swissmakers_gmbh/swiss-datashare
12
0
Fork 0
mirror of https://github.com/swissmakers/swiss-datashare.git synced 2026-04-11 10:27:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

feature: Added "never" expiration date

Browse Source
This commit is contained in:
Steve Tautonico
2022-10-12 16:59:04 -04:00
parent 69ee88aebc
commit 56349c6f4c
9 changed files with 406 additions and 390 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
backend/src/auth/jobs/jobs.service.ts
View File

@@ -2,36 +2,41 @@ import { Injectable } from "@nestjs/common";
import { Cron } from "@nestjs/schedule";
import { FileService } from "src/file/file.service";
import { PrismaService } from "src/prisma/prisma.service";
import * as moment from "moment";
@Injectable()
export class JobsService {
constructor(
private prisma: PrismaService,
private fileService: FileService
) {}
@Cron("0 * * * *")
async deleteExpiredShares() {
const expiredShares = await this.prisma.share.findMany({
where: { expiration: { lt: new Date() } },
});
for (const expiredShare of expiredShares) {
await this.prisma.share.delete({
where: { id: expiredShare.id },
});
await this.fileService.deleteAllFiles(expiredShare.id);
constructor(
private prisma: PrismaService,
private fileService: FileService
) {
}
console.log(`job: deleted ${expiredShares.length} expired shares`);
}
@Cron("0 * * * *")
async deleteExpiredShares() {
const expiredShares = await this.prisma.share.findMany({
where: {
// We want to remove only shares that have an expiration date less than the current date, but not 0
AND: [{expiration: {lt: new Date()}}, {expiration: {not: moment(0).toDate()}}]
},
});
@Cron("0 * * * *")
async deleteExpiredRefreshTokens() {
const expiredShares = await this.prisma.refreshToken.deleteMany({
where: { expiresAt: { lt: new Date() } },
});
console.log(`job: deleted ${expiredShares.count} expired refresh tokens`);
}
for (const expiredShare of expiredShares) {
await this.prisma.share.delete({
where: {id: expiredShare.id},
});
await this.fileService.deleteAllFiles(expiredShare.id);
}
console.log(`job: deleted ${expiredShares.length} expired shares`);
}
@Cron("0 * * * *")
async deleteExpiredRefreshTokens() {
const expiredShares = await this.prisma.refreshToken.deleteMany({
where: {expiresAt: {lt: new Date()}},
});
console.log(`job: deleted ${expiredShares.count} expired refresh tokens`);
}
}

2
backend/src/share/guard/shareSecurity.guard.ts
View File

@@ -33,7 +33,7 @@ export class ShareSecurityGuard implements CanActivate {
include: { security: true },
});
if (!share || moment().isAfter(share.expiration))
if (!share || (moment().isAfter(share.expiration) && moment(share.expiration).unix() !== 0))
throw new NotFoundException("Share not found");
if (!share.security) return true;

