From 9170f8f7aa3f09fcde18672e4058cb2375efa31d Mon Sep 17 00:00:00 2001 From: Matthias Date: Thu, 25 Aug 2022 15:13:44 +0200 Subject: [PATCH] Everything is validated now --- .gitlab-ci.yml | 24 ++- dto/.gitignore | 402 +++++++++++++++++++++++++++++++++++ dto/package.json | 11 +- dto/src/index.ts | 1 + dto/src/requests/auth.ts | 28 ++- dto/src/requests/fs.ts | 7 +- dto/src/responses/auth.ts | 28 ++- dto/src/responses/fs.ts | 56 ++++- dto/src/utils.ts | 35 +++ dto/tsconfig.json | 6 +- frontend/src/api/auth.ts | 4 +- frontend/src/api/base.ts | 13 +- src/controller/auth.ts | 65 +++--- src/controller/filesystem.ts | 65 +++--- 14 files changed, 627 insertions(+), 118 deletions(-) create mode 100644 dto/.gitignore create mode 100644 dto/src/utils.ts diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6aab9b6..5d9eafb 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,6 +1,7 @@ image: node:latest stages: + - setup - test - build - package @@ -23,18 +24,33 @@ before_script: - yarn install --cache-folder .yarn --frozen-lockfile - cd .. -test_backend: +test_build_dto: + stage: setup cache: <<: *global_cache policy: pull-push + before_script: [] + script: + - cd dto + - yarn install --frozen-lockfile + - yarn lint + - yarn build + - cd .. + - yarn install --cache-folder .yarn --frozen-lockfile + - yarn add ./dto + - cd frontend + - yarn install --cache-folder .yarn --frozen-lockfile + - yarn add ../dto + + +test_backend: + needs: ["test_build_dto"] stage: test script: - yarn lint test_frontend: - cache: - <<: *global_cache - policy: pull-push + needs: ["test_build_dto"] stage: test script: - cd frontend diff --git a/dto/.gitignore b/dto/.gitignore new file mode 100644 index 0000000..ab13255 --- /dev/null +++ b/dto/.gitignore @@ -0,0 +1,402 @@ +# Created by .ignore support plugin (hsz.mobi) +### JetBrains template +# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm +# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 + +# User-specific stuff: +.idea/**/workspace.xml +.idea/**/tasks.xml +.idea/dictionaries + +# Sensitive or high-churn files: +.idea/**/dataSources/ +.idea/**/dataSources.ids +.idea/**/dataSources.xml +.idea/**/dataSources.local.xml +.idea/**/sqlDataSources.xml +.idea/**/dynamic.xml +.idea/**/uiDesigner.xml + +# Gradle: +.idea/**/gradle.xml +.idea/**/libraries + +# CMake +cmake-build-debug/ + +# Mongo Explorer plugin: +.idea/**/mongoSettings.xml + +## File-based project format: +*.iws + +## Plugin-specific files: + +# IntelliJ +out/ + +# mpeltonen/sbt-idea plugin +.idea_modules/ + +# JIRA plugin +atlassian-ide-plugin.xml + +# Cursive Clojure plugin +.idea/replstate.xml + +# Crashlytics plugin (for Android Studio and IntelliJ) +com_crashlytics_export_strings.xml +crashlytics.properties +crashlytics-build.properties +fabric.properties +### VisualStudio template +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore + +# User-specific files +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +bld/ +[Bb]in/ +[Oo]bj/ +[Ll]og/ + +# Visual Studio 2015 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUNIT +*.VisualState.xml +TestResult.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# Benchmark Results +BenchmarkDotNet.Artifacts/ + +# .NET Core +project.lock.json +project.fragment.lock.json +artifacts/ +**/Properties/launchSettings.json + +*_i.c +*_p.c +*_i.h +*.ilk +*.meta +*.obj +*.pch +*.pdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*.log +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# Visual Studio Trace Files +*.e2e + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# JustCode is a .NET coding add-in +.JustCode + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# Note: Comment the next line if you want to checkin your web deploy settings, +# but database connection strings (with potential passwords) will be unencrypted +*.pubxml +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# NuGet Packages +*.nupkg +# The packages folder can be ignored because of Package Restore +**/[Pp]ackages/* +# except build/, which is used as an MSBuild target. +!