backend/src/share/share.controller.ts

import {
  Body,
  Controller,
  Delete,
  Get,
  HttpCode,
  Param,
  Post,
  Req,
  Res,
  UseGuards,
} from "@nestjs/common";
import { Throttle } from "@nestjs/throttler";
import { User } from "@prisma/client";
import { Request, Response } from "express";
import { GetUser } from "src/auth/decorator/getUser.decorator";
import { JwtGuard } from "src/auth/guard/jwt.guard";
import { CreateShareDTO } from "./dto/createShare.dto";
import { MyShareDTO } from "./dto/myShare.dto";
import { ShareDTO } from "./dto/share.dto";
import { ShareMetaDataDTO } from "./dto/shareMetaData.dto";
import { SharePasswordDto } from "./dto/sharePassword.dto";
import { CreateShareGuard } from "./guard/createShare.guard";
import { ShareOwnerGuard } from "./guard/shareOwner.guard";
import { ShareSecurityGuard } from "./guard/shareSecurity.guard";
import { ShareTokenSecurity } from "./guard/shareTokenSecurity.guard";
import { ShareService } from "./share.service";
@Controller("shares")
export class ShareController {
  constructor(private shareService: ShareService) {}

  @Get()
  @UseGuards(JwtGuard)
  async getMyShares(@GetUser() user: User) {
    return new MyShareDTO().fromList(
      await this.shareService.getSharesByUser(user.id),
    );
  }

  @Get(":id")
  @UseGuards(ShareSecurityGuard)
  async get(@Param("id") id: string) {
    return new ShareDTO().from(await this.shareService.get(id));
  }

  @Get(":id/from-owner")
  @UseGuards(ShareOwnerGuard)
  async getFromOwner(@Param("id") id: string) {
    return new ShareDTO().from(await this.shareService.get(id));
  }

  @Get(":id/metaData")
  @UseGuards(ShareSecurityGuard)
  async getMetaData(@Param("id") id: string) {
    return new ShareMetaDataDTO().from(await this.shareService.getMetaData(id));
  }

  @Post()
  @UseGuards(CreateShareGuard)
  async create(
    @Body() body: CreateShareDTO,
    @Req() request: Request,
    @GetUser() user: User,
  ) {
    const { reverse_share_token } = request.cookies;
    return new ShareDTO().from(
      await this.shareService.create(body, user, reverse_share_token),
    );
  }

  @Post(":id/complete")
  @HttpCode(202)
  @UseGuards(CreateShareGuard, ShareOwnerGuard)
  async complete(@Param("id") id: string, @Req() request: Request) {
    const { reverse_share_token } = request.cookies;
    return new ShareDTO().from(
      await this.shareService.complete(id, reverse_share_token),
    );
  }

  @Delete(":id/complete")
  @UseGuards(ShareOwnerGuard)
  async revertComplete(@Param("id") id: string) {
    return new ShareDTO().from(await this.shareService.revertComplete(id));
  }

  @Delete(":id")
  @UseGuards(ShareOwnerGuard)
  async remove(@Param("id") id: string) {
    await this.shareService.remove(id);
  }

  @Throttle(10, 60)
  @Get("isShareIdAvailable/:id")
  async isShareIdAvailable(@Param("id") id: string) {
    return this.shareService.isShareIdAvailable(id);
  }

  @HttpCode(200)
  @Throttle(20, 5 * 60)
  @UseGuards(ShareTokenSecurity)
  @Post(":id/token")
  async getShareToken(
    @Param("id") id: string,
    @Res({ passthrough: true }) response: Response,
    @Body() body: SharePasswordDto,
  ) {
    const token = await this.shareService.getShareToken(id, body.password);
    response.cookie(`share_${id}_token`, token, {
      path: "/",
      httpOnly: true,
    });

