[album.id] = album
|
|
|
|
}
|
|
|
|
|
|
|
|
const getAlbumZipSize = async album => {
|
|
|
|
if (!album.zipGeneratedAt) return
|
|
|
|
try {
|
|
|
|
const filePath = path.join(paths.zips, `${album.identifier}.zip`)
|
|
|
|
const stats = await paths.stat(filePath)
|
|
|
|
albumids[album.id].zipSize = stats.size
|
|
|
|
} catch (error) {
|
|
|
|
if (error.code !== 'ENOENT') logger.error(error)
|
2021-02-12 08:48:40 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2021-02-12 08:48:40 +00:00
|
|
|
|
2022-07-31 08:51:32 +00:00
|
|
|
await Promise.all(result.albums.map(album => getAlbumZipSize(album)))
|
2021-02-12 08:48:40 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const uploads = await utils.db.table('files')
|
|
|
|
.whereIn('albumid', Object.keys(albumids))
|
|
|
|
.select('albumid', 'size')
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
for (const upload of uploads) {
|
|
|
|
if (albumids[upload.albumid]) {
|
|
|
|
albumids[upload.albumid].uploads++
|
|
|
|
albumids[upload.albumid].size += parseInt(upload.size)
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
// If we are not listing all albums, send response
|
|
|
|
if (!all) {
|
2022-07-31 08:51:32 +00:00
|
|
|
return res.json(result)
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
// Otherwise proceed to querying usernames
|
2022-07-31 08:51:32 +00:00
|
|
|
const userids = result.albums
|
2022-07-10 12:46:25 +00:00
|
|
|
.map(album => album.userid)
|
2022-07-31 08:51:32 +00:00
|
|
|
.filter(utils.filterUniquifySqlArray)
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
// If there are no albums attached to a registered user, send response
|
|
|
|
if (!userids.length) {
|
2022-07-31 08:51:32 +00:00
|
|
|
return res.json(result)
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
// Query usernames of user IDs from currently selected files
|
|
|
|
const usersTable = await utils.db.table('users')
|
|
|
|
.whereIn('id', userids)
|
|
|
|
.select('id', 'username')
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-31 08:51:32 +00:00
|
|
|
result.users = {}
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
for (const user of usersTable) {
|
2022-07-31 08:51:32 +00:00
|
|
|
result.users[user.id] = user.username
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-31 08:51:32 +00:00
|
|
|
return res.json(result)
|
2018-01-23 20:06:30 +00:00
|
|
|
}
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.create = async (req, res) => {
|
|
|
|
const name = typeof req.body.name === 'string'
|
|
|
|
? utils.escape(req.body.name.trim().substring(0, self.titleMaxLength))
|
|
|
|
: ''
|
2018-01-23 20:06:30 +00:00
|
|
|
|
2022-08-04 14:59:06 +00:00
|
|
|
if (!name) {
|
|
|
|
throw new ClientError('No album name specified.')
