lfss 0.2.1__tar.gz → 0.2.4__tar.gz

{lfss-0.2.1 → lfss-0.2.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: lfss
-Version: 0.2.1
+Version: 0.2.4
 Summary: Lightweight file storage service
 Home-page: https://github.com/MenxLi/lfss
 Author: li, mengxun

lfss-0.2.4/docs/Known_issues.md

@@ -0,0 +1 @@
+[Safari 中文输入法回车捕获](https://github.com/anse-app/anse/issues/127)

{lfss-0.2.1 → lfss-0.2.4}/frontend/api.js

@@ -165,7 +165,10 @@ export default class Connector {
      */
     async setFilePermission(path, permission){
         if (path.startsWith('/')){ path = path.slice(1); }
-        const res = await fetch(this.config.endpoint + '/_api/fmeta?path=' + path + '&perm=' + permission, {
+        const dst = new URL(this.config.endpoint + '/_api/fmeta');
+        dst.searchParams.append('path', path);
+        dst.searchParams.append('perm', permission);
+        const res = await fetch(dst.toString(), {
             method: 'POST',
             headers: {
                 'Authorization': 'Bearer ' + this.config.token
@@ -175,4 +178,27 @@ export default class Connector {
             throw new Error(`Failed to set permission, status code: ${res.status}, message: ${await res.json()}`);
         }
     }
+
+    /**
+     * @param {string} path - file path(url)
+     * @param {string} newPath - new file path(url)
+     */
+    async moveFile(path, newPath){
+        if (path.startsWith('/')){ path = path.slice(1); }
+        if (newPath.startsWith('/')){ newPath = newPath.slice(1); }
+        const dst = new URL(this.config.endpoint + '/_api/fmeta');
+        dst.searchParams.append('path', path);
+        dst.searchParams.append('new_path', newPath);
+        const res = await fetch(dst.toString(), {
+            method: 'POST',
+            headers: {
+                'Authorization': 'Bearer ' + this.config.token, 
+                'Content-Type': 'application/www-form-urlencoded'
+            },
+        });
+        if (res.status != 200){
+            throw new Error(`Failed to move file, status code: ${res.status}, message: ${await res.json()}`);
+        }
+    }
+
 }

{lfss-0.2.1 → lfss-0.2.4}/frontend/index.html

@@ -13,7 +13,7 @@
             <label for="endpoint">Endpoint</label>
             <input type="text" id="endpoint" placeholder="http://localhost:8000" autocomplete="off">
         </div>
-        <div class="input-group" style="min-width: 800px;">
+        <div class="input-group" style="min-width: 300px;">
             <label for="token">Token</label>
             <input type="text" id="token" placeholder="" autocomplete="off">
         </div>

lfss-0.2.4/frontend/popup.css

@@ -0,0 +1,53 @@
+
+div.floating-window.blocker{
+    position: fixed;
+    top: 0;
+    left: 0;
+    width: 100%;
+    height: 100%;
+    background-color: rgba(0,0,0,0.25);
+    z-index: 100;
+}
+
+div.floating-window.window{
+    position: fixed;
+    top: 50%;
+    left: 50%;
+    transform: translate(-50%, -50%);
+    background-color: white;
+    box-shadow: 0 0 10px rgba(0,0,0,0.2);
+    border-radius: 0.5rem;
+    z-index: 101;
+    max-width: 80%;
+    max-height: 80%;
+    overflow: auto;
+    text-align: center;
+
+    display: flex;
+    flex-direction: column;
+    justify-content: center;
+    align-items: center;
+}
+
+div.popup-window{
+    position: fixed;
+    top: 0.5rem;
+    right: 1rem;
+    border-radius: 0.5rem;
+    box-shadow: 0 5px 10px rgba(0,0,0,0.2);
+    color: white;
+    display: block;
+    text-align: left;
+    animation: popup-appear 0.5s ease;
+}
+
+@keyframes popup-appear{
+    from{
+        opacity: 0;
+        transform: translateX(1rem);
+    }
+    to{
+        opacity: 1;
+        transform: translateX(0);
+    }
+}

