diff options
Diffstat (limited to 'models')
-rw-r--r-- | models/activities.js | 6 | ||||
-rw-r--r-- | models/attachments.js | 322 | ||||
-rw-r--r-- | models/cards.js | 11 | ||||
-rw-r--r-- | models/export.js | 2 | ||||
-rw-r--r-- | models/trelloCreator.js | 1 | ||||
-rw-r--r-- | models/wekanCreator.js | 2 |
6 files changed, 93 insertions, 251 deletions
diff --git a/models/activities.js b/models/activities.js index b5fcb7d8..df207bca 100644 --- a/models/activities.js +++ b/models/activities.js @@ -217,7 +217,11 @@ if (Meteor.isServer) { } if (activity.attachmentId) { const attachment = activity.attachment(); - params.attachment = attachment.original.name; + if (attachment.original) { + params.attachment = attachment.original.name; + } else { + params.attachment = attachment.versions.original.name; + } params.attachmentId = attachment._id; } if (activity.checklistId) { diff --git a/models/attachments.js b/models/attachments.js index 3fe1d745..cab3d9e3 100644 --- a/models/attachments.js +++ b/models/attachments.js @@ -1,263 +1,97 @@ -const localFSStore = process.env.ATTACHMENTS_STORE_PATH; -const storeName = 'attachments'; -const defaultStoreOptions = { - beforeWrite: fileObj => { - if (!fileObj.isImage()) { - return { - type: 'application/octet-stream', - }; - } - return {}; - }, -}; -let store; -if (localFSStore) { - // have to reinvent methods from FS.Store.GridFS and FS.Store.FileSystem - const fs = Npm.require('fs'); - const path = Npm.require('path'); - const mongodb = Npm.require('mongodb'); - const Grid = Npm.require('gridfs-stream'); - // calulate the absolute path here, because FS.Store.FileSystem didn't expose the aboslutepath or FS.Store didn't expose api calls :( - let pathname = localFSStore; - /*eslint camelcase: ["error", {allow: ["__meteor_bootstrap__"]}] */ - - if (!pathname && __meteor_bootstrap__ && __meteor_bootstrap__.serverDir) { - pathname = path.join( - __meteor_bootstrap__.serverDir, - `../../../cfs/files/${storeName}`, - ); - } - - if (!pathname) - throw new Error('FS.Store.FileSystem unable to determine path'); - - // Check if we have '~/foo/bar' - if (pathname.split(path.sep)[0] === '~') { - const homepath = - process.env.HOME || process.env.HOMEPATH || process.env.USERPROFILE; - if (homepath) { - pathname = pathname.replace('~', homepath); - } else { - throw new Error('FS.Store.FileSystem unable to resolve "~" in path'); - } - } - - // Set absolute path - const absolutePath = path.resolve(pathname); - - const _FStore = new FS.Store.FileSystem(storeName, { - path: localFSStore, - ...defaultStoreOptions, - }); - const GStore = { - fileKey(fileObj) { - const key = { - _id: null, - filename: null, - }; - - // If we're passed a fileObj, we retrieve the _id and filename from it. - if (fileObj) { - const info = fileObj._getInfo(storeName, { - updateFileRecordFirst: false, - }); - key._id = info.key || null; - key.filename = - info.name || - fileObj.name({ updateFileRecordFirst: false }) || - `${fileObj.collectionName}-${fileObj._id}`; - } - - // If key._id is null at this point, createWriteStream will let GridFS generate a new ID - return key; - }, - db: undefined, - mongoOptions: { useNewUrlParser: true }, - mongoUrl: process.env.MONGO_URL, - init() { - this._init(err => { - this.inited = !err; - }); - }, - _init(callback) { - const self = this; - mongodb.MongoClient.connect(self.mongoUrl, self.mongoOptions, function( - err, - db, - ) { - if (err) { - return callback(err); - } - self.db = db; - return callback(null); - }); - return; - }, - createReadStream(fileKey, options) { - const self = this; - if (!self.inited) { - self.init(); - return undefined; - } - options = options || {}; - - // Init GridFS - const gfs = new Grid(self.db, mongodb); - - // Set the default streamning settings - const settings = { - _id: new mongodb.ObjectID(fileKey._id), - root: `cfs_gridfs.${storeName}`, - }; - - // Check if this should be a partial read - if ( - typeof options.start !== 'undefined' && - typeof options.end !