    return { token };
  }
}
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`import {`
			`Body,`
			`Controller,`
			`Delete,`
			`Get,`
			`HttpCode,`
			`Param,`
			`Post,`
feat: reverse shares (#86) * add first concept * add reverse share funcionality to frontend * allow creator to limit share expiration * moved reverse share in seperate module * add table to manage reverse shares * delete complete share if reverse share was deleted * optimize function names * add db migration * enable reverse share email notifications * fix config variable descriptions * fix migration for new installations 2023-01-26 13:44:04 +01:00			`Req,`
refactor: use cookie instead of local storage for share token 2023-01-26 21:18:22 +01:00			`Res,`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`UseGuards,`
			`} from "@nestjs/common";`
feat: add rate limiting 2022-10-24 12:11:10 +02:00			`import { Throttle } from "@nestjs/throttler";`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`import { User } from "@prisma/client";`
refactor: use cookie instead of local storage for share token 2023-01-26 21:18:22 +01:00			`import { Request, Response } from "express";`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`import { GetUser } from "src/auth/decorator/getUser.decorator";`
			`import { JwtGuard } from "src/auth/guard/jwt.guard";`
			`import { CreateShareDTO } from "./dto/createShare.dto";`
			`import { MyShareDTO } from "./dto/myShare.dto";`
			`import { ShareDTO } from "./dto/share.dto";`
			`import { ShareMetaDataDTO } from "./dto/shareMetaData.dto";`
			`import { SharePasswordDto } from "./dto/sharePassword.dto";`
feat: reverse shares (#86) * add first concept * add reverse share funcionality to frontend * allow creator to limit share expiration * moved reverse share in seperate module * add table to manage reverse shares * delete complete share if reverse share was deleted * optimize function names * add db migration * enable reverse share email notifications * fix config variable descriptions * fix migration for new installations 2023-01-26 13:44:04 +01:00			`import { CreateShareGuard } from "./guard/createShare.guard";`
fix: add rule to check if user is owner of share 2022-10-10 23:34:03 +02:00			`import { ShareOwnerGuard } from "./guard/shareOwner.guard";`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`import { ShareSecurityGuard } from "./guard/shareSecurity.guard";`
feat: improve share security 2022-10-13 23:23:33 +02:00			`import { ShareTokenSecurity } from "./guard/shareTokenSecurity.guard";`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`import { ShareService } from "./share.service";`
			`@Controller("shares")`
			`export class ShareController {`
refactor: use cookie instead of local storage for share token 2023-01-26 21:18:22 +01:00			`constructor(private shareService: ShareService) {}`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00
			`@Get()`
			`@UseGuards(JwtGuard)`
			`async getMyShares(@GetUser() user: User) {`
			`return new MyShareDTO().fromList(`
feat(localization): Added thai language (#231) * feat(localization): Added Thai translation * Formatted --------- Co-authored-by: Elias Schneider <login@eliasschneider.com> 2023-08-17 19:54:26 +07:00			`await this.shareService.getSharesByUser(user.id),`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`);`
			`}`

			`@Get(":id")`
			`@UseGuards(ShareSecurityGuard)`
			`async get(@Param("id") id: string) {`
			`return new ShareDTO().from(await this.shareService.get(id));`
			`}`

feat: ability to add and delete files of existing share (#306) * feat(share): delete file api, revert complete share api. * feat(share): share edit page. * feat(share): Modify the DropZone title of the edit sharing UI. * feat(share): i18n for edit share. (en, zh) * feat(share): allow creator get share by id. * feat(share): add edit button in account/shares. * style(share): lint. * chore: some minor adjustments. * refactor: run formatter * refactor: remove unused return --------- Co-authored-by: Elias Schneider <login@eliasschneider.com> 2023-11-05 03:39:58 +08:00			`@Get(":id/from-owner")`
			`@UseGuards(ShareOwnerGuard)`
			`async getFromOwner(@Param("id") id: string) {`
			`return new ShareDTO().from(await this.shareService.get(id));`
			`}`

feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`@Get(":id/metaData")`
			`@UseGuards(ShareSecurityGuard)`
			`async getMetaData(@Param("id") id: string) {`
			`return new ShareMetaDataDTO().from(await this.shareService.getMetaData(id));`
			`}`

			`@Post()`
feat: reverse shares (#86) * add first concept * add reverse share funcionality to frontend * allow creator to limit share expiration * moved reverse share in seperate module * add table to manage reverse shares * delete complete share if reverse share was deleted * optimize function names * add db migration * enable reverse share email notifications * fix config variable descriptions * fix migration for new installations 2023-01-26 13:44:04 +01:00			`@UseGuards(CreateShareGuard)`
			`async create(`
			`@Body() body: CreateShareDTO,`
			`@Req() request: Request,`
feat(localization): Added thai language (#231) * feat(localization): Added Thai translation * Formatted --------- Co-authored-by: Elias Schneider <login@eliasschneider.com> 2023-08-17 19:54:26 +07:00			`@GetUser() user: User,`
feat: reverse shares (#86) * add first concept * add reverse share funcionality to frontend * allow creator to limit share expiration * moved reverse share in seperate module * add table to manage reverse shares * delete complete share if reverse share was deleted * optimize function names * add db migration * enable reverse share email notifications * fix config variable descriptions * fix migration for new installations 2023-01-26 13:44:04 +01:00			`) {`
			`const { reverse_share_token } = request.cookies;`
			`return new ShareDTO().from(`
feat(localization): Added thai language (#231) * feat(localization): Added Thai translation * Formatted --------- Co-authored-by: Elias Schneider <login@eliasschneider.com> 2023-08-17 19:54:26 +07:00			`await this.shareService.create(body, user, reverse_share_token),`
feat: reverse shares (#86) * add first concept * add reverse share funcionality to frontend * allow creator to limit share expiration * moved reverse share in seperate module * add table to manage reverse shares * delete complete share if reverse share was deleted * optimize function names * add db migration * enable reverse share email notifications * fix config variable descriptions * fix migration for new installations 2023-01-26 13:44:04 +01:00			`);`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`}`