lfss-0.2.4/frontend/popup.js

@@ -0,0 +1,130 @@
+
+
+export function createFloatingWindow(innerHTML = '',  {
+    onClose = () => {},
+    width = "auto",
+    height = "auto",
+    padding = "20px",
+} = {}){
+    const blocker = document.createElement("div");
+    blocker.classList.add("floating-window", "blocker");
+
+    const floatingWindow = document.createElement("div");
+    floatingWindow.classList.add("floating-window", "window");
+    floatingWindow.id = "floatingWindow";
+    floatingWindow.innerHTML = innerHTML;
+    floatingWindow.style.width = width;
+    floatingWindow.style.height = height;
+    floatingWindow.style.padding = padding;
+
+    const container = document.createElement("div");
+    container.classList.add("floating-window", "container");
+
+    document.body.appendChild(blocker);
+    document.body.appendChild(floatingWindow);
+
+    function closeWindow(){
+        onClose();
+        if (blocker.parentNode) document.body.removeChild(blocker);
+        if (floatingWindow.parentNode) document.body.removeChild(floatingWindow);
+        window.removeEventListener("keydown", excapeEvListener);
+    }
+    blocker.onclick = closeWindow;
+
+    const excapeEvListener = (event) => {
+        event.stopPropagation();
+        if (event.key === "Escape") closeWindow();
+    }
+    window.addEventListener("keydown", excapeEvListener);
+
+    return [floatingWindow, closeWindow];
+}
+
+/* select can be "last-filename" */
+export function showFloatingWindowLineInput(onSubmit = (v) => {}, {
+    text = "",
+    placeholder = "Enter text",
+    value = "",
+    select = ""
+} = {}){
+    const [floatingWindow, closeWindow] = createFloatingWindow(`
+        <div style="margin-bottom: 0.5rem;width: 100%;text-align: left;">${text}</div>
+        <div style="display: flex; flex-direction: row; gap: 0.25rem;">
+            <input type="text" placeholder="${placeholder}" id="floatingWindowInput" value="${value}" style="min-width: 300px;"/>
+            <button id="floatingWindowSubmit">OK</button>
+        </div>
+    `);
+
+    /** @type {HTMLInputElement} */
+    const input = document.getElementById("floatingWindowInput");
+    const submit = document.getElementById("floatingWindowSubmit");
+
+    input.focus();
+    input.addEventListener("keydown", event => {
+        if(event.key === "Enter" && input.value && event.isComposing === false){
+            submit.click();
+        }
+    });
+
+    submit.onclick = () => {
+        onSubmit(input.value);
+        closeWindow();
+    };
+
+    if (select === "last-filename") {
+        const inputVal = input.value;
+        let lastSlash = inputVal.lastIndexOf("/");
+        if (lastSlash === -1) {
+            lastSlash = 0;
+        }
+        const fname = inputVal.slice(lastSlash + 1);
+        let lastDot = fname.lastIndexOf(".");
+        if (lastDot === -1) {
+            lastDot = fname.length;
+        }
+        input.setSelectionRange(lastSlash + 1, lastSlash + lastDot + 1);
+    }
+
+    return [floatingWindow, closeWindow];
+}
+
+const shownPopups = [];
+export function showPopup(content = '',  {
+    level = "info",
+    width = "auto",
+    timeout = 3000, 
+    showTime = true
+} = {}){
+    const popup = document.createElement("div");
+    popup.classList.add("popup-window");
+    popup.innerHTML = showTime? `<span>[${new Date().toLocaleTimeString()}]</span> ${content}` : content;
+    popup.style.width = width;
+    const popupHeight = '1rem';
+    popup.style.height = popupHeight;
+    popup.style.maxHeight = popupHeight;
+    popup.style.minHeight = popupHeight;
+    const paddingHeight = '1rem';
+    popup.style.padding = paddingHeight;
+
+    // traverse shownPopups and update the top position of each popup
+    if (shownPopups.length > 0) {
+        for (let i = 0; i < shownPopups.length; i++) {
+            shownPopups[i].style.top = `${i * (parseInt(popupHeight) + 2*parseInt(paddingHeight))*1.2 + 0.5}rem`;
+        }
+    }
+    popup.style.top = `${shownPopups.length * (parseInt(popupHeight) + 2*parseInt(paddingHeight))*1.2 + 0.5}rem`;
+
+    if (level === "error") popup.style.backgroundColor = "darkred";
+    if (level === "warning") popup.style.backgroundColor = "darkorange";
+    if (level === "info") popup.style.backgroundColor = "darkblue";
+    if (level === "success") popup.style.backgroundColor = "darkgreen";
+    document.body.appendChild(popup);
+    shownPopups.push(popup);
+    window.setTimeout(() => {
+        if (popup.parentNode) document.body.removeChild(popup);
+        shownPopups.splice(shownPopups.indexOf(popup), 1);
+        for (let i = 0; i < shownPopups.length; i++) {
+            shownPopups[i].style.top = `${i * (parseInt(popupHeight) + 2*parseInt(paddingHeight))*1.2 + 0.5}rem`;
+        }
+    }, timeout);
+}