== 'undefined' - ) { - // Add partial info - settings.range = { - startPos: options.start, - endPos: options.end, - }; - } - return gfs.createReadStream(settings); - }, - }; - GStore.init(); - const CRS = 'createReadStream'; - const _CRS = `_${CRS}`; - const FStore = _FStore._transform; - FStore[_CRS] = FStore[CRS].bind(FStore); - FStore[CRS] = function(fileObj, options) { - let stream; - try { - const localFile = path.join( - absolutePath, - FStore.storage.fileKey(fileObj), - ); - const state = fs.statSync(localFile); - if (state) { - stream = FStore[_CRS](fileObj, options); - } - } catch (e) { - // file is not there, try GridFS ? - stream = undefined; - } - if (stream) return stream; - else { - try { - const stream = GStore[CRS](GStore.fileKey(fileObj), options); - return stream; - } catch (e) { - return undefined; - } - } - }.bind(FStore); - store = _FStore; -} else { - store = new FS.Store.GridFS(localFSStore ? `G${storeName}` : storeName, { - // XXX Add a new store for cover thumbnails so we don't load big images in - // the general board view - // If the uploaded document is not an image we need to enforce browser - // download instead of execution. This is particularly important for HTML - // files that the browser will just execute if we don't serve them with the - // appropriate `application/octet-stream` MIME header which can lead to user - // data leaks. I imagine other formats (like PDF) can also be attack vectors. - // See https://github.com/wekan/wekan/issues/99 - // XXX Should we use `beforeWrite` option of CollectionFS instead of - // collection-hooks? - // We should use `beforeWrite`. - ...defaultStoreOptions, - }); -} -Attachments = new FS.Collection('attachments', { - stores: [store], +import { FilesCollection } from 'meteor/ostrio:files'; + +const collectionName = 'attachments2'; + +Attachments = new FilesCollection({ + storagePath: storagePath(), + debug: false, + allowClientCode: true, + collectionName: 'attachments2', + onAfterUpload: onAttachmentUploaded, + onBeforeRemove: onAttachmentRemoving, + onAfterRemove: onAttachmentRemoved }); if (Meteor.isServer) { Meteor.startup(() => { - Attachments.files._ensureIndex({ cardId: 1 }); + Attachments.collection._ensureIndex({ cardId: 1 }); }); - Attachments.allow({ - insert(userId, doc) { - return allowIsBoardMember(userId, Boards.findOne(doc.boardId)); - }, - update(userId, doc) { - return allowIsBoardMember(userId, Boards.findOne(doc.boardId)); - }, - remove(userId, doc) { - return allowIsBoardMember(userId, Boards.findOne(doc.boardId)); - }, - // We authorize the attachment download either: - // - if the board is public, everyone (even unconnected) can download it - // - if the board is private, only board members can download it - download(userId, doc) { - const board = Boards.findOne(doc.boardId); - if (board.isPublic()) { - return true; - } else { - return board.hasMember(userId); - } - }, + // TODO: Permission related + // TODO: Add Activity update - fetch: ['boardId'], + Meteor.publish(collectionName, function() { + return Attachments.find().cursor; }); +} else { + Meteor.subscribe(collectionName); } -// XXX Enforce a schema for the Attachments CollectionFS +function storagePath(defaultPath) { + const storePath = process.env.ATTACHMENTS_STORE_PATH; + return storePath ? storePath : defaultPath; +} -if (Meteor.isServer) { - Attachments.files.after.insert((userId, doc) => { - // If the attachment doesn't have a source field - // or its source is different than import - if (!doc.source || doc.source !== 'import') { - // Add activity about adding the attachment - Activities.insert({ - userId, - type: 'card', - activityType: 'addAttachment', - attachmentId: doc._id, - // this preserves the name so that notifications can be meaningful after - // this file is removed - attachmentName: doc.original.name, - boardId: doc.boardId, - cardId: doc.cardId, - listId: doc.listId, - swimlaneId: doc.swimlaneId, - }); - } else { - // Don't add activity about adding the attachment as the activity - // be imported and delete source field - Attachments.update( - { - _id: doc._id, - }, - { - $unset: { - source: '', - }, +function onAttachmentUploaded(fileRef) { + Attachments.update({_id:fileRef._id}, {$set: {"meta.uploaded": true}}); + if (!fileRef.meta.source || fileRef.meta.source !