@opengis/cms 0.0.10 → 0.0.12

package/server/routes/site/controllers/metadataMedia.js

@@ -0,0 +1,37 @@
+import path from 'node:path';
+import { existsSync } from 'node:fs';
+
+import { config, getFolder, pgClients } from "@opengis/fastify-table/utils.js";
+
+const rootDir = getFolder(config, 'local');
+
+export default async function metadataMedia({
+    routeOptions = {}, pg = pgClients.client, params = {},
+}, reply) {
+    if (!params?.id) {
+        return reply.status(400).send('not enough params: id');
+    }
+
+    if (!pg.pk?.['site.media']) {
+        return reply.status(404).send('table not found');
+    }
+
+    const data = await pg.query(
+        'select * from site.media where media_id = $1 and url is not null',
+        [params.id],
+    ).then(el => el.rows?.[0]);
+
+    if (!data) {
+        return reply.status(404).send('media not found: ' + params.id);
+    }
+
+    const filepath = path.join(rootDir, data.url);
+
+    Object.assign(data, {
+        url: `${routeOptions.url.replace(':id', params.id)}/file`,
+        filepath: data.url,
+        exists: existsSync(filepath),
+    });
+
+    return reply.status(200).send(data);
+}

package/server/routes/site/controllers/setPermissions.js

@@ -0,0 +1,50 @@
+import { logger, pgClients, dataInsert } from '@opengis/fastify-table/utils.js';
+
+export default async function setPermissions(req, reply) {
+    const { pg = pgClients.client, params = {}, user = {}, body = {} } = req;
+
+    if (!user?.uid) {
+        return reply.status(401).send('unauthorized');
+    }
+
+    if (!params.id) {
+        return reply.status(400).send('not enough params: id');
+    }
+
+    const client = await pg.connect()
+    const result = {};
+    try {
+        await client.query('BEGIN');
+
+        const { rowCount = 0 } = await client.query(
+            `delete from site.permissions where user_id=$1`,
+            [params.id].filter(Boolean),
+        );
+
+        Object.assign(result, { deleted: rowCount });
+
+        if (Array.isArray(body.permissions) && body.permissions?.length) {
+            body.permissions.forEach((el) => {
+                Object.assign(el, { user_id: el.user_id || params.id });
+            });
+
+            await Promise.all(body.permissions.map(async (el) => dataInsert({
+                pg: client,
+                table: 'site.permissions',
+                data: el,
+                uid: user.uid,
+            })));
+
+            Object.assign(result, { inserted: body.permissions.length });
+        }
+
+        await client.query('COMMIT');
+        return reply.status(200).send(result);
+    } catch (err) {
+        await client.query('ROLLBACK');
+        logger.file('cms/permissions', { error: err.toString(), stack: err.stack });
+        return reply.status(500).send('set permissions error');
+    } finally {
+        client.release();
+    }
+}

