mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-10-26 01:26:12 +02:00
endpoint to download user attachments, #6441
This commit is contained in:
Julian Lam
1
build/export/.gitignore
vendored
1
build/export/.gitignore
vendored
@@ -1,2 +1,3 @@
|
||||
.
|
||||
!.gitignore
|
||||
!README
|
||||
5
build/export/README
Normal file
5
build/export/README
Normal file
@@ -0,0 +1,5 @@
|
||||
This directory contains archives of user uploads that are prepared on-demand
|
||||
when a user wants to retrieve a copy of their uploaded content.
|
||||
|
||||
You can delete the files in here at will. They will just be regenerated if
|
||||
requested again.
|
||||
@@ -1,12 +1,17 @@
|
||||
'use strict';
|
||||
|
||||
var async = require('async');
|
||||
var path = require('path');
|
||||
var fs = require('fs');
|
||||
var winston = require('winston');
|
||||
var converter = require('json-2-csv');
|
||||
var archiver = require('archiver');
|
||||
|
||||
var user = require('../user');
|
||||
var meta = require('../meta');
|
||||
var posts = require('../posts');
|
||||
var batch = require('../batch');
|
||||
var events = require('../events');
|
||||
var accountHelpers = require('./accounts/helpers');
|
||||
|
||||
var userController = module.exports;
|
||||
@@ -133,3 +138,84 @@ userController.exportPosts = function (req, res, next) {
|
||||
res.set('Content-Type', 'text/csv').set('Content-Disposition', 'attachment; filename="' + req.params.uid + '_posts.csv"').send(csv);
|
||||
});
|
||||
};
|
||||
|
||||
userController.exportUploads = function (req, res, next) {
|
||||
const archivePath = path.join(__dirname, '../../build/export', req.params.uid + '_uploads.zip');
|
||||
const archive = archiver('zip', {
|
||||
zlib: { level: 9 }, // Sets the compression level.
|
||||
});
|
||||
const maxAge = 1000 * 60 * 60 * 24; // 1 day
|
||||
|
||||
const rootDirectory = path.join(__dirname, '../../public/uploads/');
|
||||
const trimPath = function (path) {
|
||||
return path.replace(rootDirectory, '');
|
||||
};
|
||||
let isFresh = false;
|
||||
const sendFile = function () {
|
||||
events.log({
|
||||
type: 'export:uploads',
|
||||
uid: req.uid,
|
||||
targetUid: req.params.uid,
|
||||
ip: req.ip,
|
||||
fresh: isFresh,
|
||||
});
|
||||
|
||||
res.sendFile(req.params.uid + '_uploads.zip', {
|
||||
root: path.join(__dirname, '../../build/export'),
|
||||
headers: {
|
||||
'Content-Disposition': 'attachment; filename=' + req.params.uid + '_uploads.zip',
|
||||
maxAge: maxAge,
|
||||
},
|
||||
});
|
||||
};
|
||||
|
||||
// Check for existing file, if exists and is < 1 day in age, send this instead
|
||||
try {
|
||||
fs.accessSync(archivePath, fs.constants.F_OK | fs.constants.R_OK);
|
||||
isFresh = (Date.now() - fs.statSync(archivePath).mtimeMs) < maxAge;
|
||||
if (isFresh) {
|
||||
return sendFile();
|
||||
}
|
||||
} catch (err) {
|
||||
// File doesn't exist, continue
|
||||
}
|
||||
|
||||
const output = fs.createWriteStream(archivePath);
|
||||
output.on('close', sendFile);
|
||||
|
||||
archive.on('warning', function (err) {
|
||||
switch (err.code) {
|
||||
case 'ENOENT':
|
||||
winston.warn('[user/export/uploads] File not found: ' + trimPath(err.path));
|
||||
break;
|
||||
|
||||
default:
|
||||
winston.warn('[user/export/uploads] Unexpected warning: ' + err.message);
|
||||
break;
|
||||
}
|
||||
});
|
||||
|
||||
archive.on('error', function (err) {
|
||||
switch (err.code) {
|
||||
case 'EACCES':
|
||||
winston.error('[user/export/uploads] File inaccessible: ' + trimPath(err.path));
|
||||
break;
|
||||
|
||||
default:
|
||||
winston.error('[user/export/uploads] Unable to construct archive: ' + err.message);
|
||||
break;
|
||||
}
|
||||
|
||||
res.sendStatus(500);
|
||||
});
|
||||
|
||||
archive.pipe(output);
|
||||
winston.info('[user/export/uploads] Collating uploads for uid ' + req.params.uid);
|
||||
user.collateUploads(req.params.uid, archive, function (err) {
|
||||
if (err) {
|
||||
return next(err);
|
||||
}
|
||||
|
||||
archive.finalize();
|
||||
});
|
||||
};
|
||||
|
||||
@@ -12,6 +12,10 @@ var utils = require('./utils');
|
||||
|
||||
var events = module.exports;
|
||||
|
||||
/**
|
||||
* Useful options in data: type, uid, ip, targetUid
|
||||
* Everything else gets stringified and shown as pretty JSON string
|
||||
*/
|
||||
events.log = function (data, callback) {
|
||||
callback = callback || function () {};
|
||||
|
||||
|
||||
@@ -16,6 +16,7 @@ module.exports = function (app, middleware, controllers) {
|
||||
router.get('/user/email/:email', middleware.checkGlobalPrivacySettings, controllers.user.getUserByEmail);
|
||||
|
||||
router.get('/user/uid/:uid/export/posts', middleware.checkAccountPermissions, controllers.user.exportPosts);
|
||||
router.get('/user/uid/:uid/export/uploads', middleware.checkAccountPermissions, controllers.user.exportUploads);
|
||||
|
||||
router.get('/:type/pid/:id', controllers.api.getObject);
|
||||
router.get('/:type/tid/:id', controllers.api.getObject);
|
||||
|
||||
@@ -6,6 +6,7 @@ var nconf = require('nconf');
|
||||
|
||||
var db = require('../database');
|
||||
var file = require('../file');
|
||||
var batch = require('../batch');
|
||||
|
||||
module.exports = function (User) {
|
||||
User.deleteUpload = function (callerUid, uid, uploadName, callback) {
|
||||
@@ -32,4 +33,18 @@ module.exports = function (User) {
|
||||
},
|
||||
], callback);
|
||||
};
|
||||
|
||||
User.collateUploads = function (uid, archive, callback) {
|
||||
batch.processSortedSet('uid:' + uid + ':uploads', function (files, next) {
|
||||
files.forEach(function (file) {
|
||||
archive.file(path.join(nconf.get('upload_path'), file), {
|
||||
name: path.basename(file),
|
||||
});
|
||||
});
|
||||
|
||||
setImmediate(next);
|
||||
}, function (err) {
|
||||
callback(err);
|
||||
});
|
||||
};
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user