{lfss-0.2.1 → lfss-0.2.4}/frontend/scripts.js

@@ -1,6 +1,7 @@
 import Connector from './api.js';
 import { permMap } from './api.js';
-import { formatSize, decodePathURI, ensurePathURI, copyToClipboard, getRandomString, cvtGMT2Local, debounce } from './utils.js';
+import { showFloatingWindowLineInput, showPopup } from './popup.js';
+import { formatSize, decodePathURI, ensurePathURI, copyToClipboard, getRandomString, cvtGMT2Local, debounce, encodePathURI } from './utils.js';
 
 const conn = new Connector();
 let userRecord = null;
@@ -133,7 +134,8 @@ uploadButton.addEventListener('click', () => {
 });
 
 uploadFileNameInput.addEventListener('keydown', (e) => {
-    if (e.key === 'Enter'){
+    if (e.key === 'Enter' && !e.isComposing){
+        e.preventDefault();
         uploadButton.click();
     }
 });
@@ -166,7 +168,12 @@ Are you sure you want to proceed?
             let counter = 0;
             async function uploadFile(...args){
                 const [file, path] = args;
-                await conn.put(path, file);
+                try{
+                    await conn.put(path, file);
+                }
+                catch (err){
+                    showPopup('Failed to upload file [' + file.name + ']: ' + err, {level: 'error', timeout: 5000});
+                }
                 counter += 1;
                 console.log("Uploading file: ", counter, "/", files.length);
             }
@@ -259,6 +266,7 @@ function refreshFileList(){
 
                     const deleteButton = document.createElement('a');
                     deleteButton.textContent = 'Delete';
+                    deleteButton.classList.add('delete-btn');
                     deleteButton.href = '#';
                     deleteButton.addEventListener('click', () => {
                         const dirurl = dir.url + (dir.url.endsWith('/') ? '' : '/');
@@ -268,6 +276,8 @@ function refreshFileList(){
                         conn.delete(dirurl)
                             .then(() => {
                                 refreshFileList();
+                            }, (err)=>{
+                                showPopup('Failed to delete path: ' + err, {level: 'error', timeout: 5000});
                             });
                     });
                     actContainer.appendChild(deleteButton);
@@ -330,7 +340,12 @@ function refreshFileList(){
                                     console.warn("Permission string mismatch", permStr, permStrFromMap);
                                 }
                             }
-                            conn.setFilePermission(file.url, perm)
+                            conn.setFilePermission(file.url, perm).then(
+                                () => {},
+                                (err) => {
+                                    showPopup('Failed to set permission: ' + err, {level: 'error', timeout: 5000});
+                                }
+                            );
                         });
                             