package/server/routes/site/controllers/uploadMedia.js

@@ -0,0 +1,66 @@
+import path from 'node:path';
+import { mkdir, rename } from 'node:fs/promises';
+
+import { config, getFolder, dataInsert, pgClients } from "@opengis/fastify-table/utils.js";
+
+import { getMimeType, getFileType, uploadMultiPart } from '@opengis/fastify-file/utils.js';
+import { existsSync } from 'node:fs';
+
+const rootDir = getFolder(config, 'local');
+
+export default async function uploadMedia(req, reply) {
+    const { pg = pgClients.client, user = {}, body = {}, query = {} } = req;
+
+    if (!pg.pk?.['site.media']) {
+        return reply.status(404).send('table not found');
+    }
+
+    if (query.subdir && (typeof query.subdir !== 'string' || query.subdir.includes('..'))) {
+        return reply.status(403).send('invalid query params: subdir');
+    }
+
+    // upload assets
+    if (req.headers['content-type']?.split?.(';')?.shift?.() === 'multipart/form-data') {
+        const file = await uploadMultiPart(req);
+        const filename = `${file.newFilename}${path.extname(file.filepath)}`;
+        const mime = getMimeType(file.filepath);
+        const filetype = getFileType(file.filepath);
+
+        const newfilepath = path.join(rootDir, 'media', query.subdir || '', filename);
+        await mkdir(path.dirname(newfilepath), { recursive: true });
+        await rename(file.filepath, newfilepath);
+
+        const relpath = path.join('/media', query.subdir || '', filename).replace(/\\/g, '/');
+        const id = await dataInsert({
+            pg,
+            table: 'site.media',
+            data: {
+                filename: file.originalFilename,
+                filetype,
+                url: relpath,
+                mime,
+                filesize: file.size,
+            },
+            uid: user?.uid || 0,
+        }).then(el => el?.rows?.[0]?.media_id);
+
+        return reply.status(200).send({
+            relpath: path.join('/media', query.subdir || '').replace(/\\/g, '/'),
+            id,
+            filename,
+            filetype,
+            type: 'file',
+        });
+    }
+
+    // create directory
+    const relpath = path.join('/media', query.subdir).replace(/\\/g, '/');
+    const dirpath = path.join(rootDir, relpath);
+    await mkdir(dirpath, { recursive: true });
+
+    return reply.status(200).send({
+        relpath,
+        dirname: path.basename(query.subdir),
+        type: 'dir',
+    });
+}

package/server/routes/site/index.mjs

@@ -0,0 +1,34 @@
+// perimissions
+import getPermissions from './controllers/getPermissions.js';
+import setPermissions from './controllers/setPermissions.js';
+
+// media
+import listMedia from './controllers/listMedia.js';
+import metadata from './controllers/metadataMedia.js';
+import uploadMedia from './controllers/uploadMedia.js';
+import del from './controllers/deleteMedia.js';
+import download from './controllers/downloadMedia.js';
+
+const schemaObj = {
+    type: 'object',
+    properties: {
+        params: {
+            type: 'string',
+            enum: ['preview', 'download'],
+        }
+    }
+};
+
+const params = { config: { policy: ['site', 'user'] } };
+
+export default async function route(app) {
+    app.post('/site-permissions/:id', params, setPermissions);
+    app.get('/site-permissions/:id?', params, getPermissions);
+
+    app.post('/site-media/upload', params, uploadMedia);
+    app.get('/site-media', params, listMedia);
+    app.get('/site-media/:id/file', { ...params, schema: schemaObj }, download);
+    app.get('/site-media/:id', params, metadata);
+    app.delete('/site-media/:id', params, del);
+    app.get('/site-media/:id/delete', params, del); // debug
+}

package/server/migrations/media.sql

@@ -1,30 +0,0 @@
-create schema if not exists crm;
-create table if not exists crm.media();
-
-CREATE TABLE IF NOT EXISTS crm.media();
-ALTER TABLE crm.media DROP CONSTRAINT IF EXISTS crm_media_id_pkey;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS media_id text NOT NULL DEFAULT next_id();
-
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS uploaded_name text;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS file_path text;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS caption text;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS altname text;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS size numeric;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS ext text;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS tags text[];
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS uid text;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS files json;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS cdate timestamp without time zone DEFAULT (now())::timestamp without time zone;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS editor_id text;
-ALTER TABLE crm.media ADD COLUMN IF NOT EXISTS editor_date timestamp without time zone;
-ALTER TABLE crm.media ADD CONSTRAINT crm_media_id_pkey PRIMARY KEY (media_id);
-
-comment on table crm.media is 'Медіа файли';
-
-comment on column crm.media.uploaded_name is 'Назва файлу';
-comment on column crm.media.file_path is 'Відносний шлях до файлу';
-comment on column crm.media.caption is 'Заголовок';
-comment on column crm.media.altname is 'Альтернативна назва';
-comment on column crm.media.size is 'Розмір файлу';
-comment on column crm.media.ext is 'Розширення файлу';
-comment on column crm.media.tags is 'Теги файлу';