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const album = await utils.db.table('albums')
|
|
|
|
.where({
|
2019-09-08 01:56:29 +00:00
|
|
|
name,
|
|
|
|
enabled: 1,
|
2022-08-04 14:59:06 +00:00
|
|
|
userid: req.locals.user.id
|
2018-04-28 17:26:39 +00:00
|
|
|
})
|
2022-07-10 12:46:25 +00:00
|
|
|
.first()
|
|
|
|
|
2022-08-04 14:59:06 +00:00
|
|
|
if (album) {
|
|
|
|
throw new ClientError('Album name already in use.', { statusCode: 403 })
|
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
|
2022-07-30 01:01:19 +00:00
|
|
|
const identifier = await self.getUniqueAlbumIdentifier(res)
|
2022-07-10 12:46:25 +00:00
|
|
|
|
2022-08-09 10:00:26 +00:00
|
|
|
const ids = await utils.db.table('albums')
|
|
|
|
.insert({
|
|
|
|
name,
|
|
|
|
enabled: 1,
|
|
|
|
userid: req.locals.user.id,
|
|
|
|
identifier,
|
|
|
|
timestamp: Math.floor(Date.now() / 1000),
|
|
|
|
editedAt: 0,
|
|
|
|
zipGeneratedAt: 0,
|
|
|
|
download: (req.body.download === false || req.body.download === 0) ? 0 : 1,
|
|
|
|
public: (req.body.public === false || req.body.public === 0) ? 0 : 1,
|
|
|
|
description: typeof req.body.description === 'string'
|
|
|
|
? utils.escape(req.body.description.trim().substring(0, self.descMaxLength))
|
|
|
|
: ''
|
|
|
|
})
|
2022-07-30 01:01:19 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
utils.invalidateStatsCache('albums')
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
return res.json({ success: true, id: ids[0] })
|
2018-04-28 17:26:39 +00:00
|
|
|
}
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.delete = async (req, res) => {
|
2022-08-04 14:59:06 +00:00
|
|
|
// Re-map Request.body for .disable()
|
|
|
|
req.body.del = true
|
2022-07-22 01:40:40 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
return self.disable(req, res)
|
2020-06-01 04:44:16 +00:00
|
|
|
}
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.disable = async (req, res) => {
|
2022-08-04 14:59:06 +00:00
|
|
|
const ismoderator = perms.is(req.locals.user, 'moderator')
|
2022-05-05 06:58:54 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const id = parseInt(req.body.id)
|
2022-08-04 14:59:06 +00:00
|
|
|
if (isNaN(id)) {
|
|
|
|
throw new ClientError('No album specified.')
|
|
|
|
}
|
2022-05-05 07:30:41 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const purge = req.body.purge
|
2022-08-04 14:59:06 +00:00
|
|
|
|
|
|
|
// Only allow moderators to delete other users' albums
|
2022-07-10 12:46:25 +00:00
|
|
|
const del = ismoderator ? req.body.del : false
|
2022-05-05 07:30:41 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const filter = function () {
|
|
|
|
this.where('id', id)
|
2022-05-05 07:30:41 +00:00
|
|
|
|
2022-08-04 14:59:06 +00:00
|
|
|
// Only allow moderators to disable other users' albums
|
2022-07-10 12:46:25 +00:00
|
|
|
if (!ismoderator) {
|
|
|
|
this.andWhere({
|
|
|
|
enabled: 1,
|
2022-08-04 14:59:06 +00:00
|
|
|
userid: req.locals.user.id
|
2022-07-10 12:46:25 +00:00
|
|
|
})
|
2022-05-05 07:30:41 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2022-05-05 07:30:41 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const album = await utils.db.table('albums')
|
|
|
|
.where(filter)
|
|
|
|
.first()
|
2022-05-05 07:30:41 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (!album) {
|
|
|
|
throw new ClientError('Could not get album with the specified ID.')
|
|
|
|
}
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (purge) {
|
|
|
|
const files = await utils.db.table('files')
|
|
|
|
.where({
|
|
|
|
albumid: id,
|
|
|
|
userid: album.userid
|
|
|
|
})
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (files.length) {
|
|
|
|
const ids = files.map(file => file.id)
|
2022-08-04 14:59:06 +00:00
|
|
|
const failed = await utils.bulkDeleteFromDb('id', ids, req.locals.user)
|
2022-07-10 12:46:25 +00:00
|
|
|
if (failed.length) {
|
|
|
|
return res.json({ success: false, failed })
|
2019-09-08 01:56:29 +00:00
|
|
|
}
|
2018-03-30 02:39:53 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
utils.invalidateStatsCache('uploads')
|
|
|
|
}
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (del) {
|
|
|
|
await utils.db.table('albums')
|
|
|
|
.where(filter)
|
|
|
|
.first()
|
|
|
|
.del()
|
|
|
|
} else {
|
|
|
|
await utils.db.table('albums')
|
|
|
|
.where(filter)
|
|
|
|
.first()
|
|
|
|
.update('enabled', 0)
|
|
|
|
}
|
|
|
|
utils.deleteStoredAlbumRenders([id])
|
|
|
|
utils.invalidateStatsCache('albums')
|
|
|
|
|
|
|
|
try {
|
|
|
|
await paths.unlink(path.join(paths.zips, `${album.identifier}.zip`))
|
|
|
|
} catch (error) {
|
|
|
|
// Re-throw non-ENOENT error
|
2022-08-04 14:59:06 +00:00
|
|
|
if (error.code !== 'ENOENT') {
|
|
|
|
throw error
|
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2022-05-05 06:58:54 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
return res.json({ success: true })
|
2018-01-23 20:06:30 +00:00
|
|
|
}
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.edit = async (req, res) => {
|
2022-08-04 14:59:06 +00:00
|
|
|
const ismoderator = perms.is(req.locals.user, 'moderator')
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const id = parseInt(req.body.id)
|
2022-08-04 14:59:06 +00:00
|
|
|
if (isNaN(id)) {
|
|
|
|
throw new ClientError('No album specified.')