                         accessTd.appendChild(select);
@@ -344,10 +359,11 @@ function refreshFileList(){
                     actContainer.classList.add('action-container');
 
                     const copyButton = document.createElement('a');
-                    copyButton.textContent = 'Copy';
-                    copyButton.href = '#';
+                    copyButton.style.cursor = 'pointer';
+                    copyButton.textContent = 'Share';
                     copyButton.addEventListener('click', () => {
                         copyToClipboard(conn.config.endpoint + '/' + file.url);
+                        showPopup('Link copied to clipboard', {level: "success"});
                     });
                     actContainer.appendChild(copyButton);
 
@@ -357,6 +373,32 @@ function refreshFileList(){
                     viewButton.target = '_blank';
                     actContainer.appendChild(viewButton);
 
+                    const moveButton = document.createElement('a');
+                    moveButton.textContent = 'Move';
+                    moveButton.style.cursor = 'pointer';
+                    moveButton.addEventListener('click', () => {
+                        showFloatingWindowLineInput((dstPath) => {
+                            dstPath = encodePathURI(dstPath);
+                            if (dstPath.endsWith('/')){
+                                dstPath = dstPath.slice(0, -1);
+                            }
+                            conn.moveFile(file.url, dstPath)
+                                .then(() => {
+                                    refreshFileList();
+                                }, 
+                                (err) => {
+                                    showPopup('Failed to move file: ' + err, {level: 'error'});
+                                }
+                            );
+                        }, {
+                            text: 'Enter the destination path: ',
+                            placeholder: 'Destination path',
+                            value: decodePathURI(file.url), 
+                            select: "last-filename"
+                        });
+                    });
+                    actContainer.appendChild(moveButton);
+
                     const downloadBtn = document.createElement('a');
                     downloadBtn.textContent = 'Download';
                     downloadBtn.href = conn.config.endpoint + '/' + file.url + '?asfile=true&token=' + conn.config.token;
@@ -364,6 +406,7 @@ function refreshFileList(){
 
                     const deleteButton = document.createElement('a');
                     deleteButton.textContent = 'Delete';
+                    deleteButton.classList.add('delete-btn');
                     deleteButton.href = '#';
                     deleteButton.addEventListener('click', () => {
                         if (!confirm('Are you sure you want to delete ' + file.url + '?')){
@@ -372,6 +415,8 @@ function refreshFileList(){
                         conn.delete(file.url)
                             .then(() => {
                                 refreshFileList();
+                            }, (err) => {
+                                showPopup('Failed to delete file: ' + err, {level: 'error', timeout: 5000});
                             });
                     });
                     actContainer.appendChild(deleteButton);

{lfss-0.2.1 → lfss-0.2.4}/frontend/styles.css

@@ -1,3 +1,4 @@
+@import "./popup.css";
 
 body{
     font-family: Arial, sans-serif;
@@ -13,7 +14,7 @@ input[type=button], button{
     padding: 0.8rem;
     margin: 0;
     border: none;
-    border-radius: 0.2rem;
+    border-radius: 0.25rem;
     cursor: pointer;
 }
 
@@ -22,7 +23,7 @@ input[type=text], input[type=password]
     width: 100%;
     padding: 0.75rem;
     border: 1px solid #ccc;
-    border-radius: 0.2rem;
+    border-radius: 0.25rem;
     height: 1rem;
 }
 
@@ -208,4 +209,12 @@ a{
     background-color: #195f8b;
     transform: scale(1.1);
     color: white;
+}
+
+.delete-btn{
+    color: darkred !important;
+}
+.delete-btn:hover{
+    color: white !important;
+    background-color: #990511c7 !important;
 }

{lfss-0.2.1 → lfss-0.2.4}/lfss/src/database.py

@@ -5,6 +5,7 @@ from abc import ABC, abstractmethod
 import urllib.parse
 import dataclasses, hashlib, uuid
 from contextlib import asynccontextmanager
+from functools import wraps
 from enum import IntEnum
 import zipfile, io
 
@@ -21,6 +22,18 @@ _g_conn: Optional[aiosqlite.Connection] = None
 def hash_credential(username, password):
     return hashlib.sha256((username + password).encode()).hexdigest()
 
