lfss 0.9.4__py3-none-any.whl → 0.11.4__py3-none-any.whl

lfss/eng/error.py

@@ -12,6 +12,8 @@ class InvalidPathError(LFSSExceptionBase, ValueError):...
 
 class DatabaseLockedError(LFSSExceptionBase, sqlite3.DatabaseError):...
 
+class DatabaseTransactionError(LFSSExceptionBase, sqlite3.DatabaseError):...
+
 class PathNotFoundError(LFSSExceptionBase, FileNotFoundError):...
 
 class FileDuplicateError(LFSSExceptionBase, FileExistsError):...

lfss/eng/log.py

@@ -1,8 +1,9 @@
-from .config import DATA_HOME
+from .config import LOG_DIR, DISABLE_LOGGING
+import time, sqlite3, dataclasses
 from typing import TypeVar, Callable, Literal, Optional
 from concurrent.futures import ThreadPoolExecutor
 from functools import wraps
-import logging, pathlib, asyncio
+import logging, asyncio
 from logging import handlers
 
 class BCOLORS:
@@ -57,15 +58,81 @@ class BaseLogger(logging.Logger):
     @thread_wrap
     def error(self, *args, **kwargs): super().error(*args, **kwargs)
 
-_fh_T = Literal['rotate', 'simple', 'daily']
+class SQLiteFileHandler(logging.FileHandler):
+    def __init__(self, filename, *args, **kwargs):
+        super().__init__(filename, *args, **kwargs)
+        self._db_file = filename
+        self._buffer: list[logging.LogRecord] = []
+        self._buffer_size = 100
+        self._flush_interval = 10
+        self._last_flush = time.time()
+        conn = sqlite3.connect(self._db_file, check_same_thread=False)
+        conn.execute('PRAGMA journal_mode=WAL')
+        conn.execute('''
+            CREATE TABLE IF NOT EXISTS log (
+                id INTEGER PRIMARY KEY AUTOINCREMENT,
+                created TIMESTAMP,
+                created_epoch FLOAT,
+                name TEXT,
+                levelname VARCHAR(16),
+                level INTEGER,
+                message TEXT
+            )
+        ''')
+        conn.commit()
+        conn.close()
+    
+    def flush(self): 
+        def format_time(self, record: logging.LogRecord):
+            """ Create a time stamp """
+            return time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(record.created))
+        self.acquire()
+        try:
+            conn = sqlite3.connect(self._db_file, check_same_thread=False)
+            conn.executemany('''
+                INSERT INTO log (created, created_epoch, name, levelname, level, message)
+                VALUES (?, ?, ?, ?, ?, ?)
+            ''', [
+                (format_time(self, record), record.created, record.name, record.levelname, record.levelno, record.getMessage())
+                for record in self._buffer
+            ])
+            conn.commit()
+            conn.close()
+            self._buffer.clear()
+            self._last_flush = time.time()
+        finally:
+            self.release()
+
+    def emit(self, record: logging.LogRecord):
+        self._buffer.append(record)
+        if len(self._buffer) > self._buffer_size or time.time() - self._last_flush > self._flush_interval:
+            self.flush()
+    
+    def close(self):
+        self.flush()
+        return super().close()
+
+def eval_logline(row: sqlite3.Row):
+    @dataclasses.dataclass
+    class DBLogRecord:
+        id: int
+        created: str
+        created_epoch: float
+        name: str
+        levelname: str
+        level: int
+        message: str
+    return DBLogRecord(*row)
+
+_fh_T = Literal['rotate', 'simple', 'daily', 'sqlite']
 
 __g_logger_dict: dict[str, BaseLogger] = {}
 def get_logger(
     name = 'default', 
-    log_home = pathlib.Path(DATA_HOME) / 'logs', 
+    log_home = LOG_DIR, 
     level = 'DEBUG',
     term_level = 'INFO',
-    file_handler_type: _fh_T = 'rotate', 
+    file_handler_type: _fh_T = 'sqlite', 
     global_instance = True
     )->BaseLogger:
     if global_instance and name in __g_logger_dict:
@@ -87,22 +154,25 @@ def get_logger(
             if isinstance(color, str) and color.startswith('\033'):
                 format_str_plain = format_str_plain.replace(color, '')
 
