2015-10-08 12:27:09 -04:00
|
|
|
// Copyright (c) 2015 Mattermost, Inc. All Rights Reserved.
|
2015-06-14 23:53:32 -08:00
|
|
|
// See License.txt for license information.
|
|
|
|
|
|
|
|
|
|
package api
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bytes"
|
|
|
|
|
"fmt"
|
2016-01-11 09:12:51 -06:00
|
|
|
l4g "github.com/alecthomas/log4go"
|
2015-09-23 15:57:49 -07:00
|
|
|
"github.com/disintegration/imaging"
|
2015-06-14 23:53:32 -08:00
|
|
|
"github.com/goamz/goamz/aws"
|
|
|
|
|
"github.com/goamz/goamz/s3"
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
|
"github.com/mattermost/platform/model"
|
|
|
|
|
"github.com/mattermost/platform/utils"
|
2015-09-25 11:46:43 -04:00
|
|
|
"github.com/mssola/user_agent"
|
2015-09-17 11:09:13 -04:00
|
|
|
"github.com/rwcarlsen/goexif/exif"
|
2015-07-08 11:50:10 -04:00
|
|
|
_ "golang.org/x/image/bmp"
|
2015-06-14 23:53:32 -08:00
|
|
|
"image"
|
2015-09-24 08:33:15 -07:00
|
|
|
"image/color"
|
|
|
|
|
"image/draw"
|
2015-06-14 23:53:32 -08:00
|
|
|
_ "image/gif"
|
|
|
|
|
"image/jpeg"
|
|
|
|
|
"io"
|
2015-07-16 08:54:09 -04:00
|
|
|
"io/ioutil"
|
2015-06-14 23:53:32 -08:00
|
|
|
"net/http"
|
|
|
|
|
"net/url"
|
2015-07-16 08:54:09 -04:00
|
|
|
"os"
|
2015-06-14 23:53:32 -08:00
|
|
|
"path/filepath"
|
|
|
|
|
"strconv"
|
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
|
|
|
|
)
|
|
|
|
|
|
2015-09-18 18:00:09 -04:00
|
|
|
const (
|
|
|
|
|
/*
|
|
|
|
|
EXIF Image Orientations
|
|
|
|
|
1 2 3 4 5 6 7 8
|
|
|
|
|
|
|
|
|
|
888888 888888 88 88 8888888888 88 88 8888888888
|
|
|
|
|
88 88 88 88 88 88 88 88 88 88 88 88
|
|
|
|
|
8888 8888 8888 8888 88 8888888888 8888888888 88
|
|
|
|
|
88 88 88 88
|
|
|
|
|
88 88 888888 888888
|
|
|
|
|
*/
|
|
|
|
|
Upright = 1
|
|
|
|
|
UprightMirrored = 2
|
|
|
|
|
UpsideDown = 3
|
|
|
|
|
UpsideDownMirrored = 4
|
|
|
|
|
RotatedCWMirrored = 5
|
|
|
|
|
RotatedCCW = 6
|
|
|
|
|
RotatedCCWMirrored = 7
|
|
|
|
|
RotatedCW = 8
|
2015-10-26 14:38:46 -04:00
|
|
|
|
2016-03-07 14:37:19 -05:00
|
|
|
MaxImageSize = 6048 * 4032 // 24 megapixels, roughly 36MB as a raw image
|
2015-09-18 18:00:09 -04:00
|
|
|
)
|
|
|
|
|
|
2015-08-24 15:03:52 -07:00
|
|
|
var fileInfoCache *utils.Cache = utils.NewLru(1000)
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
func InitFile() {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Debug(utils.T("api.file.init.debug"))
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
BaseRoutes.Files.Handle("/upload", ApiUserRequired(uploadFile)).Methods("POST")
|
|
|
|
|
BaseRoutes.Files.Handle("/get/{channel_id:[A-Za-z0-9]+}/{user_id:[A-Za-z0-9]+}/{filename:([A-Za-z0-9]+/)?.+(\\.[A-Za-z0-9]{3,})?}", ApiAppHandlerTrustRequester(getFile)).Methods("GET")
|
|
|
|
|
BaseRoutes.Files.Handle("/get_info/{channel_id:[A-Za-z0-9]+}/{user_id:[A-Za-z0-9]+}/{filename:([A-Za-z0-9]+/)?.+(\\.[A-Za-z0-9]{3,})?}", ApiAppHandler(getFileInfo)).Methods("GET")
|
|
|
|
|
BaseRoutes.Files.Handle("/get_public_link", ApiUserRequired(getPublicLink)).Methods("POST")
|
|
|
|
|
BaseRoutes.Files.Handle("/get_export", ApiUserRequired(getExport)).Methods("GET")
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func uploadFile(c *Context, w http.ResponseWriter, r *http.Request) {
|
2015-09-23 13:47:10 -07:00
|
|
|
if len(utils.Cfg.FileSettings.DriverName) == 0 {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("uploadFile", "api.file.upload_file.storage.app_error", nil, "")
|
2015-06-14 23:53:32 -08:00
|
|
|
c.Err.StatusCode = http.StatusNotImplemented
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-14 16:04:10 -05:00
|
|
|
if r.ContentLength > model.MAX_FILE_SIZE {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("uploadFile", "api.file.upload_file.too_large.app_error", nil, "")
|
2015-12-14 16:04:10 -05:00
|
|
|
c.Err.StatusCode = http.StatusRequestEntityTooLarge
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-14 23:53:32 -08:00
|
|
|
err := r.ParseMultipartForm(model.MAX_FILE_SIZE)