+_atomic_lock = Lock()
+def atomic(func):
+    """
+    Ensure non-reentrancy. 
+    Can be skipped if the function only executes a single SQL statement.
+    """
+    @wraps(func)
+    async def wrapper(*args, **kwargs):
+        async with _atomic_lock:
+            return await func(*args, **kwargs)
+    return wrapper
+    
 class DBConnBase(ABC):
     logger = get_logger('database', global_instance=True)
 
@@ -113,6 +126,7 @@ class UserConn(DBConnBase):
         if res is None: return None
         return self.parse_record(res)
     
+    @atomic
     async def create_user(
         self, username: str, password: str, is_admin: bool = False, 
         max_storage: int = 1073741824, permission: FileReadPermission = FileReadPermission.UNSET
@@ -128,6 +142,7 @@ class UserConn(DBConnBase):
             assert cursor.lastrowid is not None
             return cursor.lastrowid
     
+    @atomic
     async def update_user(
         self, username: str, password: Optional[str] = None, is_admin: Optional[bool] = None, 
         max_storage: Optional[int] = None, permission: Optional[FileReadPermission] = None
@@ -149,7 +164,10 @@ class UserConn(DBConnBase):
         if max_storage is None: max_storage = current_record.max_storage
         if permission is None: permission = current_record.permission
         
-        await self.conn.execute("UPDATE user SET credential = ?, is_admin = ?, max_storage = ?, permission = ? WHERE username = ?", (credential, is_admin, max_storage, permission, username))
+        await self.conn.execute(
+            "UPDATE user SET credential = ?, is_admin = ?, max_storage = ?, permission = ? WHERE username = ?", 
+            (credential, is_admin, max_storage, int(permission), username)
+            )
         self.logger.info(f"User {username} updated")
     
     async def all(self):
@@ -355,6 +373,7 @@ class FileConn(DBConnBase):
         assert res is not None
         return res[0] or 0
     
+    @atomic
     async def set_file_record(
         self, url: str, 
         owner_id: Optional[int] = None, 
@@ -362,10 +381,10 @@ class FileConn(DBConnBase):
         file_size: Optional[int] = None, 
         permission: Optional[ FileReadPermission ] = None
         ):
-        self.logger.debug(f"Updating fmeta {url}: user_id={owner_id}, file_id={file_id}")
 
         old = await self.get_file_record(url)
         if old is not None:
+            self.logger.debug(f"Updating fmeta {url}: permission={permission}, owner_id={owner_id}")
             # should delete the old blob if file_id is changed
             assert file_id is None, "Cannot update file id"
             assert file_size is None, "Cannot update file size"
@@ -374,21 +393,37 @@ class FileConn(DBConnBase):
             if permission is None: permission = old.permission
             await self.conn.execute(
                 """
-                UPDATE fmeta SET owner_id = ?, file_id = ?, file_size = ?, permission = ?, 
+                UPDATE fmeta SET owner_id = ?, permission = ?, 
                 access_time = CURRENT_TIMESTAMP WHERE url = ?
-                """, (owner_id, file_id, file_size, permission, url))
+                """, (owner_id, int(permission), url))
             self.logger.info(f"File {url} updated")
         else:
+            self.logger.debug(f"Creating fmeta {url}: permission={permission}, owner_id={owner_id}, file_id={file_id}, file_size={file_size}")
             if permission is None:
                 permission = FileReadPermission.UNSET
             assert owner_id is not None and file_id is not None and file_size is not None, "Missing required fields"
-            await self.conn.execute("INSERT INTO fmeta (url, owner_id, file_id, file_size, permission) VALUES (?, ?, ?, ?, ?)", (url, owner_id, file_id, file_size, permission))
+            await self.conn.execute(
+                "INSERT INTO fmeta (url, owner_id, file_id, file_size, permission) VALUES (?, ?, ?, ?, ?)", 
+                (url, owner_id, file_id, file_size, int(permission))
+                )
             await self.user_size_inc(owner_id, file_size)
             self.logger.info(f"File {url} created")
     