-        formatter_plain = logging.Formatter(format_str_plain)
-        log_home.mkdir(exist_ok=True)
-        log_file = log_home / f'{name}.log'
-        if file_handler_type == 'simple':
-            file_handler = logging.FileHandler(log_file)
-        elif file_handler_type == 'daily':
-            file_handler = handlers.TimedRotatingFileHandler(
-                log_file, when='midnight', interval=1, backupCount=30
-            )
-        elif file_handler_type == 'rotate':
-            file_handler = handlers.RotatingFileHandler(
-                log_file, maxBytes=1024*1024, backupCount=5
-            )
-
-        file_handler.setFormatter(formatter_plain)
-        logger.addHandler(file_handler)
+        if not DISABLE_LOGGING:
+            formatter_plain = logging.Formatter(format_str_plain)
+            log_home.mkdir(exist_ok=True)
+            log_file = log_home / f'{name}.log'
+            if file_handler_type == 'simple':
+                file_handler = logging.FileHandler(log_file)
+            elif file_handler_type == 'daily':
+                file_handler = handlers.TimedRotatingFileHandler(
+                    log_file, when='midnight', interval=1, backupCount=30
+                )
+            elif file_handler_type == 'rotate':
+                file_handler = handlers.RotatingFileHandler(
+                    log_file, maxBytes=1024*1024, backupCount=5
+                )
+            elif file_handler_type == 'sqlite':
+                file_handler = SQLiteFileHandler(log_file if log_file.suffix == '.db' else log_file.with_suffix('.log.db'))
+
+            file_handler.setFormatter(formatter_plain)
+            logger.addHandler(file_handler)
     
     logger = BaseLogger(name)
     setupLogger(logger)

lfss/eng/thumb.py

@@ -11,47 +11,42 @@ from contextlib import asynccontextmanager
 async def _maybe_init_thumb(c: aiosqlite.Cursor):
     await c.execute('''
         CREATE TABLE IF NOT EXISTS thumbs (
-            path TEXT PRIMARY KEY,
-            ctime TEXT,
+            file_id CHAR(32) PRIMARY KEY,
             thumb BLOB
         )
     ''')
-    await c.execute('CREATE INDEX IF NOT EXISTS thumbs_path_idx ON thumbs (path)')
+    await c.execute('CREATE INDEX IF NOT EXISTS thumbs_path_idx ON thumbs (file_id)')
 
-async def _get_cache_thumb(c: aiosqlite.Cursor, path: str, ctime: str) -> Optional[bytes]:
+async def _get_cache_thumb(c: aiosqlite.Cursor, file_id: str) -> Optional[bytes]:
     res = await c.execute('''
-        SELECT ctime, thumb FROM thumbs WHERE path = ? 
-    ''', (path, ))
+        SELECT thumb FROM thumbs WHERE file_id = ? 
+    ''', (file_id, ))
     row = await res.fetchone()
     if row is None:
         return None
-    # check if ctime matches, if not delete and return None
-    if row[0] != ctime:
-        await _delete_cache_thumb(c, path)
-        return None
-    blob: bytes = row[1]
+    blob: bytes = row[0]
     return blob
     
-async def _save_cache_thumb(c: aiosqlite.Cursor, path: str, ctime: str, raw_bytes: bytes) -> bytes:
+async def _save_cache_thumb(c: aiosqlite.Cursor, file_id: str, raw_bytes: bytes) -> bytes:
     try:
         raw_img = Image.open(BytesIO(raw_bytes))
     except Exception:
-        raise InvalidDataError('Invalid image data for thumbnail: ' + path)
+        raise InvalidDataError('Invalid image data for thumbnail: ' + file_id)
     raw_img.thumbnail(THUMB_SIZE)
     img = raw_img.convert('RGB')
     bio = BytesIO()
     img.save(bio, 'JPEG')
     blob = bio.getvalue()
     await c.execute('''
-        INSERT OR REPLACE INTO thumbs (path, ctime, thumb) VALUES (?, ?, ?)
-    ''', (path, ctime, blob))
+        INSERT OR REPLACE INTO thumbs (file_id, thumb) VALUES (?, ?)
+    ''', (file_id, blob))
     await c.execute('COMMIT')  # commit immediately
     return blob
 