|
|
|
|
}
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const name = typeof req.body.name === 'string'
|
|
|
|
? utils.escape(req.body.name.trim().substring(0, self.titleMaxLength))
|
|
|
|
: ''
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-08-04 14:59:06 +00:00
|
|
|
if (!name) {
|
|
|
|
throw new ClientError('No album name specified.')
|
|
|
|
}
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const filter = function () {
|
|
|
|
this.where('id', id)
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-08-04 14:59:06 +00:00
|
|
|
// Only allow moderators to edit other users' albums
|
2022-07-10 12:46:25 +00:00
|
|
|
if (!ismoderator) {
|
|
|
|
this.andWhere({
|
|
|
|
enabled: 1,
|
2022-08-04 14:59:06 +00:00
|
|
|
userid: req.locals.user.id
|
2022-07-10 12:46:25 +00:00
|
|
|
})
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const album = await utils.db.table('albums')
|
|
|
|
.where(filter)
|
|
|
|
.first()
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (!album) {
|
|
|
|
throw new ClientError('Could not get album with the specified ID.')
|
|
|
|
}
|
2021-01-08 01:44:28 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const albumNewState = (ismoderator && typeof req.body.enabled !== 'undefined')
|
|
|
|
? Boolean(req.body.enabled)
|
|
|
|
: null
|
2021-01-08 01:44:28 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const nameInUse = await utils.db.table('albums')
|
|
|
|
.where({
|
|
|
|
name,
|
|
|
|
enabled: 1,
|
2022-08-04 14:59:06 +00:00
|
|
|
userid: req.locals.user.id
|
2022-07-10 12:46:25 +00:00
|
|
|
})
|
|
|
|
.whereNot('id', id)
|
|
|
|
.first()
|
2021-01-08 01:44:28 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if ((album.enabled || (albumNewState === true)) && nameInUse) {
|
2022-08-04 14:59:06 +00:00
|
|
|
if (req._legacy) {
|
|
|
|
// Legacy rename API (stick with 200 status code for this)
|
2022-07-10 12:46:25 +00:00
|
|
|
throw new ClientError('You did not specify a new name.', { statusCode: 200 })
|
|
|
|
} else {
|
|
|
|
throw new ClientError('Album name already in use.', { statusCode: 403 })
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const update = {
|
|
|
|
name,
|
|
|
|
download: Boolean(req.body.download),
|
|
|
|
public: Boolean(req.body.public),
|
|
|
|
description: typeof req.body.description === 'string'
|
|
|
|
? utils.escape(req.body.description.trim().substring(0, self.descMaxLength))
|
|
|
|
: ''
|
|
|
|
}
|
2019-10-06 23:11:07 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (albumNewState !== null) {
|
|
|
|
update.enabled = albumNewState
|
|
|
|
}
|
2020-06-01 04:44:16 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (req.body.requestLink) {
|
2022-07-30 01:01:19 +00:00
|
|
|
update.identifier = await self.getUniqueAlbumIdentifier(res)
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2019-10-06 23:11:07 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
await utils.db.table('albums')
|
|
|
|
.where(filter)
|
|
|
|
.update(update)
|
2022-07-30 01:01:19 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
utils.deleteStoredAlbumRenders([id])
|
|
|
|
utils.invalidateStatsCache('albums')
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (req.body.requestLink) {
|
|
|
|
// Rename zip archive of the album if it exists
|
|
