mirror of
https://github.com/stonith404/pingvin-share.git
synced 2024-06-02 22:00:14 +02:00
3b1c9f1efb
* testing with all_shares * share table * share table * change icon on admin page * add share size to list --------- Co-authored-by: Elias Schneider <login@eliasschneider.com>
359 lines
9.7 KiB
TypeScript
359 lines
9.7 KiB
TypeScript
import {
|
|
BadRequestException,
|
|
ForbiddenException,
|
|
Injectable,
|
|
NotFoundException,
|
|
} from "@nestjs/common";
|
|
import { JwtService } from "@nestjs/jwt";
|
|
import { Share, User } from "@prisma/client";
|
|
import * as archiver from "archiver";
|
|
import * as argon from "argon2";
|
|
import * as fs from "fs";
|
|
import * as moment from "moment";
|
|
import { ClamScanService } from "src/clamscan/clamscan.service";
|
|
import { ConfigService } from "src/config/config.service";
|
|
import { EmailService } from "src/email/email.service";
|
|
import { FileService } from "src/file/file.service";
|
|
import { PrismaService } from "src/prisma/prisma.service";
|
|
import { ReverseShareService } from "src/reverseShare/reverseShare.service";
|
|
import { parseRelativeDateToAbsolute } from "src/utils/date.util";
|
|
import { SHARE_DIRECTORY } from "../constants";
|
|
import { CreateShareDTO } from "./dto/createShare.dto";
|
|
|
|
@Injectable()
|
|
export class ShareService {
|
|
constructor(
|
|
private prisma: PrismaService,
|
|
private fileService: FileService,
|
|
private emailService: EmailService,
|
|
private config: ConfigService,
|
|
private jwtService: JwtService,
|
|
private reverseShareService: ReverseShareService,
|
|
private clamScanService: ClamScanService,
|
|
) {}
|
|
|
|
async create(share: CreateShareDTO, user?: User, reverseShareToken?: string) {
|
|
if (!(await this.isShareIdAvailable(share.id)).isAvailable)
|
|
throw new BadRequestException("Share id already in use");
|
|
|
|
if (!share.security || Object.keys(share.security).length == 0)
|
|
share.security = undefined;
|
|
|
|
if (share.security?.password) {
|
|
share.security.password = await argon.hash(share.security.password);
|
|
}
|
|
|
|
let expirationDate: Date;
|
|
|
|
// If share is created by a reverse share token override the expiration date
|
|
const reverseShare = await this.reverseShareService.getByToken(
|
|
reverseShareToken,
|
|
);
|
|
if (reverseShare) {
|
|
expirationDate = reverseShare.shareExpiration;
|
|
} else {
|
|
const parsedExpiration = parseRelativeDateToAbsolute(share.expiration);
|
|
|
|
const expiresNever = moment(0).toDate() == parsedExpiration;
|
|
|
|
if (
|
|
this.config.get("share.maxExpiration") !== 0 &&
|
|
(expiresNever ||
|
|
parsedExpiration >
|
|
moment()
|
|
.add(this.config.get("share.maxExpiration"), "hours")
|
|
.toDate())
|
|
) {
|
|
throw new BadRequestException(
|
|
"Expiration date exceeds maximum expiration date",
|
|
);
|
|
}
|
|
|
|
expirationDate = parsedExpiration;
|
|
}
|
|
|
|
fs.mkdirSync(`${SHARE_DIRECTORY}/${share.id}`, {
|
|
recursive: true,
|
|
});
|
|
|
|
const shareTuple = await this.prisma.share.create({
|
|
data: {
|
|
...share,
|
|
expiration: expirationDate,
|
|
creator: { connect: user ? { id: user.id } : undefined },
|
|
security: { create: share.security },
|
|
recipients: {
|
|
create: share.recipients
|
|
? share.recipients.map((email) => ({ email }))
|
|
: [],
|
|
},
|
|
},
|
|
});
|
|
|
|
if (reverseShare) {
|
|