-async def _delete_cache_thumb(c: aiosqlite.Cursor, path: str):
+async def _delete_cache_thumb(c: aiosqlite.Cursor, file_id: str):
     await c.execute('''
-        DELETE FROM thumbs WHERE path = ?
-    ''', (path, ))
+        DELETE FROM thumbs WHERE file_id = ?
+    ''', (file_id, ))
     await c.execute('COMMIT')
 
 @asynccontextmanager
@@ -75,15 +70,13 @@ async def get_thumb(path: str) -> Optional[tuple[bytes, str]]:
         r = await fconn.get_file_record(path)
 
     if r is None:
-        async with cache_cursor() as cur:
-            await _delete_cache_thumb(cur, path)
         raise FileNotFoundError(f'File not found: {path}')
     if not r.mime_type.startswith('image/'):
         return None
 
+    file_id = r.file_id
     async with cache_cursor() as cur:
-        c_time = r.create_time
-        thumb_blob = await _get_cache_thumb(cur, path, c_time)
+        thumb_blob = await _get_cache_thumb(cur, file_id)
         if thumb_blob is not None:
             return thumb_blob, "image/jpeg"
         
@@ -98,5 +91,5 @@ async def get_thumb(path: str) -> Optional[tuple[bytes, str]]:
                 data = await fconn.get_file_blob(r.file_id)
             assert data is not None
         
-        thumb_blob = await _save_cache_thumb(cur, path, c_time, data)
+        thumb_blob = await _save_cache_thumb(cur, file_id, data)
         return thumb_blob, "image/jpeg"

lfss/eng/utils.py

@@ -11,7 +11,6 @@ from concurrent.futures import ThreadPoolExecutor
 from typing import TypeVar, Callable, Awaitable
 from functools import wraps, partial
 from uuid import uuid4
-import os
 
 async def copy_file(source: str|pathlib.Path, destination: str|pathlib.Path):
     async with aiofiles.open(source, mode='rb') as src:
@@ -20,7 +19,7 @@ async def copy_file(source: str|pathlib.Path, destination: str|pathlib.Path):
                 await dest.write(chunk)
 
 def hash_credential(username: str, password: str):
-    return hashlib.sha256((username + password).encode()).hexdigest()
+    return hashlib.sha256(f"{username}:{password}".encode()).hexdigest()
 
 def encode_uri_compnents(path: str):
     path_sp = path.split("/")
@@ -155,12 +154,12 @@ def fmt_storage_size(size: int) -> str:
     return f"{size/1024**4:.2f}T"
 
 _FnReturnT = TypeVar('_FnReturnT')
-_AsyncReturnT = Awaitable[_FnReturnT]
+_AsyncReturnT = TypeVar('_AsyncReturnT', bound=Awaitable)
 _g_executor = None
 def get_global_executor():
     global _g_executor
     if _g_executor is None:
-        _g_executor = ThreadPoolExecutor(max_workers=4 if (cpu_count:=os.cpu_count()) and cpu_count > 4 else cpu_count)
+        _g_executor = ThreadPoolExecutor()
     return _g_executor
 def async_wrap(executor=None):
     if executor is None:
@@ -179,7 +178,7 @@ def concurrent_wrap(executor=None):
         def sync_fn(*args, **kwargs):
             loop = asyncio.new_event_loop()
             return loop.run_until_complete(func(*args, **kwargs))
-        return sync_fn
+        return sync_fn          # type: ignore
     return _concurrent_wrap
 
 # https://stackoverflow.com/a/279586/6775765

lfss/sql/init.sql

@@ -1,4 +1,4 @@
-CREATE TABLE IF NOT EXISTS user (
+CREATE TABLE IF NOT EXISTS main.user (
     id INTEGER PRIMARY KEY AUTOINCREMENT,
     username VARCHAR(256) UNIQUE NOT NULL,
     credential VARCHAR(256) NOT NULL,
@@ -9,7 +9,7 @@ CREATE TABLE IF NOT EXISTS user (
     permission INTEGER DEFAULT 0
 );
 
-CREATE TABLE IF NOT EXISTS fmeta (
+CREATE TABLE IF NOT EXISTS main.fmeta (
     url VARCHAR(1024) PRIMARY KEY,
     owner_id INTEGER NOT NULL,
     file_id CHAR(32) NOT NULL,
@@ -22,12 +22,17 @@ CREATE TABLE IF NOT EXISTS fmeta (
     FOREIGN KEY(owner_id) REFERENCES user(id)
 );
 
