mirror of
https://github.com/strapi/strapi.git
synced 2025-07-19 23:16:47 +00:00
104 lines
2.8 KiB
JavaScript
104 lines
2.8 KiB
JavaScript
'use strict';
|
|
|
|
const _ = require('lodash');
|
|
const { ApplicationError } = require('@strapi/utils').errors;
|
|
const { mapAsync } = require('@strapi/utils');
|
|
const { getService } = require('../utils');
|
|
const { ACTIONS, FILE_MODEL_UID } = require('../constants');
|
|
const validateUploadBody = require('./validation/admin/upload');
|
|
const { findEntityAndCheckPermissions } = require('./utils/find-entity-and-check-permissions');
|
|
|
|
module.exports = {
|
|
async updateFileInfo(ctx) {
|
|
const {
|
|
state: { userAbility, user },
|
|
query: { id },
|
|
request: { body },
|
|
} = ctx;
|
|
|
|
const uploadService = getService('upload');
|
|
const { pm } = await findEntityAndCheckPermissions(
|
|
userAbility,
|
|
ACTIONS.update,
|
|
FILE_MODEL_UID,
|
|
id
|
|
);
|
|
|
|
const data = await validateUploadBody(body);
|
|
const file = await uploadService.updateFileInfo(id, data.fileInfo, { user });
|
|
|
|
ctx.body = await pm.sanitizeOutput(file, { action: ACTIONS.read });
|
|
},
|
|
|
|
async replaceFile(ctx) {
|
|
const {
|
|
state: { userAbility, user },
|
|
query: { id },
|
|
request: { body, files: { files } = {} },
|
|
} = ctx;
|
|
|
|
const uploadService = getService('upload');
|
|
const { pm } = await findEntityAndCheckPermissions(
|
|
userAbility,
|
|
ACTIONS.update,
|
|
FILE_MODEL_UID,
|
|
id
|
|
);
|
|
|
|
if (Array.isArray(files)) {
|
|
throw new ApplicationError('Cannot replace a file with multiple ones');
|
|
}
|
|
|
|
const data = await validateUploadBody(body);
|
|
const replacedFile = await uploadService.replace(id, { data, file: files }, { user });
|
|
|
|
// Sign file urls for private providers
|
|
const signedFile = await getService('file').signFileUrls(replacedFile);
|
|
|
|
ctx.body = await pm.sanitizeOutput(signedFile, { action: ACTIONS.read });
|
|
},
|
|
|
|
async uploadFiles(ctx) {
|
|
const {
|
|
state: { userAbility, user },
|
|
request: { body, files: { files } = {} },
|
|
} = ctx;
|
|
|
|
const uploadService = getService('upload');
|
|
const pm = strapi.admin.services.permission.createPermissionsManager({
|
|
ability: userAbility,
|
|
action: ACTIONS.create,
|
|
model: FILE_MODEL_UID,
|
|
});
|
|
|
|
if (!pm.isAllowed) {
|
|
return ctx.forbidden();
|
|
}
|
|
|
|
const data = await validateUploadBody(body);
|
|
const uploadedFiles = await uploadService.upload({ data, files }, { user });
|
|
|
|
// Sign file urls for private providers
|
|
const signedFiles = await mapAsync(uploadedFiles, getService('file').signFileUrls);
|
|
|
|
ctx.body = await pm.sanitizeOutput(signedFiles, { action: ACTIONS.read });
|
|
},
|
|
|
|
async upload(ctx) {
|
|
const {
|
|
query: { id },
|
|
request: { files: { files } = {} },
|
|
} = ctx;
|
|
|
|
if (_.isEmpty(files) || files.size === 0) {
|
|
if (id) {
|
|
return this.updateFileInfo(ctx);
|
|
}
|
|
|
|
throw new ApplicationError('Files are empty');
|
|
}
|
|
|
|
await (id ? this.replaceFile : this.uploadFiles)(ctx);
|
|
},
|
|
};
|