2017-07-31 18:17:30 +01:00
|
|
|
// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
|
|
|
|
|
//
|
|
|
|
|
// This software (Documize Community Edition) is licensed under
|
|
|
|
|
// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
|
|
|
|
|
//
|
|
|
|
|
// You can operate outside the AGPL restrictions by purchasing
|
|
|
|
|
// Documize Enterprise Edition and obtaining a commercial license
|
|
|
|
|
// by contacting <sales@documize.com>.
|
|
|
|
|
//
|
|
|
|
|
// https://documize.com
|
|
|
|
|
|
|
|
|
|
package document
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"database/sql"
|
|
|
|
|
"encoding/json"
|
|
|
|
|
"io/ioutil"
|
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
|
|
"github.com/documize/community/core/env"
|
|
|
|
|
"github.com/documize/community/core/request"
|
|
|
|
|
"github.com/documize/community/core/response"
|
|
|
|
|
"github.com/documize/community/core/streamutil"
|
|
|
|
|
"github.com/documize/community/core/stringutil"
|
|
|
|
|
"github.com/documize/community/domain"
|
2017-08-01 10:39:07 +01:00
|
|
|
indexer "github.com/documize/community/domain/search"
|
2017-07-31 18:17:30 +01:00
|
|
|
"github.com/documize/community/domain/space"
|
|
|
|
|
"github.com/documize/community/model/activity"
|
|
|
|
|
"github.com/documize/community/model/audit"
|
|
|
|
|
"github.com/documize/community/model/doc"
|
|
|
|
|
"github.com/documize/community/model/link"
|
|
|
|
|
"github.com/documize/community/model/search"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Handler contains the runtime information such as logging and database.
|
|
|
|
|
type Handler struct {
|
|
|
|
|
Runtime *env.Runtime
|
|
|
|
|
Store *domain.Store
|
2017-08-01 10:39:07 +01:00
|
|
|
Indexer indexer.Indexer
|
2017-07-31 18:17:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get is an endpoint that returns the document-level information for a given documentID.
|
|
|
|
|
func (h *Handler) Get(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
method := "document.get"
|
|
|
|
|
ctx := domain.GetRequestContext(r)
|
|
|
|
|
|
|
|
|
|
id := request.Param(r, "documentID")
|
|
|
|
|
if len(id) == 0 {
|
|
|
|
|
response.WriteMissingDataError(w, method, "documentID")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
document, err := h.Store.Document.Get(ctx, id)
|
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
|
response.WriteNotFoundError(w, method, id)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-02 15:58:39 +01:00
|
|
|
if !CanViewDocumentInFolder(ctx, *h.Store, document.LabelID) {
|
2017-07-31 18:17:30 +01:00
|
|
|
response.WriteForbiddenError(w)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctx.Transaction, err = h.Runtime.Db.Beginx()
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-02 15:58:39 +01:00
|
|
|
err = h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
|
2017-07-31 18:17:30 +01:00
|
|
|
LabelID: document.LabelID,
|
|
|
|
|
SourceID: document.RefID,
|
|
|
|
|
SourceType: activity.SourceTypeDocument,
|
|
|
|
|
ActivityType: activity.TypeRead})
|
|
|
|
|
|
2017-08-02 15:58:39 +01:00
|
|
|
if err != nil {
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-08-02 15:58:39 +01:00
|
|
|
}
|
|
|
|
|
|
2017-07-31 18:17:30 +01:00
|
|
|
h.Store.Audit.Record(ctx, audit.EventTypeDocumentView)
|
|
|
|
|
|
|
|
|
|
ctx.Transaction.Commit()
|
|
|
|
|
|
|
|
|
|
response.WriteJSON(w, document)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Activity is an endpoint returning the activity logs for specified document.
|
|
|
|
|
func (h *Handler) Activity(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
method := "document.activity"
|
|
|
|
|
ctx := domain.GetRequestContext(r)
|
|
|
|
|
|
|
|
|
|
id := request.Param(r, "documentID")
|
|
|
|
|
if len(id) == 0 {
|
|
|
|
|
response.WriteMissingDataError(w, method, "documentID")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
a, err := h.Store.Activity.GetDocumentActivity(ctx, id)
|
|
|
|
|
if err != nil && err != sql.ErrNoRows {
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
response.WriteJSON(w, a)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// DocumentLinks is an endpoint returning the links for a document.