-CREATE TABLE IF NOT EXISTS usize (
+CREATE TABLE IF NOT EXISTS main.dupcount (
+    file_id CHAR(32) PRIMARY KEY,
+    count INTEGER DEFAULT 0
+);
+
+CREATE TABLE IF NOT EXISTS main.usize (
     user_id INTEGER PRIMARY KEY,
     size INTEGER DEFAULT 0
 );
 
-CREATE TABLE IF NOT EXISTS upeer (
+CREATE TABLE IF NOT EXISTS main.upeer (
     src_user_id INTEGER NOT NULL,
     dst_user_id INTEGER NOT NULL,
     access_level INTEGER DEFAULT 0,

lfss/svc/app.py

@@ -6,4 +6,4 @@ app.include_router(router_api)
 if ENABLE_WEBDAV:
     from .app_dav import *
     app.include_router(router_dav)
-app.include_router(router_fs)
+app.include_router(router_fs)

lfss/svc/app_base.py

@@ -27,7 +27,7 @@ req_conn = RequestDB()
 async def lifespan(app: FastAPI):
     global db
     try:
-        await global_connection_init(n_read = 2)
+        await global_connection_init(n_read = 8 if not DEBUG_MODE else 1)
         await asyncio.gather(db.init(), req_conn.init())
         yield
         await req_conn.commit()
@@ -54,15 +54,19 @@ def handle_exception(fn):
             if isinstance(e, FileExistsError): raise HTTPException(status_code=409, detail=str(e))
             if isinstance(e, TooManyItemsError): raise HTTPException(status_code=400, detail=str(e))
             if isinstance(e, DatabaseLockedError): raise HTTPException(status_code=503, detail=str(e))
+            if isinstance(e, DatabaseTransactionError): raise HTTPException(status_code=503, detail=str(e))
             if isinstance(e, FileLockedError): raise HTTPException(status_code=423, detail=str(e))
             logger.error(f"Uncaptured error in {fn.__name__}: {e}")
             raise 
     return wrapper
 
+env_origins = os.environ.get("LFSS_ORIGINS", "*")
+logger.debug(f"LFSS_ORIGINS: {env_origins}")
+origins = [x.strip() for x in env_origins.split(",") if x.strip()]
 app = FastAPI(docs_url=None, redoc_url=None, lifespan=lifespan)
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=["*"],
+    allow_origins=origins,
     allow_credentials=True,
     allow_methods=["*"],
     allow_headers=["*"],

lfss/svc/app_dav.py

@@ -57,9 +57,9 @@ async def eval_path(path: str) -> tuple[ptype, str, Optional[FileRecord | Direct
         if len(dir_path_sp) > 2:
             async with unique_cursor() as c:
                 fconn = FileConn(c)
-                if await fconn.count_path_files(path, flat=True) == 0:
+                if await fconn.count_dir_files(path, flat=True) == 0:
                     return None, lfss_path, None
-                return "dir", lfss_path, await fconn.get_path_record(path)
+                return "dir", lfss_path, await fconn.get_dir_record(path)
         else:
             # test if its a user's root directory
             assert len(dir_path_sp) == 2
@@ -85,8 +85,8 @@ async def eval_path(path: str) -> tuple[ptype, str, Optional[FileRecord | Direct
     async with unique_cursor() as c:
         lfss_path = path + "/"
         fconn = FileConn(c)
-        if await fconn.count_path_files(lfss_path) > 0:
-            return "dir", lfss_path, await fconn.get_path_record(lfss_path)
+        if await fconn.count_dir_files(lfss_path) > 0:
+            return "dir", lfss_path, await fconn.get_dir_record(lfss_path)
     
     return None, path, None
 
@@ -235,7 +235,7 @@ async def dav_propfind(request: Request, path: str, user: UserRecord = Depends(r
         # query root directory content
         async def user_path_record(user_name: str, cur) -> DirectoryRecord:
             try:
-                return await FileConn(cur).get_path_record(user_name + "/")
+                return await FileConn(cur).get_dir_record(user_name + "/")
             except PathNotFoundError:
                 return DirectoryRecord(user_name + "/", size=0, n_files=0, create_time="1970-01-01 00:00:00", update_time="1970-01-01 00:00:00", access_time="1970-01-01 00:00:00")
 