|
|
try {
|
|
|
|
const oldZip = path.join(paths.zips, `${album.identifier}.zip`)
|
|
|
|
const newZip = path.join(paths.zips, `${update.identifier}.zip`)
|
|
|
|
await paths.rename(oldZip, newZip)
|
|
|
|
} catch (error) {
|
|
|
|
// Re-throw non-ENOENT error
|
2022-08-04 14:59:06 +00:00
|
|
|
if (error.code !== 'ENOENT') {
|
|
|
|
throw error
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
|
|
|
|
return res.json({
|
|
|
|
success: true,
|
|
|
|
identifier: update.identifier
|
|
|
|
})
|
|
|
|
} else {
|
|
|
|
return res.json({ success: true, name })
|
|
|
|
}
|
2018-04-28 17:26:39 +00:00
|
|
|
}
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.rename = async (req, res) => {
|
2022-08-04 14:59:06 +00:00
|
|
|
// Re-map Request.body for .edit()
|
|
|
|
req.body = {
|
|
|
|
_legacy: true,
|
|
|
|
name: req.body.name
|
|
|
|
}
|
2022-07-22 01:40:40 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
return self.edit(req, res)
|
2018-01-23 20:06:30 +00:00
|
|
|
}
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.get = async (req, res) => {
|
2022-07-21 19:03:59 +00:00
|
|
|
const identifier = req.path_parameters && req.path_parameters.identifier
|
2022-07-10 12:46:25 +00:00
|
|
|
if (identifier === undefined) {
|
|
|
|
throw new ClientError('No identifier provided.')
|
|
|
|
}
|
2021-01-08 00:29:14 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const album = await utils.db.table('albums')
|
|
|
|
.where({
|
|
|
|
identifier,
|
|
|
|
enabled: 1
|
|
|
|
})
|
|
|
|
.first()
|
2018-04-28 17:26:39 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (!album || album.public === 0) {
|
|
|
|
throw new ClientError('Album not found.', { statusCode: 404 })
|
|
|
|
}
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const title = album.name
|
|
|
|
const files = await utils.db.table('files')
|
|
|
|
.select('name')
|
|
|
|
.where('albumid', album.id)
|
|
|
|
.orderBy('id', 'desc')
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
for (const file of files) {
|
2022-07-21 18:44:15 +00:00
|
|
|
if (req.locals.upstreamCompat) {
|
2022-07-10 12:46:25 +00:00
|
|
|
file.url = `${utils.conf.domain}/${file.name}`
|
|
|
|
} else {
|
|
|
|
file.file = `${utils.conf.domain}/${file.name}`
|
2019-09-08 01:56:29 +00:00
|
|
|
}
|
2017-01-30 01:17:49 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const extname = utils.extname(file.name)
|
|
|
|
if (utils.mayGenerateThumb(extname)) {
|
|
|
|
file.thumb = `${utils.conf.domain}/thumbs/${file.name.slice(0, -extname.length)}.png`
|
2022-07-21 18:44:15 +00:00
|
|
|
if (req.locals.upstreamCompat) {
|
|
|
|
file.thumbSquare = file.thumb
|
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return res.json({
|
|
|
|
success: true,
|
|
|
|
description: 'Successfully retrieved files.',
|
|
|
|
title,
|
|
|
|
download: Boolean(album.download),
|
|
|
|
count: files.length,
|
|
|
|
files
|
|
|
|
})
|
2018-01-23 20:06:30 +00:00
|
|
|
}
|
2017-10-04 05:05:38 +00:00
|
|
|
|
2022-07-21 18:44:15 +00:00
|
|
|
self.getUpstreamCompat = async (req, res) => {
|
|
|
|
// If requested via /api/album/:identifier,
|
|
|
|
// map to .get() with chibisafe/upstream compatibility
|
|
|
|
// This API is known to be used in Pitu/Magane
|
|
|
|
req.locals.upstreamCompat = true
|
2022-08-04 14:59:06 +00:00