+    @atomic
+    async def move_file(self, old_url: str, new_url: str):
+        old = await self.get_file_record(old_url)
+        if old is None:
+            raise FileNotFoundError(f"File {old_url} not found")
+        new_exists = await self.get_file_record(new_url)
+        if new_exists is not None:
+            raise FileExistsError(f"File {new_url} already exists")
+        async with self.conn.execute("UPDATE fmeta SET url = ? WHERE url = ?", (new_url, old_url)):
+            self.logger.info(f"Moved file {old_url} to {new_url}")
+    
     async def log_access(self, url: str):
         await self.conn.execute("UPDATE fmeta SET access_time = CURRENT_TIMESTAMP WHERE url = ?", (url, ))
     
+    @atomic
     async def delete_file_record(self, url: str):
         file_record = await self.get_file_record(url)
         if file_record is None: return
@@ -396,6 +431,7 @@ class FileConn(DBConnBase):
         await self.user_size_dec(file_record.owner_id, file_record.file_size)
         self.logger.info(f"Deleted fmeta {url}")
     
+    @atomic
     async def delete_user_file_records(self, owner_id: int):
         async with self.conn.execute("SELECT * FROM fmeta WHERE owner_id = ?", (owner_id, )) as cursor:
             res = await cursor.fetchall()
@@ -403,6 +439,7 @@ class FileConn(DBConnBase):
         await self.conn.execute("DELETE FROM usize WHERE user_id = ?", (owner_id, ))
         self.logger.info(f"Deleted {len(res)} files for user {owner_id}") # type: ignore
     
+    @atomic
     async def delete_path_records(self, path: str):
         """Delete all records with url starting with path"""
         async with self.conn.execute("SELECT * FROM fmeta WHERE url LIKE ?", (path + '%', )) as cursor:
@@ -436,18 +473,20 @@ class FileConn(DBConnBase):
     async def delete_file_blobs(self, file_ids: list[str]):
         await self.conn.execute("DELETE FROM fdata WHERE file_id IN ({})".format(','.join(['?'] * len(file_ids))), file_ids)
 
-def _validate_url(url: str, is_file = True) -> bool:
+def validate_url(url: str, is_file = True):
     ret = not url.startswith('/') and not ('..' in url) and ('/' in url) and not ('//' in url) \
         and not ' ' in url and not url.startswith('\\') and not url.startswith('_') and not url.startswith('.')
 
     if not ret:
-        return False
+        raise InvalidPathError(f"Invalid URL: {url}")
     
     if is_file:
         ret = ret and not url.endswith('/')
     else:
         ret = ret and url.endswith('/')
-    return ret
+
+    if not ret:
+        raise InvalidPathError(f"Invalid URL: {url}")
 
 async def get_user(db: "Database", user: int | str) -> Optional[DBUserRecord]:
     if isinstance(user, str):
@@ -467,6 +506,7 @@ async def transaction(db: "Database"):
     except Exception as e:
         db.logger.error(f"Error in transaction: {e}")
         await db.rollback()
+        raise e
     finally:
         _transaction_lock.release()
 
@@ -496,8 +536,7 @@ class Database:
             await _g_conn.rollback()
 
     async def save_file(self, u: int | str, url: str, blob: bytes):
-        if not _validate_url(url):
-            raise ValueError(f"Invalid URL: {url}")
+        validate_url(url)
         assert isinstance(blob, bytes), "blob must be bytes"
 
         user = await get_user(self, u)
@@ -529,7 +568,7 @@ class Database:
 
     # async def read_file_stream(self, url: str): ...
     async def read_file(self, url: str) -> bytes:
-        if not _validate_url(url): raise ValueError(f"Invalid URL: {url}")
+        validate_url(url)
 
         r = await self.file.get_file_record(url)
         if r is None:
@@ -546,7 +585,7 @@ class Database:
         return blob
 
     async def delete_file(self, url: str) -> Optional[FileDBRecord]:
-        if not _validate_url(url): raise ValueError(f"Invalid URL: {url}")
+        validate_url(url)
 
         async with transaction(self):
             r = await self.file.get_file_record(url)
@@ -556,9 +595,16 @@ class Database:
             await self.file.delete_file_blob(f_id)
             await self.file.delete_file_record(url)
             return r
+    
+    async def move_file(self, old_url: str, new_url: str):
+        validate_url(old_url)
+        validate_url(new_url)
+
+        async with transaction(self):
+            await self.file.move_file(old_url, new_url)
 
     async def delete_path(self, url: str):
-        if not _validate_url(url, is_file=False): raise ValueError(f"Invalid URL: {url}")
+        validate_url(url, is_file=False)
 
         async with transaction(self):
             records = await self.file.get_path_records(url)

