mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-10-29 10:06:13 +01:00
endpoint to download user attachments, #6441
This commit is contained in:
Julian Lam
1
build/export/.gitignore
vendored
1
build/export/.gitignore
vendored
@@ -1,2 +1,3 @@
|
|||||||
.
|
.
|
||||||
!.gitignore
|
!.gitignore
|
||||||
|
!README
|
||||||
5
build/export/README
Normal file
5
build/export/README
Normal file
@@ -0,0 +1,5 @@
|
|||||||
|
This directory contains archives of user uploads that are prepared on-demand
|
||||||
|
when a user wants to retrieve a copy of their uploaded content.
|
||||||
|
|
||||||
|
You can delete the files in here at will. They will just be regenerated if
|
||||||
|
requested again.
|
||||||
@@ -1,12 +1,17 @@
|
|||||||
'use strict';
|
'use strict';
|
||||||
|
|
||||||
var async = require('async');
|
var async = require('async');
|
||||||
|
var path = require('path');
|
||||||
|
var fs = require('fs');
|
||||||
|
var winston = require('winston');
|
||||||
var converter = require('json-2-csv');
|
var converter = require('json-2-csv');
|
||||||
|
var archiver = require('archiver');
|
||||||
|
|
||||||
var user = require('../user');
|
var user = require('../user');
|
||||||
var meta = require('../meta');
|
var meta = require('../meta');
|
||||||
var posts = require('../posts');
|
var posts = require('../posts');
|
||||||
var batch = require('../batch');
|
var batch = require('../batch');
|
||||||
|
var events = require('../events');
|
||||||
var accountHelpers = require('./accounts/helpers');
|
var accountHelpers = require('./accounts/helpers');
|
||||||
|
|
||||||
var userController = module.exports;
|
var userController = module.exports;
|
||||||
@@ -133,3 +138,84 @@ userController.exportPosts = function (req, res, next) {
|
|||||||
res.set('Content-Type', 'text/csv').set('Content-Disposition', 'attachment; filename="' + req.params.uid + '_posts.csv"').send(csv);
|
res.set('Content-Type', 'text/csv').set('Content-Disposition', 'attachment; filename="' + req.params.uid + '_posts.csv"').send(csv);
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
userController.exportUploads = function (req, res, next) {
|
||||||
|
const archivePath = path.join(__dirname, '../../build/export', req.params.uid + '_uploads.zip');
|
||||||
|
const archive = archiver('zip', {
|
||||||
|
zlib: { level: 9 }, // Sets the compression level.
|
||||||
|
});
|
||||||
|
const maxAge = 1000 * 60 * 60 * 24; // 1 day
|
||||||
|
|
||||||
|
const rootDirectory = path.join(__dirname, '../../public/uploads/');
|
||||||
|
const trimPath = function (path) {
|
||||||
|
return path.replace(rootDirectory, '');
|
||||||
|
};
|
||||||
|
let isFresh = false;
|
||||||
|
const sendFile = function () {
|
||||||
|
events.log({
|
||||||
|
type: 'export:uploads',
|
||||||
|
uid: req.uid,
|
||||||
|
targetUid: req.params.uid,
|
||||||
|
ip: req.ip,
|
||||||
|
fresh: isFresh,
|
||||||
|
});
|
||||||
|
|
||||||
|
res.sendFile(req.params.uid + '_uploads.zip', {
|
||||||
|
root: path.join(__dirname, '../../build/export'),
|
||||||
|
headers: {
|
||||||
|
'Content-Disposition': 'attachment; filename=' + req.params.uid + '_uploads.zip',
|
||||||
|
maxAge: maxAge,
|
||||||
|
},
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
// Check for existing file, if exists and is < 1 day in age, send this instead
|
||||||
|
try {
|
||||||
|
fs.accessSync(archivePath, fs.constants.F_OK | fs.constants.R_OK);
|
||||||
|
isFresh = (Date.now() - fs.statSync(archivePath).mtimeMs) < maxAge;
|
||||||
|
if (isFresh) {
|
||||||
|
return sendFile();
|
||||||
|
}
|
||||||
|
} catch (err) {
|
||||||
|
// File doesn't exist, continue
|
||||||
|
}
|
||||||
|
|
||||||
|
const output = fs.createWriteStream(archivePath);
|
||||||
|
output.on('close', sendFile);
|
||||||
|
|
||||||
|
archive.on('warning', function (err) {