|
|
|
|
2022-07-21 18:44:15 +00:00
|
|
|
res._json = res.json
|
|
|
|
res.json = (body = {}) => {
|
|
|
|
// Rebuild JSON payload to match lolisafe upstream
|
|
|
|
const rebuild = {}
|
|
|
|
const maps = {
|
|
|
|
success: null,
|
|
|
|
description: 'message',
|
|
|
|
title: 'name',
|
|
|
|
download: 'downloadEnabled',
|
|
|
|
count: null
|
|
|
|
}
|
|
|
|
|
|
|
|
Object.keys(body).forEach(key => {
|
|
|
|
if (maps[key] !== undefined) {
|
|
|
|
if (maps[key]) rebuild[maps[key]] = body[key]
|
|
|
|
} else {
|
|
|
|
rebuild[key] = body[key]
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
2022-08-04 14:59:06 +00:00
|
|
|
if (rebuild.message) {
|
|
|
|
rebuild.message = rebuild.message.replace(/\.$/, '')
|
|
|
|
}
|
|
|
|
|
2022-07-21 18:44:15 +00:00
|
|
|
return res._json(rebuild)
|
|
|
|
}
|
|
|
|
|
|
|
|
return self.get(req, res)
|
|
|
|
}
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.generateZip = async (req, res) => {
|
2022-07-21 19:02:59 +00:00
|
|
|
const versionString = parseInt(req.query_parameters.v)
|
2018-04-26 21:04:21 +00:00
|
|
|
|
2022-07-21 19:03:59 +00:00
|
|
|
const identifier = req.path_parameters && req.path_parameters.identifier
|
2022-07-10 12:46:25 +00:00
|
|
|
if (identifier === undefined) {
|
|
|
|
throw new ClientError('No identifier provided.')
|
|
|
|
}
|
2018-01-23 20:06:30 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (!config.uploads.generateZips) {
|
|
|
|
throw new ClientError('ZIP generation disabled.', { statusCode: 403 })
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const album = await utils.db.table('albums')
|
|
|
|
.where({
|
|
|
|
identifier,
|
|
|
|
enabled: 1
|
|
|
|
})
|
|
|
|
.first()
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (!album) {
|
|
|
|
throw new ClientError('Album not found.', { statusCode: 404 })
|
|
|
|
} else if (album.download === 0) {
|
|
|
|
throw new ClientError('Download for this album is disabled.', { statusCode: 403 })
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if ((isNaN(versionString) || versionString <= 0) && album.editedAt) {
|
|
|
|
return res.redirect(`${album.identifier}?v=${album.editedAt}`)
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (album.zipGeneratedAt > album.editedAt) {
|
|
|
|
try {
|
|
|
|
const filePath = path.join(paths.zips, `${identifier}.zip`)
|
|
|
|
await paths.access(filePath)
|
|
|
|
await res.download(filePath, `${album.name}.zip`)
|
|
|
|
return
|
|
|
|
} catch (error) {
|
|
|
|
// Re-throw non-ENOENT error
|
2022-08-04 14:59:06 +00:00
|
|
|
if (error.code !== 'ENOENT') {
|
|
|
|
throw error
|
|
|
|
}
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2018-04-28 17:26:39 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
if (self.zipEmitters.has(identifier)) {
|
|
|
|
return new Promise((resolve, reject) => {
|
|
|
|
logger.log(`Waiting previous zip task for album: ${identifier}.`)
|
|
|
|
self.zipEmitters.get(identifier).once('done', (filePath, fileName, clientErr) => {
|
|
|
|
if (filePath && fileName) {
|
|
|
|
resolve({ filePath, fileName })
|
|
|
|
} else if (clientErr) {
|
|
|
|
reject(clientErr)
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
})
|
2022-07-10 12:46:25 +00:00
|
|
|
}).then(obj => {
|
|
|
|
return res.download(obj.filePath, obj.fileName)
|
|
|
|
