const express = require('express'); const fs = require('fs'); const path = require('path'); const router = express.Router(); const fileUpload = require('express-fileupload'); const authMiddleware = require('../../../Middlewares/authMiddleware'); const { loggers } = require('winston'); const ncp = require('ncp'); const util = require('util'); const ncpAsync = util.promisify(ncp.ncp); const configFile = fs.readFileSync(path.join(__dirname, '../../../data', 'setup.json'), 'utf-8') const config = JSON.parse(configFile); const bodyParser = require('body-parser'); const crypto = require('crypto'); const os = require('os'); const { getUserData, getSetupData } = require('../../../Middlewares/watcherMiddleware'); const { logger, logRequestInfo, ErrorLogger, authLogger } = require('../../../config/logs'); let setupData = getSetupData(); let userData = getUserData(); router.use(bodyParser.json()); router.get('/', (req, res) => { res.status(400).json({ error: 'Bad Request. The request cannot be fulfilled due to bad syntax or missing parameters.' }); }); router.post('/', authMiddleware, async (req, res) => { const fileName = req.body.fileName; const folderName = req.body.folderName; const data = await fs.readFileSync(path.join(__dirname, '../../../data', 'user.json'), 'utf-8') const users = JSON.parse(data); const user = users.find(user => user.id === req.user.id); if (!user) { console.error('User not found in user.json'); return res.status(500).send('Erreur lors du déplacement du fichier.'); } const userId = user.name; if (!fileName || !userId) { console.error('fileName or userId is undefined'); return res.status(500).send('Erreur lors du déplacement du fichier.'); } const sourcePath = path.join('cdn-files', userId, fileName); let destinationDir; if (folderName && folderName.trim() !== '') { destinationDir = path.join('cdn-files', userId, folderName); } else { destinationDir = path.join('cdn-files', userId); } const destinationPath = path.join(destinationDir, fileName); try { const normalizedSourcePath = path.normalize(sourcePath); console.log('Full Source Path:', normalizedSourcePath); if (fs.existsSync(normalizedSourcePath)) { await fs.promises.access(destinationDir); await ncpAsync(normalizedSourcePath, destinationPath); await fs.promises.unlink(normalizedSourcePath); } else { console.log('File does not exist'); } res.redirect('/dpanel/dashboard'); } catch (err) { console.error(err); return res.status(500).send('Erreur lors du déplacement du fichier.'); } }); router.post('/:folderName', authMiddleware, async (req, res) => { const fileName = req.body.fileName; const newFolderName = req.body.folderName; const oldFolderName = req.params.folderName; const userId = req.user && req.user._json ? req.userData.name : undefined; if (!fileName || !userId || !oldFolderName || !newFolderName) { console.error('fileName, userId, oldFolderName, or newFolderName is undefined'); return res.status(500).send('Erreur lors du déplacement du fichier.'); } const userDir = path.join(process.cwd(), 'cdn-files', userId); const sourcePath = path.join(userDir, oldFolderName, fileName); const destinationDir = path.join(userDir, newFolderName); const destinationPath = path.join(destinationDir, fileName); if (!sourcePath.startsWith(userDir) || !destinationPath.startsWith(userDir)) { ErrorLogger.error('Unauthorized directory access attempt'); return res.status(403).send('Unauthorized directory access attempt'); } try { const normalizedSourcePath = path.normalize(sourcePath); console.log('Full Source Path:', normalizedSourcePath); if (fs.existsSync(normalizedSourcePath)) { await fs.promises.access(destinationDir, fs.constants.W_OK); await fs.promises.rename(normalizedSourcePath, destinationPath); } else { console.log('File does not exist'); } res.redirect('/dpanel/dashboard'); } catch (err) { console.error(err); return res.status(500).send('Erreur lors du déplacement du fichier.'); } }); module.exports = router;