@balena/pinejs 21.4.0-build-add-odata-actions-8d4944e07924e5cf0a69183c18610e8fd2c41d3b-1 → 21.4.0-build-add-actions-example-f26873fd527dfaaabb15c7bc21476f6b48bfc38a-1

package/src/webresource-handler/actions/beginUpload.ts

@@ -0,0 +1,163 @@
+import { api, type Response } from '../../sbvr-api/sbvr-utils.js';
+import type { MultipartUploadHandler } from '../multipartUpload.js';
+import { getMultipartUploadHandler } from '../multipartUpload.js';
+import type { BeginMultipartUploadPayload } from '../index.js';
+import { getWebResourceFields } from '../index.js';
+import { BadRequestError, NotImplementedError } from '../../sbvr-api/errors.js';
+import { permissions, sbvrUtils } from '../../server-glue/module.js';
+import { randomUUID } from 'crypto';
+import type { WebResourceType as WebResource } from '@balena/sbvr-types';
+import type {
+	ODataActionArgs,
+	ODataActionRequest,
+} from '../../sbvr-api/actions.js';
+import { ajv } from '../../tasks/common.js';
+import type { FromSchema } from 'json-schema-to-ts';
+
+type FakeWebResourcePatch = {
+	[key: string]: Omit<WebResource, 'href'> & {
+		href: 'fake_patch';
+	};
+};
+
+const beginUploadPayloadSchema = {
+	type: 'object',
+	minProperties: 1,
+	maxProperties: 1,
+	additionalProperties: {
+		type: 'object',
+		properties: {
+			filename: { type: 'string' },
+			content_type: { type: 'string' },
+			size: { type: 'number' },
+			chunk_size: { type: 'number' },
+		},
+		required: ['filename', 'content_type', 'size'],
+		additionalProperties: false,
+	},
+} as const;
+
+const validateBeginUpload = ajv.compile<
+	FromSchema<typeof beginUploadPayloadSchema>
+>(beginUploadPayloadSchema);
+
+export const beginUploadAction = async ({
+	request,
+	tx,
+	id,
+	req,
+}: ODataActionArgs): Promise<Response> => {
+	if (typeof id !== 'number') {
+		throw new NotImplementedError(
+			'multipart upload do not yet support non-numeric ids',
+		);
+	}
+
+	const handler = getMultipartUploadHandler();
+	const { fieldName, beginUploadPayload } = parseBeginUpload(request, handler);
+
+	await runFakeDbPatch(request, {
+		[fieldName]: { ...beginUploadPayload, href: 'fake_patch' },
+	});
+
+	const { fileKey, uploadId, uploadParts } =
+		await handler.multipartUpload.begin(fieldName, beginUploadPayload);
+	const uuid = randomUUID();
+	await api.webresource.post({
+		resource: 'multipart_upload',
+		body: {
+			uuid,
+			resource_name: request.resourceName,
+			field_name: fieldName,
+			resource_id: id,
+			upload_id: uploadId,
+			file_key: fileKey,
+			status: 'pending',
+			...beginUploadPayload,
+			expiry_date: Date.now() + 7 * 24 * 60 * 60 * 1000, // 7 days in ms
+			is_created_by__actor: req.user?.actor,
+		},
+		passthrough: {
+			req: permissions.root,
+			tx,
+		},
+	});
+
+	return {
+		body: { [fieldName]: { uuid, uploadParts } },
+		statusCode: 200,
+	};
+};
+
+const parseBeginUpload = (
+	request: ODataActionRequest,
+	webResourceHandler: MultipartUploadHandler,
+) => {
+	const { values } = request;
+	const isValid = validateBeginUpload(values);
+	if (!isValid) {
+		throw new BadRequestError('Invalid begin upload payload');
+	}
+
+	const fieldName = Object.keys(values)[0];
+
+	const webResourceFields = getWebResourceFields(request, false);
+	if (!webResourceFields.includes(fieldName)) {
+		throw new BadRequestError(
+			`The provided field '${fieldName}' is not a valid webresource`,
+		);
+	}
+	const beginUploadPayload = {
+		...values[fieldName],
+		chunk_size:
+			values[fieldName].chunk_size ??
+			webResourceHandler.multipartUpload.getMinimumPartSize(),
+	} satisfies BeginMultipartUploadPayload;
+
+	if (
+		beginUploadPayload.chunk_size <
+		webResourceHandler.multipartUpload.getMinimumPartSize()
+	) {
+		throw new BadRequestError('Chunk size is too small');
+	}
+
+	return {
+		beginUploadPayload,
+		fieldName,
+	};
+};
+
+// We want beginUpload to fail if the initial payload would already break any constraint/hooks/rule
+// this serves as both an optimization and a better client experience as it avoids succeding a beginUpload
+// (which could allow for potentially very large PartUploads) only for it to fail on commitUpload
+// The current approach to try to achieve this behavior creates this fake database patch:
+// It first tries to patch the file metadata (on a separate tx) to something similar to what it would look like
+// and if it breaks any constraint, then it throws and fail to even start the upload
+// Note that because the href is only generated at commitUpload time, we need to fake it for the time being
+// This could potentially be a problem if an application code has a constraint on the href property
+// However, because this is a internal (pine managed) property we assumed that application code won't do so
+const runFakeDbPatch = async (
+	request: ODataActionRequest,
+	fakeDbPatch: FakeWebResourcePatch,
+) => {
+	const fakeTx = await sbvrUtils.db.transaction();
+	try {
+		const newUrl = request.url
+			.slice(1)
+			.split('?', 1)[0]
+			.replace(/\/beginUpload$/, '');
+
+		await api[request.vocabulary].request({
+			method: 'PATCH',
+			url: newUrl,
+			body: fakeDbPatch,
+			// it needs root as otherwise it would always fail as non-root users
+			// are not allowed to directly patch webresource metadata, onnly upload files
+			passthrough: { tx: fakeTx, req: permissions.root },
+		});
+	} finally {
+		if (!fakeTx.isClosed()) {
+			await fakeTx.rollback();
+		}
+	}
+};

