From 0f694ea7773f32089fbc216d353037bbdce8c1ac Mon Sep 17 00:00:00 2001 From: Methapon2001 <61303214+Methapon2001@users.noreply.github.com> Date: Wed, 13 Dec 2023 18:01:32 +0700 Subject: [PATCH] fix: wording and small adjustment --- .../src/controllers/storageController.ts | 11 +++- Services/server/src/routes.ts | 12 +++- Services/server/src/swagger.json | 62 ++++++++++++++++--- Services/server/src/utils/auth.ts | 4 +- 4 files changed, 75 insertions(+), 14 deletions(-) diff --git a/Services/server/src/controllers/storageController.ts b/Services/server/src/controllers/storageController.ts index f1e8ecb..7aa1aea 100644 --- a/Services/server/src/controllers/storageController.ts +++ b/Services/server/src/controllers/storageController.ts @@ -108,7 +108,10 @@ async function listFolder(path: string[]) { const list = await new Promise<{ pathname: string; name: string }[]>((resolve, reject) => { const item: { pathname: string; name: string }[] = []; - const stream = minioClient.listObjectsV2(DEFAULT_BUCKET, path.join("/") + "/"); + const stream = minioClient.listObjectsV2( + DEFAULT_BUCKET, + path.length === 0 ? "" : path.join("/") + "/", + ); stream.on("data", (v) => { if (v && v.prefix) item.push({ @@ -388,7 +391,7 @@ export class StorageController extends Controller { @Post("file") @Tags("Storage File") @Security("bearerAuth", ["management-role", "admin"]) - @SuccessResponse(HttpStatusCode.NO_CONTENT, "สำเร็จ") + @SuccessResponse(HttpStatusCode.OK, "สำเร็จ") public async postFile( @Request() request: { user: { preferred_username: string } }, @Body() body: FileBody, @@ -441,7 +444,7 @@ export class StorageController extends Controller { } await esClient.index({ - index: DEFAULT_INDEX!, + index: DEFAULT_INDEX, document: metadata, refresh: "wait_for", // Must have or else it doesn't wait for updated index resulted in data not found on fetch }); @@ -450,6 +453,8 @@ export class StorageController extends Controller { const presignedUrl = await minioClient.presignedPutObject(DEFAULT_BUCKET, metadata.pathname); + console.log(presignedUrl); + return { ...metadata, uploadUrl: presignedUrl }; } diff --git a/Services/server/src/routes.ts b/Services/server/src/routes.ts index 90cab3b..639dcb0 100644 --- a/Services/server/src/routes.ts +++ b/Services/server/src/routes.ts @@ -730,6 +730,7 @@ export function RegisterRoutes(app: Router) { }); // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa app.post('/storage/list', + authenticateMiddleware([{"bearerAuth":[]}]), ...(fetchMiddlewares(StorageController)), ...(fetchMiddlewares(StorageController.prototype.getList)), @@ -755,11 +756,13 @@ export function RegisterRoutes(app: Router) { }); // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa app.post('/storage/folder', + authenticateMiddleware([{"bearerAuth":["management-role","admin"]}]), ...(fetchMiddlewares(StorageController)), ...(fetchMiddlewares(StorageController.prototype.postFolder)), function StorageController_postFolder(request: any, response: any, next: any) { const args = { + request: {"in":"request","name":"request","required":true,"dataType":"object"}, body: {"in":"body","name":"body","required":true,"ref":"FolderBody"}, }; @@ -780,6 +783,7 @@ export function RegisterRoutes(app: Router) { }); // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa app.put('/storage/folder', + authenticateMiddleware([{"bearerAuth":["management-role","admin"]}]), ...(fetchMiddlewares(StorageController)), ...(fetchMiddlewares(StorageController.prototype.moveFolder)), @@ -805,6 +809,7 @@ export function RegisterRoutes(app: Router) { }); // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa app.delete('/storage/folder', + authenticateMiddleware([{"bearerAuth":["management-role","admin"]}]), ...(fetchMiddlewares(StorageController)), ...(fetchMiddlewares(StorageController.prototype.deleteStorage)), @@ -830,11 +835,13 @@ export function RegisterRoutes(app: Router) { }); // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa app.post('/storage/file', + authenticateMiddleware([{"bearerAuth":["management-role","admin"]}]), ...(fetchMiddlewares(StorageController)), ...