@@ -253,7 +253,7 @@ async def dav_propfind(request: Request, path: str, user: UserRecord = Depends(r
     elif path_type == "dir":
         # query directory content
         async with unique_cursor() as c:
-            flist = await FileConn(c).list_path_files(lfss_path, flat = True if depth == "infinity" else False)
+            flist = await FileConn(c).list_dir_files(lfss_path, flat = True if depth == "infinity" else False)
         for frecord in flist:
             if frecord.url.endswith(f"/{MKDIR_PLACEHOLDER}"): continue
             file_el = await create_file_xml_element(frecord)
@@ -315,7 +315,7 @@ async def dav_move(request: Request, path: str, user: UserRecord = Depends(regis
         assert ptype == "dir", "Directory path should end with /"
         assert lfss_path.endswith("/"), "Directory path should end with /"
         if not dlfss_path.endswith("/"): dlfss_path += "/"  # the header destination may not end with /
-        await db.move_path(lfss_path, dlfss_path, user)
+        await db.move_dir(lfss_path, dlfss_path, user)
     return Response(status_code=201)
 
 @router_dav.api_route("/{path:path}", methods=["COPY"])

lfss/svc/app_native.py

@@ -1,16 +1,19 @@
-from typing import Optional, Literal
+from typing import Optional, Literal, Annotated
+from collections import OrderedDict
 
-from fastapi import Depends, Request, Response, UploadFile
+from fastapi import Depends, Request, Response, UploadFile, Query
+from fastapi.responses import StreamingResponse, JSONResponse
 from fastapi.exceptions import HTTPException 
 
-from ..eng.config import MAX_BUNDLE_BYTES
 from ..eng.utils import ensure_uri_compnents
+from ..eng.config import MAX_MEM_FILE_BYTES
 from ..eng.connection_pool import unique_cursor
-from ..eng.database import check_file_read_permission, check_path_permission, UserConn, FileConn
+from ..eng.database import check_file_read_permission, check_path_permission, FileConn, delayed_log_access
 from ..eng.datatype import (
-    FileReadPermission, FileRecord, UserRecord, AccessLevel, 
+    FileReadPermission, UserRecord, AccessLevel, 
     FileSortKey, DirSortKey
 )
+from ..eng.error import InvalidPathError
 
 from .app_base import *
 from .common_impl import get_impl, put_file_impl, post_file_impl, delete_impl, copy_impl
@@ -81,48 +84,40 @@ async def delete_file(path: str, user: UserRecord = Depends(registered_user)):
 async def bundle_files(path: str, user: UserRecord = Depends(registered_user)):
     logger.info(f"GET bundle({path}), user: {user.username}")
     path = ensure_uri_compnents(path)
-    assert path.endswith("/") or path == ""
-
-    if not path == "" and path[0] == "/":   # adapt to both /path and path
+    if not path.endswith("/"):
+        raise HTTPException(status_code=400, detail="Path must end with /")
+    if path[0] == "/":      # adapt to both /path and path
         path = path[1:]
+    if path == "":
+        raise HTTPException(status_code=400, detail="Cannot bundle root")
     
