diff options
Diffstat (limited to 'api4')
-rw-r--r-- | api4/file.go | 22 | ||||
-rw-r--r-- | api4/file_test.go | 67 |
2 files changed, 89 insertions, 0 deletions
diff --git a/api4/file.go b/api4/file.go index fa414faa3..d3c7f7a7f 100644 --- a/api4/file.go +++ b/api4/file.go @@ -26,6 +26,7 @@ func InitFile() { BaseRoutes.File.Handle("/thumbnail", ApiSessionRequired(getFileThumbnail)).Methods("GET") BaseRoutes.File.Handle("/link", ApiSessionRequired(getFileLink)).Methods("GET") BaseRoutes.File.Handle("/preview", ApiSessionRequired(getFilePreview)).Methods("GET") + BaseRoutes.File.Handle("/info", ApiSessionRequired(getFileInfo)).Methods("GET") } @@ -194,6 +195,27 @@ func getFilePreview(c *Context, w http.ResponseWriter, r *http.Request) { } } +func getFileInfo(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireFileId() + if c.Err != nil { + return + } + + info, err := app.GetFileInfo(c.Params.FileId) + if err != nil { + c.Err = err + return + } + + if info.CreatorId != c.Session.UserId && !app.SessionHasPermissionToChannelByPost(c.Session, info.PostId, model.PERMISSION_READ_CHANNEL) { + c.SetPermissionError(model.PERMISSION_READ_CHANNEL) + return + } + + w.Header().Set("Cache-Control", "max-age=2592000, public") + w.Write([]byte(info.ToJson())) +} + func writeFileResponse(filename string, contentType string, bytes []byte, w http.ResponseWriter, r *http.Request) *model.AppError { w.Header().Set("Cache-Control", "max-age=2592000, public") w.Header().Set("Content-Length", strconv.Itoa(len(bytes))) diff --git a/api4/file_test.go b/api4/file_test.go index be4f4a59c..f257ec074 100644 --- a/api4/file_test.go +++ b/api4/file_test.go @@ -329,3 +329,70 @@ func TestGetFilePreview(t *testing.T) { _, resp = th.SystemAdminClient.GetFilePreview(fileId) CheckNoError(t, resp) } + +func TestGetFileInfo(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + user := th.BasicUser + channel := th.BasicChannel + + if utils.Cfg.FileSettings.DriverName == "" { + t.Skip("skipping because no file driver is enabled") + } + + fileId := "" + var sent []byte + var err error + if sent, err = readTestFile("test.png"); err != nil { + t.Fatal(err) + } else { + fileResp, resp := Client.UploadFile(sent, channel.Id, "test.png") + CheckNoError(t, resp) + + fileId = fileResp.FileInfos[0].Id + } + + // Wait a bit for files to ready + time.Sleep(2 * time.Second) + + info, resp := Client.GetFileInfo(fileId) + CheckNoError(t, resp) + + if err != nil { + t.Fatal(err) + } else if info.Id != fileId { + t.Fatal("got incorrect file") + } else if info.CreatorId != user.Id { + t.Fatal("file should be assigned to user") + } else if info.PostId != "" { + t.Fatal("file shouldn't have a post") + } else if info.Path != "" { + t.Fatal("file path shouldn't have been returned to client") + } else if info.ThumbnailPath != "" { + t.Fatal("file thumbnail path shouldn't have been returned to client") + } else if info.PreviewPath != "" { + t.Fatal("file preview path shouldn't have been returned to client") + } else if info.MimeType != "image/png" { + t.Fatal("mime type should've been image/png") + } + + _, resp = Client.GetFileInfo("junk") + CheckBadRequestStatus(t, resp) + + _, resp = Client.GetFileInfo(model.NewId()) + CheckNotFoundStatus(t, resp) + + Client.Logout() + _, resp = Client.GetFileInfo(fileId) + CheckUnauthorizedStatus(t, resp) + + otherUser := th.CreateUser() + Client.Login(otherUser.Email, otherUser.Password) + _, resp = Client.GetFileInfo(fileId) + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = th.SystemAdminClient.GetFileInfo(fileId) + CheckNoError(t, resp) +} |