memos/server/memo.go

508 lines
17 KiB
Go
Raw Normal View History

2022-02-03 10:32:03 +03:00
package server
import (
"encoding/json"
2022-02-03 10:32:03 +03:00
"fmt"
"net/http"
"strconv"
"strings"
2022-09-30 17:58:59 +03:00
"time"
2022-02-03 10:32:03 +03:00
"github.com/pkg/errors"
2022-06-27 17:09:06 +03:00
"github.com/usememos/memos/api"
"github.com/usememos/memos/common"
2022-02-03 10:32:03 +03:00
"github.com/labstack/echo/v4"
)
func (s *Server) registerMemoRoutes(g *echo.Group) {
g.POST("/memo", func(c echo.Context) error {
2022-08-07 05:17:12 +03:00
ctx := c.Request().Context()
2022-07-28 15:09:25 +03:00
userID, ok := c.Get(getUserIDContextKey()).(int)
if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
}
2022-09-24 04:34:01 +03:00
2022-12-28 15:22:52 +03:00
memoCreate := &api.MemoCreate{}
if err := json.NewDecoder(c.Request().Body).Decode(memoCreate); err != nil {
2022-02-03 10:32:03 +03:00
return echo.NewHTTPError(http.StatusBadRequest, "Malformatted post memo request").SetInternal(err)
}
if memoCreate.Visibility == "" {
userMemoVisibilitySetting, err := s.Store.FindUserSetting(ctx, &api.UserSettingFind{
UserID: userID,
Key: api.UserSettingMemoVisibilityKey,
})
2022-08-20 16:51:28 +03:00
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user setting").SetInternal(err)
}
if userMemoVisibilitySetting != nil {
2022-11-26 09:23:29 +03:00
memoVisibility := api.Private
err := json.Unmarshal([]byte(userMemoVisibilitySetting.Value), &memoVisibility)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to unmarshal user setting value").SetInternal(err)
}
memoCreate.Visibility = memoVisibility
} else {
// Private is the default memo visibility.
2022-11-26 09:23:29 +03:00
memoCreate.Visibility = api.Private
2022-08-20 16:51:28 +03:00
}
}
// Find system settings
disablePublicMemosSystemSetting, err := s.Store.FindSystemSetting(ctx, &api.SystemSettingFind{
Name: api.SystemSettingDisablePublicMemosName,
})
if err != nil && common.ErrorCode(err) != common.NotFound {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find system setting").SetInternal(err)
}
if disablePublicMemosSystemSetting != nil {
disablePublicMemos := false
err = json.Unmarshal([]byte(disablePublicMemosSystemSetting.Value), &disablePublicMemos)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to unmarshal system setting").SetInternal(err)
}
if disablePublicMemos {
memoCreate.Visibility = api.Private
}
}
if len(memoCreate.Content) > api.MaxContentLength {
return echo.NewHTTPError(http.StatusBadRequest, "Content size overflow, up to 1MB").SetInternal(err)
}
2022-12-28 15:22:52 +03:00
memoCreate.CreatorID = userID
2022-08-07 05:17:12 +03:00
memo, err := s.Store.CreateMemo(ctx, memoCreate)
2022-02-03 10:32:03 +03:00
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to create memo").SetInternal(err)
}
if err := s.createMemoCreateActivity(c, memo); err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to create activity").SetInternal(err)
}
2022-02-03 10:32:03 +03:00
2022-10-01 05:57:14 +03:00
for _, resourceID := range memoCreate.ResourceIDList {
if _, err := s.Store.UpsertMemoResource(ctx, &api.MemoResourceUpsert{
MemoID: memo.ID,
ResourceID: resourceID,
}); err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to upsert memo resource").SetInternal(err)
}
}
memo, err = s.Store.ComposeMemo(ctx, memo)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to compose memo").SetInternal(err)
}
return c.JSON(http.StatusOK, composeResponse(memo))
2022-02-03 10:32:03 +03:00
})
2022-02-18 17:21:10 +03:00
2022-02-03 10:32:03 +03:00
g.PATCH("/memo/:memoId", func(c echo.Context) error {
2022-08-07 05:17:12 +03:00
ctx := c.Request().Context()
2022-09-24 04:34:01 +03:00
