APIv4: GET /files/{file_id}/preview (#5568)

patch 1

2 files changed, 85 insertions, 0 deletions

diff --git a/api4/file.go b/api4/file.go
index 566878156..fa414faa3 100644
--- a/api4/file.go
+++ b/api4/file.go
@@ -25,6 +25,7 @@ func InitFile() {
 	BaseRoutes.File.Handle("", ApiSessionRequired(getFile)).Methods("GET")
 	BaseRoutes.File.Handle("/thumbnail", ApiSessionRequired(getFileThumbnail)).Methods("GET")
 	BaseRoutes.File.Handle("/link", ApiSessionRequired(getFileLink)).Methods("GET")
+	BaseRoutes.File.Handle("/preview", ApiSessionRequired(getFilePreview)).Methods("GET")
 
 }
 
@@ -161,6 +162,38 @@ func getFileLink(c *Context, w http.ResponseWriter, r *http.Request) {
 	w.Write([]byte(model.MapToJson(resp)))
 }
 
+func getFilePreview(c *Context, w http.ResponseWriter, r *http.Request) {
+	c.RequireFileId()
+	if c.Err != nil {
+		return
+	}
+
+	info, err := app.GetFileInfo(c.Params.FileId)
+	if err != nil {
+		c.Err = err
+		return
+	}
+
+	if info.CreatorId != c.Session.UserId && !app.SessionHasPermissionToChannelByPost(c.Session, info.PostId, model.PERMISSION_READ_CHANNEL) {
+		c.SetPermissionError(model.PERMISSION_READ_CHANNEL)
+		return
+	}
+
+	if info.PreviewPath == "" {
+		c.Err = model.NewLocAppError("getFilePreview", "api.file.get_file_preview.no_preview.app_error", nil, "file_id="+info.Id)
+		c.Err.StatusCode = http.StatusBadRequest
+		return
+	}
+
+	if data, err := app.ReadFile(info.PreviewPath); err != nil {
+		c.Err = err
+		c.Err.StatusCode = http.StatusNotFound
+	} else if err := writeFileResponse(info.Name, info.MimeType, data, w, r); err != nil {
+		c.Err = err
+		return
+	}
+}
+
 func writeFileResponse(filename string, contentType string, bytes []byte, w http.ResponseWriter, r *http.Request) *model.AppError {
 	w.Header().Set("Cache-Control", "max-age=2592000, public")
 	w.Header().Set("Content-Length", strconv.Itoa(len(bytes)))
diff --git a/api4/file_test.go b/api4/file_test.go
index d6de56b7d..be4f4a59c 100644
--- a/api4/file_test.go
+++ b/api4/file_test.go
@@ -277,3 +277,55 @@ func TestGetFileLink(t *testing.T) {
 		cleanupTestFile(result.Data.(*model.FileInfo))
 	}
 }
+
+func TestGetFilePreview(t *testing.T) {
+	th := Setup().InitBasic().InitSystemAdmin()
+	defer TearDown()
+	Client := th.Client
+	channel := th.BasicChannel
+
+	if utils.Cfg.FileSettings.DriverName == "" {
+		t.Skip("skipping because no file driver is enabled")
+	}
+
+	fileId := ""
+	var sent []byte
+	var err error
+	if sent, err = readTestFile("test.png"); err != nil {
+		t.Fatal(err)
+	} else {
+		fileResp, resp := Client.UploadFile(sent, channel.Id, "test.png")
+		CheckNoError(t, resp)
+
+		fileId = fileResp.FileInfos[0].Id
+	}
+
+	// Wait a bit for files to ready
+	time.Sleep(2 * time.Second)
+
+	data, resp := Client.GetFilePreview(fileId)
+	CheckNoError(t, resp)
+
+	if data == nil || len(data) == 0 {
+		t.Fatal("should not be empty")
+	}
+
+	_, resp = Client.GetFilePreview("junk")
+	CheckBadRequestStatus(t, resp)
+
+	_, resp = Client.GetFilePreview(model.NewId())
+	CheckNotFoundStatus(t, resp)
+
+	Client.Logout()
+	_, resp = Client.GetFilePreview(fileId)
+	CheckUnauthorizedStatus(t, resp)
+
+	otherUser := th.CreateUser()
+	Client.Login(otherUser.Email, otherUser.Password)
+	_, resp = Client.GetFilePreview(fileId)
+	CheckForbiddenStatus(t, resp)
+
+	Client.Logout()
+	_, resp = th.SystemAdminClient.GetFilePreview(fileId)
+	CheckNoError(t, resp)
+}