|
|
|
|
|
func (h *Handler) DocumentLinks(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
method := "document.links"
|
|
|
|
|
ctx := domain.GetRequestContext(r)
|
|
|
|
|
|
|
|
|
|
id := request.Param(r, "documentID")
|
|
|
|
|
if len(id) == 0 {
|
|
|
|
|
response.WriteMissingDataError(w, method, "documentID")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
l, err := h.Store.Link.GetDocumentOutboundLinks(ctx, id)
|
|
|
|
|
if len(l) == 0 {
|
|
|
|
|
l = []link.Link{}
|
|
|
|
|
}
|
|
|
|
|
if err != nil && err != sql.ErrNoRows {
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
response.WriteJSON(w, l)
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-18 13:02:15 +01:00
|
|
|
// BySpace is an endpoint that returns the documents for given space.
|
2017-07-31 18:17:30 +01:00
|
|
|
func (h *Handler) BySpace(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
method := "document.space"
|
|
|
|
|
ctx := domain.GetRequestContext(r)
|
|
|
|
|
|
2017-09-18 13:02:15 +01:00
|
|
|
spaceID := request.Query(r, "space")
|
2017-07-31 18:17:30 +01:00
|
|
|
|
2017-09-18 13:02:15 +01:00
|
|
|
if len(spaceID) == 0 {
|
|
|
|
|
response.WriteMissingDataError(w, method, "space")
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-18 13:02:15 +01:00
|
|
|
if !space.CanViewSpace(ctx, *h.Store, spaceID) {
|
2017-07-31 18:17:30 +01:00
|
|
|
response.WriteForbiddenError(w)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-18 13:02:15 +01:00
|
|
|
documents, err := h.Store.Document.GetBySpace(ctx, spaceID)
|
2017-07-31 18:17:30 +01:00
|
|
|
|
|
|
|
|
if len(documents) == 0 {
|
|
|
|
|
documents = []doc.Document{}
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-03 10:00:24 +01:00
|
|
|
if err != nil && err != sql.ErrNoRows {
|
|
|
|
|
response.WriteServerError(w, method, err)
|
|
|
|
|
h.Runtime.Log.Error(method, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-31 18:17:30 +01:00
|
|
|
response.WriteJSON(w, documents)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ByTag is an endpoint that returns the documents with a given tag.
|
|
|
|
|
func (h *Handler) ByTag(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
method := "document.space"
|
|
|
|
|
ctx := domain.GetRequestContext(r)
|
|
|
|
|
|
|
|
|
|
tag := request.Query(r, "tag")
|
|
|
|
|
if len(tag) == 0 {
|
|
|
|
|
response.WriteMissingDataError(w, method, "tag")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
documents, err := h.Store.Document.GetByTag(ctx, tag)
|
|
|
|
|
|
|
|
|
|
if len(documents) == 0 {
|
|
|
|
|
documents = []doc.Document{}
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-03 10:00:24 +01:00
|
|
|
if err != nil && err != sql.ErrNoRows {
|
|
|
|
|
response.WriteServerError(w, method, err)
|
|
|
|
|
h.Runtime.Log.Error(method, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-31 18:17:30 +01:00
|
|
|
response.WriteJSON(w, documents)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Update updates an existing document using the
|
|
|
|
|
// format described in NewDocumentModel() encoded as JSON in the request.
|
|
|
|
|
func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
method := "document.space"
|
|
|
|
|
ctx := domain.GetRequestContext(r)
|
|
|
|
|
|
|
|
|
|
documentID := request.Param(r, "documentID")
|
|
|
|
|
if len(documentID) == 0 {
|
|
|
|
|
response.WriteMissingDataError(w, method, "documentID")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-31 18:01:07 +01:00
|
|
|
// if !ctx.Editor {
|
|
|
|
|
// response.WriteForbiddenError(w)
|
|
|
|
|
// return
|
|
|
|
|
// }
|
2017-07-31 18:17:30 +01:00
|
|
|
|
|
|
|
|
if !CanChangeDocument(ctx, *h.Store, documentID) {
|
|
|
|
|
response.WriteForbiddenError(w)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
defer streamutil.Close(r.Body)
|
|
|
|
|
body, err := ioutil.ReadAll(r.Body)
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.WriteBadRequestError(w, method, err.Error())
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
d := doc.Document{}
|
|
|
|
|
err = json.Unmarshal(body, &d)
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.WriteBadRequestError(w, method, err.Error())
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
d.RefID = documentID
|
|
|
|
|
|
|
|
|
|
ctx.Transaction, err = h.Runtime.Db.Beginx()
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = h.Store.Document.Update(ctx, d)
|
|
|
|
|
if err != nil {
|
|
|
|
|
ctx.Transaction.Rollback()
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
h.Store.Audit.Record(ctx, audit.EventTypeDocumentUpdate)
|
|
|
|
|
|
|
|
|
|
ctx.Transaction.Commit()
|
|
|
|
|
|
2017-08-15 19:41:44 +01:00
|
|
|
a, _ := h.Store.Attachment.GetAttachments(ctx, documentID)
|
|
|
|
|
go h.Indexer.IndexDocument(ctx, d, a)
|
2017-08-01 10:39:07 +01:00
|
|
|
|
2017-07-31 18:17:30 +01:00
|
|
|
response.WriteEmpty(w)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Delete is an endpoint that deletes a document specified by documentID.