userID, ok := c.Get(getUserIDContextKey()).(int)
if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
}
2022-05-02 21:05:43 +03:00
memoID, err := strconv.Atoi(c.Param("memoId"))
2022-02-03 10:32:03 +03:00
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
}
2022-12-28 15:22:52 +03:00
memo, err := s.Store.FindMemo(ctx, &api.MemoFind{
ID: &memoID,
})
if err != nil {
2022-09-24 04:34:01 +03:00
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find memo").SetInternal(err)
}
2022-12-28 15:22:52 +03:00
if memo.CreatorID != userID {
return echo.NewHTTPError(http.StatusUnauthorized, "Unauthorized")
}
2022-09-24 04:34:01 +03:00
currentTs := time.Now().Unix()
2022-02-03 10:32:03 +03:00
memoPatch := &api.MemoPatch{
ID: memoID,
UpdatedTs: &currentTs,
2022-02-03 10:32:03 +03:00
}
if err := json.NewDecoder(c.Request().Body).Decode(memoPatch); err != nil {
2022-02-03 10:32:03 +03:00
return echo.NewHTTPError(http.StatusBadRequest, "Malformatted patch memo request").SetInternal(err)
}
if memoPatch.Content != nil && len(*memoPatch.Content) > api.MaxContentLength {
return echo.NewHTTPError(http.StatusBadRequest, "Content size overflow, up to 1MB").SetInternal(err)
}
2022-12-28 15:22:52 +03:00
memo, err = s.Store.PatchMemo(ctx, memoPatch)
2022-02-03 10:32:03 +03:00
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to patch memo").SetInternal(err)
}
for _, resourceID := range memoPatch.ResourceIDList {
if _, err := s.Store.UpsertMemoResource(ctx, &api.MemoResourceUpsert{
MemoID: memo.ID,
ResourceID: resourceID,
}); err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to upsert memo resource").SetInternal(err)
}
}
memo, err = s.Store.ComposeMemo(ctx, memo)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to compose memo").SetInternal(err)
}
return c.JSON(http.StatusOK, composeResponse(memo))
2022-02-03 10:32:03 +03:00
})
2022-02-18 17:21:10 +03:00
2022-02-03 10:32:03 +03:00
g.GET("/memo", func(c echo.Context) error {
2022-08-07 05:17:12 +03:00
ctx := c.Request().Context()
memoFind := &api.MemoFind{}
if userID, err := strconv.Atoi(c.QueryParam("creatorId")); err == nil {
memoFind.CreatorID = &userID
2022-02-03 10:32:03 +03:00
}
2022-05-19 13:32:04 +03:00
2022-07-27 14:45:37 +03:00
currentUserID, ok := c.Get(getUserIDContextKey()).(int)
if !ok {
if memoFind.CreatorID == nil {
return echo.NewHTTPError(http.StatusBadRequest, "Missing user id to find memo")
}
memoFind.VisibilityList = []api.Visibility{api.Public}
} else {
if memoFind.CreatorID == nil {
memoFind.CreatorID = &currentUserID
} else {
memoFind.VisibilityList = []api.Visibility{api.Public, api.Protected}
}
}
2022-05-19 13:32:04 +03:00
rowStatus := api.RowStatus(c.QueryParam("rowStatus"))
2022-03-28 19:01:34 +03:00
if rowStatus != "" {
memoFind.RowStatus = &rowStatus
2022-02-04 16:24:21 +03:00
}
2022-05-19 13:32:04 +03:00
pinnedStr := c.QueryParam("pinned")
if pinnedStr != "" {
pinned := pinnedStr == "true"
memoFind.Pinned = &pinned
}
2022-06-14 18:09:03 +03:00
tag := c.QueryParam("tag")
if tag != "" {
2022-12-28 15:22:52 +03:00
contentSearch := "#" + tag
2022-06-21 16:58:33 +03:00
memoFind.ContentSearch = &contentSearch
}
2022-11-26 09:23:29 +03:00
visibilityListStr := c.QueryParam("visibility")
if visibilityListStr != "" {
visibilityList := []api.Visibility{}
2022-11-26 09:23:29 +03:00
for _, visibility := range strings.Split(visibilityListStr, ",") {
visibilityList = append(visibilityList, api.Visibility(visibility))
}
memoFind.VisibilityList = visibilityList
}
2022-06-21 16:58:33 +03:00
if limit, err := strconv.Atoi(c.QueryParam("limit")); err == nil {
memoFind.Limit = &limit
2022-06-21 16:58:33 +03:00
}
if offset, err := strconv.Atoi(c.QueryParam("offset")); err == nil {
memoFind.Offset = &offset