-    # TODO: may check peer users here
-    owner_records_cache: dict[int, UserRecord] = {}     # cache owner records, ID -> UserRecord
-    async def is_access_granted(file_record: FileRecord):
-        owner_id = file_record.owner_id
-        owner = owner_records_cache.get(owner_id, None)
-        if owner is None:
-            async with unique_cursor() as conn:
-                uconn = UserConn(conn)
-                owner = await uconn.get_user_by_id(owner_id, throw=True)
-            owner_records_cache[owner_id] = owner
-            
-        allow_access, _ = check_file_read_permission(user, owner, file_record)
-        return allow_access
-    
-    async with unique_cursor() as conn:
-        fconn = FileConn(conn)
-        files = await fconn.list_path_files(
-            url = path, flat = True, 
-            limit=(await fconn.count_path_files(url = path, flat = True))
-            )
-    files = [f for f in files if await is_access_granted(f)]
-    if len(files) == 0:
-        raise HTTPException(status_code=404, detail="No files found")
-
-    # return bundle of files
-    total_size = sum([f.file_size for f in files])
-    if total_size > MAX_BUNDLE_BYTES:
-        raise HTTPException(status_code=400, detail="Too large to zip")
-
-    file_paths = [f.url for f in files]
-    zip_buffer = await db.zip_path(path, file_paths)
-    return Response(
-        content=zip_buffer.getvalue(), media_type="application/zip", headers={
-            "Content-Disposition": f"attachment; filename=bundle.zip", 
-            "Content-Length": str(zip_buffer.getbuffer().nbytes)
-        }
-    )
+    async with unique_cursor() as cur:
+        dir_record = await FileConn(cur).get_dir_record(path)
+
+    pathname = f"{path.split('/')[-2]}"
+
+    if dir_record.size < MAX_MEM_FILE_BYTES:
+        logger.debug(f"Bundle {path} in memory")
+        dir_bytes = (await db.zip_dir(path, op_user=user)).getvalue()
+        return Response(
+            content = dir_bytes,
+            media_type = "application/zip",
+            headers = {
+                f"Content-Disposition": f"attachment; filename=bundle-{pathname}.zip",
+                "Content-Length": str(len(dir_bytes)),
+                "X-Content-Bytes": str(dir_record.size),
+            }
+        )
+    else:
+        logger.debug(f"Bundle {path} in stream")
+        return StreamingResponse(
+            content = await db.zip_dir_stream(path, op_user=user),
+            media_type = "application/zip",
+            headers = {
+                f"Content-Disposition": f"attachment; filename=bundle-{pathname}.zip",
+                "X-Content-Bytes": str(dir_record.size),
+            }
+        )
 
 @router_api.get("/meta")
 @handle_exception
@@ -135,15 +130,13 @@ async def get_file_meta(path: str, user: UserRecord = Depends(registered_user)):
         if is_file:
             record = await fconn.get_file_record(path, throw=True)
             if await check_path_permission(path, user, cursor=cur) < AccessLevel.READ:
-                uconn = UserConn(cur)
-                owner = await uconn.get_user_by_id(record.owner_id, throw=True)
-                is_allowed, reason = check_file_read_permission(user, owner, record)
+                is_allowed, reason = await check_file_read_permission(user, record, cursor=cur)
                 if not is_allowed:
                     raise HTTPException(status_code=403, detail=reason)
         else:
             if await check_path_permission(path, user, cursor=cur) < AccessLevel.READ:
                 raise HTTPException(status_code=403, detail="Permission denied")
-            record = await fconn.get_path_record(path)
+            record = await fconn.get_dir_record(path)
     return record
 
 @router_api.post("/meta")
@@ -180,7 +173,7 @@ async def update_file_meta(
             new_path = ensure_uri_compnents(new_path)
             logger.info(f"Update path of {path} to {new_path}")
             # will raise duplicate path error if same name path exists in the new path
-            await db.move_path(path, new_path, user)
+            await db.move_dir(path, new_path, user)
 
     return Response(status_code=200, content="OK")
 
@@ -198,13 +191,15 @@ async def validate_path_read_permission(path: str, user: UserRecord):
     if not await check_path_permission(path, user) >= AccessLevel.READ:
         raise HTTPException(status_code=403, detail="Permission denied")
 @router_api.get("/count-files")
+@handle_exception
 async def count_files(path: str, flat: bool = False, user: UserRecord = Depends(registered_user)):
     await validate_path_read_permission(path, user)
     path = ensure_uri_compnents(path)
     async with unique_cursor() as conn:
         fconn = FileConn(conn)
-        return { "count": await fconn.count_path_files(url = path, flat = flat) }
+        return { "count": await fconn.count_dir_files(url = path, flat = flat) }
 @router_api.get("/list-files")
+@handle_exception
 async def list_files(
     path: str, offset: int = 0, limit: int = 1000,
     order_by: FileSortKey = "", order_desc: bool = False,
@@ -214,13 +209,14 @@ async def list_files(
     path = ensure_uri_compnents(path)
     async with unique_cursor() as conn:
         fconn = FileConn(conn)
-        return await fconn.list_path_files(
+        return await fconn.list_dir_files(
             url = path, offset = offset, limit = limit,
             order_by=order_by, order_desc=order_desc, 
             flat=flat
         )
 