|
|
|
|
|
if err != nil {
|
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
m := r.MultipartForm
|
|
|
|
|
|
|
|
|
|
props := m.Value
|
|
|
|
|
|
|
|
|
|
if len(props["channel_id"]) == 0 {
|
|
|
|
|
c.SetInvalidParam("uploadFile", "channel_id")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
channelId := props["channel_id"][0]
|
|
|
|
|
if len(channelId) == 0 {
|
|
|
|
|
c.SetInvalidParam("uploadFile", "channel_id")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
cchan := Srv.Store.Channel().CheckPermissionsTo(c.TeamId, channelId, c.Session.UserId)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
files := m.File["files"]
|
|
|
|
|
|
|
|
|
|
resStruct := &model.FileUploadResponse{
|
2015-08-10 12:05:45 -04:00
|
|
|
Filenames: []string{},
|
|
|
|
|
ClientIds: []string{},
|
|
|
|
|
}
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
imageNameList := []string{}
|
|
|
|
|
imageDataList := [][]byte{}
|
|
|
|
|
|
|
|
|
|
if !c.HasPermissionsToChannel(cchan, "uploadFile") {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-17 09:01:33 -04:00
|
|
|
for i := range files {
|
2015-06-14 23:53:32 -08:00
|
|
|
file, err := files[i].Open()
|
|
|
|
|
defer file.Close()
|
|
|
|
|
if err != nil {
|
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buf := bytes.NewBuffer(nil)
|
|
|
|
|
io.Copy(buf, file)
|
|
|
|
|
|
2015-07-21 15:18:17 -04:00
|
|
|
filename := filepath.Base(files[i].Filename)
|
|
|
|
|
|
2015-06-14 23:53:32 -08:00
|
|
|
uid := model.NewId()
|
|
|
|
|
|
2015-10-26 14:38:46 -04:00
|
|
|
if model.IsFileExtImage(filepath.Ext(files[i].Filename)) {
|
|
|
|
|
imageNameList = append(imageNameList, uid+"/"+filename)
|
|
|
|
|
imageDataList = append(imageDataList, buf.Bytes())
|
|
|
|
|
|
|
|
|
|
// Decode image config first to check dimensions before loading the whole thing into memory later on
|
|
|
|
|
config, _, err := image.DecodeConfig(bytes.NewReader(buf.Bytes()))
|
|
|
|
|
if err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("uploadFile", "api.file.upload_file.image.app_error", nil, err.Error())
|
2015-10-26 14:38:46 -04:00
|
|
|
return
|
|
|
|
|
} else if config.Width*config.Height > MaxImageSize {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("uploadFile", "api.file.upload_file.large_image.app_error", nil, c.T("api.file.file_upload.exceeds"))
|
2015-10-26 14:38:46 -04:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
path := "teams/" + c.TeamId + "/channels/" + channelId + "/users/" + c.Session.UserId + "/" + uid + "/" + filename
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2016-04-11 13:45:03 -04:00
|
|
|
if err := WriteFile(buf.Bytes(), path); err != nil {
|
2015-07-16 08:54:09 -04:00
|
|
|
c.Err = err
|
|
|
|
|
return
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2015-07-21 15:18:17 -04:00
|
|
|
encName := utils.UrlEncode(filename)
|
2015-07-17 15:55:06 -04:00
|
|
|
|
|
|
|
|
fileUrl := "/" + channelId + "/" + c.Session.UserId + "/" + uid + "/" + encName
|
2015-06-14 23:53:32 -08:00
|
|
|
resStruct.Filenames = append(resStruct.Filenames, fileUrl)
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-10 12:05:45 -04:00
|
|
|
for _, clientId := range props["client_ids"] {
|
|
|
|
|
resStruct.ClientIds = append(resStruct.ClientIds, clientId)
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
handleImagesAndForget(imageNameList, imageDataList, c.TeamId, channelId, c.Session.UserId)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
w.Write([]byte(resStruct.ToJson()))
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-14 16:56:13 -07:00
|
|
|
func handleImagesAndForget(filenames []string, fileData [][]byte, teamId, channelId, userId string) {
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
go func() {
|
|
|
|
|
dest := "teams/" + teamId + "/channels/" + channelId + "/users/" + userId + "/"
|
|
|
|
|
|
|
|
|
|
for i, filename := range filenames {
|
|
|
|
|
name := filename[:strings.LastIndex(filename, ".")]