package/src/webresource-handler/actions/canceUpload.ts

@@ -0,0 +1,92 @@
+import type {
+	ODataActionArgs,
+	ODataActionRequest,
+} from '../../sbvr-api/actions.js';
+import type { Tx } from '../../database-layer/db.js';
+import {
+	BadRequestError,
+	NotImplementedError,
+	UnauthorizedError,
+} from '../../sbvr-api/errors.js';
+import { api, type Response } from '../../sbvr-api/sbvr-utils.js';
+import { permissions } from '../../server-glue/module.js';
+import { getMultipartUploadHandler } from '../multipartUpload.js';
+
+export const cancelUploadAction = async ({
+	request,
+	tx,
+	id: resourceId,
+}: ODataActionArgs): Promise<Response> => {
+	if (typeof resourceId !== 'number') {
+		throw new NotImplementedError(
+			'multipart upload do not yet support non-numeric ids',
+		);
+	}
+	const { id, fileKey, uploadId } = await getOngoingUpload(
+		request,
+		resourceId,
+		tx,
+	);
+	const handler = getMultipartUploadHandler();
+
+	await api.webresource.patch({
+		resource: 'multipart_upload',
+		body: {
+			status: 'cancelled',
+		},
+		id,
+		passthrough: {
+			tx: tx,
+			req: permissions.root,
+		},
+	});
+
+	// Note that different then beginUpload/commitUpload where we first do the action on the external service
+	// and then reflect it on the DB, for cancel upload it is the other way around
+	// as the worst case scenario is having a canceled upload which is marked on the DB as something else
+	await handler.multipartUpload.cancel({ fileKey, uploadId });
+
+	return {
+		statusCode: 204,
+	};
+};
+
+const getOngoingUpload = async (
+	request: ODataActionRequest,
+	affectedId: number,
+	tx: Tx,
+) => {
+	const { uuid } = request.values;
+	if (uuid == null || typeof uuid !== 'string') {
+		throw new BadRequestError('Invalid uuid type');
+	}
+
+	const [multipartUpload] = await api.webresource.get({
+		resource: 'multipart_upload',
+		options: {
+			$select: ['id', 'file_key', 'upload_id'],
+			$filter: {
+				// TODO: swap this into the ID to see if it works
+				uuid,
+				status: 'pending',
+				expiry_date: { $gt: { $now: {} } },
+				resource_name: request.resourceName,
+				resource_id: affectedId,
+			},
+		},
+		passthrough: {
+			tx,
+			req: permissions.rootRead,
+		},
+	});
+
+	if (multipartUpload == null) {
+		throw new UnauthorizedError();
+	}
+
+	return {
+		id: multipartUpload.id,
+		fileKey: multipartUpload.file_key,
+		uploadId: multipartUpload.upload_id,
+	};
+};