 @router_api.get("/count-dirs")
+@handle_exception
 async def count_dirs(path: str, user: UserRecord = Depends(registered_user)):
     await validate_path_read_permission(path, user)
     path = ensure_uri_compnents(path)
@@ -228,6 +224,7 @@ async def count_dirs(path: str, user: UserRecord = Depends(registered_user)):
         fconn = FileConn(conn)
         return { "count": await fconn.count_path_dirs(url = path) }
 @router_api.get("/list-dirs")
+@handle_exception
 async def list_dirs(
     path: str, offset: int = 0, limit: int = 1000,
     order_by: DirSortKey = "", order_desc: bool = False,
@@ -241,6 +238,47 @@ async def list_dirs(
             url = path, offset = offset, limit = limit,
             order_by=order_by, order_desc=order_desc, skim=skim
         )
+
+# https://fastapi.tiangolo.com/tutorial/query-params-str-validations/#query-parameter-list-multiple-values
+@router_api.get("/get-multiple")
+@handle_exception
+async def get_multiple_files(
+    path: Annotated[list[str], Query()], 
+    skip_content: bool = False,
+    user: UserRecord = Depends(registered_user)
+    ):
+    """
+    Get multiple files by path. 
+    Please note that the content is supposed to be text and are small enough to fit in memory.
+
+    Not existing files will have content null, and the response will be 206 Partial Content if not all files are found.
+    if skip_content is True, the content of the files will always be ''
+    """
+    for p in path:
+        if p.endswith("/"):
+            raise InvalidPathError(f"Path '{p}' must not end with /")
+
+    # here we unify the path, so need to keep a record of the inputs
+    # make output keys consistent with inputs
+    upath2path = OrderedDict[str, str]()
+    for p in path:
+        p_ = p if not p.startswith("/") else p[1:]
+        upath2path[ensure_uri_compnents(p_)] = p
+    upaths = list(upath2path.keys())
+
+    # get files
+    raw_res = await db.read_files_bulk(upaths, skip_content=skip_content, op_user=user)
+    for k in raw_res.keys():
+        await delayed_log_access(k)
+    partial_content = len(raw_res) != len(upaths)
+
+    return JSONResponse(
+        content = {
+            upath2path[k]: v.decode('utf-8') if v is not None else None for k, v in raw_res.items()
+        },
+        status_code = 206 if partial_content else 200
+    )
+    
     
 @router_api.get("/whoami")
 @handle_exception

lfss/svc/common_impl.py

@@ -112,11 +112,8 @@ async def get_impl(
     async with unique_cursor() as cur:
         fconn = FileConn(cur)
         file_record = await fconn.get_file_record(path, throw=True)
-        uconn = UserConn(cur)
-        owner = await uconn.get_user_by_id(file_record.owner_id, throw=True)
-
         if not await check_path_permission(path, user, cursor=cur) >= AccessLevel.READ:
-            allow_access, reason = check_file_read_permission(user, owner, file_record)
+            allow_access, reason = await check_file_read_permission(user, file_record, cursor=cur)
             if not allow_access:
                 raise HTTPException(status_code=403 if user.id != 0 else 401, detail=reason)
     
@@ -183,7 +180,7 @@ async def _get_dir_impl(
                 else:
                     raise HTTPException(status_code=404, detail="User not found")
             else:
-                if await FileConn(cur).count_path_files(path, flat=True) > 0:
+                if await FileConn(cur).count_dir_files(path, flat=True) > 0:
                     return Response(status_code=200)
                 else:
                     raise HTTPException(status_code=404, detail="Path not found")
@@ -298,7 +295,7 @@ async def delete_impl(path: str, user: UserRecord):
     logger.info(f"DELETE {path}, user: {user.username}")
 
     if path.endswith("/"):
-        res = await db.delete_path(path, user)
+        res = await db.delete_dir(path, user)
     else:
         res = await db.delete_file(path, user)
 
@@ -330,8 +327,8 @@ async def copy_impl(
     else:
         async with unique_cursor() as cur:
             fconn = FileConn(cur)
-            dst_fcount = await fconn.count_path_files(dst_path, flat=True)
+            dst_fcount = await fconn.count_dir_files(dst_path, flat=True)
         if dst_fcount > 0:
             raise HTTPException(status_code=409, detail="Destination exists")
-        await db.copy_path(src_path, dst_path, op_user)
+        await db.copy_dir(src_path, dst_path, op_user)
     return Response(status_code=201, content="OK")