APIv4: GET /files/{file_id}/info (#5591)

2 files changed, 89 insertions, 0 deletions

diff --git a/api4/file.go b/api4/file.go
index fa414faa3..d3c7f7a7f 100644
--- a/api4/file.go
+++ b/api4/file.go
@@ -26,6 +26,7 @@ func InitFile() {
 	BaseRoutes.File.Handle("/thumbnail", ApiSessionRequired(getFileThumbnail)).Methods("GET")
 	BaseRoutes.File.Handle("/link", ApiSessionRequired(getFileLink)).Methods("GET")
 	BaseRoutes.File.Handle("/preview", ApiSessionRequired(getFilePreview)).Methods("GET")
+	BaseRoutes.File.Handle("/info", ApiSessionRequired(getFileInfo)).Methods("GET")
 
 }
 
@@ -194,6 +195,27 @@ func getFilePreview(c *Context, w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func getFileInfo(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireFileId()
+	if c.Err != nil {
+		return
+	}
+
+	info, err := app.GetFileInfo(c.Params.FileId)
+	if err != nil {
+		c.Err = err
+		return
+	}
+
+	if info.CreatorId != c.Session.UserId && !app.SessionHasPermissionToChannelByPost(c.Session, info.PostId, model.PERMISSION_READ_CHANNEL) {
+		c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
+		return
+	}
+
+	w.Header().Set("Cache-Control", "max-age=2592000, public")
+	w.Write([]byte(info.ToJson()))
+}
+
 func writeFileResponse(filename string, contentType string, bytes []byte, w http.ResponseWriter, r *http.Request) *model.AppError {
 	w.Header().Set("Cache-Control", "max-age=2592000, public")
 	w.Header().Set("Content-Length", strconv.Itoa(len(bytes)))
diff --git a/api4/file_test.go b/api4/file_test.go
index be4f4a59c..f257ec074 100644
--- a/api4/file_test.go
+++ b/api4/file_test.go
@@ -329,3 +329,70 @@ func TestGetFilePreview(t *testing.T) {
 	_, resp = th.SystemAdminClient.GetFilePreview(fileId)
 	CheckNoError(t, resp)
 }
+
+func TestGetFileInfo(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+	user := th.BasicUser
+	channel := th.BasicChannel
+
+	if utils.Cfg.FileSettings.DriverName == "" {
+		t.Skip("skipping because no file driver is enabled")
+	}
+
+	fileId := ""
+	var sent []byte
+	var err error
+	if sent, err = readTestFile("test.png"); err != nil {
+		t.Fatal(err)
+	} else {
+		fileResp, resp := Client.UploadFile(sent, channel.Id, "test.png")
+		CheckNoError(t, resp)
+
+		fileId = fileResp.FileInfos[0].Id
+	}
+
+	// Wait a bit for files to ready
+	time.Sleep(2 * time.Second)
+
+	info, resp := Client.GetFileInfo(fileId)
+	CheckNoError(t, resp)
+
+	if err != nil {
+		t.Fatal(err)
+	} else if info.Id != fileId {
+		t.Fatal("got incorrect file")
+	} else if info.CreatorId != user.Id {
+		t.Fatal("file should be assigned to user")
+	} else if info.PostId != "" {
+		t.Fatal("file shouldn't have a post")
+	} else if info.Path != "" {
+		t.Fatal("file path shouldn't have been returned to client")
+	} else if info.ThumbnailPath != "" {
+		t.Fatal("file thumbnail path shouldn't have been returned to client")
+	} else if info.PreviewPath != "" {
+		t.Fatal("file preview path shouldn't have been returned to client")
+	} else if info.MimeType != "image/png" {
+		t.Fatal("mime type should've been image/png")
+	}
+
+	_, resp = Client.GetFileInfo("junk")
+	CheckBadRequestStatus(t, resp)
+
+	_, resp = Client.GetFileInfo(model.NewId())
+	CheckNotFoundStatus(t, resp)
+
+	Client.Logout()
+	_, resp = Client.GetFileInfo(fileId)
+	CheckUnauthorizedStatus(t, resp)
+
+	otherUser := th.CreateUser()
+	Client.Login(otherUser.Email, otherUser.Password)
+	_, resp = Client.GetFileInfo(fileId)
+	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+	_, resp = th.SystemAdminClient.GetFileInfo(fileId)
+	CheckNoError(t, resp)
+}