2022-02-02 01:01:29 +01:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"net/http"
|
|
|
|
"time"
|
|
|
|
|
2022-03-22 15:24:34 +01:00
|
|
|
"github.com/gorilla/mux"
|
2022-02-02 01:01:29 +01:00
|
|
|
"github.com/mattermost/focalboard/server/model"
|
|
|
|
"github.com/mattermost/focalboard/server/services/audit"
|
2022-03-31 20:04:20 +02:00
|
|
|
|
|
|
|
"github.com/mattermost/mattermost-server/v6/shared/mlog"
|
2022-02-02 01:01:29 +01:00
|
|
|
)
|
|
|
|
|
2022-02-02 19:25:06 +01:00
|
|
|
const (
|
|
|
|
archiveExtension = ".boardarchive"
|
|
|
|
)
|
|
|
|
|
2022-03-22 15:24:34 +01:00
|
|
|
func (a *API) handleArchiveExportBoard(w http.ResponseWriter, r *http.Request) {
|
2022-04-13 22:24:32 +02:00
|
|
|
// swagger:operation GET /boards/{boardID}/archive/export archiveExportBoard
|
2022-02-02 01:01:29 +01:00
|
|
|
//
|
2022-03-22 15:24:34 +01:00
|
|
|
// Exports an archive of all blocks for one boards.
|
2022-02-02 01:01:29 +01:00
|
|
|
//
|
|
|
|
// ---
|
|
|
|
// produces:
|
|
|
|
// - application/json
|
|
|
|
// parameters:
|
2022-03-22 15:24:34 +01:00
|
|
|
// - name: boardID
|
2022-02-02 01:01:29 +01:00
|
|
|
// in: path
|
2022-03-22 15:24:34 +01:00
|
|
|
// description: Id of board to export
|
2022-02-02 01:01:29 +01:00
|
|
|
// required: true
|
|
|
|
// type: string
|
|
|
|
// security:
|
|
|
|
// - BearerAuth: []
|
|
|
|
// responses:
|
|
|
|
// '200':
|
|
|
|
// description: success
|
|
|
|
// content:
|
|
|
|
// application-octet-stream:
|
|
|
|
// type: string
|
|
|
|
// format: binary
|
|
|
|
// default:
|
|
|
|
// description: internal error
|
|
|
|
// schema:
|
|
|
|
// "$ref": "#/definitions/ErrorResponse"
|
|
|
|
|
2022-03-22 15:24:34 +01:00
|
|
|
vars := mux.Vars(r)
|
|
|
|
boardID := vars["boardID"]
|
2022-04-05 17:00:04 +02:00
|
|
|
userID := getUserID(r)
|
|
|
|
|
|
|
|
if !a.permissions.HasPermissionToBoard(userID, boardID, model.PermissionViewBoard) {
|
|
|
|
a.errorResponse(w, r.URL.Path, http.StatusForbidden, "", PermissionError{"access denied to board"})
|
|
|
|
return
|
|
|
|
}
|
2022-03-22 15:24:34 +01:00
|
|
|
|
|
|
|
auditRec := a.makeAuditRecord(r, "archiveExportBoard", audit.Fail)
|
|
|
|
defer a.audit.LogRecord(audit.LevelRead, auditRec)
|
|
|
|
auditRec.AddMeta("BoardID", boardID)
|
|
|
|
|
|
|
|
board, err := a.app.GetBoard(boardID)
|
2022-02-02 01:01:29 +01:00
|
|
|
if err != nil {
|
2022-03-22 15:24:34 +01:00
|
|
|
a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
|
2022-02-02 01:01:29 +01:00
|
|
|
return
|
|
|
|
}
|
2022-03-22 15:24:34 +01:00
|
|
|
if board == nil {
|
|
|
|
a.errorResponse(w, r.URL.Path, http.StatusNotFound, "", nil)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
opts := model.ExportArchiveOptions{
|
|
|
|
TeamID: board.TeamID,
|
|
|
|
BoardIDs: []string{board.ID},
|
|
|
|
}
|
|
|
|
|
|
|
|
filename := fmt.Sprintf("archive-%s%s", time.Now().Format("2006-01-02"), archiveExtension)
|
|
|
|
w.Header().Set("Content-Type", "application/octet-stream")
|
|
|
|
w.Header().Set("Content-Disposition", "attachment; filename="+filename)
|
|
|
|
w.Header().Set("Content-Transfer-Encoding", "binary")
|
|
|
|
|
|
|
|
if err := a.app.ExportArchive(w, opts); err != nil {
|
|
|
|
a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
auditRec.Success()
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *API) handleArchiveExportTeam(w http.ResponseWriter, r *http.Request) {
|
2022-04-13 22:24:32 +02:00
|
|
|
// swagger:operation GET /teams/{teamID}/archive/export archiveExportTeam
|
2022-03-22 15:24:34 +01:00
|
|
|
//
|
|
|
|
// Exports an archive of all blocks for all the boards in a team.