**/[Pp]ackages/build/ +# Uncomment if necessary however generally it will be regenerated when needed +#!**/[Pp]ackages/repositories.config +# NuGet v3's project.json files produces more ignorable files +*.nuget.props +*.nuget.targets + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt +*.appx + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Typescript v1 declaration files +typings/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# JetBrains Rider +.idea/ +*.sln.iml + +# IDE - VSCode +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json + +# CodeRush +.cr/ + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Tabs Studio +*.tss + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# OpenCover UI analysis results +OpenCover/ +coverage/ + +### macOS template +# General +.DS_Store +.AppleDouble +.LSOverride + +# Icon must end with two \r +Icon + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +======= +# Local +.env +dist +lib + +files +sqlite.db \ No newline at end of file diff --git a/dto/package.json b/dto/package.json index 4123b61..328ce5a 100644 --- a/dto/package.json +++ b/dto/package.json @@ -2,13 +2,18 @@ "name": "dto", "private": true, "version": "1.0.0", - "main": "src/index.ts", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "files": [ + "/lib" + ], "dependencies": { "class-transformer": "^0.5.1", "class-validator": "^0.13.2" }, "scripts": { - "lint": "eslint \"src/**/*.ts\" && tsc --no-emit", - "lint-fix": "eslint \"src/**/*.ts\" --fix" + "lint": "eslint \"src/**/*.ts\" && tsc --noEmit", + "lint-fix": "eslint \"src/**/*.ts\" --fix", + "build": "tsc" } } diff --git a/dto/src/index.ts b/dto/src/index.ts index 22f24bf..1c0dbe0 100644 --- a/dto/src/index.ts +++ b/dto/src/index.ts @@ -1,2 +1,3 @@ export * as Requests from './requests'; export * as Responses from './responses'; +export { validateSync, validateAsync, validateAsyncInline } from './utils'; diff --git a/dto/src/requests/auth.ts b/dto/src/requests/auth.ts index 9fd1ba4..5526e9d 100644 --- a/dto/src/requests/auth.ts +++ b/dto/src/requests/auth.ts @@ -1,14 +1,36 @@ import { BaseRequest } from './base'; -import { IsEmail, IsNotEmpty } from 'class-validator'; +import { + IsBoolean, + IsEmail, + IsNotEmpty, + IsOptional, + IsString +} from 'class-validator'; -export class AuthSignUpRequest extends BaseRequest { +export class SignUpRequest extends BaseRequest { @IsEmail() username: string; @IsNotEmpty() + @IsString() password: string; } -export class AuthLoginRequest extends AuthSignUpRequest { +export class LoginRequest extends SignUpRequest { + @IsOptional() + @IsNotEmpty() + @IsString() otp?: string; } + +export class TfaComplete extends BaseRequest { + @IsNotEmpty() + @IsString() + code: string; +} + +export class TfaSetup extends BaseRequest { + @IsNotEmpty() + @IsBoolean() + mail: boolean; +} diff --git a/dto/src/requests/fs.ts b/dto/src/requests/fs.ts index 63ecabf..08ca1ba 100644 --- a/dto/src/requests/fs.ts +++ b/dto/src/requests/fs.ts @@ -1,7 +1,5 @@ import { BaseRequest } from './base'; -import { IsInt, IsNotEmpty, Min } from 'class-validator'; - -export type CreateFileRequest = CreateFolderRequest; +import { IsInt, IsNotEmpty, IsString, Min } from 'class-validator'; export class CreateFolderRequest extends BaseRequest { @IsInt() @@ -9,6 +7,7 @@ export class CreateFolderRequest extends BaseRequest { parent: number; @IsNotEmpty() + @IsString() name: string; } @@ -17,3 +16,5 @@ export class DeleteRequest extends BaseRequest { @Min(1) node: number; } + +export class CreateFileRequest extends CreateFolderRequest {} diff --git a/dto/src/responses/auth.ts b/dto/src/responses/auth.ts index 46e5257..e9177cd 100644 --- a/dto/src/responses/auth.ts +++ b/dto/src/responses/auth.ts @@ -1,20 +1,27 @@ import { SuccessResponse } from './base'; import { IsBase32, IsJWT, IsNotEmpty } from 'class-validator'; +import { ValidateConstructor } from '../utils'; -export type TfaRequiredResponse = SuccessResponse; -export type RemoveTfaResponse = SuccessResponse; -export type RequestEmailTfaResponse = SuccessResponse; -export type TfaCompletedResponse = SuccessResponse; -export type SignupResponse = SuccessResponse; -export type RefreshResponse = LoginResponse; - +@ValidateConstructor export class LoginResponse extends SuccessResponse { + constructor(jwt: string) { + super(); + this.jwt = jwt; + } + @IsNotEmpty() @IsJWT() jwt: string; } +@ValidateConstructor export class RequestTotpTfaResponse extends SuccessResponse { + constructor(qrCode: string, secret: string) { + super(); + this.qrCode = qrCode; + this.secret = secret; + } + @IsNotEmpty() qrCode: string; @@ -22,3 +29,10 @@ export class RequestTotpTfaResponse extends SuccessResponse { @IsBase32() secret: string; } + +export class TfaRequiredResponse extends SuccessResponse {} +export class RemoveTfaResponse extends SuccessResponse {} +export class RequestEmailTfaResponse extends SuccessResponse {} +export class TfaCompletedResponse extends SuccessResponse {} +export class SignupResponse extends SuccessResponse {} +export class RefreshResponse extends LoginResponse {} diff --git a/dto/src/responses/fs.ts b/dto/src/responses/fs.ts index cfa7f70..b4c0ef0 100644 --- a/dto/src/responses/fs.ts +++ b/dto/src/responses/fs.ts @@ -1,17 +1,39 @@ import { SuccessResponse } from './base'; -import { IsBoolean, IsInt, IsNotEmpty, Min } from 'class-validator'; - -export type UploadFileResponse = SuccessResponse; -export type DeleteResponse = SuccessResponse; -export type CreateFileResponse = CreateFolderResponse; +import { + IsBoolean, + IsInt, + IsNotEmpty, + IsOptional, + IsString, + Min +} from 'class-validator'; +import { ValidateConstructor } from '../utils'; +@ValidateConstructor export class GetRootResponse extends SuccessResponse { + constructor(rootId: number) { + super(); + this.rootId = rootId; + } @IsInt() @Min(1) rootId: number; } export class GetNodeResponse extends SuccessResponse { + constructor( + id: number, + name: string, + isFile: boolean, + parent: number | null + ) { + super(); + this.id = id; + this.name = name; + this.isFile = isFile; + this.parent = parent; + } + @IsInt() @Min(1) id: number; @@ -22,22 +44,46 @@ export class GetNodeResponse extends SuccessResponse { @IsBoolean() isFile: boolean; + @IsOptional() + @IsInt() + @Min(1) parent: number | null; + @IsOptional() @IsInt({ each: true }) @Min(1, { each: true }) children?: number[]; + @IsOptional() + @IsInt() + @Min(0) size?: number; } +@ValidateConstructor export class GetPathResponse extends SuccessResponse { + constructor(path: string) { + super(); + this.path = path; + } + @IsNotEmpty() + @IsString() path: string; } +@ValidateConstructor export class CreateFolderResponse extends SuccessResponse { + constructor(id: number) { + super(); + this.id = id; + } + @IsInt() @Min(1) id: number; } + +export class UploadFileResponse extends SuccessResponse {} +export class DeleteResponse extends SuccessResponse {} +export class CreateFileResponse extends CreateFolderResponse {} diff --git a/dto/src/utils.ts b/dto/src/utils.ts new file mode 100644 index 0000000..308f965 --- /dev/null +++ b/dto/src/utils.ts @@ -0,0 +1,35 @@ +import { validate, validateSync as _validateSync } from 'class-validator'; + +export function validateSync(data: T): void { + const errors = _validateSync(data); + if (errors.length > 0) { + console.error('Validation failed, errors: ', errors); + throw new Error('Validation failed'); + } +} + +export async function validateAsync(data: T): Promise { + const errors = await validate(data); + if (errors.length > 0) { + console.error('Validation failed, errors: ', errors); + throw new Error('Validation failed'); + } +} + +export async function validateAsyncInline( + data: T +): Promise { + await validateAsync(data); + return data; +} + +export function ValidateConstructor( + constr: T +) { + return class extends constr { + constructor(...args: any[]) { + super(...args); + validateSync(this); + } + }; +} diff --git a/dto/tsconfig.json b/dto/tsconfig.json index eedea79..a88e7eb 100644 --- a/dto/tsconfig.json +++ b/dto/tsconfig.json @@ -1,18 +1,18 @@ { "compilerOptions": { "module": "commonjs", - "declaration": false, + "declaration": true, "removeComments": true, "emitDecoratorMetadata": true, "experimentalDecorators": true, "allowSyntheticDefaultImports": true, "target": "es2017", "sourceMap": true, - "outDir": "./dist", + "outDir": "./lib", "baseUrl": "./src", "incremental": true, "skipLibCheck": true, "strictPropertyInitialization": false }, - "exclude": ["node_modules", "dist"] + "exclude": ["node_modules", "lib"] } diff --git a/frontend/src/api/auth.ts b/frontend/src/api/auth.ts index aed3adb..a2fea85 100644 --- a/frontend/src/api/auth.ts +++ b/frontend/src/api/auth.ts @@ -9,7 +9,7 @@ export const auth_login = ( | Responses.Auth.TfaRequiredResponse | Responses.ErrorResponse > => - post('/api/auth/login', { + post('/api/auth/login', { username: username, password: password, otp: otp @@ -19,7 +19,7 @@ export const auth_signup = ( username: string, password: string ): Promise => - post('/api/auth/signup', { + post('/api/auth/signup', { username: username, password: password }); diff --git a/frontend/src/api/base.ts b/frontend/src/api/base.ts index 180a095..bbc3b4e 100644 --- a/frontend/src/api/base.ts +++ b/frontend/src/api/base.ts @@ -1,7 +1,6 @@ import axios from 'axios'; import { Requests, Responses } from 'dto'; export { Requests, Responses }; -import { validateSync } from 'class-validator'; export const post = (url: string, data: T) => axios @@ -11,17 +10,12 @@ export const post = (url: string, data: T) => .then((res) => res.data) .catch((err) => err.response.data); -export function post_token( +export const post_token = ( url: string, data: T, token: string -) { - const errors = validateSync(data); - if (errors.length > 0) { - console.error('Validation failed, errors: ', errors); - throw new Error('Validation failed'); - } - return axios +) => + axios .post(url, data, { headers: { Authorization: 'Bearer ' + token, @@ -30,7 +24,6 @@ export function post_token( }) .then((res) => res.data) .catch((err) => err.response.data); -} export const post_token_form = ( url: string, diff --git a/src/controller/auth.ts b/src/controller/auth.ts index 30c7be4..756a9a7 100644 --- a/src/controller/auth.ts +++ b/src/controller/auth.ts @@ -4,18 +4,18 @@ import { Controller, Get, HttpCode, - ParseBoolPipe, Post, Query, Redirect, Request, UnauthorizedException, - UseGuards + UseGuards, + ValidationPipe } from '@nestjs/common'; import { AuthService } from '../services/auth'; import { AuthGuard } from '@nestjs/passport'; import { Public } from '../authguards'; -import { Responses } from 'dto'; +import { Responses, Requests } from 'dto'; import { tfaTypes } from '../entities'; import { toDataURL } from 'qrcode'; import * as base32 from 'thirty-two'; @@ -30,25 +30,22 @@ export default class AuthController { @HttpCode(200) async login( @Request() req, - @Body('otp') otp?: string + @Body(new ValidationPipe()) data: Requests.Auth.LoginRequest ): Promise< Responses.Auth.LoginResponse | Responses.Auth.TfaRequiredResponse > { if (this.authService.requiresTfa(req.user)) { - if (!otp) { + if (!data.otp) { if (req.user.tfaType == tfaTypes.EMAIL) await this.authService.sendTfaMail(req.user); - return { - statusCode: 200 - }; + return new Responses.Auth.TfaRequiredResponse(); } - if (!(await this.authService.verifyTfa(req.user, otp))) + if (!(await this.authService.verifyTfa(req.user, data.otp))) throw new UnauthorizedException('Incorrect 2fa'); } - return { - statusCode: 200, - jwt: await this.authService.login(req, req.user) - }; + return new Responses.Auth.LoginResponse( + await this.authService.login(req, req.user) + ); } async tfa( @@ -61,73 +58,61 @@ export default class AuthController { } await this.authService.setTfaType(req.user, type); await this.authService.revokeAll(req.user); - return { - statusCode: 200 - }; + return new Responses.Auth.TfaCompletedResponse(); } @Post('2fa/complete/mail') async tfaMail( @Request() req, - @Body('code') code: string + @Body(new ValidationPipe()) data: Requests.Auth.TfaComplete ): Promise { - return await this.tfa(req, code, tfaTypes.EMAIL); + return await this.tfa(req, data.code, tfaTypes.EMAIL); } @Post('2fa/complete/totp') async tfaTotp( @Request() req, - @Body('code') code: string + @Body(new ValidationPipe()) data: Requests.Auth.TfaComplete ): Promise { - return await this.tfa(req, code, tfaTypes.TOTP); + return await this.tfa(req, data.code, tfaTypes.TOTP); } @Get('2fa/setup') async setupTotp( @Request() req, - @Body('mail', ParseBoolPipe) mail: boolean + @Body(new ValidationPipe()) data: Requests.Auth.TfaSetup ): Promise< | Responses.Auth.RequestTotpTfaResponse | Responses.Auth.RequestEmailTfaResponse > { const secret = await this.authService.setupTfa(req.user); - if (mail) - return { - statusCode: 200 - }; - return { - statusCode: 200, - qrCode: await toDataURL( + if (data.mail) return new Responses.Auth.RequestEmailTfaResponse(); + return new Responses.Auth.RequestTotpTfaResponse( + await toDataURL( `otpauth://totp/MFileserver:${req.user.name}?secret=${base32 .encode(secret) .toString()}&issuer=MFileserver` ), secret - }; + ); } @Public() @Post('signup') async signup( - @Body('username') username, - @Body('password') password + @Body(new ValidationPipe()) data: Requests.Auth.SignUpRequest ): Promise { - if ((await this.authService.findUser(username, false)) != null) + if ((await this.authService.findUser(data.username, false)) != null) throw new BadRequestException('Username already taken'); - await this.authService.signup(username, password); - return { - statusCode: 200 - }; + await this.authService.signup(data.username, data.password); + return new Responses.Auth.SignupResponse(); } @Post('refresh') async refresh(@Request() req): Promise { const token = await this.authService.login(req, req.user); await this.authService.revoke(req.token); - return { - statusCode: 200, - jwt: token - }; + return await new Responses.Auth.RefreshResponse(token); } @Public() diff --git a/src/controller/filesystem.ts b/src/controller/filesystem.ts index 36178fe..2a34145 100644 --- a/src/controller/filesystem.ts +++ b/src/controller/filesystem.ts @@ -6,9 +6,10 @@ import { ParseIntPipe, Post, Request, - StreamableFile + StreamableFile, + ValidationPipe } from '@nestjs/common'; -import { Responses } from 'dto'; +import { Responses, Requests, validateAsyncInline } from 'dto'; import FileSystemService from '../services/filesystem'; import { UserRole } from '../entities'; import { Role } from '../authguards'; @@ -20,10 +21,7 @@ export default class FileSystemController { @Get('root') @Role(UserRole.USER) async getRoot(@Request() req): Promise { - return { - statusCode: 200, - rootId: req.user.rootId - }; + return new Responses.FS.GetRootResponse(req.user.rootId); } @Get('node/:node') @@ -33,19 +31,19 @@ export default class FileSystemController { @Param('node', ParseIntPipe) nodeId ): Promise { const node = await this.fsService.getNodeAndValidate(nodeId, req.user); - const data: Responses.FS.GetNodeResponse = { - id: nodeId, - statusCode: 200, - name: node.name, - parent: node.parentId, - isFile: node.isFile - }; + const data = new Responses.FS.GetNodeResponse( + nodeId, + node.name, + node.isFile, + node.parentId + ); + if (data.isFile) { data.size = node.size; } else { data.children = (await node.children).map((child) => child.id); } - return data; + return validateAsyncInline(data); } @Get('path/:node') @@ -54,62 +52,53 @@ export default class FileSystemController { @Request() req, @Param('node', ParseIntPipe) nodeId ): Promise { - return { - statusCode: 200, - path: await this.fsService.generatePath( + return new Responses.FS.GetPathResponse( + await this.fsService.generatePath( await this.fsService.getNodeAndValidate(nodeId, req.user) ) - }; + ); } @Post('createFolder') @Role(UserRole.USER) async createFolder( @Request() req, - @Body('parent', ParseIntPipe) parent, - @Body('name') name + @Body(new ValidationPipe()) data: Requests.FS.CreateFolderRequest ): Promise { const newChild = await this.fsService.create( - await this.fsService.getNodeAndValidate(parent, req.user), - name, + await this.fsService.getNodeAndValidate(data.parent, req.user), + data.name, req.user, false ); - return { - statusCode: 200, - id: newChild.id - }; + return new Responses.FS.CreateFolderResponse(newChild.id); } @Post('createFile') @Role(UserRole.USER) async createFile( @Request() req, - @Body('parent', ParseIntPipe) parent, - @Body('name') name + @Body(new ValidationPipe()) data: Requests.FS.CreateFileRequest ): Promise { const newChild = await this.fsService.create( - await this.fsService.getNodeAndValidate(parent, req.user), - name, + await this.fsService.getNodeAndValidate(data.parent, req.user), + data.name, req.user, true ); - return { - statusCode: 200, - id: newChild.id - }; + return new Responses.FS.CreateFileResponse(newChild.id); } @Post('delete') @Role(UserRole.USER) async delete( @Request() req, - @Body('node', ParseIntPipe) node_id + @Body(new ValidationPipe()) data: Requests.FS.DeleteRequest ): Promise { await this.fsService.delete( - await this.fsService.getNodeAndValidate(node_id, req.user) + await this.fsService.getNodeAndValidate(data.node, req.user) ); - return { statusCode: 200 }; + return new Responses.FS.DeleteResponse(); } @Post('upload/:node') @@ -119,7 +108,7 @@ export default class FileSystemController { @Param('node', ParseIntPipe) nodeId ): Promise { await this.fsService.uploadFile(await req.file(), nodeId, req.user); - return { statusCode: 200 }; + return new Responses.FS.UploadFileResponse(); } @Post('download')