From c121bd42f38cc3bd47b68efd8cf70da158cbdf8d Mon Sep 17 00:00:00 2001
From: Pitu <heyitspitu@gmail.com>
Date: Sat, 12 Oct 2019 14:37:09 +0900
Subject: [PATCH] chore: upload fixes

---
 src/api/routes/files/filesGET.js     |  1 +
 src/api/routes/uploads/chunksPOST.js |  2 +-
 src/api/routes/uploads/uploadPOST.js | 70 ++++++++++++++++++++++++++--
 src/api/utils/Util.js                |  1 +
 4 files changed, 68 insertions(+), 6 deletions(-)

diff --git a/src/api/routes/files/filesGET.js b/src/api/routes/files/filesGET.js
index ce288ff..f0779fd 100644
--- a/src/api/routes/files/filesGET.js
+++ b/src/api/routes/files/filesGET.js
@@ -33,6 +33,7 @@ class filesGET extends Route {
 			For each file, create the public link to be able to display the file
 		*/
 		for (let file of files) {
+			console.log(file);
 			file = Util.constructFilePublicLink(file);
 		}
 
diff --git a/src/api/routes/uploads/chunksPOST.js b/src/api/routes/uploads/chunksPOST.js
index 075b4cd..1c02bc7 100644
--- a/src/api/routes/uploads/chunksPOST.js
+++ b/src/api/routes/uploads/chunksPOST.js
@@ -60,7 +60,7 @@ class uploadPOST extends Route {
 			await jetpack.removeAsync(chunkOutput);
 		}
 
-		return res.send(201, {
+		return res.status(201).send({
 			message: 'Sucessfully merged the chunk(s).',
 			...info
 			/*
diff --git a/src/api/routes/uploads/uploadPOST.js b/src/api/routes/uploads/uploadPOST.js
index a461130..06959f4 100644
--- a/src/api/routes/uploads/uploadPOST.js
+++ b/src/api/routes/uploads/uploadPOST.js
@@ -3,6 +3,7 @@ const path = require('path');
 const Util = require('../../utils/Util');
 const jetpack = require('fs-jetpack');
 const multer = require('multer');
+const moment = require('moment');
 const upload = multer({
 	storage: multer.memoryStorage(),
 	limits: {
@@ -29,14 +30,24 @@ class uploadPOST extends Route {
 	async run(req, res, db) {
 		const user = await Util.isAuthorized(req);
 		if (!user && process.env.PUBLIC_MODE == 'false') return res.status(401).json({ message: 'Not authorized to use this resource' });
+
 		return upload(req, res, async err => {
 			if (err) console.error(err.message);
 
-			const remappedKeys = this._remapKeys(req.body);
-			// const { uuid, chunkindex } = this._remapKeys(req.body);
+			const albumId = req.body.albumid || req.headers.albumid;
+			if (albumId && !user) return res.status(401).json({ message: 'Only registered users can upload files to an album' });
+			if (albumId && user) {
+				const album = await db.table('albums').where({ id: albumId, userId: user.id }).first();
+				if (!album) return res.status(401).json({ message: 'Album doesn\'t exist or it doesn\'t belong to the user' });
+			}
+
 			let uploadedFile = {};
+			let originalFile;
+			let insertedId;
+
+			const remappedKeys = this._remapKeys(req.body);
 			for (const file of req.files) {
-				// console.log(file);
+				originalFile = file;
 				const ext = path.extname(file.originalname);
 				const hash = Util.generateFileHash(file.buffer);
 				const filename = Util.getUniqueFilename(file.originalname);
@@ -69,15 +80,64 @@ class uploadPOST extends Route {
 				}
 			}
 
-			if (!remappedKeys || !remappedKeys.uuid) Util.generateThumbnails(uploadedFile.name);
+			if (!remappedKeys || !remappedKeys.uuid) {
+				Util.generateThumbnails(uploadedFile.name);
+				insertedId = await this.saveFileToDatabase(req, res, user, db, uploadedFile, originalFile);
+				if (!insertedId) return res.status(500).json({ message: 'There was an error saving the file.' });
+				uploadedFile.deleteUrl = `${process.env.DOMAIN}/api/file/${insertedId[0]}`;
+			}
 
-			return res.send(201, {
+			return res.status(201).send({
 				message: 'Sucessfully uploaded the file.',
 				...uploadedFile
 			});
 		});
 	}
 
+	async saveFileToDatabase(req, res, user, db, file, originalFile) {
+		/*
+			Save the upload information to the database
+		*/
+		const now = moment.utc().toDate();
+		let insertedId = null;
+		try {
+			/*
+				This is so fucking dumb
+			*/
+			if (process.env.DB_CLIENT === 'sqlite3') {
+				insertedId = await db.table('files').insert({
+					userId: user ? user.id : null,
+					name: file.name,
+					original: originalFile.originalname,
+					type: originalFile.mimetype || '',
+					size: file.size,
+					hash: file.hash,
+					ip: req.ip,
+					createdAt: now,
+					editedAt: now
+				});
+			} else {
+				insertedId = await db.table('files').insert({
+					userId: user ? user.id : null,
+					name: file.name,
+					original: originalFile.originalname,
+					type: originalFile.mimetype || '',
+					size: file.size,
+					hash: file.hash,
+					ip: req.ip,
+					createdAt: now,
+					editedAt: now
+				}, 'id');
+			}
+			return insertedId;
+		} catch (error) {
+			console.error('There was an error saving the file to the database');
+			console.error(error);
+			return null;
+			// return res.status(500).json({ message: 'There was an error uploading the file.' });
+		}
+	}
+
 	_remapKeys(body) {
 		const keys = Object.keys(body);
 		if (keys.length) {
diff --git a/src/api/utils/Util.js b/src/api/utils/Util.js
index d7c9623..0251cc0 100644
--- a/src/api/utils/Util.js
+++ b/src/api/utils/Util.js
@@ -89,6 +89,7 @@ class Util {
 	}
 
 	static getFileThumbnail(filename) {
+		if (!filename) return null;
 		const ext = path.extname(filename).toLowerCase();
 		if (!imageExtensions.includes(ext) && !videoExtensions.includes(ext)) return null;
 		return `${filename.slice(0, -ext.length)}.png`;