2022-06-14 18:09:03 +03:00
}
2022-02-04 16:24:21 +03:00
2022-08-07 05:17:12 +03:00
list, err := s.Store.FindMemoList(ctx, memoFind)
2022-02-03 10:32:03 +03:00
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch memo list").SetInternal(err)
}
return c.JSON(http.StatusOK, composeResponse(list))
2022-02-03 10:32:03 +03:00
})
2022-02-18 17:21:10 +03:00
g.GET("/memo/:memoId", func(c echo.Context) error {
2022-08-07 05:17:12 +03:00
ctx := c.Request().Context()
2022-05-19 13:32:04 +03:00
memoID, err := strconv.Atoi(c.Param("memoId"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
}
memoFind := &api.MemoFind{
2022-05-19 13:32:04 +03:00
ID: &memoID,
}
memo, err := s.Store.FindMemo(ctx, memoFind)
2022-05-19 13:32:04 +03:00
if err != nil {
if common.ErrorCode(err) == common.NotFound {
return echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("Memo ID not found: %d", memoID)).SetInternal(err)
}
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("Failed to find memo by ID: %v", memoID)).SetInternal(err)
}
2022-09-24 04:34:01 +03:00
userID, ok := c.Get(getUserIDContextKey()).(int)
2022-11-26 09:23:29 +03:00
if memo.Visibility == api.Private {
2022-09-24 04:34:01 +03:00
if !ok || memo.CreatorID != userID {
return echo.NewHTTPError(http.StatusForbidden, "this memo is private only")
}
} else if memo.Visibility == api.Protected {
if !ok {
return echo.NewHTTPError(http.StatusForbidden, "this memo is protected, missing user in session")
}
}
return c.JSON(http.StatusOK, composeResponse(memo))
2022-05-19 13:32:04 +03:00
})
g.POST("/memo/:memoId/organizer", func(c echo.Context) error {
2022-08-07 05:17:12 +03:00
ctx := c.Request().Context()
2022-05-02 21:05:43 +03:00
memoID, err := strconv.Atoi(c.Param("memoId"))
2022-02-03 10:32:03 +03:00
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
}
userID, ok := c.Get(getUserIDContextKey()).(int)
if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
2022-02-03 10:32:03 +03:00
}
2022-12-28 15:22:52 +03:00
memoOrganizerUpsert := &api.MemoOrganizerUpsert{}
if err := json.NewDecoder(c.Request().Body).Decode(memoOrganizerUpsert); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "Malformatted post memo organizer request").SetInternal(err)
}
2022-12-28 15:22:52 +03:00
memoOrganizerUpsert.MemoID = memoID
memoOrganizerUpsert.UserID = userID
err = s.Store.UpsertMemoOrganizer(ctx, memoOrganizerUpsert)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to upsert memo organizer").SetInternal(err)
}
memo, err := s.Store.FindMemo(ctx, &api.MemoFind{
ID: &memoID,
})
2022-02-03 10:32:03 +03:00
if err != nil {
if common.ErrorCode(err) == common.NotFound {
2022-05-02 21:05:43 +03:00
return echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("Memo ID not found: %d", memoID)).SetInternal(err)
2022-02-03 10:32:03 +03:00
}
2022-02-05 19:25:41 +03:00
2022-05-02 21:05:43 +03:00
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("Failed to find memo by ID: %v", memoID)).SetInternal(err)
2022-02-03 10:32:03 +03:00
}
return c.JSON(http.StatusOK, composeResponse(memo))
2022-02-03 10:32:03 +03:00
})
2022-02-18 17:21:10 +03:00
2022-09-30 17:58:59 +03:00
g.POST("/memo/:memoId/resource", func(c echo.Context) error {
ctx := c.Request().Context()
memoID, err := strconv.Atoi(c.Param("memoId"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
}
userID, ok := c.Get(getUserIDContextKey()).(int)
if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
2022-09-30 17:58:59 +03:00
}
memoResourceUpsert := &api.MemoResourceUpsert{}
2022-09-30 17:58:59 +03:00
if err := json.NewDecoder(c.Request().Body).Decode(memoResourceUpsert); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "Malformatted post memo resource request").SetInternal(err)
