[FEATURE] Cairo Auth Integration

2024-02-04 17:02:15 -07:00 · 2024-02-04 17:02:15 -07:00 · cdea22c08a
commit cdea22c08a
parent 184f1fa631
16 changed files with 89 additions and 45 deletions
--- a/lib/controllers/file-controller.js
+++ b/lib/controllers/file-controller.js
@ -6,11 +6,14 @@ import {
  uploadServerItem,
 } from "../k8s/server-files.js";
 import { sendError } from "../util/ExpressClientError.js";
+import { checkAuthorization } from "../database/queries/server-queries.js";

 export async function listFiles(req, res) {
  const serverSpec = req.body;
  if (!serverSpec) return res.sendStatus(400);
  if (!serverSpec.id) return res.status(400).send("Server id missing!");
+  const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
+  if (!authorized) return res.sendStatus(403);
  listServerFiles(serverSpec)
    .then((f) => {
      const fileData = f.map((fi, i) => ({
@ -31,6 +34,8 @@ export async function createFolder(req, res) {
  if (!serverSpec) return res.sendStatus(400);
  if (!serverSpec.id) return res.status(400).send("Server id missing!");
  if (!serverSpec.path) return res.status(400).send("Path required!");
+  const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
+  if (!authorized) return res.sendStatus(403);
  createServerFolder(serverSpec)
    .then(() => res.sendStatus(200))
    .catch(sendError(res));
@ -43,6 +48,8 @@ export async function deleteItem(req, res) {
  if (!serverSpec.path) return res.status(400).send("Path required!");
  if (serverSpec.isDir === undefined || serverSpec.isDir === null)
    return res.status(400).send("IsDIr required!");
+  const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
+  if (!authorized) return res.sendStatus(403);
  removeServerItem(serverSpec)
    .then(() => res.sendStatus(200))
    .catch(sendError(res));
@ -52,6 +59,8 @@ export async function uploadItem(req, res) {
  const serverSpec = req.body;
  if (!serverSpec.id) return res.status(400).send("Server id missing!");
  if (!serverSpec.path) return res.status(400).send("Path required!");
+  const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
+  if (!authorized) return res.sendStatus(403);
  uploadServerItem(serverSpec, req.file)
    .then(() => res.sendStatus(200))
    .catch(sendError(res));
@ -61,6 +70,8 @@ export async function getItem(req, res) {
  const serverSpec = req.body;
  if (!serverSpec.id) return res.status(400).send("Server id missing!");
  if (!serverSpec.path) return res.status(400).send("Path required!");
+  const authorized = await checkAuthorization(serverSpec.id, req.cairoId);
+  if (!authorized) return res.sendStatus(403);
  getServerItem(serverSpec, res)
    .then(({ ds, ftpTransfer }) => {
      ds.pipe(res).on("error", sendError(res));