mirror of
https://github.com/plankanban/planka.git
synced 2025-07-19 05:09:43 +02:00
13f0a68523
This involves a couple primary changes: 1) to make Sails' temporary file-upload directory a configurable location by using a common file-upload-receiving helper; 2) to create custom static routes for the file-upload locations, so they can be outside the application's public directory; and 3) to use the file-uploading handler everywhere that receives files, so config for the helper is applied to all file uploads consistently. This is sufficient to allow the application directory to be deployed read- only, with writable storage used for file uploads. The new config property for Sails' temporary upload directory, combined with the existing settings for user-avatar and background-image locations are sufficient to handle uploads; the new custom routes handle serving those files from external locations. The default behavior of the application should be unchanged, with files uploaded to, and served from, the public directory if the relevant config properties aren't set to other values.
97 lines
2 KiB
JavaScript
Executable file
97 lines
2 KiB
JavaScript
Executable file
const rimraf = require('rimraf');
|
|
|
|
const Errors = {
|
|
USER_NOT_FOUND: {
|
|
userNotFound: 'User not found',
|
|
},
|
|
NO_FILE_WAS_UPLOADED: {
|
|
noFileWasUploaded: 'No file was uploaded',
|
|
},
|
|
FILE_IS_NOT_IMAGE: {
|
|
fileIsNotImage: 'File is not image',
|
|
},
|
|
};
|
|
|
|
module.exports = {
|
|
inputs: {
|
|
id: {
|
|
type: 'string',
|
|
regex: /^[0-9]+$/,
|
|
required: true,
|
|
},
|
|
},
|
|
|
|
exits: {
|
|
userNotFound: {
|
|
responseType: 'notFound',
|
|
},
|
|
noFileWasUploaded: {
|
|
responseType: 'unprocessableEntity',
|
|
},
|
|
fileIsNotImage: {
|
|
responseType: 'unprocessableEntity',
|
|
},
|
|
uploadError: {
|
|
responseType: 'unprocessableEntity',
|
|
},
|
|
},
|
|
|
|
async fn(inputs, exits) {
|
|
const { currentUser } = this.req;
|
|
|
|
let user;
|
|
if (currentUser.isAdmin) {
|
|
user = await sails.helpers.users.getOne(inputs.id);
|
|
|
|
if (!user) {
|
|
throw Errors.USER_NOT_FOUND;
|
|
}
|
|
} else if (inputs.id !== currentUser.id) {
|
|
throw Errors.USER_NOT_FOUND; // Forbidden
|
|
} else {
|
|
user = currentUser;
|
|
}
|
|
|
|
let files;
|
|
try {
|
|
files = await sails.helpers.utils.receiveFile('file', this.req);
|
|
} catch (error) {
|
|
return exits.uploadError(error.message); // TODO: add error
|
|
}
|
|
|
|
if (files.length === 0) {
|
|
throw Errors.NO_FILE_WAS_UPLOADED;
|
|
}
|
|
|
|
const file = _.last(files);
|
|
|
|
const fileData = await sails.helpers.users
|
|
.processUploadedAvatarFile(file)
|
|
.intercept('fileIsNotImage', () => {
|
|
try {
|
|
rimraf.sync(file.fd);
|
|
} catch (error) {
|
|
console.warn(error.stack); // eslint-disable-line no-console
|
|
}
|
|
|
|
return Errors.FILE_IS_NOT_IMAGE;
|
|
});
|
|
|
|
user = await sails.helpers.users.updateOne.with({
|
|
record: user,
|
|
values: {
|
|
avatar: fileData,
|
|
},
|
|
actorUser: currentUser,
|
|
request: this.req,
|
|
});
|
|
|
|
if (!user) {
|
|
throw Errors.USER_NOT_FOUND;
|
|
}
|
|
|
|
return exits.success({
|
|
item: user,
|
|
});
|
|
},
|
|
};
|