2022-03-22 18:19:46 +01:00
|
|
|
'use strict';
|
|
|
|
|
2022-05-13 17:43:09 +02:00
|
|
|
const { merge } = require('lodash/fp');
|
2023-02-11 17:37:28 +01:00
|
|
|
const { mapAsync } = require('@strapi/utils');
|
2022-03-22 18:19:46 +01:00
|
|
|
const { getService } = require('../utils');
|
2022-05-13 16:10:18 +02:00
|
|
|
const { ACTIONS, FILE_MODEL_UID } = require('../constants');
|
2022-03-30 16:26:09 +02:00
|
|
|
const { findEntityAndCheckPermissions } = require('./utils/find-entity-and-check-permissions');
|
2022-03-22 18:19:46 +01:00
|
|
|
|
|
|
|
module.exports = {
|
|
|
|
async find(ctx) {
|
|
|
|
const {
|
|
|
|
state: { userAbility },
|
|
|
|
} = ctx;
|
|
|
|
|
2022-05-13 17:43:09 +02:00
|
|
|
const defaultQuery = { populate: { folder: true } };
|
|
|
|
|
2022-03-22 18:19:46 +01:00
|
|
|
const pm = strapi.admin.services.permission.createPermissionsManager({
|
|
|
|
ability: userAbility,
|
|
|
|
action: ACTIONS.read,
|
2022-05-13 16:10:18 +02:00
|
|
|
model: FILE_MODEL_UID,
|
2022-03-22 18:19:46 +01:00
|
|
|
});
|
|
|
|
|
|
|
|
if (!pm.isAllowed) {
|
|
|
|
return ctx.forbidden();
|
|
|
|
}
|
|
|
|
|
2023-02-09 11:35:50 +01:00
|
|
|
const pmQuery = pm.addPermissionsQueryTo(merge(defaultQuery, ctx.query));
|
2023-08-10 15:24:35 +02:00
|
|
|
const query = await pm.validateQuery(pmQuery);
|
2022-03-22 18:19:46 +01:00
|
|
|
|
2023-02-11 17:37:28 +01:00
|
|
|
const { results: files, pagination } = await getService('upload').findPage(query);
|
2022-03-22 18:19:46 +01:00
|
|
|
|
2023-02-11 17:37:28 +01:00
|
|
|
// Sign file urls for private providers
|
|
|
|
const signedFiles = await mapAsync(files, getService('file').signFileUrls);
|
2023-02-09 15:02:15 +01:00
|
|
|
|
2023-02-11 17:37:28 +01:00
|
|
|
const sanitizedFiles = await pm.sanitizeOutput(signedFiles);
|
2022-03-22 18:19:46 +01:00
|
|
|
|
2023-02-11 17:37:28 +01:00
|
|
|
return { results: sanitizedFiles, pagination };
|
2022-03-22 18:19:46 +01:00
|
|
|
},
|
|
|
|
|
|
|
|
async findOne(ctx) {
|
|
|
|
const {
|
|
|
|
state: { userAbility },
|
|
|
|
params: { id },
|
|
|
|
} = ctx;
|
|
|
|
|
|
|
|
const { pm, file } = await findEntityAndCheckPermissions(
|
|
|
|
userAbility,
|
|
|
|
ACTIONS.read,
|
2022-05-13 16:10:18 +02:00
|
|
|
FILE_MODEL_UID,
|
2022-03-22 18:19:46 +01:00
|
|
|
id
|
|
|
|
);
|
|
|
|
|
2023-02-19 18:08:44 +01:00
|
|
|
const signedFile = await getService('file').signFileUrls(file);
|
|
|
|
ctx.body = await pm.sanitizeOutput(signedFile);
|
2022-03-22 18:19:46 +01:00
|
|
|
},
|
|
|
|
|
|
|
|
async destroy(ctx) {
|
|
|
|
const { id } = ctx.params;
|
|
|
|
const { userAbility } = ctx.state;
|
|
|
|
|
|
|
|
const { pm, file } = await findEntityAndCheckPermissions(
|
|
|
|
userAbility,
|
|
|
|
ACTIONS.update,
|
2022-05-13 16:10:18 +02:00
|
|
|
FILE_MODEL_UID,
|
2022-03-22 18:19:46 +01:00
|
|
|
id
|
|
|
|
);
|
|
|
|
|
2022-04-12 16:32:05 +02:00
|
|
|
const [body] = await Promise.all([
|
|
|
|
pm.sanitizeOutput(file, { action: ACTIONS.read }),
|
|
|
|
getService('upload').remove(file),
|
|
|
|
]);
|
2022-03-22 18:19:46 +01:00
|
|
|
|
2022-04-12 16:32:05 +02:00
|
|
|
ctx.body = body;
|
2022-03-22 18:19:46 +01:00
|
|
|
},
|
|
|
|
};
|