@tstdl/base 0.92.135 → 0.92.136
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/document-management/api/document-management.api.d.ts +6 -0
- package/document-management/api/document-management.api.js +4 -1
- package/document-management/server/api/document-management.api.js +1 -1
- package/document-management/server/module.d.ts +1 -0
- package/document-management/server/module.js +1 -0
- package/document-management/server/services/document-file.service.d.ts +2 -1
- package/document-management/server/services/document-file.service.js +10 -2
- package/object-storage/object-storage.d.ts +2 -0
- package/package.json +1 -1
|
@@ -74,6 +74,9 @@ export declare const documentManagementApiDefinition: {
|
|
|
74
74
|
initiateDocumentUpload: {
|
|
75
75
|
resource: string;
|
|
76
76
|
method: "POST";
|
|
77
|
+
parameters: import("../../schema/index.js").ObjectSchema<{
|
|
78
|
+
contentLength: number;
|
|
79
|
+
}>;
|
|
77
80
|
result: import("../../schema/index.js").ObjectSchema<{
|
|
78
81
|
uploadId: string;
|
|
79
82
|
uploadUrl: string;
|
|
@@ -381,6 +384,9 @@ declare const _DocumentManagementApi: import("../../api/client/index.js").ApiCli
|
|
|
381
384
|
initiateDocumentUpload: {
|
|
382
385
|
resource: string;
|
|
383
386
|
method: "POST";
|
|
387
|
+
parameters: import("../../schema/index.js").ObjectSchema<{
|
|
388
|
+
contentLength: number;
|
|
389
|
+
}>;
|
|
384
390
|
result: import("../../schema/index.js").ObjectSchema<{
|
|
385
391
|
uploadId: string;
|
|
386
392
|
uploadUrl: string;
|
|
@@ -7,7 +7,7 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
7
7
|
import { compileClient } from '../../api/client/index.js';
|
|
8
8
|
import { defineApi } from '../../api/index.js';
|
|
9
9
|
import { ReplaceClass } from '../../injector/decorators.js';
|
|
10
|
-
import { array, boolean, literal, object, optional, string } from '../../schema/index.js';
|
|
10
|
+
import { array, boolean, literal, number, object, optional, string } from '../../schema/index.js';
|
|
11
11
|
import { Document, DocumentCategory, DocumentRequest, DocumentRequestsTemplate, DocumentRequestTemplate, DocumentType } from '../models/index.js';
|
|
12
12
|
import { addOrArchiveDocumentToOrFromCollectionParametersSchema, applyDocumentRequestsTemplateParametersSchema, createDocumentCategoryParametersSchema, createDocumentParametersSchema, createDocumentRequestParametersSchema, createDocumentRequestsTemplateParametersSchema, createDocumentRequestTemplateParametersSchema, createDocumentTypeParametersSchema, deleteDocumentRequestParametersSchema, deleteDocumentRequestsTemplateParametersSchema, deleteDocumentRequestTemplateParametersSchema, DocumentCategoryView, DocumentManagementData, DocumentRequestsTemplateData, loadDataParametersSchema, updateDocumentParametersSchema, updateDocumentRequestParametersSchema, updateDocumentRequestsTemplateParametersSchema, updateDocumentRequestTemplateParametersSchema } from '../service-models/index.js';
|
|
13
13
|
export const documentManagementApiDefinition = defineApi({
|
|
@@ -69,6 +69,9 @@ export const documentManagementApiDefinition = defineApi({
|
|
|
69
69
|
initiateDocumentUpload: {
|
|
70
70
|
resource: 'document-uploads',
|
|
71
71
|
method: 'POST',
|
|
72
|
+
parameters: object({
|
|
73
|
+
contentLength: number(),
|
|
74
|
+
}),
|
|
72
75
|
result: object({
|
|
73
76
|
uploadId: string(),
|
|
74
77
|
uploadUrl: string(),
|
|
@@ -95,7 +95,7 @@ let DocumentManagementApiController = DocumentManagementApiController_1 = class
|
|
|
95
95
|
async initiateDocumentUpload(context) {
|
|
96
96
|
const token = await context.getToken();
|
|
97
97
|
const subject = await this.#ancillaryService.getSubject(token);
|
|
98
|
-
return await this.#documentFileService.initiateUpload({ key: subject });
|
|
98
|
+
return await this.#documentFileService.initiateUpload({ key: subject, contentLength: context.parameters.contentLength });
|
|
99
99
|
}
|
|
100
100
|
async createDocument(context) {
|
|
101
101
|
const token = await context.getToken();
|
|
@@ -8,6 +8,7 @@ export declare class DocumentManagementConfig {
|
|
|
8
8
|
fileUploadObjectStorageModule: string;
|
|
9
9
|
filePreviewObjectStorageModule: string;
|
|
10
10
|
database?: DatabaseConfig;
|
|
11
|
+
maxFileSize?: number;
|
|
11
12
|
}
|
|
12
13
|
export declare function configureDocumentManagement(config: DocumentManagementConfig): void;
|
|
13
14
|
export declare function migrateDocumentManagementSchema(): Promise<void>;
|
|
@@ -10,8 +10,9 @@ export declare class DocumentFileService extends Transactional {
|
|
|
10
10
|
* The key could be the user id from the request token. This ensures that the file can only be created by the user who initiated the upload.
