Independent mode

This commit is contained in:
LittleSheep 2024-07-25 22:02:26 +08:00
parent acd610464a
commit 9ceb9925dd
7 changed files with 45 additions and 16 deletions

View File

@ -17,6 +17,6 @@ type Attachment struct {
Metadata datatypes.JSONMap `json:"metadata"` Metadata datatypes.JSONMap `json:"metadata"`
IsMature bool `json:"is_mature"` IsMature bool `json:"is_mature"`
Account Account `json:"account"` Account *Account `json:"account"`
AccountID uint `json:"account_id"` AccountID *uint `json:"account_id"`
} }

View File

@ -0,0 +1 @@
package api

View File

@ -2,11 +2,12 @@ package api
import ( import (
"fmt" "fmt"
"net/url"
"path/filepath"
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/database" "git.solsynth.dev/hydrogen/paperclip/pkg/internal/database"
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/gap" "git.solsynth.dev/hydrogen/paperclip/pkg/internal/gap"
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/server/exts" "git.solsynth.dev/hydrogen/paperclip/pkg/internal/server/exts"
"net/url"
"path/filepath"
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/models" "git.solsynth.dev/hydrogen/paperclip/pkg/internal/models"
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/services" "git.solsynth.dev/hydrogen/paperclip/pkg/internal/services"
@ -72,10 +73,13 @@ func getAttachmentMeta(c *fiber.Ctx) error {
} }
func createAttachment(c *fiber.Ctx) error { func createAttachment(c *fiber.Ctx) error {
var user *models.Account
if gap.H != nil {
if err := gap.H.EnsureAuthenticated(c); err != nil { if err := gap.H.EnsureAuthenticated(c); err != nil {
return err return err
} }
user := c.Locals("user").(models.Account) user = lo.ToPtr(c.Locals("user").(models.Account))
}
destName := c.Query("destination", viper.GetString("preferred_destination")) destName := c.Query("destination", viper.GetString("preferred_destination"))
@ -93,9 +97,11 @@ func createAttachment(c *fiber.Ctx) error {
return err return err
} }
if gap.H != nil {
if err := gap.H.EnsureGrantedPerm(c, "CreateAttachments", file.Size); err != nil { if err := gap.H.EnsureGrantedPerm(c, "CreateAttachments", file.Size); err != nil {
return err return err
} }
}
usermeta := make(map[string]any) usermeta := make(map[string]any)
_ = jsoniter.UnmarshalFromString(c.FormValue("metadata"), &usermeta) _ = jsoniter.UnmarshalFromString(c.FormValue("metadata"), &usermeta)
@ -130,6 +136,10 @@ func createAttachment(c *fiber.Ctx) error {
func updateAttachmentMeta(c *fiber.Ctx) error { func updateAttachmentMeta(c *fiber.Ctx) error {
id, _ := c.ParamsInt("id", 0) id, _ := c.ParamsInt("id", 0)
if gap.H == nil {
return fiber.NewError(fiber.StatusUnprocessableEntity, "server running in independent mode, unable to modify attachment meta")
}
if err := gap.H.EnsureAuthenticated(c); err != nil { if err := gap.H.EnsureAuthenticated(c); err != nil {
return err return err
} }
@ -169,6 +179,10 @@ func updateAttachmentMeta(c *fiber.Ctx) error {
func deleteAttachment(c *fiber.Ctx) error { func deleteAttachment(c *fiber.Ctx) error {
id, _ := c.ParamsInt("id", 0) id, _ := c.ParamsInt("id", 0)
if gap.H == nil {
return fiber.NewError(fiber.StatusUnprocessableEntity, "server running in independent mode, unable to delete attachment")
}
if err := gap.H.EnsureAuthenticated(c); err != nil { if err := gap.H.EnsureAuthenticated(c); err != nil {
return err return err
} }
@ -177,7 +191,7 @@ func deleteAttachment(c *fiber.Ctx) error {
attachment, err := services.GetAttachmentByID(uint(id)) attachment, err := services.GetAttachmentByID(uint(id))
if err != nil { if err != nil {
return fiber.NewError(fiber.StatusNotFound, err.Error()) return fiber.NewError(fiber.StatusNotFound, err.Error())
} else if attachment.AccountID != user.ID { } else if attachment.AccountID == nil || *attachment.AccountID != user.ID {
return fiber.NewError(fiber.StatusNotFound, "record not created by you") return fiber.NewError(fiber.StatusNotFound, "record not created by you")
} }

