package server import ( "encoding/json" "fmt" "io/ioutil" "net/http" "strconv" "github.com/usememos/memos/api" "github.com/labstack/echo/v4" ) func (s *Server) registerResourceRoutes(g *echo.Group) { g.POST("/resource", func(c echo.Context) error { userID, ok := c.Get(getUserIDContextKey()).(int) if !ok { return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session") } err := c.Request().ParseMultipartForm(64 << 20) if err != nil { return echo.NewHTTPError(http.StatusBadRequest, "Upload file overload max size").SetInternal(err) } file, err := c.FormFile("file") if err != nil { return echo.NewHTTPError(http.StatusBadRequest, "Upload file not found").SetInternal(err) } filename := file.Filename filetype := file.Header.Get("Content-Type") size := file.Size src, err := file.Open() if err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to open file").SetInternal(err) } defer src.Close() fileBytes, err := ioutil.ReadAll(src) if err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to read file").SetInternal(err) } resourceCreate := &api.ResourceCreate{ Filename: filename, Type: filetype, Size: size, Blob: fileBytes, CreatorID: userID, } resource, err := s.Store.CreateResource(resourceCreate) if err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to create resource").SetInternal(err) } c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8) if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(resource)); err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode resource response").SetInternal(err) } return nil }) g.GET("/resource", func(c echo.Context) error { userID, ok := c.Get(getUserIDContextKey()).(int) if !ok { return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session") } resourceFind := &api.ResourceFind{ CreatorID: &userID, } list, err := s.Store.FindResourceList(resourceFind) if err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch resource list").SetInternal(err) } c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8) if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(list)); err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode resource list response").SetInternal(err) } return nil }) g.GET("/resource/:resourceId", func(c echo.Context) error { resourceID, err := strconv.Atoi(c.Param("resourceId")) if err != nil { return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("resourceId"))).SetInternal(err) } userID, ok := c.Get(getUserIDContextKey()).(int) if !ok { return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session") } resourceFind := &api.ResourceFind{ ID: &resourceID, CreatorID: &userID, } resource, err := s.Store.FindResource(resourceFind) if err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch resource").SetInternal(err) } c.Response().Header().Set(echo.HeaderContentType, echo.MIMEApplicationJSONCharsetUTF8) if err := json.NewEncoder(c.Response().Writer).Encode(composeResponse(resource)); err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to encode resource response").SetInternal(err) } return nil }) g.GET("/resource/:resourceId/blob", func(c echo.Context) error { resourceID, err := strconv.Atoi(c.Param("resourceId")) if err != nil { return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("resourceId"))).SetInternal(err) } userID, ok := c.Get(getUserIDContextKey()).(int) if !ok { return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session") } resourceFind := &api.ResourceFind{ ID: &resourceID, CreatorID: &userID, } resource, err := s.Store.FindResource(resourceFind) if err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to fetch resource").SetInternal(err) } c.Response().Writer.WriteHeader(http.StatusOK) c.Response().Writer.Header().Set("Content-Type", resource.Type) if _, err := c.Response().Writer.Write(resource.Blob); err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to write resource blob").SetInternal(err) } return nil }) g.DELETE("/resource/:resourceId", func(c echo.Context) error { userID, ok := c.Get(getUserIDContextKey()).(int) if !ok { return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session") } resourceID, err := strconv.Atoi(c.Param("resourceId")) if err != nil { return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("ID is not a number: %s", c.Param("resourceId"))).SetInternal(err) } resourceDelete := &api.ResourceDelete{ ID: resourceID, CreatorID: userID, } if err := s.Store.DeleteResource(resourceDelete); err != nil { return echo.NewHTTPError(http.StatusInternalServerError, "Failed to delete resource").SetInternal(err) } return c.JSON(http.StatusOK, true) }) }