wikijs-fork/server/controllers/uploads.js

'use strict'

/* global wiki */

const express = require('express')
const router = express.Router()

const readChunk = require('read-chunk')
const fileType = require('file-type')
const Promise = require('bluebird')
const fs = Promise.promisifyAll(require('fs-extra'))
const path = require('path')
const _ = require('lodash')

const validPathRe = new RegExp('^([a-z0-9/-' + wiki.data.regex.cjk + wiki.data.regex.arabic + ']+\\.[a-z0-9]+)$')
const validPathThumbsRe = new RegExp('^([a-z0-9]+\\.png)$')

// ==========================================
// SERVE UPLOADS FILES
// ==========================================

router.get('/t/*', (req, res, next) => {
  let fileName = req.params[0]
  if (!validPathThumbsRe.test(fileName)) {
    return res.sendStatus(404).end()
  }

  // todo: Authentication-based access

  res.sendFile(fileName, {
    root: wiki.disk.getThumbsPath(),
    dotfiles: 'deny'
  }, (err) => {
    if (err) {
      res.status(err.status).end()
    }
  })
})

// router.post('/img', wiki.disk.uploadImgHandler, (req, res, next) => {
//   let destFolder = _.chain(req.body.folder).trim().toLower().value()

//   wiki.upl.validateUploadsFolder(destFolder).then((destFolderPath) => {
//     if (!destFolderPath) {
//       res.json({ ok: false, msg: wiki.lang.t('errors:invalidfolder') })
//       return true
//     }

//     Promise.map(req.files, (f) => {
//       let destFilename = ''
//       let destFilePath = ''

//       return wiki.disk.validateUploadsFilename(f.originalname, destFolder, true).then((fname) => {
//         destFilename = fname
//         destFilePath = path.resolve(destFolderPath, destFilename)

//         return readChunk(f.path, 0, 262)
//       }).then((buf) => {
//         // -> Check MIME type by magic number

//         let mimeInfo = fileType(buf)
//         if (!_.includes(['image/png', 'image/jpeg', 'image/gif', 'image/webp'], mimeInfo.mime)) {
//           return Promise.reject(new Error(wiki.lang.t('errors:invalidfiletype')))
//         }
//         return true
//       }).then(() => {
//         // -> Move file to final destination

//         return fs.moveAsync(f.path, destFilePath, { clobber: false })
//       }).then(() => {
//         return {
//           ok: true,
//           filename: destFilename,
//           filesize: f.size
//         }
//       }).reflect()
//     }, {concurrency: 3}).then((results) => {
//       let uplResults = _.map(results, (r) => {
//         if (r.isFulfilled()) {
//           return r.value()
//         } else {
//           return {
//             ok: false,
//             msg: r.reason().message
//           }
//         }
//       })
//       res.json({ ok: true, results: uplResults })
//       return true
//     }).catch((err) => {
//       res.json({ ok: false, msg: err.message })
//       return true
//     })
//   })
// })

// router.post('/file', wiki.disk.uploadFileHandler, (req, res, next) => {
//   let destFolder = _.chain(req.body.folder).trim().toLower().value()

//   wiki.upl.validateUploadsFolder(destFolder).then((destFolderPath) => {
//     if (!destFolderPath) {
//       res.json({ ok: false, msg: wiki.lang.t('errors:invalidfolder') })
//       return true
//     }

//     Promise.map(req.files, (f) => {
//       let destFilename = ''
//       let destFilePath = ''

//       return wiki.disk.validateUploadsFilename(f.originalname, destFolder, false).then((fname) => {
//         destFilename = fname
//         destFilePath = path.resolve(destFolderPath, destFilename)

//         // -> Move file to final destination

//         return fs.moveAsync(f.path, destFilePath, { clobber: false })
//       }).then(() => {
//         return {
//           ok: true,
//           filename: destFilename,
//           filesize: f.size
//         }
//       }).reflect()
//     }, {concurrency: 3}).then((results) => {
//       let uplResults = _.map(results, (r) => {
//         if (r.isFulfilled()) {
//           return r.value()
//         } else {
//           return {
//             ok: false,
//             msg: r.reason().message
//           }
//         }
//       })
//       res.json({ ok: true, results: uplResults })
//       return true
//     }).catch((err) => {
//       res.json({ ok: false, msg: err.message })
//       return true
//     })
//   })
// })

// router.get('/*', (req, res, next) => {
//   let fileName = req.params[0]
//   if (!validPathRe.test(fileName)) {
//     return res.sendStatus(404).end()
//   }

//   // todo: Authentication-based access

//   res.sendFile(fileName, {
//     root: wiki.git.getRepoPath() + '/uploads/',
//     dotfiles: 'deny'
//   }, (err) => {
//     if (err) {
//       res.status(err.status).end()
//     }
//   })
// })

module.exports = router
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`'use strict'`
Added uploads handler 2016-09-17 04:26:02 +00:00
refactor: migrate to PostgreSQL + Sequelize 2017-07-23 03:56:46 +00:00			`/* global wiki */`
chore: removed global eslint references 2017-05-13 19:29:00 +00:00
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`const express = require('express')`
			`const router = express.Router()`
Image upload process + right-click menu UI 2016-10-03 04:12:29 +00:00
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`const readChunk = require('read-chunk')`
			`const fileType = require('file-type')`
			`const Promise = require('bluebird')`
			`const fs = Promise.promisifyAll(require('fs-extra'))`
			`const path = require('path')`
			`const _ = require('lodash')`
Added uploads handler 2016-09-17 04:26:02 +00:00
refactor: migrate to PostgreSQL + Sequelize 2017-07-23 03:56:46 +00:00			`const validPathRe = new RegExp('^([a-z0-9/-' + wiki.data.regex.cjk + wiki.data.regex.arabic + ']+\\.[a-z0-9]+)$')`
Removed all native comp. depdencies + fixes 2017-03-04 16:23:34 +00:00			`const validPathThumbsRe = new RegExp('^([a-z0-9]+\\.png)$')`
Added uploads handler 2016-09-17 04:26:02 +00:00
			`// ==========================================`
			`// SERVE UPLOADS FILES`
			`// ==========================================`