			`@Post(":id/complete")`
			`@HttpCode(202)`
feat: reverse shares (#86) * add first concept * add reverse share funcionality to frontend * allow creator to limit share expiration * moved reverse share in seperate module * add table to manage reverse shares * delete complete share if reverse share was deleted * optimize function names * add db migration * enable reverse share email notifications * fix config variable descriptions * fix migration for new installations 2023-01-26 13:44:04 +01:00			`@UseGuards(CreateShareGuard, ShareOwnerGuard)`
			`async complete(@Param("id") id: string, @Req() request: Request) {`
			`const { reverse_share_token } = request.cookies;`
			`return new ShareDTO().from(`
feat(localization): Added thai language (#231) * feat(localization): Added Thai translation * Formatted --------- Co-authored-by: Elias Schneider <login@eliasschneider.com> 2023-08-17 19:54:26 +07:00			`await this.shareService.complete(id, reverse_share_token),`
feat: reverse shares (#86) * add first concept * add reverse share funcionality to frontend * allow creator to limit share expiration * moved reverse share in seperate module * add table to manage reverse shares * delete complete share if reverse share was deleted * optimize function names * add db migration * enable reverse share email notifications * fix config variable descriptions * fix migration for new installations 2023-01-26 13:44:04 +01:00			`);`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`}`

feat: ability to add and delete files of existing share (#306) * feat(share): delete file api, revert complete share api. * feat(share): share edit page. * feat(share): Modify the DropZone title of the edit sharing UI. * feat(share): i18n for edit share. (en, zh) * feat(share): allow creator get share by id. * feat(share): add edit button in account/shares. * style(share): lint. * chore: some minor adjustments. * refactor: run formatter * refactor: remove unused return --------- Co-authored-by: Elias Schneider <login@eliasschneider.com> 2023-11-05 03:39:58 +08:00			`@Delete(":id/complete")`
			`@UseGuards(ShareOwnerGuard)`
			`async revertComplete(@Param("id") id: string) {`
			`return new ShareDTO().from(await this.shareService.revertComplete(id));`
			`}`

			`@Delete(":id")`
			`@UseGuards(ShareOwnerGuard)`
			`async remove(@Param("id") id: string) {`
			`await this.shareService.remove(id);`
			`}`

feat: reverse shares (#86) * add first concept * add reverse share funcionality to frontend * allow creator to limit share expiration * moved reverse share in seperate module * add table to manage reverse shares * delete complete share if reverse share was deleted * optimize function names * add db migration * enable reverse share email notifications * fix config variable descriptions * fix migration for new installations 2023-01-26 13:44:04 +01:00			`@Throttle(10, 60)`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`@Get("isShareIdAvailable/:id")`
			`async isShareIdAvailable(@Param("id") id: string) {`
			`return this.shareService.isShareIdAvailable(id);`
			`}`

feat: improve share security 2022-10-13 23:23:33 +02:00			`@HttpCode(200)`
refactor: use cookie instead of local storage for share token 2023-01-26 21:18:22 +01:00			`@Throttle(20, 5 * 60)`
feat: improve share security 2022-10-13 23:23:33 +02:00			`@UseGuards(ShareTokenSecurity)`
			`@Post(":id/token")`
refactor: use cookie instead of local storage for share token 2023-01-26 21:18:22 +01:00			`async getShareToken(`
			`@Param("id") id: string,`
			`@Res({ passthrough: true }) response: Response,`
feat(localization): Added thai language (#231) * feat(localization): Added Thai translation * Formatted --------- Co-authored-by: Elias Schneider <login@eliasschneider.com> 2023-08-17 19:54:26 +07:00			`@Body() body: SharePasswordDto,`
refactor: use cookie instead of local storage for share token 2023-01-26 21:18:22 +01:00			`) {`
			`const token = await this.shareService.getShareToken(id, body.password);`
			response.cookie(`share_${id}_token`, token, {
			`path: "/",`
			`httpOnly: true,`
			`});`

			`return { token };`
feat: remove appwrite and add nextjs backend 2022-10-09 22:30:32 +02:00			`}`
			`}`