}
resourceFind := &api.ResourceFind{
ID: &memoResourceUpsert.ResourceID,
}
resource, err := s.Store.FindResource(ctx, resourceFind)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch resource").SetInternal(err)
}
if resource == nil {
return echo.NewHTTPError(http.StatusBadRequest, "Resource not found").SetInternal(err)
} else if resource.CreatorID != userID {
return echo.NewHTTPError(http.StatusUnauthorized, "Unauthorized to bind this resource").SetInternal(err)
}
memoResourceUpsert.MemoID = memoID
currentTs := time.Now().Unix()
memoResourceUpsert.UpdatedTs = &currentTs
if _, err := s.Store.UpsertMemoResource(ctx, memoResourceUpsert); err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to upsert memo resource").SetInternal(err)
}
return c.JSON(http.StatusOK, composeResponse(resource))
2022-09-30 17:58:59 +03:00
})
g.GET("/memo/:memoId/resource", func(c echo.Context) error {
ctx := c.Request().Context()
memoID, err := strconv.Atoi(c.Param("memoId"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
}
resourceFind := &api.ResourceFind{
MemoID: &memoID,
}
resourceList, err := s.Store.FindResourceList(ctx, resourceFind)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch resource list").SetInternal(err)
}
return c.JSON(http.StatusOK, composeResponse(resourceList))
2022-09-30 17:58:59 +03:00
})
2022-12-28 15:22:52 +03:00
g.GET("/memo/stats", func(c echo.Context) error {
ctx := c.Request().Context()
normalStatus := api.Normal
memoFind := &api.MemoFind{
RowStatus: &normalStatus,
}
if creatorID, err := strconv.Atoi(c.QueryParam("creatorId")); err == nil {
memoFind.CreatorID = &creatorID
}
if memoFind.CreatorID == nil {
return echo.NewHTTPError(http.StatusBadRequest, "Missing user id to find memo")
}
currentUserID, ok := c.Get(getUserIDContextKey()).(int)
if !ok {
memoFind.VisibilityList = []api.Visibility{api.Public}
} else {
if *memoFind.CreatorID != currentUserID {
memoFind.VisibilityList = []api.Visibility{api.Public, api.Protected}
} else {
memoFind.VisibilityList = []api.Visibility{api.Public, api.Protected, api.Private}
}
}
list, err := s.Store.FindMemoList(ctx, memoFind)
2022-09-30 17:58:59 +03:00
if err != nil {
2022-12-28 15:22:52 +03:00
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch memo list").SetInternal(err)
2022-09-30 17:58:59 +03:00
}
createdTsList := []int64{}
2022-12-28 15:22:52 +03:00
for _, memo := range list {
createdTsList = append(createdTsList, memo.CreatedTs)
2022-09-30 17:58:59 +03:00
}
return c.JSON(http.StatusOK, composeResponse(createdTsList))
2022-12-28 15:22:52 +03:00
})
2022-09-30 17:58:59 +03:00
2022-12-28 15:22:52 +03:00
g.GET("/memo/all", func(c echo.Context) error {
ctx := c.Request().Context()
memoFind := &api.MemoFind{}
_, ok := c.Get(getUserIDContextKey()).(int)
if !ok {
memoFind.VisibilityList = []api.Visibility{api.Public}
} else {
memoFind.VisibilityList = []api.Visibility{api.Public, api.Protected}
}
pinnedStr := c.QueryParam("pinned")
if pinnedStr != "" {
pinned := pinnedStr == "true"
memoFind.Pinned = &pinned
}
tag := c.QueryParam("tag")
if tag != "" {
contentSearch := "#" + tag + " "
memoFind.ContentSearch = &contentSearch
}
visibilityListStr := c.QueryParam("visibility")
if visibilityListStr != "" {
visibilityList := []api.Visibility{}
for _, visibility := range strings.Split(visibilityListStr, ",") {
visibilityList = append(visibilityList, api.Visibility(visibility))
}
memoFind.VisibilityList = visibilityList
}
if limit, err := strconv.Atoi(c.QueryParam("limit")); err == nil {
memoFind.Limit = &limit
2022-12-28 15:22:52 +03:00
}
if offset, err := strconv.Atoi(c.QueryParam("offset")); err == nil {
memoFind.Offset = &offset
2022-12-28 15:22:52 +03:00
}
// Only fetch normal status memos.