|
||||||
|
switch (err.code) {
|
||||||
|
case 'ENOENT':
|
||||||
|
winston.warn('[user/export/uploads] File not found: ' + trimPath(err.path));
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
winston.warn('[user/export/uploads] Unexpected warning: ' + err.message);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
archive.on('error', function (err) {
|
||||||
|
switch (err.code) {
|
||||||
|
case 'EACCES':
|
||||||
|
winston.error('[user/export/uploads] File inaccessible: ' + trimPath(err.path));
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
winston.error('[user/export/uploads] Unable to construct archive: ' + err.message);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
res.sendStatus(500);
|
||||||
|
});
|
||||||
|
|
||||||
|
archive.pipe(output);
|
||||||
|
winston.info('[user/export/uploads] Collating uploads for uid ' + req.params.uid);
|
||||||
|
user.collateUploads(req.params.uid, archive, function (err) {
|
||||||
|
if (err) {
|
||||||
|
return next(err);
|
||||||
|
}
|
||||||
|
|
||||||
|
archive.finalize();
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|||||||
@@ -12,6 +12,10 @@ var utils = require('./utils');
|
|||||||
|
|
||||||
var events = module.exports;
|
var events = module.exports;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Useful options in data: type, uid, ip, targetUid
|
||||||
|
* Everything else gets stringified and shown as pretty JSON string
|
||||||
|
*/
|
||||||
events.log = function (data, callback) {
|
events.log = function (data, callback) {
|
||||||
callback = callback || function () {};
|
callback = callback || function () {};
|
||||||
|
|
||||||
|
|||||||
@@ -16,6 +16,7 @@ module.exports = function (app, middleware, controllers) {
|
|||||||
router.get('/user/email/:email', middleware.checkGlobalPrivacySettings, controllers.user.getUserByEmail);
|
router.get('/user/email/:email', middleware.checkGlobalPrivacySettings, controllers.user.getUserByEmail);
|
||||||
|
|
||||||
router.get('/user/uid/:uid/export/posts', middleware.checkAccountPermissions, controllers.user.exportPosts);
|
router.get('/user/uid/:uid/export/posts', middleware.checkAccountPermissions, controllers.user.exportPosts);
|
||||||
|
router.get('/user/uid/:uid/export/uploads', middleware.checkAccountPermissions, controllers.user.exportUploads);
|
||||||
|
|
||||||
router.get('/:type/pid/:id', controllers.api.getObject);
|
router.get('/:type/pid/:id', controllers.api.getObject);
|
||||||
router.get('/:type/tid/:id', controllers.api.getObject);
|
router.get('/:type/tid/:id', controllers.api.getObject);
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ var nconf = require('nconf');
|
|||||||
|
|
||||||
var db = require('../database');
|
var db = require('../database');
|
||||||
var file = require('../file');
|
var file = require('../file');
|
||||||
|
var batch = require('../batch');
|
||||||
|
|
||||||
module.exports = function (User) {
|
module.exports = function (User) {
|
||||||
User.deleteUpload = function (callerUid, uid, uploadName, callback) {
|
User.deleteUpload = function (callerUid, uid, uploadName, callback) {
|
||||||
@@ -32,4 +33,18 @@ module.exports = function (User) {
|
|||||||
},
|
},
|
||||||
], callback);
|
], callback);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
User.collateUploads = function (uid, archive, callback) {
|
||||||
|
batch.processSortedSet('uid:' + uid + ':uploads', function (files, next) {
|
||||||
|
files.forEach(function (file) {
|
||||||
|
archive.file(path.join(nconf.get('upload_path'), file), {
|
||||||
|
name: path.basename(file),
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
setImmediate(next);
|
||||||
|
}, function (err) {
|
||||||
|
callback(err);
|
||||||
|
});
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
Reference in New Issue
Block a user