})
|
|
|
|
}
|
2018-05-09 08:41:30 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.zipEmitters.set(identifier, new ZipEmitter(identifier))
|
2018-05-09 08:41:30 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
logger.log(`Starting zip task for album: ${identifier}.`)
|
2018-04-28 17:26:39 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const files = await utils.db.table('files')
|
|
|
|
.select('name', 'size')
|
|
|
|
.where('albumid', album.id)
|
|
|
|
if (files.length === 0) {
|
|
|
|
logger.log(`Finished zip task for album: ${identifier} (no files).`)
|
|
|
|
const clientErr = new ClientError('There are no files in the album.', { statusCode: 200 })
|
|
|
|
self.zipEmitters.get(identifier).emit('done', null, null, clientErr)
|
|
|
|
throw clientErr
|
|
|
|
}
|
|
|
|
|
|
|
|
if (zipMaxTotalSize) {
|
|
|
|
const totalSizeBytes = files.reduce((accumulator, file) => accumulator + parseInt(file.size), 0)
|
|
|
|
if (totalSizeBytes > zipMaxTotalSizeBytes) {
|
|
|
|
logger.log(`Finished zip task for album: ${identifier} (size exceeds).`)
|
|
|
|
const clientErr = new ClientError(`Total size of all files in the album exceeds ${zipMaxTotalSize} MB limit.`, { statusCode: 403 })
|
2021-01-08 01:44:28 +00:00
|
|
|
self.zipEmitters.get(identifier).emit('done', null, null, clientErr)
|
|
|
|
throw clientErr
|
2018-04-26 21:04:21 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
}
|
2018-01-23 20:06:30 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const zipPath = path.join(paths.zips, `${album.identifier}.zip`)
|
|
|
|
const archive = new Zip()
|
|
|
|
|
|
|
|
try {
|
|
|
|
// Since we are adding all files concurrently,
|
|
|
|
// their order in the ZIP file may not be in alphabetical order.
|
|
|
|
// However, ZIP viewers in general should sort the files themselves.
|
|
|
|
await Promise.all(files.map(async file => {
|
|
|
|
const data = await paths.readFile(path.join(paths.uploads, file.name))
|
|
|
|
archive.file(file.name, data)
|
|
|
|
}))
|
|
|
|
await new Promise((resolve, reject) => {
|
|
|
|
archive.generateNodeStream(zipOptions)
|
|
|
|
.pipe(fs.createWriteStream(zipPath))
|
|
|
|
.on('error', error => reject(error))
|
|
|
|
.on('finish', () => resolve())
|
|
|
|
})
|
|
|
|
} catch (error) {
|
|
|
|
logger.error(error)
|
|
|
|
throw new ServerError(error.message)
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
logger.log(`Finished zip task for album: ${identifier} (success).`)
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
await utils.db.table('albums')
|
|
|
|
.where('id', album.id)
|
|
|
|
.update('zipGeneratedAt', Math.floor(Date.now() / 1000))
|
|
|
|
utils.invalidateStatsCache('albums')
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const filePath = path.join(paths.zips, `${identifier}.zip`)
|
|
|
|
const fileName = `${album.name}.zip`
|
2019-09-08 01:56:29 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.zipEmitters.get(identifier).emit('done', filePath, fileName)
|
|
|
|
return res.download(filePath, fileName)
|
2018-01-23 20:06:30 +00:00
|
|
|
}
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
self.addFiles = async (req, res) => {
|
|
|
|
const ids = req.body.ids
|
|
|
|
if (!Array.isArray(ids) || !ids.length) {
|
|
|
|
throw new ClientError('No files specified.')