(fetchMiddlewares(StorageController.prototype.postFile)), function StorageController_postFile(request: any, response: any, next: any) { const args = { + request: {"in":"request","name":"request","required":true,"dataType":"object"}, body: {"in":"body","name":"body","required":true,"ref":"FileBody"}, }; @@ -848,18 +855,20 @@ export function RegisterRoutes(app: Router) { const promise = controller.postFile.apply(controller, validatedArgs as any); - promiseHandler(controller, promise, response, 204, next); + promiseHandler(controller, promise, response, 200, next); } catch (err) { return next(err); } }); // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa app.put('/storage/file', + authenticateMiddleware([{"bearerAuth":["management-role","admin"]}]), ...(fetchMiddlewares(StorageController)), ...(fetchMiddlewares(StorageController.prototype.moveFile)), function StorageController_moveFile(request: any, response: any, next: any) { const args = { + request: {"in":"request","name":"request","required":true,"dataType":"object"}, body: {"in":"body","name":"body","required":true,"ref":"PutFileBody"}, }; @@ -880,6 +889,7 @@ export function RegisterRoutes(app: Router) { }); // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa app.delete('/storage/file', + authenticateMiddleware([{"bearerAuth":["management-role","admin"]}]), ...(fetchMiddlewares(StorageController)), ...(fetchMiddlewares(StorageController.prototype.deleteFile)), diff --git a/Services/server/src/swagger.json b/Services/server/src/swagger.json index 75665c8..48a105f 100644 --- a/Services/server/src/swagger.json +++ b/Services/server/src/swagger.json @@ -2032,7 +2032,11 @@ "Storage Folder", "Storage File" ], - "security": [], + "security": [ + { + "bearerAuth": [] + } + ], "parameters": [], "requestBody": { "required": true, @@ -2057,7 +2061,14 @@ "tags": [ "Storage Folder" ], - "security": [], + "security": [ + { + "bearerAuth": [ + "management-role", + "admin" + ] + } + ], "parameters": [], "requestBody": { "required": true, @@ -2081,7 +2092,14 @@ "tags": [ "Storage Folder" ], - "security": [], + "security": [ + { + "bearerAuth": [ + "management-role", + "admin" + ] + } + ], "parameters": [], "requestBody": { "required": true, @@ -2105,7 +2123,14 @@ "tags": [ "Storage Folder" ], - "security": [], + "security": [ + { + "bearerAuth": [ + "management-role", + "admin" + ] + } + ], "parameters": [], "requestBody": { "required": true, @@ -2123,7 +2148,7 @@ "post": { "operationId": "PostFile", "responses": { - "204": { + "200": { "description": "สำเร็จ", "content": { "application/json": { @@ -2225,7 +2250,14 @@ "tags": [ "Storage File" ], - "security": [], + "security": [ + { + "bearerAuth": [ + "management-role", + "admin" + ] + } + ], "parameters": [], "requestBody": { "required": true, @@ -2268,7 +2300,14 @@ "tags": [ "Storage File" ], - "security": [], + "security": [ + { + "bearerAuth": [ + "management-role", + "admin" + ] + } + ], "parameters": [], "requestBody": { "required": true, @@ -2291,7 +2330,14 @@ "tags": [ "Storage File" ], - "security": [], + "security": [ + { + "bearerAuth": [ + "management-role", + "admin" + ] + } + ], "parameters": [], "requestBody": { "required": true, diff --git a/Services/server/src/utils/auth.ts b/Services/server/src/utils/auth.ts index 0f56597..8e66e04 100644 --- a/Services/server/src/utils/auth.ts +++ b/Services/server/src/utils/auth.ts @@ -38,7 +38,7 @@ export async function expressAuthentication( ? request.headers["authorization"].split(" ")[1] : null; - if (!token) throw new HttpError(HttpStatusCode.UNAUTHORIZED, "ไม่พบข้อมูลสำหัรบบืนบันตัวตน"); + if (!token) throw new HttpError(HttpStatusCode.UNAUTHORIZED, "ไม่พบข้อมูลสำหรับยินยันตัวตน"); let payload: JwtPayload = {}; @@ -60,7 +60,7 @@ export async function expressAuthentication( scopes.length > 0 && scopes .map((v) => (v === "management-role" ? process.env.MANAGEMENT_ROLE : v)) - .every((v) => !payload.resource_access[payload.azp].roles.includes(v)) + .every((v) => !payload.role.includes(v)) ) { throw new HttpError(HttpStatusCode.FORBIDDEN, "คุณไม่มีสิทธิในเข้าถึงข้อมูลนี้"); }