diff --git a/api/public/swagger.yaml b/api/public/swagger.yaml index 6adc771..e22f671 100644 --- a/api/public/swagger.yaml +++ b/api/public/swagger.yaml @@ -223,18 +223,6 @@ components: - fileTree type: object additionalProperties: false - GetFileResponse: - properties: - status: - type: string - fileContent: - type: string - message: - type: string - required: - - status - type: object - additionalProperties: false UpdateFileResponse: properties: status: @@ -610,24 +598,8 @@ paths: get: operationId: GetFile responses: - '200': - description: Ok - content: - application/json: - schema: - $ref: '#/components/schemas/GetFileResponse' - examples: - 'Example 1': - value: {status: success, fileContent: 'Contents of the File'} - '400': - description: 'Unable to get File' - content: - application/json: - schema: - $ref: '#/components/schemas/GetFileResponse' - examples: - 'Example 1': - value: {status: failure, message: 'File request failed.'} + '204': + description: 'No content' summary: 'Get file from SASjs Drive' tags: - Drive diff --git a/api/src/controllers/drive.ts b/api/src/controllers/drive.ts index 6bbb813..e799599 100644 --- a/api/src/controllers/drive.ts +++ b/api/src/controllers/drive.ts @@ -1,7 +1,8 @@ import path from 'path' -import { Express } from 'express' +import express, { Express } from 'express' import { Security, + Request, Route, Tags, Example, @@ -14,14 +15,7 @@ import { UploadedFile, FormField } from 'tsoa' -import { - fileExists, - readFile, - createFile, - moveFile, - createFolder, - deleteFile -} from '@sasjs/utils' +import { fileExists, createFile, moveFile, createFolder } from '@sasjs/utils' import { createFileTree, ExecutionController, getTreeExample } from './internal' import { FileTree, isFileTree, TreeNode } from '../types' @@ -103,17 +97,12 @@ export class DriveController { * @query filePath Location of SAS program * @example filePath "/Public/somefolder/some.file" */ - @Example({ - status: 'success', - fileContent: 'Contents of the File' - }) - @Response(400, 'Unable to get File', { - status: 'failure', - message: 'File request failed.' - }) @Get('/file') - public async getFile(@Query() filePath: string): Promise { - return getFile(filePath) + public async getFile( + @Request() request: express.Request, + @Query() filePath: string + ) { + return getFile(request, filePath) } /** @@ -190,24 +179,22 @@ const deploy = async (data: DeployPayload) => { return successDeployResponse } -const getFile = async (filePath: string): Promise => { - try { - const filePathFull = path - .join(getTmpFilesFolderPath(), filePath) - .replace(new RegExp('/', 'g'), path.sep) +const getFile = async (req: express.Request, filePath: string) => { + const driveFilesPath = getTmpFilesFolderPath() - await validateFilePath(filePathFull) - const fileContent = await readFile(filePathFull) + const filePathFull = path + .join(getTmpFilesFolderPath(), filePath) + .replace(new RegExp('/', 'g'), path.sep) - return { status: 'success', fileContent: fileContent } - } catch (err: any) { - throw { - code: 400, - status: 'failure', - message: 'File request failed.', - error: typeof err === 'object' ? err.toString() : err - } + if (!filePathFull.includes(driveFilesPath)) { + throw new Error('Cannot get file outside drive.') } + + if (!(await fileExists(filePathFull))) { + throw new Error('File does not exist.') + } + + req.res?.download(filePathFull) } const saveFile = async ( diff --git a/api/src/routes/api/drive.ts b/api/src/routes/api/drive.ts index 2a533f9..bee9375 100644 --- a/api/src/routes/api/drive.ts +++ b/api/src/routes/api/drive.ts @@ -32,14 +32,9 @@ driveRouter.get('/file', async (req, res) => { if (error) return res.status(400).send(error.details[0].message) try { - const response = await controller.getFile(query.filePath) - res.send(response) + await controller.getFile(req, query.filePath) } catch (err: any) { - const statusCode = err.code - - delete err.code - - res.status(statusCode).send(err) + res.status(403).send(err.toString()) } })