Delete files
This commit is contained in:
parent
6ed9088aaa
commit
de275a27cb
15
src/db.rs
15
src/db.rs
@ -27,7 +27,7 @@ impl Database {
|
|||||||
sqlx::migrate!("./migrations/").run(&self.pool).await
|
sqlx::migrate!("./migrations/").run(&self.pool).await
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn upsert_user(&self, pubkey: &Vec<u8>) -> Result<u32, Error> {
|
pub async fn upsert_user(&self, pubkey: &Vec<u8>) -> Result<u64, Error> {
|
||||||
let res = sqlx::query("insert ignore into users(pubkey) values(?) returning id")
|
let res = sqlx::query("insert ignore into users(pubkey) values(?) returning id")
|
||||||
.bind(pubkey)
|
.bind(pubkey)
|
||||||
.fetch_optional(&self.pool)
|
.fetch_optional(&self.pool)
|
||||||
@ -42,6 +42,14 @@ impl Database {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub async fn get_user_id(&self, pubkey: &Vec<u8>) -> Result<u64, Error> {
|
||||||
|
sqlx::query("select id from users where pubkey = ?")
|
||||||
|
.bind(pubkey)
|
||||||
|
.fetch_one(&self.pool)
|
||||||
|
.await?
|
||||||
|
.try_get(0)
|
||||||
|
}
|
||||||
|
|
||||||
pub async fn add_file(&self, file: &FileUpload) -> Result<(), Error> {
|
pub async fn add_file(&self, file: &FileUpload) -> Result<(), Error> {
|
||||||
sqlx::query("insert into uploads(id,user_id,name,size,mime_type) values(?,?,?,?,?)")
|
sqlx::query("insert into uploads(id,user_id,name,size,mime_type) values(?,?,?,?,?)")
|
||||||
.bind(&file.id)
|
.bind(&file.id)
|
||||||
@ -62,10 +70,11 @@ impl Database {
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub async fn delete_file(&self, file: &Vec<u8>) -> Result<(), Error> {
|
pub async fn delete_file(&self, file: &Vec<u8>) -> Result<(), Error> {
|
||||||
sqlx::query_as("delete from uploads where id = ?")
|
sqlx::query("delete from uploads where id = ?")
|
||||||
.bind(&file)
|
.bind(&file)
|
||||||
.execute(&self.pool)
|
.execute(&self.pool)
|
||||||
.await?
|
.await?;
|
||||||
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn list_files(&self, pubkey: &Vec<u8>) -> Result<Vec<FileUpload>, Error> {
|
pub async fn list_files(&self, pubkey: &Vec<u8>) -> Result<Vec<FileUpload>, Error> {
|
||||||
|
@ -148,7 +148,7 @@ async fn head_blob(sha256: &str, fs: &State<FileStore>) -> BlossomResponse {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[rocket::delete("/<sha256>")]
|
#[rocket::delete("/<sha256>")]
|
||||||
async fn delete_blob(sha256: &str, fs: &State<FileStore>, db: &State<Database>) -> BlossomResponse {
|
async fn delete_blob(sha256: &str, auth: BlossomAuth, fs: &State<FileStore>, db: &State<Database>) -> BlossomResponse {
|
||||||
let sha256 = if sha256.contains(".") {
|
let sha256 = if sha256.contains(".") {
|
||||||
sha256.split('.').next().unwrap()
|
sha256.split('.').next().unwrap()
|
||||||
} else {
|
} else {
|
||||||
@ -163,9 +163,24 @@ async fn delete_blob(sha256: &str, fs: &State<FileStore>, db: &State<Database>)
|
|||||||
if id.len() != 32 {
|
if id.len() != 32 {
|
||||||
return BlossomResponse::error("Invalid file id");
|
return BlossomResponse::error("Invalid file id");
|
||||||
}
|
}
|
||||||
if let Ok(Some(_info)) = db.get_file(&id).await {
|
if !check_method(&auth.event, "delete") {
|
||||||
db.delete_file(&id).await?;
|
return BlossomResponse::error("Invalid request method tag");
|
||||||
fs::remove_file(fs.get(&id))?;
|
}
|
||||||
|
if let Ok(Some(info)) = db.get_file(&id).await {
|
||||||
|
let pubkey_vec = auth.event.pubkey.to_bytes().to_vec();
|
||||||
|
let user = match db.get_user_id(&pubkey_vec).await {
|
||||||
|
Ok(u) => u,
|
||||||
|
Err(_e) => return BlossomResponse::error("User not found")
|
||||||
|
};
|
||||||
|
if user != info.user_id {
|
||||||
|
return BlossomResponse::error("You dont own this file, you cannot delete it");
|
||||||
|
}
|
||||||
|
if let Err(e) = db.delete_file(&id).await {
|
||||||
|
return BlossomResponse::error(format!("Failed to delete (db): {}", e));
|
||||||
|
}
|
||||||
|
if let Err(e) = fs::remove_file(fs.get(&id)) {
|
||||||
|
return BlossomResponse::error(format!("Failed to delete (fs): {}", e));
|
||||||
|
}
|
||||||
BlossomResponse::StatusOnly(Status::Ok)
|
BlossomResponse::StatusOnly(Status::Ok)
|
||||||
} else {
|
} else {
|
||||||
BlossomResponse::StatusOnly(Status::NotFound)
|
BlossomResponse::StatusOnly(Status::NotFound)
|
||||||
|
Loading…
Reference in New Issue
Block a user