strapi/packages/core/upload/server/controllers/admin-file.js

'use strict';

const { merge } = require('lodash/fp');
const { getService } = require('../utils');
const { ACTIONS, FILE_MODEL_UID } = require('../constants');
const { findEntityAndCheckPermissions } = require('./utils/find-entity-and-check-permissions');

module.exports = {
  async find(ctx) {
    const {
      state: { userAbility },
    } = ctx;

    const defaultQuery = { populate: { folder: true } };

    const pm = strapi.admin.services.permission.createPermissionsManager({
      ability: userAbility,
      action: ACTIONS.read,
      model: FILE_MODEL_UID,
    });

    if (!pm.isAllowed) {
      return ctx.forbidden();
    }

    const query = pm.addPermissionsQueryTo(merge(defaultQuery, ctx.query));

    const { results, pagination } = await getService('upload').findPage(query);

    const sanitizedResults = await pm.sanitizeOutput(results);

    return { results: sanitizedResults, pagination };
  },

  async findOne(ctx) {
    const {
      state: { userAbility },
      params: { id },
    } = ctx;

    const { pm, file } = await findEntityAndCheckPermissions(
      userAbility,
      ACTIONS.read,
      FILE_MODEL_UID,
      id
    );

    ctx.body = await pm.sanitizeOutput(file);
  },

  async destroy(ctx) {
    const { id } = ctx.params;
    const { userAbility } = ctx.state;

    const { pm, file } = await findEntityAndCheckPermissions(
      userAbility,
      ACTIONS.update,
      FILE_MODEL_UID,
      id
    );

    const [body] = await Promise.all([
      pm.sanitizeOutput(file, { action: ACTIONS.read }),
      getService('upload').remove(file),
    ]);

    ctx.body = body;
  },
};
restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00			`'use strict';`

default populate files 2022-05-13 17:43:09 +02:00			`const { merge } = require('lodash/fp');`
restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00			`const { getService } = require('../utils');`
apply feedback 2022-05-13 16:10:18 +02:00			`const { ACTIONS, FILE_MODEL_UID } = require('../constants');`
add ability to set and change file folder location 2022-03-30 16:26:09 +02:00			`const { findEntityAndCheckPermissions } = require('./utils/find-entity-and-check-permissions');`
restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00
			`module.exports = {`
			`async find(ctx) {`
			`const {`
			`state: { userAbility },`
			`} = ctx;`

default populate files 2022-05-13 17:43:09 +02:00			`const defaultQuery = { populate: { folder: true } };`

restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00			`const pm = strapi.admin.services.permission.createPermissionsManager({`
			`ability: userAbility,`
			`action: ACTIONS.read,`
apply feedback 2022-05-13 16:10:18 +02:00			`model: FILE_MODEL_UID,`
restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00			`});`

			`if (!pm.isAllowed) {`
			`return ctx.forbidden();`
			`}`

default populate files 2022-05-13 17:43:09 +02:00			`const query = pm.addPermissionsQueryTo(merge(defaultQuery, ctx.query));`
restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00
			`const { results, pagination } = await getService('upload').findPage(query);`

			`const sanitizedResults = await pm.sanitizeOutput(results);`

			`return { results: sanitizedResults, pagination };`
			`},`

			`async findOne(ctx) {`
			`const {`
			`state: { userAbility },`
			`params: { id },`
			`} = ctx;`

			`const { pm, file } = await findEntityAndCheckPermissions(`
			`userAbility,`
			`ACTIONS.read,`
apply feedback 2022-05-13 16:10:18 +02:00			`FILE_MODEL_UID,`
restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00			`id`
			`);`

			`ctx.body = await pm.sanitizeOutput(file);`
			`},`

			`async destroy(ctx) {`
			`const { id } = ctx.params;`
			`const { userAbility } = ctx.state;`

			`const { pm, file } = await findEntityAndCheckPermissions(`
			`userAbility,`
			`ACTIONS.update,`
apply feedback 2022-05-13 16:10:18 +02:00			`FILE_MODEL_UID,`
restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00			`id`
			`);`

apply feedback 2022-04-12 16:32:05 +02:00			`const [body] = await Promise.all([`
			`pm.sanitizeOutput(file, { action: ACTIONS.read }),`
			`getService('upload').remove(file),`
			`]);`
restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00
apply feedback 2022-04-12 16:32:05 +02:00			`ctx.body = body;`
restructure upload controllers + add create and get folders 2022-03-22 18:19:46 +01:00			`},`
			`};`