|
|
|
|
//
|
|
|
|
// ---
|
|
|
|
// produces:
|
|
|
|
// - application/json
|
|
|
|
// parameters:
|
|
|
|
// - name: teamID
|
|
|
|
// in: path
|
|
|
|
// description: Id of team
|
|
|
|
// required: true
|
|
|
|
// type: string
|
|
|
|
// security:
|
|
|
|
// - BearerAuth: []
|
|
|
|
// responses:
|
|
|
|
// '200':
|
|
|
|
// description: success
|
|
|
|
// content:
|
|
|
|
// application-octet-stream:
|
|
|
|
// type: string
|
|
|
|
// format: binary
|
|
|
|
// default:
|
|
|
|
// description: internal error
|
|
|
|
// schema:
|
|
|
|
// "$ref": "#/definitions/ErrorResponse"
|
2022-04-04 09:49:27 +02:00
|
|
|
if a.MattermostAuth {
|
|
|
|
a.errorResponse(w, r.URL.Path, http.StatusNotImplemented, "not permitted in plugin mode", nil)
|
|
|
|
}
|
2022-02-02 01:01:29 +01:00
|
|
|
|
2022-03-22 15:24:34 +01:00
|
|
|
vars := mux.Vars(r)
|
|
|
|
teamID := vars["teamID"]
|
|
|
|
|
|
|
|
ctx := r.Context()
|
|
|
|
session, _ := ctx.Value(sessionContextKey).(*model.Session)
|
|
|
|
userID := session.UserID
|
|
|
|
|
|
|
|
auditRec := a.makeAuditRecord(r, "archiveExportTeam", audit.Fail)
|
2022-02-02 01:01:29 +01:00
|
|
|
defer a.audit.LogRecord(audit.LevelRead, auditRec)
|
2022-03-22 15:24:34 +01:00
|
|
|
auditRec.AddMeta("TeamID", teamID)
|
2022-02-02 01:01:29 +01:00
|
|
|
|
2022-03-22 15:24:34 +01:00
|
|
|
boards, err := a.app.GetBoardsForUserAndTeam(userID, teamID)
|
|
|
|
if err != nil {
|
|
|
|
a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
ids := []string{}
|
|
|
|
for _, board := range boards {
|
|
|
|
ids = append(ids, board.ID)
|
2022-02-02 01:01:29 +01:00
|
|
|
}
|
2022-03-22 15:24:34 +01:00
|
|
|
|
2022-02-02 01:01:29 +01:00
|
|
|
opts := model.ExportArchiveOptions{
|
2022-03-22 15:24:34 +01:00
|
|
|
TeamID: teamID,
|
|
|
|
BoardIDs: ids,
|
2022-02-02 01:01:29 +01:00
|
|
|
}
|
|
|
|
|
2022-02-02 19:25:06 +01:00
|
|
|
filename := fmt.Sprintf("archive-%s%s", time.Now().Format("2006-01-02"), archiveExtension)
|
2022-02-02 01:01:29 +01:00
|
|
|
w.Header().Set("Content-Type", "application/octet-stream")
|
|
|
|
w.Header().Set("Content-Disposition", "attachment; filename="+filename)
|
|
|
|
w.Header().Set("Content-Transfer-Encoding", "binary")
|
|
|
|
|
|
|
|
if err := a.app.ExportArchive(w, opts); err != nil {
|
|
|
|
a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
auditRec.Success()
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *API) handleArchiveImport(w http.ResponseWriter, r *http.Request) {
|
2022-04-13 22:24:32 +02:00
|
|
|
// swagger:operation POST /teams/{teamID}/archive/import archiveImport
|
2022-02-02 01:01:29 +01:00
|
|
|
//
|
|
|
|
// Import an archive of boards.
