[wip] add storage apis

frost-community · Oct 9, 2017 · 74ce7c5 · 74ce7c5
1 parent f3f536c
commit 74ce7c5
Show file tree

Hide file tree

Showing 3 changed files with 143 additions and 0 deletions.
diff --git a/package.json b/package.json
@@ -26,6 +26,7 @@
     "compression": "^1.6.2",
     "cpx": "^1.5.0",
     "express": "^4.15.3",
+    "file-type": "^7.0.1",
     "methods": "^1.1.2",
     "moment": "^2.18.0",
     "mongo-sanitize": "^1.0.0",
@@ -34,6 +35,7 @@
     "redis": "^2.7.0",
     "request": "^2.81.0",
     "rimraf": "^2.6.1",
+    "validator": "^9.0.0",
     "websocket": "^1.0.24",
     "websocket-events": "0.0.2"
   },

diff --git a/src/routes/users/id/storage/file_id.js b/src/routes/users/id/storage/file_id.js
@@ -0,0 +1,49 @@
+'use strict';
+
+const ApiResult = require('../../../../helpers/apiResult');
+
+// 対象ファイルの取得
+exports.get = async (request) => {
+	const result = await request.checkRequestAsync({
+		permissions: ['storageRead']
+	});
+
+	if (result != null) {
+		return result;
+	}
+
+	let file;
+	try {
+		file = await request.db.storageFiles.findByIdAsync(request.params.file_id);
+	}
+	catch(err) {
+		// noop
+	}
+
+	if (file == null) {
+		return new ApiResult(204);
+	}
+
+	let accessRightLevel = file.document.accessRight.level;
+
+	if (accessRightLevel == 'private') {
+		if (file.document.creatorId != request.user.document._id) {
+			return new ApiResult(403, 'access denied');
+		}
+	}
+	else if (accessRightLevel == 'specific') {
+		// TODO: 公開してもいいかどうかを判断する
+		return new ApiResult(500, 'not implemented yet');
+	}
+	else if (accessRightLevel != 'public') {
+		return new ApiResult(500, 'unknown access-right level');
+	}
+
+	return new ApiResult(200, {storageFile: file.serialize()});
+};
+
+// 対象ファイルの削除
+exports.delete = async (request) => {
+	// TODO
+	return new ApiResult(500, 'not implemented yet');
+};
diff --git a/src/routes/users/id/storage/index.js b/src/routes/users/id/storage/index.js
@@ -0,0 +1,92 @@
+'use strict';
+
+const ApiResult = require('../../../../helpers/apiResult');
+const getFileType = require('file-type');
+const validator = require('validator');
+
+const supportedMimeTypes = [
+	'image/jpeg',
+	'image/png',
+	'image/gif'
+];
+
+// 新規作成
+exports.post = async (request) => {
+	const result = await request.checkRequestAsync({
+		body: [
+			{name: 'file', type: 'string'}
+		],
+		permissions: ['storageWrite']
+	});
+
+	if (result != null) {
+		return result;
+	}
+
+	const file = request.body.file;
+
+	if (!validator.isBase64(file)) {
+		return new ApiResult(400, 'file is not base64 format');
+	}
+
+	const fileDataBuffer = Buffer.from(file, 'base64');
+
+	// データ形式を取得
+	const fileType = getFileType(fileDataBuffer);
+
+	// サポートされているデータ形式か
+	if (fileType == null || !supportedMimeTypes.some(i => i == fileType.mime)) {
+		return new ApiResult(400, 'file is not supported format');
+	}
+
+	let storageFile;
+
+	try {
+		storageFile = await request.db.storageFiles.createAsync({ // TODO: move to document models
+			creatorId: request.user.document._id,
+			type: fileType.mime.split('/')[0],
+			mimeType: fileType.mime,
+			file: fileDataBuffer,
+			accessRight: {
+				level: 'public', // 'specific' 'private'
+				// users: []
+			}
+		});
+	}
+	catch(err) {
+		console.log(err.trace);
+	}
+
+	if (storageFile == null) {
+		return new ApiResult(500, 'failed to create storage file');
+	}
+
+	return new ApiResult(200, {storageFile: storageFile.serialize()});
+};
+
+// ファイル一覧取得 // TODO: フィルター指定
+exports.get = async (request) => {
+	const result = await request.checkRequestAsync({
+		query: [
+		],
+		permissions: ['storageRead']
+	});
+
+	if (result != null) {
+		return result;
+	}
+
+	let files;
+	try {
+		files = await request.db.storageFiles.findArrayAsync(request.user.document._id);
+	}
+	catch(err) {
+		// noop
+	}
+
+	if (files == null || files.length == 0) {
+		return new ApiResult(204);
+	}
+
+	return new ApiResult(200, {storageFiles: files.map(i => i.serialize())});
+};