|
|
|
|
|
func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
method := "document.delete"
|
|
|
|
|
ctx := domain.GetRequestContext(r)
|
|
|
|
|
|
|
|
|
|
documentID := request.Param(r, "documentID")
|
|
|
|
|
if len(documentID) == 0 {
|
|
|
|
|
response.WriteMissingDataError(w, method, "documentID")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !CanChangeDocument(ctx, *h.Store, documentID) {
|
|
|
|
|
response.WriteForbiddenError(w)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
doc, err := h.Store.Document.Get(ctx, documentID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctx.Transaction, err = h.Runtime.Db.Beginx()
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_, err = h.Store.Document.Delete(ctx, documentID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
ctx.Transaction.Rollback()
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_, err = h.Store.Pin.DeletePinnedDocument(ctx, documentID)
|
|
|
|
|
if err != nil && err != sql.ErrNoRows {
|
|
|
|
|
ctx.Transaction.Rollback()
|
|
|
|
|
response.WriteServerError(w, method, err)
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-07-31 18:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
h.Store.Link.MarkOrphanDocumentLink(ctx, documentID)
|
|
|
|
|
h.Store.Link.DeleteSourceDocumentLinks(ctx, documentID)
|
|
|
|
|
|
|
|
|
|
h.Store.Activity.RecordUserActivity(ctx, activity.UserActivity{
|
|
|
|
|
LabelID: doc.LabelID,
|
|
|
|
|
SourceID: documentID,
|
|
|
|
|
SourceType: activity.SourceTypeDocument,
|
|
|
|
|
ActivityType: activity.TypeDeleted})
|
|
|
|
|
|
|
|
|
|
h.Store.Audit.Record(ctx, audit.EventTypeDocumentDelete)
|
|
|
|
|
|
|
|
|
|
ctx.Transaction.Commit()
|
|
|
|
|
|
2017-08-15 19:41:44 +01:00
|
|
|
go h.Indexer.DeleteDocument(ctx, documentID)
|
2017-08-01 10:39:07 +01:00
|
|
|
|
2017-07-31 18:17:30 +01:00
|
|
|
response.WriteEmpty(w)
|
|
|
|
|
}
|
2017-08-01 10:39:07 +01:00
|
|
|
|
|
|
|
|
// SearchDocuments endpoint takes a list of keywords and returns a list of document references matching those keywords.
|
|
|
|
|
func (h *Handler) SearchDocuments(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
method := "document.search"
|
|
|
|
|
ctx := domain.GetRequestContext(r)
|
|
|
|
|
|
2017-08-15 14:15:31 +01:00
|
|
|
defer streamutil.Close(r.Body)
|
|
|
|
|
body, err := ioutil.ReadAll(r.Body)
|
2017-08-01 10:39:07 +01:00
|
|
|
if err != nil {
|
|
|
|
|
response.WriteBadRequestError(w, method, err.Error())
|
2017-08-15 14:15:31 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
options := search.QueryOptions{}
|
|
|
|
|
err = json.Unmarshal(body, &options)
|
|
|
|
|
if err != nil {
|
|
|
|
|
response.WriteBadRequestError(w, method, err.Error())
|
|
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-08-01 10:39:07 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2017-08-15 14:15:31 +01:00
|
|
|
results, err := h.Store.Search.Documents(ctx, options)
|
2017-08-01 10:39:07 +01:00
|
|
|
if err != nil {
|
2017-08-03 10:00:24 +01:00
|
|
|
h.Runtime.Log.Error(method, err)
|
2017-08-01 10:39:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Put in slugs for easy UI display of search URL
|
|
|
|
|
for key, result := range results {
|
2017-08-15 14:15:31 +01:00
|
|
|
result.DocumentSlug = stringutil.MakeSlug(result.Document)
|
|
|
|
|
result.SpaceSlug = stringutil.MakeSlug(result.Space)
|
2017-08-01 10:39:07 +01:00
|
|
|
results[key] = result
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(results) == 0 {
|
2017-08-15 14:15:31 +01:00
|
|
|
results = []search.QueryResult{}
|
2017-08-01 10:39:07 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
h.Store.Audit.Record(ctx, audit.EventTypeSearch)
|
|
|
|
|
|
|
|
|
|
response.WriteJSON(w, results)
|
|
|
|
|
}
|
