Update v1.1.1-beta1
This commit is contained in:
@@ -141,13 +141,48 @@ router.get('/', (req, res) => {
|
||||
});
|
||||
|
||||
router.post('/', authenticateToken, async (req, res) => {
|
||||
console.log('MoveFile API - Raw request body:', req.body);
|
||||
console.log('MoveFile API - Request body keys:', Object.keys(req.body));
|
||||
|
||||
const fileName = req.body.fileName;
|
||||
const folderName = req.body.folderName;
|
||||
|
||||
if (!fileName || fileName.trim() === '') {
|
||||
console.log('MoveFile API - Received data:', {
|
||||
fileName: fileName,
|
||||
folderName: folderName,
|
||||
typeOfFileName: typeof fileName,
|
||||
typeOfFolderName: typeof folderName,
|
||||
fileNameStringified: JSON.stringify(fileName),
|
||||
folderNameStringified: JSON.stringify(folderName),
|
||||
fullBody: req.body
|
||||
});
|
||||
|
||||
// Forcer la conversion en string si ce sont des objets
|
||||
let finalFileName = fileName;
|
||||
let finalFolderName = folderName;
|
||||
|
||||
if (typeof fileName === 'object' && fileName !== null) {
|
||||
console.log('fileName is an object, attempting conversion:', fileName);
|
||||
finalFileName = String(fileName);
|
||||
console.log('Converted fileName to:', finalFileName, typeof finalFileName);
|
||||
}
|
||||
|
||||
if (typeof folderName === 'object' && folderName !== null) {
|
||||
console.log('folderName is an object, attempting conversion:', folderName);
|
||||
finalFolderName = String(folderName);
|
||||
console.log('Converted folderName to:', finalFolderName, typeof finalFolderName);
|
||||
}
|
||||
|
||||
if (!finalFileName || (typeof finalFileName === 'string' && finalFileName.trim() === '')) {
|
||||
return res.status(400).json({ error: 'No file selected for moving.' });
|
||||
}
|
||||
|
||||
// Vérifier que folderName est une chaîne de caractères
|
||||
if (finalFolderName && typeof finalFolderName !== 'string') {
|
||||
console.error('folderName is not a string after conversion:', finalFolderName, typeof finalFolderName);
|
||||
return res.status(400).json({ error: 'Invalid folder name format.' });
|
||||
}
|
||||
|
||||
try {
|
||||
const data = await fs.promises.readFile(path.join(__dirname, '../../../data', 'user.json'), 'utf-8');
|
||||
const users = JSON.parse(data);
|
||||
@@ -160,21 +195,21 @@ router.post('/', authenticateToken, async (req, res) => {
|
||||
|
||||
const userId = user.name;
|
||||
|
||||
if (!fileName || !userId) {
|
||||
console.error('fileName or userId is undefined');
|
||||
if (!finalFileName || !userId) {
|
||||
console.error('finalFileName or userId is undefined');
|
||||
return res.status(500).json({ error: 'Error moving the file.' });
|
||||
}
|
||||
|
||||
const sourcePath = path.join('cdn-files', userId, fileName);
|
||||
const sourcePath = path.join('cdn-files', userId, finalFileName);
|
||||
|
||||
let destinationDir;
|
||||
if (folderName && folderName.trim() !== '') {
|
||||
destinationDir = path.join('cdn-files', userId, folderName);
|
||||
if (finalFolderName && finalFolderName.trim() !== '') {
|
||||
destinationDir = path.join('cdn-files', userId, finalFolderName);
|
||||
} else {
|
||||
destinationDir = path.join('cdn-files', userId);
|
||||
}
|
||||
|
||||
const destinationPath = path.join(destinationDir, fileName);
|
||||
const destinationPath = path.join(destinationDir, finalFileName);
|
||||
|
||||
if (!destinationPath.startsWith(path.join('cdn-files', userId))) {
|
||||
return res.status(403).json({ error: 'Unauthorized: Cannot move file outside of user directory.' });
|
||||
|
||||
Reference in New Issue
Block a user