|
|
|
|
//
|
|
|
|
// ---
|
|
|
|
// produces:
|
|
|
|
// - application/json
|
|
|
|
// consumes:
|
|
|
|
// - multipart/form-data
|
|
|
|
// parameters:
|
2022-03-31 20:04:20 +02:00
|
|
|
// - name: teamID
|
2022-02-02 01:01:29 +01:00
|
|
|
// in: path
|
2022-03-31 20:04:20 +02:00
|
|
|
// description: Team ID
|
2022-02-02 01:01:29 +01:00
|
|
|
// required: true
|
|
|
|
// type: string
|
|
|
|
// - name: file
|
|
|
|
// in: formData
|
|
|
|
// description: archive file to import
|
|
|
|
// required: true
|
|
|
|
// type: file
|
|
|
|
// security:
|
|
|
|
// - BearerAuth: []
|
|
|
|
// responses:
|
|
|
|
// '200':
|
|
|
|
// description: success
|
|
|
|
// default:
|
|
|
|
// description: internal error
|
|
|
|
// schema:
|
|
|
|
// "$ref": "#/definitions/ErrorResponse"
|
|
|
|
|
|
|
|
ctx := r.Context()
|
|
|
|
session, _ := ctx.Value(sessionContextKey).(*model.Session)
|
|
|
|
userID := session.UserID
|
|
|
|
|
2022-03-22 15:24:34 +01:00
|
|
|
vars := mux.Vars(r)
|
|
|
|
teamID := vars["teamID"]
|
|
|
|
|
2022-04-05 17:00:04 +02:00
|
|
|
if !a.permissions.HasPermissionToTeam(userID, teamID, model.PermissionViewTeam) {
|
|
|
|
a.errorResponse(w, r.URL.Path, http.StatusForbidden, "", PermissionError{"access denied to create board"})
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-02-02 01:01:29 +01:00
|
|
|
file, handle, err := r.FormFile(UploadFormFileKey)
|
|
|
|
if err != nil {
|
|
|
|
fmt.Fprintf(w, "%v", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
defer file.Close()
|
|
|
|
|
|
|
|
auditRec := a.makeAuditRecord(r, "import", audit.Fail)
|
|
|
|
defer a.audit.LogRecord(audit.LevelModify, auditRec)
|
|
|
|
auditRec.AddMeta("filename", handle.Filename)
|
|
|
|
auditRec.AddMeta("size", handle.Size)
|
|
|
|
|
|
|
|
opt := model.ImportArchiveOptions{
|
2022-03-22 15:24:34 +01:00
|
|
|
TeamID: teamID,
|
|
|
|
ModifiedBy: userID,
|
2022-02-02 01:01:29 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
if err := a.app.ImportArchive(file, opt); err != nil {
|
2022-03-31 20:04:20 +02:00
|
|
|
a.logger.Debug("Error importing archive",
|
|
|
|
mlog.String("team_id", teamID),
|
|
|
|
mlog.Err(err),
|
|
|
|
)
|
2022-02-02 01:01:29 +01:00
|
|
|
a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
jsonStringResponse(w, http.StatusOK, "{}")
|
|
|
|
auditRec.Success()
|
|
|
|
}
|