// Assign share to reverse share token
|
|
await this.prisma.reverseShare.update({
|
|
where: { token: reverseShareToken },
|
|
data: {
|
|
shares: {
|
|
connect: { id: shareTuple.id },
|
|
},
|
|
},
|
|
});
|
|
}
|
|
|
|
return shareTuple;
|
|
}
|
|
|
|
async createZip(shareId: string) {
|
|
const path = `${SHARE_DIRECTORY}/${shareId}`;
|
|
|
|
const files = await this.prisma.file.findMany({ where: { shareId } });
|
|
const archive = archiver("zip", {
|
|
zlib: { level: this.config.get("share.zipCompressionLevel") },
|
|
});
|
|
const writeStream = fs.createWriteStream(`${path}/archive.zip`);
|
|
|
|
for (const file of files) {
|
|
archive.append(fs.createReadStream(`${path}/${file.id}`), {
|
|
name: file.name,
|
|
});
|
|
}
|
|
|
|
archive.pipe(writeStream);
|
|
await archive.finalize();
|
|
}
|
|
|
|
async complete(id: string, reverseShareToken?: string) {
|
|
const share = await this.prisma.share.findUnique({
|
|
where: { id },
|
|
include: {
|
|
files: true,
|
|
recipients: true,
|
|
creator: true,
|
|
reverseShare: { include: { creator: true } },
|
|
},
|
|
});
|
|
|
|
if (await this.isShareCompleted(id))
|
|
throw new BadRequestException("Share already completed");
|
|
|
|
if (share.files.length == 0)
|
|
throw new BadRequestException(
|
|
"You need at least on file in your share to complete it.",
|
|
);
|
|
|
|
// Asynchronously create a zip of all files
|
|
if (share.files.length > 1)
|
|
this.createZip(id).then(() =>
|
|
this.prisma.share.update({ where: { id }, data: { isZipReady: true } }),
|
|
);
|
|
|
|
// Send email for each recipient
|
|
for (const recipient of share.recipients) {
|
|
await this.emailService.sendMailToShareRecipients(
|
|
recipient.email,
|
|
share.id,
|
|
share.creator,
|
|
share.description,
|
|
share.expiration,
|
|
);
|
|
}
|
|
|
|
if (
|
|
share.reverseShare &&
|
|
this.config.get("smtp.enabled") &&
|
|
share.reverseShare.sendEmailNotification
|
|
) {
|
|
await this.emailService.sendMailToReverseShareCreator(
|
|
share.reverseShare.creator.email,
|
|
share.id,
|
|
);
|
|
}
|
|
|
|
// Check if any file is malicious with ClamAV
|
|
void this.clamScanService.checkAndRemove(share.id);
|
|
|
|
if (share.reverseShare) {
|
|
await this.prisma.reverseShare.update({
|
|
where: { token: reverseShareToken },
|
|
data: { remainingUses: { decrement: 1 } },
|
|
});
|
|
}
|
|
|
|
return this.prisma.share.update({
|
|
where: { id },
|
|
data: { uploadLocked: true },
|
|
});
|
|
}
|
|
|
|
async revertComplete(id: string) {
|
|
return this.prisma.share.update({
|
|
where: { id },
|
|
data: { uploadLocked: false, isZipReady: false },
|
|
});
|
|
}
|
|
|
|
async getShares() {
|
|
const shares = await this.prisma.share.findMany({
|
|
orderBy: {
|
|
expiration: "desc",
|
|
},
|
|
include: { files: true, creator: true },
|
|
});
|
|
|
|
return shares.map((share) => {
|
|
return {
|
|
...share,
|
|
size: share.files.reduce((acc, file) => acc + parseInt(file.size), 0),
|
|
};
|
|
});
|
|
}
|
|
|
|
async getSharesByUser(userId: string) {
|
|
const shares = await this.prisma.share.findMany({
|
|
where: {
|
|
creator: { id: userId },
|
|
uploadLocked: true,
|
|
// We want to grab any shares that are not expired or have their expiration date set to "never" (unix 0)
|
|
OR: [
|
|
{ expiration: { gt: new Date() } },
|
|
{ expiration: { equals: moment(0).toDate() } },
|
|
],
|
|
},
|
|
orderBy: {
|
|
expiration: "desc",
|
|