353
backend/src/share/share.service.ts
View File

@@ -1,8 +1,8 @@
import {
BadRequestException,
ForbiddenException,
Injectable,
NotFoundException,
BadRequestException,
ForbiddenException,
Injectable,
NotFoundException,
} from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { JwtService } from "@nestjs/jwt";
@@ -17,184 +17,195 @@ import { CreateShareDTO } from "./dto/createShare.dto";
@Injectable()
export class ShareService {
constructor(
private prisma: PrismaService,
private fileService: FileService,
private config: ConfigService,
private jwtService: JwtService
) {}
async create(share: CreateShareDTO, user: User) {
if (!(await this.isShareIdAvailable(share.id)).isAvailable)
throw new BadRequestException("Share id already in use");
if (!share.security || Object.keys(share.security).length == 0)
share.security = undefined;
if (share.security?.password) {
share.security.password = await argon.hash(share.security.password);
constructor(
private prisma: PrismaService,
private fileService: FileService,
private config: ConfigService,
private jwtService: JwtService
) {
}
const expirationDate = moment()
.add(
share.expiration.split("-")[0],
share.expiration.split("-")[1] as moment.unitOfTime.DurationConstructor
)
.toDate();
async create(share: CreateShareDTO, user: User) {
if (!(await this.isShareIdAvailable(share.id)).isAvailable)
throw new BadRequestException("Share id already in use");
// Throw error if expiration date is now
if (expirationDate.setMilliseconds(0) == new Date().setMilliseconds(0))
throw new BadRequestException("Invalid expiration date");
if (!share.security || Object.keys(share.security).length == 0)
share.security = undefined;
return await this.prisma.share.create({
data: {
...share,
expiration: expirationDate,
creator: { connect: { id: user.id } },
security: { create: share.security },
},
});
}
if (share.security?.password) {
share.security.password = await argon.hash(share.security.password);
}
async createZip(shareId: string) {
const path = `./data/uploads/shares/${shareId}`;
// We have to add an exception for "never" (since moment won't like that)
let expirationDate;
if (share.expiration !== "never") {
expirationDate = moment()
.add(
share.expiration.split("-")[0],
share.expiration.split("-")[1] as moment.unitOfTime.DurationConstructor
)
.toDate();
const files = await this.prisma.file.findMany({ where: { shareId } });
const archive = archiver("zip", {
zlib: { level: 9 },
});
const writeStream = fs.createWriteStream(`${path}/archive.zip`);
// Throw error if expiration date is now
if (expirationDate.setMilliseconds(0) == new Date().setMilliseconds(0))
throw new BadRequestException("Invalid expiration date");
} else {
expirationDate = moment(0).toDate();
}
for (const file of files) {
archive.append(fs.createReadStream(`${path}/${file.id}`), {
name: file.name,
});
return await this.prisma.share.create({
data: {
...share,
expiration: expirationDate,
creator: {connect: {id: user.id}},
security: {create: share.security},
},
});
}
archive.pipe(writeStream);
await archive.finalize();
}
async createZip(shareId: string) {
const path = `./data/uploads/shares/${shareId}`;
async complete(id: string) {
const moreThanOneFileInShare =
(await this.prisma.file.findMany({ where: { shareId: id } })).length != 0;
const files = await this.prisma.file.findMany({where: {shareId}});
const archive = archiver("zip", {
zlib: {level: 9},
});
const writeStream = fs.createWriteStream(`${path}/archive.zip`);
if (!moreThanOneFileInShare)
throw new BadRequestException(
"You need at least on file in your share to complete it."
);
for (const file of files) {
archive.append(fs.createReadStream(`${path}/${file.id}`), {
name: file.name,
});
}
this.createZip(id).then(() =>
this.prisma.share.update({ where: { id }, data: { isZipReady: true } })
);
return await this.prisma.share.update({
where: { id },
data: { uploadLocked: true },
});
}
async getSharesByUser(userId: string) {
return await this.prisma.share.findMany({
where: { creator: { id: userId }, expiration: { gt: new Date() } },
});
}
async get(id: string) {
let share: any = await this.prisma.share.findUnique({
where: { id },
include: {
files: true,
creator: true,
},
});
if (!share || !share.uploadLocked)
throw new NotFoundException("Share not found");
share.files = share.files.map((file) => {
file["url"] = `http://localhost:8080/file/${file.id}`;
return file;
});