View File

@ -7,6 +7,7 @@ func MapAPIs(app *fiber.App, baseURL string) {
api := app.Group(baseURL).Name("API") api := app.Group(baseURL).Name("API")
{ {
api.Get("/attachments", list)
api.Get("/attachments/:id/meta", getAttachmentMeta) api.Get("/attachments/:id/meta", getAttachmentMeta)
api.Get("/attachments/:id", openAttachment) api.Get("/attachments/:id", openAttachment)
api.Post("/attachments", createAttachment) api.Post("/attachments", createAttachment)

View File

@ -2,12 +2,13 @@ package services
import ( import (
"fmt" "fmt"
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/database"
"mime" "mime"
"mime/multipart" "mime/multipart"
"net/http" "net/http"
"path/filepath" "path/filepath"
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/database"
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/models" "git.solsynth.dev/hydrogen/paperclip/pkg/internal/models"
"github.com/google/uuid" "github.com/google/uuid"
"gorm.io/gorm" "gorm.io/gorm"
@ -47,7 +48,7 @@ func GetAttachmentByHash(hash string) (models.Attachment, error) {
return attachment, nil return attachment, nil
} }
func NewAttachmentMetadata(tx *gorm.DB, user models.Account, file *multipart.FileHeader, attachment models.Attachment) (models.Attachment, bool, error) { func NewAttachmentMetadata(tx *gorm.DB, user *models.Account, file *multipart.FileHeader, attachment models.Attachment) (models.Attachment, bool, error) {
linked := false linked := false
exists, pickupErr := GetAttachmentByHash(attachment.HashCode) exists, pickupErr := GetAttachmentByHash(attachment.HashCode)
if pickupErr == nil { if pickupErr == nil {
@ -57,13 +58,19 @@ func NewAttachmentMetadata(tx *gorm.DB, user models.Account, file *multipart.Fil
exists.Metadata = attachment.Metadata exists.Metadata = attachment.Metadata
attachment = exists attachment = exists
attachment.ID = 0 attachment.ID = 0
attachment.AccountID = user.ID
if user != nil {
attachment.AccountID = &user.ID
}
} else { } else {
// Upload the new file // Upload the new file
attachment.Uuid = uuid.NewString() attachment.Uuid = uuid.NewString()
attachment.Size = file.Size attachment.Size = file.Size
attachment.Name = file.Filename attachment.Name = file.Filename
attachment.AccountID = user.ID
if user != nil {
attachment.AccountID = &user.ID
}
// If the user didn't provide file mimetype manually, we have to detect it // If the user didn't provide file mimetype manually, we have to detect it
if len(attachment.MimeType) == 0 { if len(attachment.MimeType) == 0 {

View File

@ -44,9 +44,13 @@ func main() {
} }
// Connect other services // Connect other services
if !viper.GetBool("independent_mode") {
if err := gap.RegisterService(); err != nil { if err := gap.RegisterService(); err != nil {
log.Error().Err(err).Msg("An error occurred when registering service to dealer...") log.Error().Err(err).Msg("An error occurred when registering service to dealer...")
} }
} else {
log.Warn().Msg("WATCHOUT! Running in independent mode, everyone with access to API can upload their file without authenticate!")
}
// Configure timed tasks // Configure timed tasks
quartz := cron.New(cron.WithLogger(cron.VerbosePrintfLogger(&log.Logger))) quartz := cron.New(cron.WithLogger(cron.VerbosePrintfLogger(&log.Logger)))

View File

@ -5,6 +5,8 @@ grpc_bind = "0.0.0.0:7443"
domain = "usercontent.solsynth.dev" domain = "usercontent.solsynth.dev"
secret = "LtTjzAGFLshwXhN4ZD4nG5KlMv1MWcsvfv03TSZYnT1VhiAnLIZFTnHUwR0XhGgi" secret = "LtTjzAGFLshwXhN4ZD4nG5KlMv1MWcsvfv03TSZYnT1VhiAnLIZFTnHUwR0XhGgi"
independent_mode = false
preferred_destination = "local" preferred_destination = "local"
accepts_usage = ["p.avatar", "p.banner", "i.attachment", "m.attachment"] accepts_usage = ["p.avatar", "p.banner", "i.attachment", "m.attachment"]