{lfss-0.2.1 → lfss-0.2.4}/lfss/src/error.py

@@ -3,4 +3,6 @@ class LFSSExceptionBase(Exception):...
 
 class PermissionDeniedError(LFSSExceptionBase, PermissionError):...
 
+class InvalidPathError(LFSSExceptionBase, ValueError):...
+
 class StorageExceededError(LFSSExceptionBase):...

{lfss-0.2.1 → lfss-0.2.4}/lfss/src/server.py

@@ -37,7 +37,10 @@ def handle_exception(fn):
             logger.error(f"Error in {fn.__name__}: {e}")
             if isinstance(e, HTTPException): raise e
             elif isinstance(e, StorageExceededError): raise HTTPException(status_code=413, detail=str(e))
-            elif isinstance(e, PermissionDeniedError): raise HTTPException(status_code=403, detail=str(e))
+            elif isinstance(e, PermissionError): raise HTTPException(status_code=403, detail=str(e))
+            elif isinstance(e, InvalidPathError): raise HTTPException(status_code=400, detail=str(e))
+            elif isinstance(e, FileNotFoundError): raise HTTPException(status_code=404, detail=str(e))
+            elif isinstance(e, FileExistsError): raise HTTPException(status_code=409, detail=str(e))
             else: raise HTTPException(status_code=500, detail=str(e))
     return wrapper
 
@@ -63,7 +66,7 @@ async def get_current_user(
         raise HTTPException(status_code=401, detail="Invalid token")
     return user
 
-app = FastAPI(docs_url=None, redoc_url=None, lifespan=lifespan)
+app = FastAPI(docs_url="/_docs", redoc_url=None, lifespan=lifespan)
 app.add_middleware(
     CORSMiddleware,
     allow_origins=["*"],
@@ -203,6 +206,8 @@ router_api = APIRouter(prefix="/_api")
 @router_api.get("/bundle")
 async def bundle_files(path: str, user: DBUserRecord = Depends(get_current_user)):
     logger.info(f"GET bundle({path}), user: {user.username}")
+    if user.id == 0:
+        raise HTTPException(status_code=401, detail="Permission denied")
     path = ensure_uri_compnents(path)
     assert path.endswith("/") or path == ""
 
@@ -255,6 +260,7 @@ async def get_file_meta(path: str, user: DBUserRecord = Depends(get_current_user
 async def update_file_meta(
     path: str, 
     perm: Optional[int] = None, 
+    new_path: Optional[str] = None,
     user: DBUserRecord = Depends(get_current_user)
     ):
     if user.id == 0:
@@ -271,10 +277,16 @@ async def update_file_meta(
     
     if perm is not None:
         logger.info(f"Update permission of {path} to {perm}")
-        await conn.file.set_file_record(
+        await handle_exception(conn.file.set_file_record)(
             url = file_record.url, 
             permission = FileReadPermission(perm)
         )
+    
+    if new_path is not None:
+        new_path = ensure_uri_compnents(new_path)
+        logger.info(f"Update path of {path} to {new_path}")
+        await handle_exception(conn.move_file)(path, new_path)
+
     return Response(status_code=200, content="OK")
     
 @router_api.get("/whoami")

{lfss-0.2.1 → lfss-0.2.4}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "lfss"
-version = "0.2.1"
+version = "0.2.4"
 description = "Lightweight file storage service"
 authors = ["li, mengxun <limengxun45@outlook.com>"]
 readme = "Readme.md"