|
|
|
|
|
go func() {
|
|
|
|
|
// Decode image bytes into Image object
|
2015-09-24 08:33:15 -07:00
|
|
|
img, imgType, err := image.Decode(bytes.NewReader(fileData[i]))
|
2015-06-14 23:53:32 -08:00
|
|
|
if err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Error(utils.T("api.file.handle_images_forget.decode.error"), channelId, userId, filename, err)
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-17 11:09:13 -04:00
|
|
|
width := img.Bounds().Dx()
|
|
|
|
|
height := img.Bounds().Dy()
|
|
|
|
|
|
|
|
|
|
// Get the image's orientation and ignore any errors since not all images will have orientation data
|
|
|
|
|
orientation, _ := getImageOrientation(fileData[i])
|
|
|
|
|
|
2015-09-24 08:33:15 -07:00
|
|
|
if imgType == "png" {
|
|
|
|
|
dst := image.NewRGBA(img.Bounds())
|
|
|
|
|
draw.Draw(dst, dst.Bounds(), image.NewUniform(color.White), image.Point{}, draw.Src)
|
|
|
|
|
draw.Draw(dst, dst.Bounds(), img, img.Bounds().Min, draw.Over)
|
|
|
|
|
img = dst
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-18 18:00:09 -04:00
|
|
|
switch orientation {
|
2015-09-23 15:57:49 -07:00
|
|
|
case UprightMirrored:
|
|
|
|
|
img = imaging.FlipH(img)
|
|
|
|
|
case UpsideDown:
|
|
|
|
|
img = imaging.Rotate180(img)
|
|
|
|
|
case UpsideDownMirrored:
|
|
|
|
|
img = imaging.FlipV(img)
|
|
|
|
|
case RotatedCWMirrored:
|
|
|
|
|
img = imaging.Transpose(img)
|
|
|
|
|
case RotatedCCW:
|
|
|
|
|
img = imaging.Rotate270(img)
|
|
|
|
|
case RotatedCCWMirrored:
|
|
|
|
|
img = imaging.Transverse(img)
|
|
|
|
|
case RotatedCW:
|
|
|
|
|
img = imaging.Rotate90(img)
|
2015-09-17 11:09:13 -04:00
|
|
|
}
|
|
|
|
|
|
2015-06-14 23:53:32 -08:00
|
|
|
// Create thumbnail
|
|
|
|
|
go func() {
|
2015-09-23 13:47:10 -07:00
|
|
|
thumbWidth := float64(utils.Cfg.FileSettings.ThumbnailWidth)
|
|
|
|
|
thumbHeight := float64(utils.Cfg.FileSettings.ThumbnailHeight)
|
2015-09-17 11:09:13 -04:00
|
|
|
imgWidth := float64(width)
|
|
|
|
|
imgHeight := float64(height)
|
2015-07-29 10:09:11 -04:00
|
|
|
|
2015-06-14 23:53:32 -08:00
|
|
|
var thumbnail image.Image
|
2015-07-29 10:09:11 -04:00
|
|
|
if imgHeight < thumbHeight && imgWidth < thumbWidth {
|
2015-06-14 23:53:32 -08:00
|
|
|
thumbnail = img
|
2015-07-29 10:09:11 -04:00
|
|
|
} else if imgHeight/imgWidth < thumbHeight/thumbWidth {
|
2015-09-23 15:57:49 -07:00
|
|
|
thumbnail = imaging.Resize(img, 0, utils.Cfg.FileSettings.ThumbnailHeight, imaging.Lanczos)
|
2015-07-29 10:09:11 -04:00
|
|
|
} else {
|
2015-09-23 15:57:49 -07:00
|
|
|
thumbnail = imaging.Resize(img, utils.Cfg.FileSettings.ThumbnailWidth, 0, imaging.Lanczos)
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buf := new(bytes.Buffer)
|
|
|
|
|
err = jpeg.Encode(buf, thumbnail, &jpeg.Options{Quality: 90})
|
|
|
|
|
if err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Error(utils.T("api.file.handle_images_forget.encode_jpeg.error"), channelId, userId, filename, err)
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-11 13:45:03 -04:00
|
|
|
if err := WriteFile(buf.Bytes(), dest+name+"_thumb.jpg"); err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Error(utils.T("api.file.handle_images_forget.upload_thumb.error"), channelId, userId, filename, err)
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
|
|
|
|
|
// Create preview
|
|
|
|
|
go func() {
|
|
|
|
|
var preview image.Image
|
2015-09-23 13:47:10 -07:00
|
|
|
if width > int(utils.Cfg.FileSettings.PreviewWidth) {
|
2015-09-23 15:57:49 -07:00
|
|
|
preview = imaging.Resize(img, utils.Cfg.FileSettings.PreviewWidth, utils.Cfg.FileSettings.PreviewHeight, imaging.Lanczos)
|
2015-06-14 23:53:32 -08:00
|
|
|
} else {
|
|
|
|
|
preview = img
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buf := new(bytes.Buffer)
|
|
|
|
|
|
2015-07-16 08:54:09 -04:00
|
|
|
err = jpeg.Encode(buf, preview, &jpeg.Options{Quality: 90})
|
2015-06-14 23:53:32 -08:00
|
|
|
if err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Error(utils.T("api.file.handle_images_forget.encode_preview.error"), channelId, userId, filename, err)