},
|
|
include: { recipients: true, files: true },
|
|
});
|
|
|
|
return shares.map((share) => {
|
|
return {
|
|
...share,
|
|
recipients: share.recipients.map((recipients) => recipients.email),
|
|
};
|
|
});
|
|
}
|
|
|
|
async get(id: string): Promise<any> {
|
|
const share = await this.prisma.share.findUnique({
|
|
where: { id },
|
|
include: {
|
|
files: true,
|
|
creator: true,
|
|
security: true,
|
|
},
|
|
});
|
|
|
|
if (share.removedReason)
|
|
throw new NotFoundException(share.removedReason, "share_removed");
|
|
|
|
if (!share || !share.uploadLocked)
|
|
throw new NotFoundException("Share not found");
|
|
return {
|
|
...share,
|
|
hasPassword: !!share.security?.password,
|
|
};
|
|
}
|
|
|
|
async getMetaData(id: string) {
|
|
const share = await this.prisma.share.findUnique({
|
|
where: { id },
|
|
});
|
|
|
|
if (!share || !share.uploadLocked)
|
|
throw new NotFoundException("Share not found");
|
|
|
|
return share;
|
|
}
|
|
|
|
async remove(shareId: string) {
|
|
const share = await this.prisma.share.findUnique({
|
|
where: { id: shareId },
|
|
});
|
|
|
|
if (!share) throw new NotFoundException("Share not found");
|
|
if (!share.creatorId)
|
|
throw new ForbiddenException("Anonymous shares can't be deleted");
|
|
|
|
await this.fileService.deleteAllFiles(shareId);
|
|
await this.prisma.share.delete({ where: { id: shareId } });
|
|
}
|
|
|
|
async isShareCompleted(id: string) {
|
|
return (await this.prisma.share.findUnique({ where: { id } })).uploadLocked;
|
|
}
|
|
|
|
async isShareIdAvailable(id: string) {
|
|
const share = await this.prisma.share.findUnique({ where: { id } });
|
|
return { isAvailable: !share };
|
|
}
|
|
|
|
async increaseViewCount(share: Share) {
|
|
await this.prisma.share.update({
|
|
where: { id: share.id },
|
|
data: { views: share.views + 1 },
|
|
});
|
|
}
|
|
|
|
async getShareToken(shareId: string, password: string) {
|
|
const share = await this.prisma.share.findFirst({
|
|
where: { id: shareId },
|
|
include: {
|
|
security: true,
|
|
},
|
|
});
|
|
|
|
if (
|
|
share?.security?.password &&
|
|
!(await argon.verify(share.security.password, password))
|
|
) {
|
|
throw new ForbiddenException("Wrong password", "wrong_password");
|
|
}
|
|
|
|
if (share.security?.maxViews && share.security.maxViews <= share.views) {
|
|
throw new ForbiddenException(
|
|
"Maximum views exceeded",
|
|
"share_max_views_exceeded",
|
|
);
|
|
}
|
|
|
|
const token = await this.generateShareToken(shareId);
|
|
await this.increaseViewCount(share);
|
|
return token;
|
|
}
|
|
|
|
async generateShareToken(shareId: string) {
|
|
const { expiration } = await this.prisma.share.findUnique({
|
|
where: { id: shareId },
|
|
});
|
|
return this.jwtService.sign(
|
|
{
|
|
shareId,
|
|
},
|
|
{
|
|
expiresIn: moment(expiration).diff(new Date(), "seconds") + "s",
|
|
secret: this.config.get("internal.jwtSecret"),
|
|
},
|
|
);
|
|
}
|
|
|
|
async verifyShareToken(shareId: string, token: string) {
|
|
const { expiration } = await this.prisma.share.findUnique({
|
|
where: { id: shareId },
|
|
});
|
|
|
|
try {
|
|
const claims = this.jwtService.verify(token, {
|
|
secret: this.config.get("internal.jwtSecret"),
|
|
// Ignore expiration if expiration is 0
|
|
ignoreExpiration: moment(expiration).isSame(0),
|
|
});
|
|
|
|
return claims.shareId == shareId;
|
|
} catch {
|
|
return false;
|
|
}
|
|
}
|
|
}
|