mirror of
https://github.com/plankanban/planka.git
synced 2025-07-22 14:49:43 +02:00
Maksim Eltyshev
parent
ad7fb51cfa
commit
2ee1166747
1557 changed files with 76832 additions and 47042 deletions
91
server/api/controllers/file-attachments/download.js
Normal file
91
server/api/controllers/file-attachments/download.js
Normal file
|
|
@ -0,0 +1,91 @@
|
|||
/*!
|
||||
* Copyright (c) 2024 PLANKA Software GmbH
|
||||
* Licensed under the Fair Use License: https://github.com/plankanban/planka/blob/master/LICENSE.md
|
||||
*/
|
||||
|
||||
const { idInput } = require('../../../utils/inputs');
|
||||
|
||||
const Errors = {
|
||||
FILE_ATTACHMENT_NOT_FOUND: {
|
||||
fileAttachmentNotFound: 'File attachment not found',
|
||||
},
|
||||
};
|
||||
|
||||
const INLINE_MIME_TYPES_SET = new Set([
|
||||
'application/pdf',
|
||||
'audio/mpeg',
|
||||
'audio/wav',
|
||||
'audio/ogg',
|
||||
'audio/opus',
|
||||
'audio/mp4',
|
||||
'audio/x-aac',
|
||||
'video/mp4',
|
||||
'video/ogg',
|
||||
'video/webm',
|
||||
]);
|
||||
|
||||
module.exports = {
|
||||
inputs: {
|
||||
id: {
|
||||
...idInput,
|
||||
required: true,
|
||||
},
|
||||
},
|
||||
|
||||
exits: {
|
||||
fileAttachmentNotFound: {
|
||||
responseType: 'notFound',
|
||||
},
|
||||
},
|
||||
|
||||
async fn(inputs, exits) {
|
||||
const { currentUser } = this.req;
|
||||
|
||||
const { attachment, board, project } = await sails.helpers.attachments
|
||||
.getPathToProjectById(inputs.id)
|
||||
.intercept('pathNotFound', () => Errors.FILE_ATTACHMENT_NOT_FOUND);
|
||||
|
||||
if (attachment.type !== Attachment.Types.FILE) {
|
||||
throw Errors.FILE_ATTACHMENT_NOT_FOUND;
|
||||
}
|
||||
|
||||
if (currentUser.role !== User.Roles.ADMIN || project.ownerProjectManagerId) {
|
||||
const isProjectManager = await sails.helpers.users.isProjectManager(
|
||||
currentUser.id,
|
||||
project.id,
|
||||
);
|
||||
|
||||
if (!isProjectManager) {
|
||||
const boardMembership = await BoardMembership.qm.getOneByBoardIdAndUserId(
|
||||
board.id,
|
||||
currentUser.id,
|
||||
);
|
||||
|
||||
if (!boardMembership) {
|
||||
throw Errors.FILE_ATTACHMENT_NOT_FOUND; // Forbidden
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const fileManager = sails.hooks['file-manager'].getInstance();
|
||||
|
||||
let readStream;
|
||||
try {
|
||||
readStream = await fileManager.read(
|
||||
`${sails.config.custom.attachmentsPathSegment}/${attachment.data.fileReferenceId}/${attachment.data.filename}`,
|
||||
);
|
||||
} catch (error) {
|
||||
throw Errors.FILE_ATTACHMENT_NOT_FOUND;
|
||||
}
|
||||
|
||||
if (attachment.data.mimeType) {
|
||||
this.res.type(attachment.data.mimeType);
|
||||
}
|
||||
if (!INLINE_MIME_TYPES_SET.has(attachment.data.mimeType) && !attachment.data.image) {
|
||||
this.res.set('Content-Disposition', 'attachment');
|
||||
}
|
||||
this.res.set('Cache-Control', 'private, max-age=900'); // TODO: move to config
|
||||
|
||||
return exits.success(readStream);
|
||||
},
|
||||
};
|
||||
Loading…
Add table
Add a link
Reference in a new issue