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-11 13:45:03 -04:00
|
|
|
if err := WriteFile(buf.Bytes(), dest+name+"_preview.jpg"); err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
l4g.Error(utils.T("api.file.handle_images_forget.upload_preview.error"), channelId, userId, filename, err)
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-17 11:09:13 -04:00
|
|
|
func getImageOrientation(imageData []byte) (int, error) {
|
|
|
|
|
if exifData, err := exif.Decode(bytes.NewReader(imageData)); err != nil {
|
2015-09-18 18:00:09 -04:00
|
|
|
return Upright, err
|
2015-09-17 11:09:13 -04:00
|
|
|
} else {
|
|
|
|
|
if tag, err := exifData.Get("Orientation"); err != nil {
|
2015-09-18 18:00:09 -04:00
|
|
|
return Upright, err
|
2015-09-17 11:09:13 -04:00
|
|
|
} else {
|
|
|
|
|
orientation, err := tag.Int(0)
|
|
|
|
|
if err != nil {
|
2015-09-18 18:00:09 -04:00
|
|
|
return Upright, err
|
2015-09-17 11:09:13 -04:00
|
|
|
} else {
|
|
|
|
|
return orientation, nil
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-14 23:53:32 -08:00
|
|
|
type ImageGetResult struct {
|
|
|
|
|
Error error
|
|
|
|
|
ImageData []byte
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-24 15:03:52 -07:00
|
|
|
func getFileInfo(c *Context, w http.ResponseWriter, r *http.Request) {
|
2015-09-23 13:47:10 -07:00
|
|
|
if len(utils.Cfg.FileSettings.DriverName) == 0 {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("uploadFile", "api.file.upload_file.storage.app_error", nil, "")
|
2015-08-24 15:03:52 -07:00
|
|
|
c.Err.StatusCode = http.StatusNotImplemented
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
params := mux.Vars(r)
|
|
|
|
|
|
|
|
|
|
channelId := params["channel_id"]
|
|
|
|
|
if len(channelId) != 26 {
|
|
|
|
|
c.SetInvalidParam("getFileInfo", "channel_id")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userId := params["user_id"]
|
|
|
|
|
if len(userId) != 26 {
|
|
|
|
|
c.SetInvalidParam("getFileInfo", "user_id")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
filename := params["filename"]
|
|
|
|
|
if len(filename) == 0 {
|
|
|
|
|
c.SetInvalidParam("getFileInfo", "filename")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
cchan := Srv.Store.Channel().CheckPermissionsTo(c.TeamId, channelId, c.Session.UserId)
|
2015-08-24 15:03:52 -07:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
path := "teams/" + c.TeamId + "/channels/" + channelId + "/users/" + userId + "/" + filename
|
2015-12-16 16:48:34 -05:00
|
|
|
var info *model.FileInfo
|
2015-08-24 15:03:52 -07:00
|
|
|
|
2015-12-16 16:48:34 -05:00
|
|
|
if cached, ok := fileInfoCache.Get(path); ok {
|
|
|
|
|
info = cached.(*model.FileInfo)
|
2015-08-24 15:03:52 -07:00
|
|
|
} else {
|
|
|
|
|
fileData := make(chan []byte)
|
2015-10-14 16:56:13 -07:00
|
|
|
getFileAndForget(path, fileData)
|
2015-08-24 15:03:52 -07:00
|
|
|
|
2015-12-16 16:48:34 -05:00
|
|
|
newInfo, err := model.GetInfoForBytes(filename, <-fileData)
|
|
|
|
|
if err != nil {
|
|
|
|
|
c.Err = err
|
2015-08-24 15:03:52 -07:00
|
|
|
return
|
2015-12-16 16:48:34 -05:00
|
|
|
} else {
|
|
|
|
|
fileInfoCache.Add(path, newInfo)
|
|
|
|
|
info = newInfo
|
2015-08-24 15:03:52 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !c.HasPermissionsToChannel(cchan, "getFileInfo") {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
w.Header().Set("Cache-Control", "max-age=2592000, public")
|
|
|
|
|
|
2015-12-16 16:48:34 -05:00
|
|
|
w.Write([]byte(info.ToJson()))
|
2015-08-24 15:03:52 -07:00
|
|
|
}
|
|
|
|
|
|
2015-06-14 23:53:32 -08:00
|
|
|
func getFile(c *Context, w http.ResponseWriter, r *http.Request) {
|
2015-09-23 13:47:10 -07:00
|
|
|
if len(utils.Cfg.FileSettings.DriverName) == 0 {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("uploadFile", "api.file.upload_file.storage.app_error", nil, "")
|
2015-06-14 23:53:32 -08:00
|
|
|
c.Err.StatusCode = http.StatusNotImplemented
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
params := mux.Vars(r)
|
|
|
|
|
|
|
|
|
|
channelId := params["channel_id"]