|
|
|
|
}
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-08-09 10:18:56 +00:00
|
|
|
const issuperadmin = perms.is(req.locals.user, 'superadmin')
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
let albumid = parseInt(req.body.albumid)
|
2022-08-04 14:59:06 +00:00
|
|
|
if (isNaN(albumid) || albumid < 0) {
|
|
|
|
albumid = null
|
|
|
|
}
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const failed = []
|
|
|
|
const albumids = []
|
2022-08-09 10:18:56 +00:00
|
|
|
|
|
|
|
// Wrap within a Promise then-async block for custom error handling
|
2022-07-10 12:46:25 +00:00
|
|
|
return Promise.resolve().then(async () => {
|
2019-09-08 01:56:29 +00:00
|
|
|
if (albumid !== null) {
|
2022-06-03 21:21:56 +00:00
|
|
|
const album = await utils.db.table('albums')
|
2019-09-08 01:56:29 +00:00
|
|
|
.where('id', albumid)
|
|
|
|
.where(function () {
|
2022-08-09 10:18:56 +00:00
|
|
|
// Only allow superadmins to arbitrarily add/remove files to/from any albums
|
2022-08-04 14:59:06 +00:00
|
|
|
// NOTE: Dashboard does not facilitate this, intended for manual API calls
|
2022-08-09 10:18:56 +00:00
|
|
|
if (!issuperadmin) {
|
2022-08-04 14:59:06 +00:00
|
|
|
this.where('userid', req.locals.user.id)
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
})
|
|
|
|
.first()
|
2018-04-05 03:10:10 +00:00
|
|
|
|
2020-10-30 18:12:09 +00:00
|
|
|
if (!album) {
|
2021-01-08 02:22:31 +00:00
|
|
|
throw new ClientError('Album does not exist or it does not belong to the user.', { statusCode: 404 })
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2018-04-05 03:10:10 +00:00
|
|
|
|
2022-08-09 10:18:56 +00:00
|
|
|
// Insert this album's ID into "albumids" array to be updated later
|
2019-09-08 01:56:29 +00:00
|
|
|
albumids.push(albumid)
|
|
|
|
}
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-08-09 10:18:56 +00:00
|
|
|
// Query all owned files matching submitted IDs
|
2022-06-03 21:21:56 +00:00
|
|
|
const files = await utils.db.table('files')
|
2019-09-08 01:56:29 +00:00
|
|
|
.whereIn('id', ids)
|
2022-08-04 14:59:06 +00:00
|
|
|
.where('userid', req.locals.user.id)
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-08-09 10:18:56 +00:00
|
|
|
// Push IDs not found in database into "failed" array
|
2022-07-10 12:46:25 +00:00
|
|
|
failed.push(...ids.filter(id => !files.find(file => file.id === id)))
|
2018-03-30 02:39:53 +00:00
|
|
|
|
2022-08-09 10:18:56 +00:00
|
|
|
await utils.db.transaction(async trx => {
|
|
|
|
// Update files' associated album IDs
|
|
|
|
await trx('files')
|
|
|
|
.whereIn('id', files.map(file => file.id))
|
|
|
|
.update('albumid', albumid)
|
|
|
|
utils.invalidateStatsCache('albums')
|
|
|
|
|
|
|
|
// Insert all previous albums' IDs into "albumids" array to be updated later
|
|
|
|
files.forEach(file => {
|
|
|
|
if (file.albumid && !albumids.includes(file.albumid)) {
|
|
|
|
albumids.push(file.albumid)
|
|
|
|
}
|
|
|
|
})
|
2018-05-10 17:25:52 +00:00
|
|
|
|
2022-08-09 10:18:56 +00:00
|
|
|
// Update all relevant albums' "editedAt" timestamp
|
|
|
|
await trx('albums')
|
|
|
|
.whereIn('id', albumids)
|
|
|
|
.update('editedAt', Math.floor(Date.now() / 1000))
|
|
|
|
utils.deleteStoredAlbumRenders(albumids)
|
2018-05-10 17:25:52 +00:00
|
|
|
})
|
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
return res.json({ success: true, failed })
|
2022-07-10 07:11:29 +00:00
|
|
|
}).catch(error => {
|
2021-01-08 00:29:14 +00:00
|
|
|
if (Array.isArray(failed) && (failed.length === ids.length)) {
|
2022-07-10 12:46:25 +00:00
|
|
|
throw new ServerError(`Could not ${albumid === null ? 'add' : 'remove'} any files ${albumid === null ? 'to' : 'from'} the album.`)
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
throw error
|
2022-07-10 07:11:29 +00:00
|
|
|
})
|
2018-03-30 02:39:53 +00:00
|
|
|
}
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
module.exports = self
|