await this.increaseViewCount(share);
return share;
}
async getMetaData(id: string) {
const share = await this.prisma.share.findUnique({
where: { id },
});
if (!share || !share.uploadLocked)
throw new NotFoundException("Share not found");
return share;
}
async remove(shareId: string) {
const share = await this.prisma.share.findUnique({
where: { id: shareId },
});
if (!share) throw new NotFoundException("Share not found");
await this.fileService.deleteAllFiles(shareId);
await this.prisma.share.delete({ where: { id: shareId } });
}
async isShareCompleted(id: string) {
return (await this.prisma.share.findUnique({ where: { id } })).uploadLocked;
}
async isShareIdAvailable(id: string) {
const share = await this.prisma.share.findUnique({ where: { id } });
return { isAvailable: !share };
}
async increaseViewCount(share: Share) {
await this.prisma.share.update({
where: { id: share.id },
data: { views: share.views + 1 },
});
}
async exchangeSharePasswordWithToken(shareId: string, password: string) {
const sharePassword = (
await this.prisma.shareSecurity.findFirst({
where: { share: { id: shareId } },
})
).password;
if (!(await argon.verify(sharePassword, password)))
throw new ForbiddenException("Wrong password");
const token = this.generateShareToken(shareId);
return { token };
}
generateShareToken(shareId: string) {
return this.jwtService.sign(
{
shareId,
},
{
expiresIn: "1h",
secret: this.config.get("JWT_SECRET"),
}
);
}
verifyShareToken(shareId: string, token: string) {
try {
const claims = this.jwtService.verify(token, {
secret: this.config.get("JWT_SECRET"),
});
return claims.shareId == shareId;
} catch {
return false;
archive.pipe(writeStream);
await archive.finalize();
}
async complete(id: string) {
const moreThanOneFileInShare =
(await this.prisma.file.findMany({where: {shareId: id}})).length != 0;
if (!moreThanOneFileInShare)
throw new BadRequestException(
"You need at least on file in your share to complete it."
);
this.createZip(id).then(() =>
this.prisma.share.update({where: {id}, data: {isZipReady: true}})
);
return await this.prisma.share.update({
where: {id},
data: {uploadLocked: true},
});
}
async getSharesByUser(userId: string) {
return await this.prisma.share.findMany({
where: {
creator: {id: userId},
// We want to grab any shares that are not expired or have their expiration date set to "never" (unix 0)
OR: [{expiration: {gt: new Date()}}, {expiration: {equals: moment(0).toDate()}}]
},
});
}
async get(id: string) {
let share: any = await this.prisma.share.findUnique({
where: {id},
include: {
files: true,
creator: true,
},
});
if (!share || !share.uploadLocked)
throw new NotFoundException("Share not found");
share.files = share.files.map((file) => {
file["url"] = `http://localhost:8080/file/${file.id}`;
return file;
});
await this.increaseViewCount(share);
return share;
}
async getMetaData(id: string) {
const share = await this.prisma.share.findUnique({
where: {id},
});
if (!share || !share.uploadLocked)
throw new NotFoundException("Share not found");
return share;
}
async remove(shareId: string) {
const share = await this.prisma.share.findUnique({
where: {id: shareId},
});
if (!share) throw new NotFoundException("Share not found");
await this.fileService.deleteAllFiles(shareId);
await this.prisma.share.delete({where: {id: shareId}});
}
async isShareCompleted(id: string) {
return (await this.prisma.share.findUnique({where: {id}})).uploadLocked;
}
async isShareIdAvailable(id: string) {
const share = await this.prisma.share.findUnique({where: {id}});
return {isAvailable: !share};
}
async increaseViewCount(share: Share) {
await this.prisma.share.update({
where: {id: share.id},
data: {views: share.views + 1},
});
}
async exchangeSharePasswordWithToken(shareId: string, password: string) {
const sharePassword = (
await this.prisma.shareSecurity.findFirst({
where: {share: {id: shareId}},
})
).password;
if (!(await argon.verify(sharePassword, password)))
throw new ForbiddenException("Wrong password");
const token = this.generateShareToken(shareId);
return {token};
}
generateShareToken(shareId: string) {
return this.jwtService.sign(
{
shareId,
},
{
expiresIn: "1h",
secret: this.config.get("JWT_SECRET"),
}
);
}
verifyShareToken(shareId: string, token: string) {
try {
const claims = this.jwtService.verify(token, {
secret: this.config.get("JWT_SECRET"),
});
return claims.shareId == shareId;
} catch {
return false;
}
}
}
}