|
|
|
|
|
if len(channelId) != 26 {
|
|
|
|
|
c.SetInvalidParam("getFile", "channel_id")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userId := params["user_id"]
|
|
|
|
|
if len(userId) != 26 {
|
|
|
|
|
c.SetInvalidParam("getFile", "user_id")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
filename := params["filename"]
|
|
|
|
|
if len(filename) == 0 {
|
|
|
|
|
c.SetInvalidParam("getFile", "filename")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hash := r.URL.Query().Get("h")
|
|
|
|
|
data := r.URL.Query().Get("d")
|
|
|
|
|
teamId := r.URL.Query().Get("t")
|
|
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
cchan := Srv.Store.Channel().CheckPermissionsTo(c.TeamId, channelId, c.Session.UserId)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
path := ""
|
|
|
|
|
if len(teamId) == 26 {
|
|
|
|
|
path = "teams/" + teamId + "/channels/" + channelId + "/users/" + userId + "/" + filename
|
|
|
|
|
} else {
|
2016-04-21 22:37:01 -07:00
|
|
|
path = "teams/" + c.TeamId + "/channels/" + channelId + "/users/" + userId + "/" + filename
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fileData := make(chan []byte)
|
2015-10-14 16:56:13 -07:00
|
|
|
getFileAndForget(path, fileData)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
if len(hash) > 0 && len(data) > 0 && len(teamId) == 26 {
|
2016-03-31 10:08:20 -04:00
|
|
|
if !utils.Cfg.FileSettings.EnablePublicLink {
|
|
|
|
|
c.Err = model.NewLocAppError("getFile", "api.file.get_file.public_disabled.app_error", nil, "")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-23 13:47:10 -07:00
|
|
|
if !model.ComparePassword(hash, fmt.Sprintf("%v:%v", data, utils.Cfg.FileSettings.PublicLinkSalt)) {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("getFile", "api.file.get_file.public_invalid.app_error", nil, "")
|
2015-06-14 23:53:32 -08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
} else if !c.HasPermissionsToChannel(cchan, "getFile") {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
f := <-fileData
|
|
|
|
|
|
|
|
|
|
if f == nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("getFile", "api.file.get_file.not_found.app_error", nil, "path="+path)
|
2015-06-14 23:53:32 -08:00
|
|
|
c.Err.StatusCode = http.StatusNotFound
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
w.Header().Set("Cache-Control", "max-age=2592000, public")
|
2015-08-27 11:05:18 -07:00
|
|
|
w.Header().Set("Content-Length", strconv.Itoa(len(f)))
|
2015-10-06 09:09:52 -04:00
|
|
|
w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer
|
2015-09-25 11:46:43 -04:00
|
|
|
|
2016-04-08 18:06:35 -04:00
|
|
|
// attach extra headers to trigger a download on IE, Edge, and Safari
|
|
|
|
|
ua := user_agent.New(r.UserAgent())
|
|
|
|
|
bname, _ := ua.Browser()
|
2015-09-25 11:46:43 -04:00
|
|
|
|
2016-04-08 18:06:35 -04:00
|
|
|
parts := strings.Split(filename, "/")
|
|
|
|
|
filePart := strings.Split(parts[len(parts)-1], "?")[0]
|
|
|
|
|
w.Header().Set("Content-Disposition", "attachment;filename=\""+filePart+"\"")
|
2016-02-23 07:54:51 -08:00
|
|
|
|
2016-04-08 18:06:35 -04:00
|
|
|
if bname == "Edge" || bname == "Internet Explorer" || bname == "Safari" {
|
|
|
|
|
// trim off anything before the final / so we just get the file's name
|
|
|
|
|
w.Header().Set("Content-Type", "application/octet-stream")
|
2015-09-25 11:46:43 -04:00
|
|
|
}
|
|
|
|
|
|
2016-04-08 18:06:35 -04:00
|
|
|
// prevent file links from being embedded in iframes
|
|
|
|
|
w.Header().Set("X-Frame-Options", "DENY")
|
|
|
|
|
w.Header().Set("Content-Security-Policy", "Frame-ancestors 'none'")
|
|
|
|
|
|
2015-08-24 15:03:52 -07:00
|
|
|
w.Write(f)
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
2015-10-14 16:56:13 -07:00
|
|
|
func getFileAndForget(path string, fileData chan []byte) {
|
2015-06-14 23:53:32 -08:00
|
|
|
go func() {
|
2016-04-11 13:45:03 -04:00
|
|
|
data, getErr := ReadFile(path)
|
2015-06-14 23:53:32 -08:00
|
|
|
if getErr != nil {
|
2015-07-17 15:55:06 -04:00
|
|
|
l4g.Error(getErr)
|
