Several modifications made to the API and several bug fixes
This commit is contained in:
@@ -18,31 +18,166 @@ let setupData = getSetupData();
|
||||
let userData = getUserData();
|
||||
router.use(bodyParser.json());
|
||||
|
||||
/**
|
||||
* @swagger
|
||||
* /dashboard/deletefolder/{folderName}?token={token}:
|
||||
* post:
|
||||
* security:
|
||||
* - bearerAuth: []
|
||||
* tags:
|
||||
* - Folder
|
||||
* summary: Delete a specific file in folder for a user
|
||||
* description: This route allows you to delete a specific file for a user. It requires a valid JWT token in the Authorization header.
|
||||
* requestBody:
|
||||
* required: true
|
||||
* content:
|
||||
* application/json:
|
||||
* schema:
|
||||
* type: object
|
||||
* properties:
|
||||
* filename:
|
||||
* type: string
|
||||
* description: The name of the file to delete
|
||||
* parameters:
|
||||
* - in: path
|
||||
* name: folderName
|
||||
* required: true
|
||||
* schema:
|
||||
* type: string
|
||||
* description: The name of the folder
|
||||
* - in: header
|
||||
* name: Authorization
|
||||
* required: true
|
||||
* schema:
|
||||
* type: string
|
||||
* description: The JWT token of your account to have access
|
||||
* responses:
|
||||
* 200:
|
||||
* description: Folder successfully deleted.
|
||||
* content:
|
||||
* application/json:
|
||||
* schema:
|
||||
* type: object
|
||||
* properties:
|
||||
* deleted:
|
||||
* type: boolean
|
||||
* success:
|
||||
* type: string
|
||||
* 400:
|
||||
* description: Bad Request
|
||||
* content:
|
||||
* application/json:
|
||||
* schema:
|
||||
* type: object
|
||||
* properties:
|
||||
* error:
|
||||
* type: string
|
||||
* 401:
|
||||
* description: Unauthorized
|
||||
* content:
|
||||
* application/json:
|
||||
* schema:
|
||||
* type: object
|
||||
* properties:
|
||||
* message:
|
||||
* type: string
|
||||
* 403:
|
||||
* description: You do not have permission to delete this folder.
|
||||
* content:
|
||||
* application/json:
|
||||
* schema:
|
||||
* type: object
|
||||
* properties:
|
||||
* error:
|
||||
* type: string
|
||||
* 404:
|
||||
* description: The specified folder does not exist.
|
||||
* content:
|
||||
* application/json:
|
||||
* schema:
|
||||
* type: object
|
||||
* properties:
|
||||
* error:
|
||||
* type: string
|
||||
* 500:
|
||||
* description: Error deleting the folder.
|
||||
* content:
|
||||
* application/json:
|
||||
* schema:
|
||||
* type: object
|
||||
* properties:
|
||||
* error:
|
||||
* type: string
|
||||
*/
|
||||
|
||||
function authenticateToken(req, res, next) {
|
||||
authMiddleware(req, res, function(err) {
|
||||
if (!err) {
|
||||
return next();
|
||||
}
|
||||
|
||||
let token = null;
|
||||
const authHeader = req.headers['authorization'];
|
||||
|
||||
if (authHeader) {
|
||||
token = authHeader.split(' ')[1];
|
||||
} else if (req.query.token) {
|
||||
token = req.query.token;
|
||||
}
|
||||
|
||||
if (token == null) {
|
||||
return res.status(401).json({ message: 'Unauthorized' });
|
||||
}
|
||||
|
||||
fs.readFile(path.join(__dirname, '../../../data', 'user.json'), 'utf8', (err, data) => {
|
||||
if (err) {
|
||||
console.error('Error reading user.json:', err);
|
||||
return res.status(401).json({ message: 'Unauthorized' });
|
||||
}
|
||||
|
||||
const users = JSON.parse(data);
|
||||
|
||||
const user = users.find(u => u.token === token);
|
||||
|
||||
if (user) {
|
||||
req.user = user;
|
||||
req.userData = user;
|
||||
next();
|
||||
} else {
|
||||
return res.status(401).json({ message: 'Unauthorized' });
|
||||
}
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
router.get('/', (req, res) => {
|
||||
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||
res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' });
|
||||
});
|
||||
|
||||
router.delete('/:folderName', authMiddleware, (req, res) => {
|
||||
const userId = req.userData.name;
|
||||
const folderName = req.params.folderName;
|
||||
const userFolderPath = path.join('cdn-files', userId);
|
||||
const folderPath = path.join(userFolderPath, folderName);
|
||||
router.delete('/:folderName', authenticateToken, (req, res) => {
|
||||
|
||||
if (!fs.existsSync(folderPath)) {
|
||||
return res.status(404).json({ error: 'Le dossier spécifié n\'existe pas.' });
|
||||
}
|
||||
const userId = req.userData ? req.userData.name : null;
|
||||
if (!userId) {
|
||||
return res.status(401).json({ error: 'Unauthorized' });
|
||||
}
|
||||
const folderName = req.params.folderName;
|
||||
const userFolderPath = path.join('cdn-files', userId);
|
||||
const folderPath = path.join(userFolderPath, folderName);
|
||||
|
||||
if (!folderPath.startsWith(userFolderPath)) {
|
||||
return res.status(403).json({ error: 'Vous n\'avez pas la permission de supprimer ce dossier.' });
|
||||
}
|
||||
if (!fs.existsSync(folderPath)) {
|
||||
return res.status(404).json({ error: 'The specified folder does not exist.' });
|
||||
}
|
||||
|
||||
fs.rmdir(folderPath, { recursive: true }, (err) => {
|
||||
if (err) {
|
||||
console.error(err);
|
||||
return res.status(500).json({ error: 'Erreur lors de la suppression du dossier.' });
|
||||
}
|
||||
res.json({ deleted: true, success: 'Dossier supprimé avec succès.' });
|
||||
});
|
||||
if (!folderPath.startsWith(userFolderPath)) {
|
||||
return res.status(403).json({ error: 'You do not have permission to delete this folder.' });
|
||||
}
|
||||
|
||||
fs.rmdir(folderPath, { recursive: true }, (err) => {
|
||||
if (err) {
|
||||
return res.status(500).json({ error: 'Error deleting the folder.' });
|
||||
}
|
||||
res.json({ deleted: true, success: 'Folder successfully deleted.' });
|
||||
});
|
||||
});
|
||||
|
||||
module.exports = router;
|
||||
Reference in New Issue
Block a user