== 'import') { + // Add activity about adding the attachment + Activities.insert({ + userId: fileRef.userId, + type: 'card', + activityType: 'addAttachment', + attachmentId: fileRef._id, + // this preserves the name so that notifications can be meaningful after + // this file is removed + attachmentName: fileRef.versions.original.name, + boardId: fileRef.meta.boardId, + cardId: fileRef.meta.cardId, + listId: fileRef.meta.listId, + swimlaneId: fileRef.meta.swimlaneId, + }); + } else { + // Don't add activity about adding the attachment as the activity + // be imported and delete source field + CFSAttachments.update( + { + _id: fileRef._id, + }, + { + $unset: { + source: '', }, - ); - } + }, + ); + } +} + +function onAttachmentRemoving(cursor) { + const file = cursor.get()[0]; + const meta = file.meta; + Activities.insert({ + userId: this.userId, + type: 'card', + activityType: 'deleteAttachment', + attachmentId: file._id, + // this preserves the name so that notifications can be meaningful after + // this file is removed + attachmentName: file.versions.original.name, + boardId: meta.boardId, + cardId: meta.cardId, + listId: meta.listId, + swimlaneId: meta.swimlaneId, }); + return true; +} - Attachments.files.before.remove((userId, doc) => { - Activities.insert({ - userId, - type: 'card', - activityType: 'deleteAttachment', +function onAttachmentRemoved(files) { + // Don't know why we need to remove the activity +/* for (let i in files) { + let doc = files[i]; + Activities.remove({ attachmentId: doc._id, - // this preserves the name so that notifications can be meaningful after - // this file is removed - attachmentName: doc.original.name, - boardId: doc.boardId, - cardId: doc.cardId, - listId: doc.listId, - swimlaneId: doc.swimlaneId, }); - }); + }*/ } export default Attachments; diff --git a/models/cards.js b/models/cards.js index 4197f7ab..1236de1a 100644 --- a/models/cards.js +++ b/models/cards.js @@ -403,7 +403,7 @@ Cards.helpers({ // Copy attachments oldCard.attachments().forEach(att => { - att.cardId = _id; + att.meta.cardId = _id; delete att._id; return Attachments.insert(att); }); @@ -493,14 +493,15 @@ Cards.helpers({ attachments() { if (this.isLinkedCard()) { return Attachments.find( - { cardId: this.linkedId }, + { 'meta.cardId': this.linkedId }, { sort: { uploadedAt: -1 } }, ); } else { - return Attachments.find( - { cardId: this._id }, + let ret = Attachments.find( + { 'meta.cardId': this._id }, { sort: { uploadedAt: -1 } }, ); + return ret; } }, @@ -508,7 +509,7 @@ Cards.helpers({ const cover = Attachments.findOne(this.coverId); // if we return a cover before it is fully stored, we will get errors when we try to display it // todo XXX we could return a default "upload pending" image in the meantime? - return cover && cover.url() && cover; + return cover && cover.link(); }, checklists() { diff --git a/models/export.js b/models/export.js index 339123c8..35e55804 100644 --- a/models/export.js +++ b/models/export.js @@ -165,7 +165,7 @@ export class Exporter { readStream.pipe(tmpWriteable); }; const getBase64DataSync = Meteor.wrapAsync(getBase64Data); - result.attachments = Attachments.find(byBoard) + result.attachments = Attachments.find({ 'meta.boardId': byBoard.boardId }) .fetch() .map(attachment => { let filebase64 = null; diff --git a/models/trelloCreator.js b/models/trelloCreator.js index 1c5bcd93..c4be140b 100644 --- a/models/trelloCreator.js +++ b/models/trelloCreator.js @@ -369,6 +369,7 @@ export class TrelloCreator { // so we make it server only, and let UI catch up once it is done, forget about latency comp. const self = this; if (Meteor.isServer) { + // FIXME: Change to new model file.attachData(att.url, function(error) { file.boardId = boardId; file.cardId = cardId; diff --git a/models/wekanCreator.js b/models/wekanCreator.js index 9914f817..c5591a0b 100644 --- a/models/wekanCreator.js +++ b/models/wekanCreator.js @@ -415,6 +415,7 @@ export class WekanCreator { const self = this; if (Meteor.isServer) { if (att.url) { + // FIXME: Change to new file library file.attachData(att.url, function(error) { file.boardId = boardId; file.cardId = cardId; @@ -440,6 +441,7 @@ export class WekanCreator { } }); } else if (att.file) { + // FIXME: Change to new file library file.attachData( Buffer.from(att.file, 'base64'), { |