2015-06-14 23:53:32 -08:00
|
|
|
fileData <- nil
|
|
|
|
|
} else {
|
|
|
|
|
fileData <- data
|
|
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func getPublicLink(c *Context, w http.ResponseWriter, r *http.Request) {
|
2015-09-23 13:47:10 -07:00
|
|
|
if len(utils.Cfg.FileSettings.DriverName) == 0 {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("uploadFile", "api.file.upload_file.storage.app_error", nil, "")
|
2015-09-21 17:34:13 -07:00
|
|
|
c.Err.StatusCode = http.StatusNotImplemented
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-23 13:47:10 -07:00
|
|
|
if !utils.Cfg.FileSettings.EnablePublicLink {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("getPublicLink", "api.file.get_public_link.disabled.app_error", nil, "")
|
2015-06-14 23:53:32 -08:00
|
|
|
c.Err.StatusCode = http.StatusForbidden
|
2016-04-21 22:37:01 -07:00
|
|
|
return
|
2015-06-14 23:53:32 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
props := model.MapFromJson(r.Body)
|
|
|
|
|
|
|
|
|
|
filename := props["filename"]
|
|
|
|
|
if len(filename) == 0 {
|
|
|
|
|
c.SetInvalidParam("getPublicLink", "filename")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
matches := model.PartialUrlRegex.FindAllStringSubmatch(filename, -1)
|
2015-07-21 19:21:05 -04:00
|
|
|
if len(matches) == 0 || len(matches[0]) < 4 {
|
2015-06-14 23:53:32 -08:00
|
|
|
c.SetInvalidParam("getPublicLink", "filename")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-21 19:21:05 -04:00
|
|
|
channelId := matches[0][1]
|
|
|
|
|
userId := matches[0][2]
|
|
|
|
|
filename = matches[0][3]
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
cchan := Srv.Store.Channel().CheckPermissionsTo(c.TeamId, channelId, c.Session.UserId)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
newProps := make(map[string]string)
|
|
|
|
|
newProps["filename"] = filename
|
|
|
|
|
|
|
|
|
|
data := model.MapToJson(newProps)
|
2015-09-23 13:47:10 -07:00
|
|
|
hash := model.HashPassword(fmt.Sprintf("%v:%v", data, utils.Cfg.FileSettings.PublicLinkSalt))
|
2015-06-14 23:53:32 -08:00
|
|
|
|
2016-04-21 22:37:01 -07:00
|
|
|
url := fmt.Sprintf("%s/files/get/%s/%s/%s?d=%s&h=%s&t=%s", c.GetSiteURL()+model.API_URL_SUFFIX, channelId, userId, filename, url.QueryEscape(data), url.QueryEscape(hash), c.TeamId)
|
2015-06-14 23:53:32 -08:00
|
|
|
|
|
|
|
|
if !c.HasPermissionsToChannel(cchan, "getPublicLink") {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rData := make(map[string]string)
|
|
|
|
|
rData["public_link"] = url
|
|
|
|
|
|
|
|
|
|
w.Write([]byte(model.MapToJson(rData)))
|
|
|
|
|
}
|
2015-07-16 08:54:09 -04:00
|
|
|
|
2015-08-26 12:49:07 -04:00
|
|
|
func getExport(c *Context, w http.ResponseWriter, r *http.Request) {
|
2016-04-21 22:37:01 -07:00
|
|
|
if !c.HasPermissionsToTeam(c.TeamId, "export") || !c.IsTeamAdmin() {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("getExport", "api.file.get_export.team_admin.app_error", nil, "userId="+c.Session.UserId)
|
2015-08-26 12:49:07 -04:00
|
|
|
c.Err.StatusCode = http.StatusForbidden
|
|
|
|
|
return
|
|
|
|
|
}
|
2016-04-11 13:45:03 -04:00
|
|
|
data, err := ReadFile(EXPORT_PATH + EXPORT_FILENAME)
|
2015-08-26 12:49:07 -04:00
|
|
|
if err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
c.Err = model.NewLocAppError("getExport", "api.file.get_export.retrieve.app_error", nil, err.Error())
|
2015-08-26 12:49:07 -04:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
w.Header().Set("Content-Disposition", "attachment; filename="+EXPORT_FILENAME)
|
|
|
|
|
w.Header().Set("Content-Type", "application/octet-stream")
|
|
|
|
|
w.Write(data)
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-11 13:45:03 -04:00
|
|
|
func WriteFile(f []byte, path string) *model.AppError {
|
2015-07-16 08:54:09 -04:00
|
|
|
|
2015-09-23 13:47:10 -07:00
|
|
|
if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 {
|
2015-07-16 08:54:09 -04:00
|
|
|
var auth aws.Auth
|
2015-09-23 13:47:10 -07:00
|
|
|
auth.AccessKey = utils.Cfg.FileSettings.AmazonS3AccessKeyId
|
|
|
|
|