package/src/webresource-handler/actions/commitUpload.ts

@@ -0,0 +1,117 @@
+import type { Tx } from '../../database-layer/db.js';
+import type {
+	ODataActionArgs,
+	ODataActionRequest,
+} from '../../sbvr-api/actions.js';
+import {
+	BadRequestError,
+	NotImplementedError,
+	UnauthorizedError,
+} from '../../sbvr-api/errors.js';
+import type { Response } from '../../sbvr-api/sbvr-utils.js';
+import { api } from '../../sbvr-api/sbvr-utils.js';
+import { permissions } from '../../server-glue/module.js';
+import { getMultipartUploadHandler } from '../multipartUpload.js';
+
+export const commitUploadAction = async ({
+	request,
+	tx,
+	id,
+	api: applicationApi,
+}: ODataActionArgs): Promise<Response> => {
+	if (typeof id !== 'number') {
+		throw new NotImplementedError(
+			'multipart upload do not yet support non-numeric ids',
+		);
+	}
+
+	const multipartUpload = await getOngoingUpload(request, id, tx);
+	const handler = getMultipartUploadHandler();
+
+	const webresource = await handler.multipartUpload.commit({
+		fileKey: multipartUpload.fileKey,
+		uploadId: multipartUpload.uploadId,
+		filename: multipartUpload.filename,
+		providerCommitData: multipartUpload.providerCommitData,
+	});
+
+	await Promise.all([
+		api.webresource.patch({
+			resource: 'multipart_upload',
+			body: {
+				status: 'completed',
+			},
+			options: {
+				$filter: {
+					uuid: multipartUpload.uuid,
+				},
+			},
+			passthrough: {
+				tx: tx,
+				req: permissions.root,
+			},
+		}),
+		applicationApi.patch({
+			resource: request.resourceName,
+			id,
+			body: {
+				[multipartUpload.fieldName]: webresource,
+			},
+			passthrough: {
+				tx: tx,
+				// Root is needed as, if you are not root, you are not allowed to directly modify the actual metadata
+				req: permissions.root,
+			},
+		}),
+	]);
+
+	const body = await handler.onPreRespond(webresource);
+
+	return {
+		body,
+		statusCode: 200,
+	};
+};
+
+const getOngoingUpload = async (
+	request: ODataActionRequest,
+	affectedId: number,
+	tx: Tx,
+) => {
+	const { uuid, providerCommitData } = request.values;
+	if (uuid == null || typeof uuid !== 'string') {
+		throw new BadRequestError('Invalid uuid type');
+	}
+
+	const [multipartUpload] = await api.webresource.get({
+		resource: 'multipart_upload',
+		options: {
+			$select: ['id', 'file_key', 'upload_id', 'field_name', 'filename'],
+			$filter: {
+				// TODO: swap this into the ID to see if it works
+				uuid,
+				status: 'pending',
+				expiry_date: { $gt: { $now: {} } },
+				resource_name: request.resourceName,
+				resource_id: affectedId,
+			},
+		},
+		passthrough: {
+			tx,
+			req: permissions.rootRead,
+		},
+	});
+
+	if (multipartUpload == null) {
+		throw new UnauthorizedError();
+	}
+
+	return {
+		uuid,
+		providerCommitData,
+		fileKey: multipartUpload.file_key,
+		uploadId: multipartUpload.upload_id,
+		filename: multipartUpload.filename,
+		fieldName: multipartUpload.field_name,
+	};
+};

package/src/webresource-handler/delete-file-task.ts

@@ -0,0 +1,42 @@
+import { addTaskHandler } from '../tasks/index.js';
+import { getWebresourceHandler } from './index.js';
+
+const deleteFileSchema = {
+	type: 'object',
+	properties: {
+		fileKey: {
+			type: 'string',
+		},
+	},
+	required: ['fileKey'],
+	additionalProperties: false,
+} as const;
+
+export const addDeleteFileTaskHandler = () => {
+	addTaskHandler(
+		'delete_webresource_file',
+		async (task) => {
+			const handler = getWebresourceHandler();
+			if (!handler) {
+				return {
+					error: 'Webresource handler not available',
+					status: 'failed',
+				};
+			}
+
+			try {
+				await handler.removeFile(task.params.fileKey);
+				return {
+					status: 'succeeded',
+				};
+			} catch (error) {
+				console.error('Error deleting file:', error);
+				return {
+					error: `${error}`,
+					status: 'failed',
+				};
+			}
+		},
+		deleteFileSchema,
+	);
+};