Added thumbnail generation + insert image files display + Create page fix 2016-09-25 04:08:49 +00:00			`router.get('/t/*', (req, res, next) => {`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`let fileName = req.params[0]`
			`if (!validPathThumbsRe.test(fileName)) {`
			`return res.sendStatus(404).end()`
			`}`

			`// todo: Authentication-based access`

			`res.sendFile(fileName, {`
refactor: migrate to PostgreSQL + Sequelize 2017-07-23 03:56:46 +00:00			`root: wiki.disk.getThumbsPath(),`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00			`dotfiles: 'deny'`
			`}, (err) => {`
			`if (err) {`
			`res.status(err.status).end()`
			`}`
			`})`
			`})`
Added thumbnail generation + insert image files display + Create page fix 2016-09-25 04:08:49 +00:00
feat: config wizard save 2017-12-17 04:41:16 +00:00			`// router.post('/img', wiki.disk.uploadImgHandler, (req, res, next) => {`
			`// let destFolder = _.chain(req.body.folder).trim().toLower().value()`

			`// wiki.upl.validateUploadsFolder(destFolder).then((destFolderPath) => {`
			`// if (!destFolderPath) {`
			`// res.json({ ok: false, msg: wiki.lang.t('errors:invalidfolder') })`
			`// return true`
			`// }`

			`// Promise.map(req.files, (f) => {`
			`// let destFilename = ''`
			`// let destFilePath = ''`

			`// return wiki.disk.validateUploadsFilename(f.originalname, destFolder, true).then((fname) => {`
			`// destFilename = fname`
			`// destFilePath = path.resolve(destFolderPath, destFilename)`

			`// return readChunk(f.path, 0, 262)`
			`// }).then((buf) => {`
			`// // -> Check MIME type by magic number`

			`// let mimeInfo = fileType(buf)`
			`// if (!_.includes(['image/png', 'image/jpeg', 'image/gif', 'image/webp'], mimeInfo.mime)) {`
			`// return Promise.reject(new Error(wiki.lang.t('errors:invalidfiletype')))`
			`// }`
			`// return true`
			`// }).then(() => {`
			`// // -> Move file to final destination`

			`// return fs.moveAsync(f.path, destFilePath, { clobber: false })`
			`// }).then(() => {`
			`// return {`
			`// ok: true,`
			`// filename: destFilename,`
			`// filesize: f.size`
			`// }`
			`// }).reflect()`
			`// }, {concurrency: 3}).then((results) => {`
			`// let uplResults = _.map(results, (r) => {`
			`// if (r.isFulfilled()) {`
			`// return r.value()`
			`// } else {`
			`// return {`
			`// ok: false,`
			`// msg: r.reason().message`
			`// }`
			`// }`
			`// })`
			`// res.json({ ok: true, results: uplResults })`
			`// return true`
			`// }).catch((err) => {`
			`// res.json({ ok: false, msg: err.message })`
			`// return true`
			`// })`
			`// })`
			`// })`

			`// router.post('/file', wiki.disk.uploadFileHandler, (req, res, next) => {`
			`// let destFolder = _.chain(req.body.folder).trim().toLower().value()`

			`// wiki.upl.validateUploadsFolder(destFolder).then((destFolderPath) => {`
			`// if (!destFolderPath) {`
			`// res.json({ ok: false, msg: wiki.lang.t('errors:invalidfolder') })`
			`// return true`
			`// }`

			`// Promise.map(req.files, (f) => {`
			`// let destFilename = ''`
			`// let destFilePath = ''`

			`// return wiki.disk.validateUploadsFilename(f.originalname, destFolder, false).then((fname) => {`
			`// destFilename = fname`
			`// destFilePath = path.resolve(destFolderPath, destFilename)`

			`// // -> Move file to final destination`

			`// return fs.moveAsync(f.path, destFilePath, { clobber: false })`
			`// }).then(() => {`
			`// return {`
			`// ok: true,`
			`// filename: destFilename,`
			`// filesize: f.size`
			`// }`
			`// }).reflect()`
			`// }, {concurrency: 3}).then((results) => {`
			`// let uplResults = _.map(results, (r) => {`
			`// if (r.isFulfilled()) {`
			`// return r.value()`
			`// } else {`
			`// return {`
			`// ok: false,`
			`// msg: r.reason().message`
			`// }`
			`// }`
			`// })`
			`// res.json({ ok: true, results: uplResults })`
			`// return true`
			`// }).catch((err) => {`
			`// res.json({ ok: false, msg: err.message })`
			`// return true`
			`// })`
			`// })`
			`// })`

			`// router.get('/*', (req, res, next) => {`
			`// let fileName = req.params[0]`
			`// if (!validPathRe.test(fileName)) {`
			`// return res.sendStatus(404).end()`
			`// }`

			`// // todo: Authentication-based access`

			`// res.sendFile(fileName, {`
			`// root: wiki.git.getRepoPath() + '/uploads/',`
			`// dotfiles: 'deny'`
			`// }, (err) => {`
			`// if (err) {`
			`// res.status(err.status).end()`
			`// }`
			`// })`
			`// })`
Standard JS code conversion + fixes 2017-02-09 01:52:37 +00:00
			`module.exports = router`