auth.SecretKey = utils.Cfg.FileSettings.AmazonS3SecretAccessKey
|
2015-07-16 08:54:09 -04:00
|
|
|
|
2015-12-21 11:24:01 -08:00
|
|
|
s := s3.New(auth, awsRegion())
|
2015-09-23 13:47:10 -07:00
|
|
|
bucket := s.Bucket(utils.Cfg.FileSettings.AmazonS3Bucket)
|
2015-07-16 08:54:09 -04:00
|
|
|
|
|
|
|
|
ext := filepath.Ext(path)
|
|
|
|
|
|
|
|
|
|
var err error
|
|
|
|
|
if model.IsFileExtImage(ext) {
|
|
|
|
|
options := s3.Options{}
|
|
|
|
|
err = bucket.Put(path, f, model.GetImageMimeType(ext), s3.Private, options)
|
|
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
options := s3.Options{}
|
|
|
|
|
err = bucket.Put(path, f, "binary/octet-stream", s3.Private, options)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
2016-04-11 13:45:03 -04:00
|
|
|
return model.NewLocAppError("WriteFile", "api.file.write_file.s3.app_error", nil, err.Error())
|
2015-07-16 08:54:09 -04:00
|
|
|
}
|
2015-09-23 13:47:10 -07:00
|
|
|
} else if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_LOCAL {
|
2016-04-11 13:45:03 -04:00
|
|
|
if err := WriteFileLocally(f, utils.Cfg.FileSettings.Directory+path); err != nil {
|
2016-01-04 12:44:22 -05:00
|
|
|
return err
|
2015-07-16 08:54:09 -04:00
|
|
|
}
|
|
|
|
|
} else {
|
2016-04-11 13:45:03 -04:00
|
|
|
return model.NewLocAppError("WriteFile", "api.file.write_file.configured.app_error", nil, "")
|
2015-07-16 08:54:09 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-28 06:53:30 -07:00
|
|
|
func MoveFile(oldPath, newPath string) *model.AppError {
|
2016-03-08 12:27:27 -05:00
|
|
|
if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 {
|
|
|
|
|
fileData := make(chan []byte)
|
|
|
|
|
getFileAndForget(oldPath, fileData)
|
|
|
|
|
fileBytes := <-fileData
|
|
|
|
|
|
|
|
|
|
if fileBytes == nil {
|
|
|
|
|
return model.NewLocAppError("moveFile", "api.file.move_file.get_from_s3.app_error", nil, "")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var auth aws.Auth
|
|
|
|
|
auth.AccessKey = utils.Cfg.FileSettings.AmazonS3AccessKeyId
|
|
|
|
|
auth.SecretKey = utils.Cfg.FileSettings.AmazonS3SecretAccessKey
|
|
|
|
|
|
|
|
|
|
s := s3.New(auth, awsRegion())
|
|
|
|
|
bucket := s.Bucket(utils.Cfg.FileSettings.AmazonS3Bucket)
|
|
|
|
|
|
|
|
|
|
if err := bucket.Del(oldPath); err != nil {
|
|
|
|
|
return model.NewLocAppError("moveFile", "api.file.move_file.delete_from_s3.app_error", nil, err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-11 13:45:03 -04:00
|
|
|
if err := WriteFile(fileBytes, newPath); err != nil {
|
2016-03-08 12:27:27 -05:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
} else if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_LOCAL {
|
2016-04-28 06:53:30 -07:00
|
|
|
|
|
|
|
|
if err := os.MkdirAll(filepath.Dir(utils.Cfg.FileSettings.Directory+newPath), 0774); err != nil {
|
|
|
|
|
return model.NewLocAppError("moveFile", "api.file.move_file.rename.app_error", nil, err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-08 12:27:27 -05:00
|
|
|
if err := os.Rename(utils.Cfg.FileSettings.Directory+oldPath, utils.Cfg.FileSettings.Directory+newPath); err != nil {
|
|
|
|
|
return model.NewLocAppError("moveFile", "api.file.move_file.rename.app_error", nil, err.Error())
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
return model.NewLocAppError("moveFile", "api.file.move_file.configured.app_error", nil, "")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-11 13:45:03 -04:00
|
|
|
func WriteFileLocally(f []byte, path string) *model.AppError {
|
2016-01-04 12:44:22 -05:00
|
|
|
if err := os.MkdirAll(filepath.Dir(path), 0774); err != nil {
|
2016-04-11 13:45:03 -04:00
|
|
|
return model.NewLocAppError("WriteFile", "api.file.write_file_locally.create_dir.app_error", nil, err.Error())
|
2016-01-04 12:44:22 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := ioutil.WriteFile(path, f, 0644); err != nil {
|
2016-04-11 13:45:03 -04:00
|
|
|
return model.NewLocAppError("WriteFile", "api.file.write_file_locally.writing.app_error", nil, err.Error())
|