normalStatus := api.Normal
memoFind.RowStatus = &normalStatus
list, err := s.Store.FindMemoList(ctx, memoFind)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch all memo list").SetInternal(err)
}
return c.JSON(http.StatusOK, composeResponse(list))
2022-09-30 17:58:59 +03:00
})
2022-02-03 10:32:03 +03:00
g.DELETE("/memo/:memoId", func(c echo.Context) error {
2022-08-07 05:17:12 +03:00
ctx := c.Request().Context()
2022-09-24 04:34:01 +03:00
userID, ok := c.Get(getUserIDContextKey()).(int)
if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
}
2022-05-02 21:05:43 +03:00
memoID, err := strconv.Atoi(c.Param("memoId"))
2022-02-03 10:32:03 +03:00
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
}
2022-12-28 15:22:52 +03:00
memo, err := s.Store.FindMemo(ctx, &api.MemoFind{
ID: &memoID,
})
if err != nil {
2022-09-24 04:34:01 +03:00
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find memo").SetInternal(err)
}
2022-12-28 15:22:52 +03:00
if memo.CreatorID != userID {
return echo.NewHTTPError(http.StatusUnauthorized, "Unauthorized")
}
2022-09-24 04:34:01 +03:00
2022-02-03 10:32:03 +03:00
memoDelete := &api.MemoDelete{
2022-05-17 16:21:13 +03:00
ID: memoID,
2022-02-03 10:32:03 +03:00
}
2022-08-07 05:17:12 +03:00
if err := s.Store.DeleteMemo(ctx, memoDelete); err != nil {
if common.ErrorCode(err) == common.NotFound {
return echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("Memo ID not found: %d", memoID))
}
2022-05-02 21:05:43 +03:00
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("Failed to delete memo ID: %v", memoID)).SetInternal(err)
2022-02-03 10:32:03 +03:00
}
return c.JSON(http.StatusOK, true)
2022-02-03 10:32:03 +03:00
})
2022-12-28 15:22:52 +03:00
g.DELETE("/memo/:memoId/resource/:resourceId", func(c echo.Context) error {
ctx := c.Request().Context()
userID, ok := c.Get(getUserIDContextKey()).(int)
if !ok {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
}
memoID, err := strconv.Atoi(c.Param("memoId"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Memo ID is not a number: %s", c.Param("memoId"))).SetInternal(err)
}
resourceID, err := strconv.Atoi(c.Param("resourceId"))
if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Resource ID is not a number: %s", c.Param("resourceId"))).SetInternal(err)
}
memo, err := s.Store.FindMemo(ctx, &api.MemoFind{
ID: &memoID,
})
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find memo").SetInternal(err)
}
if memo.CreatorID != userID {
return echo.NewHTTPError(http.StatusUnauthorized, "Unauthorized")
}
memoResourceDelete := &api.MemoResourceDelete{
MemoID: &memoID,
ResourceID: &resourceID,
}
if err := s.Store.DeleteMemoResource(ctx, memoResourceDelete); err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch resource list").SetInternal(err)
}
return c.JSON(http.StatusOK, true)
})
2022-02-03 10:32:03 +03:00
}
func (s *Server) createMemoCreateActivity(c echo.Context, memo *api.Memo) error {
ctx := c.Request().Context()
payload := api.ActivityMemoCreatePayload{
Content: memo.Content,
Visibility: memo.Visibility.String(),
}
payloadBytes, err := json.Marshal(payload)
if err != nil {
return errors.Wrap(err, "failed to marshal activity payload")
}
2023-01-05 15:56:50 +03:00
activity, err := s.Store.CreateActivity(ctx, &api.ActivityCreate{
CreatorID: memo.CreatorID,
Type: api.ActivityMemoCreate,
Level: api.ActivityInfo,
Payload: string(payloadBytes),
})
2023-01-07 06:49:58 +03:00
if err != nil || activity == nil {
return errors.Wrap(err, "failed to create activity")
}
return err
}