|
|
11
11
|
* @returns upload information
|
|
12
12
|
*/
|
|
13
|
-
initiateUpload({ key }: {
|
|
13
|
+
initiateUpload({ key, contentLength }: {
|
|
14
14
|
key: string;
|
|
15
|
+
contentLength: number;
|
|
15
16
|
}): Promise<{
|
|
16
17
|
uploadId: string;
|
|
17
18
|
uploadUrl: string;
|
|
@@ -100,9 +100,12 @@ let DocumentFileService = DocumentFileService_1 = class DocumentFileService exte
|
|
|
100
100
|
* The key could be the user id from the request token. This ensures that the file can only be created by the user who initiated the upload.
|
|
101
101
|
* @returns upload information
|
|
102
102
|
*/
|
|
103
|
-
async initiateUpload({ key }) {
|
|
103
|
+
async initiateUpload({ key, contentLength }) {
|
|
104
|
+
if (contentLength > (this.#config.maxFileSize ?? Number.POSITIVE_INFINITY)) {
|
|
105
|
+
throw new ForbiddenError(`Content length exceeds the maximum limit of ${this.#config.maxFileSize} bytes.`);
|
|
106
|
+
}
|
|
104
107
|
const id = getRandomString(64, Alphabet.LowerUpperCaseNumbers);
|
|
105
|
-
const url = await this.#fileUploadObjectStorage.getUploadUrl(id, currentTimestamp() + (5 * millisecondsPerMinute), { metadata: { 'upload-key': key } });
|
|
108
|
+
const url = await this.#fileUploadObjectStorage.getUploadUrl(id, currentTimestamp() + (5 * millisecondsPerMinute), { contentLength, metadata: { 'upload-key': key } });
|
|
106
109
|
return { uploadId: id, uploadUrl: url };
|
|
107
110
|
}
|
|
108
111
|
async create(content, originalFileName) {
|
|
@@ -110,9 +113,14 @@ let DocumentFileService = DocumentFileService_1 = class DocumentFileService exte
|
|
|
110
113
|
if (isUpload) {
|
|
111
114
|
const object = await this.#fileUploadObjectStorage.getObject(content.uploadId);
|
|
112
115
|
const objectMetadata = await object.getMetadata();
|
|
116
|
+
const objectContentLength = await object.getContentLength();
|
|
113
117
|
if (content.uploadKey != objectMetadata['upload-key']) {
|
|
114
118
|
throw new ForbiddenError(`Invalid upload key`);
|
|
115
119
|
}
|
|
120
|
+
if (objectContentLength > (this.#config.maxFileSize ?? Number.POSITIVE_INFINITY)) {
|
|
121
|
+
await this.#fileUploadObjectStorage.deleteObject(object.key);
|
|
122
|
+
throw new ForbiddenError(`Content length exceeds the maximum limit of ${this.#config.maxFileSize} bytes.`);
|
|
123
|
+
}
|
|
116
124
|
}
|
|
117
125
|
const contentAsUint8Array = isUpload
|
|
118
126
|
? await this.#fileUploadObjectStorage.getContent(content.uploadId)
|