2016-01-04 12:44:22 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-11 13:45:03 -04:00
|
|
|
func ReadFile(path string) ([]byte, *model.AppError) {
|
2015-07-16 08:54:09 -04:00
|
|
|
|
2015-09-23 13:47:10 -07:00
|
|
|
if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 {
|
2015-07-16 08:54:09 -04:00
|
|
|
var auth aws.Auth
|
2015-09-23 13:47:10 -07:00
|
|
|
auth.AccessKey = utils.Cfg.FileSettings.AmazonS3AccessKeyId
|
|
|
|
|
auth.SecretKey = utils.Cfg.FileSettings.AmazonS3SecretAccessKey
|
2015-07-16 08:54:09 -04:00
|
|
|
|
2015-12-21 11:24:01 -08:00
|
|
|
s := s3.New(auth, awsRegion())
|
2015-09-23 13:47:10 -07:00
|
|
|
bucket := s.Bucket(utils.Cfg.FileSettings.AmazonS3Bucket)
|
2015-07-16 08:54:09 -04:00
|
|
|
|
|
|
|
|
// try to get the file from S3 with some basic retry logic
|
|
|
|
|
tries := 0
|
|
|
|
|
for {
|
|
|
|
|
tries++
|
|
|
|
|
|
|
|
|
|
f, err := bucket.Get(path)
|
|
|
|
|
|
|
|
|
|
if f != nil {
|
|
|
|
|
return f, nil
|
|
|
|
|
} else if tries >= 3 {
|
2016-04-11 13:45:03 -04:00
|
|
|
return nil, model.NewLocAppError("ReadFile", "api.file.read_file.get.app_error", nil, "path="+path+", err="+err.Error())
|
2015-07-16 08:54:09 -04:00
|
|
|
}
|
|
|
|
|
time.Sleep(3000 * time.Millisecond)
|
|
|
|
|
}
|
2015-09-23 13:47:10 -07:00
|
|
|
} else if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_LOCAL {
|
|
|
|
|
if f, err := ioutil.ReadFile(utils.Cfg.FileSettings.Directory + path); err != nil {
|
2016-04-11 13:45:03 -04:00
|
|
|
return nil, model.NewLocAppError("ReadFile", "api.file.read_file.reading_local.app_error", nil, err.Error())
|
2015-07-16 08:54:09 -04:00
|
|
|
} else {
|
|
|
|
|
return f, nil
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2016-04-11 13:45:03 -04:00
|
|
|
return nil, model.NewLocAppError("ReadFile", "api.file.read_file.configured.app_error", nil, "")
|
2015-07-16 08:54:09 -04:00
|
|
|
}
|
|
|
|
|
}
|
2015-08-26 12:49:07 -04:00
|
|
|
|
|
|
|
|
func openFileWriteStream(path string) (io.Writer, *model.AppError) {
|
2015-09-23 13:47:10 -07:00
|
|
|
if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 {
|
2016-01-22 01:37:11 -03:00
|
|
|
return nil, model.NewLocAppError("openFileWriteStream", "api.file.open_file_write_stream.s3.app_error", nil, "")
|
2015-09-23 13:47:10 -07:00
|
|
|
} else if utils.Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_LOCAL {
|
|
|
|
|
if err := os.MkdirAll(filepath.Dir(utils.Cfg.FileSettings.Directory+path), 0774); err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
return nil, model.NewLocAppError("openFileWriteStream", "api.file.open_file_write_stream.creating_dir.app_error", nil, err.Error())
|
2015-08-26 12:49:07 -04:00
|
|
|
}
|
|
|
|
|
|
2015-09-23 13:47:10 -07:00
|
|
|
if fileHandle, err := os.Create(utils.Cfg.FileSettings.Directory + path); err != nil {
|
2016-01-22 01:37:11 -03:00
|
|
|
return nil, model.NewLocAppError("openFileWriteStream", "api.file.open_file_write_stream.local_server.app_error", nil, err.Error())
|
2015-08-26 12:49:07 -04:00
|
|
|
} else {
|
|
|
|
|
fileHandle.Chmod(0644)
|
|
|
|
|
return fileHandle, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-22 01:37:11 -03:00
|
|
|
return nil, model.NewLocAppError("openFileWriteStream", "api.file.open_file_write_stream.configured.app_error", nil, "")
|
2015-08-26 12:49:07 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func closeFileWriteStream(file io.Writer) {
|
|
|
|
|
file.(*os.File).Close()
|
|
|
|
|
}
|
2015-12-21 11:24:01 -08:00
|
|
|
|
|
|
|
|
func awsRegion() aws.Region {
|
|
|
|
|
if region, ok := aws.Regions[utils.Cfg.FileSettings.AmazonS3Region]; ok {
|
|
|
|
|
return region
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return aws.Region{
|
|
|
|
|
Name: utils.Cfg.FileSettings.AmazonS3Region,
|
|
|
|
|
S3Endpoint: utils.Cfg.FileSettings.AmazonS3Endpoint,
|
|
|
|
|
S3BucketEndpoint: utils.Cfg.FileSettings.AmazonS3BucketEndpoint,
|
|
|
|
|
S3LocationConstraint: *utils.Cfg.FileSettings.AmazonS3LocationConstraint,
|
|
|
|
|
S3LowercaseBucket: *utils.Cfg.FileSettings.AmazonS3LowercaseBucket,
|
|
|
|
|
}
|
|
|
|
|
}
|
