Merge pull request 'f037-access-tatort-via-token' (#12) from f037-access-tatort-via-token into development
Reviewed-on: #12 Reviewed-by: trachi93 <chi-cong.tran@polizei.niedersachsen.de>
This commit was merged in pull request #12.
This commit is contained in:
@@ -19,7 +19,7 @@ export const checkIfExactDirectoryExists = (dir: string): Promise<boolean> => {
|
||||
});
|
||||
};
|
||||
|
||||
export const getContentofTextObject = async (bucket: string, objPath: string) => {
|
||||
export const getContentOfTextObject = async (bucket: string, objPath: string) => {
|
||||
const res = await client.getObject(bucket, objPath);
|
||||
|
||||
const text = await new Response(res).text();
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
import { fail } from '@sveltejs/kit';
|
||||
import { BUCKET, client, CONFIGFILENAME, TOKENFILENAME } from '$lib/minio';
|
||||
import { checkIfExactDirectoryExists, getContentofTextObject } from './s3ClientService';
|
||||
import { checkIfExactDirectoryExists, getContentOfTextObject } from './s3ClientService';
|
||||
|
||||
/**
|
||||
* Get Vorgang and corresponend list of tatorte
|
||||
@@ -17,12 +17,18 @@ export const getVorgangByCaseId = async (caseId: string) => {
|
||||
const splittedNameParts = chunk.name.split('/');
|
||||
const prefix = splittedNameParts[0];
|
||||
const name = splittedNameParts[1];
|
||||
|
||||
if (name === CONFIGFILENAME || name === TOKENFILENAME) continue;
|
||||
list.push({ ...chunk, name: name, prefix: prefix, show_button: true });
|
||||
}
|
||||
return list;
|
||||
};
|
||||
|
||||
|
||||
/**
|
||||
* Fetches list of vorgänge from s3 bucket
|
||||
* @returns list of available cases
|
||||
*/
|
||||
export const getListOfVorgänge = async () => {
|
||||
const stream = client.listObjectsV2(BUCKET, '', false, '');
|
||||
|
||||
@@ -30,7 +36,7 @@ export const getListOfVorgänge = async () => {
|
||||
for await (const chunk of stream) {
|
||||
const objPath = `${chunk.prefix}${TOKENFILENAME}`;
|
||||
|
||||
const token = await getContentofTextObject(BUCKET, objPath);
|
||||
const token = await getContentOfTextObject(BUCKET, objPath);
|
||||
|
||||
const cleanedChunkPrefix = chunk.prefix.replace(/\/$/, '');
|
||||
list.push({ name: cleanedChunkPrefix, token: token });
|
||||
@@ -43,7 +49,7 @@ export const getListOfVorgänge = async () => {
|
||||
* @param request
|
||||
* @returns fail or true
|
||||
*/
|
||||
export const checkIfVorgangExists = async (caseId: string) => {
|
||||
export const checkIfVorgangExists = async (caseId: string | null) => {
|
||||
if (!caseId) {
|
||||
return fail(400, {
|
||||
success: false,
|
||||
@@ -68,21 +74,12 @@ export const hasValidToken = async (caseId: string, caseToken: string) => {
|
||||
|
||||
try {
|
||||
if (!caseToken) {
|
||||
return fail(400, {
|
||||
success: false,
|
||||
caseId,
|
||||
error: { message: 'Bitte Zugangscode eingeben!' }
|
||||
});
|
||||
return false;
|
||||
}
|
||||
|
||||
const token = await getContentofTextObject(BUCKET, objPath);
|
||||
|
||||
const token = await getContentOfTextObject(BUCKET, objPath);
|
||||
if (!token || token !== caseToken) {
|
||||
return fail(400, {
|
||||
success: false,
|
||||
caseId,
|
||||
error: { message: 'Der Token ist ungültig.' }
|
||||
});
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
|
||||
@@ -1,10 +1,19 @@
|
||||
import { type ServerLoadEvent } from '@sveltejs/kit';
|
||||
import type { PageServerLoad } from '../anmeldung/$types';
|
||||
import { checkIfVorgangExists, hasValidToken } from '$lib/server/vorgangService';
|
||||
import { redirect } from '@sveltejs/kit';
|
||||
import type { PageServerLoad } from './list/[vorgang]/$types';
|
||||
|
||||
export const load: PageServerLoad = (event: ServerLoadEvent) => {
|
||||
if (event.locals.user) {
|
||||
export const load: PageServerLoad = async ({ params, url, locals }) => {
|
||||
if (locals.user) {
|
||||
return {
|
||||
user: event.locals.user
|
||||
user: locals.user
|
||||
};
|
||||
}
|
||||
|
||||
const caseId = params.vorgang;
|
||||
const caseToken = url.searchParams.get('token');
|
||||
|
||||
const isVorgangValid = await checkIfVorgangExists(caseId);
|
||||
const isTokenValid = await hasValidToken(caseId, caseToken);
|
||||
|
||||
if (!isVorgangValid || !isTokenValid) throw redirect(303, `/anmeldung`);
|
||||
};
|
||||
|
||||
@@ -1,28 +1,14 @@
|
||||
import { checkIfVorgangExists } from '$lib/server/vorgangService';
|
||||
import { hasValidToken } from '$lib/server/vorgangService';
|
||||
import { getVorgangByCaseId } from '$lib/server/vorgangService';
|
||||
import type { PageServerLoad } from '../../view/$types';
|
||||
import type { PageServerLoad } from './$types';
|
||||
|
||||
export const load: PageServerLoad = async ({ params, url }) => {
|
||||
const caseId = params.vorgang;
|
||||
const caseToken = url.searchParams.get('token');
|
||||
|
||||
const isVorgangValid = await checkIfVorgangExists(caseId);
|
||||
if (isVorgangValid !== true) {
|
||||
return {
|
||||
error: 'Vorgang wurde nicht gefunden.'
|
||||
};
|
||||
}
|
||||
const isTokenValid = await hasValidToken(caseId, caseToken);
|
||||
if (isTokenValid !== true) {
|
||||
return {
|
||||
error: 'Zugriffscode ist ungültig.'
|
||||
};
|
||||
}
|
||||
|
||||
const crimesList = await getVorgangByCaseId(caseId);
|
||||
|
||||
return {
|
||||
crimesList
|
||||
crimesList,
|
||||
caseToken
|
||||
};
|
||||
};
|
||||
|
||||
@@ -27,6 +27,7 @@
|
||||
}
|
||||
|
||||
const crimesList: ListItem[] = data.crimesList;
|
||||
const token: string = data.caseToken;
|
||||
|
||||
let open = false;
|
||||
$: open;
|
||||
@@ -138,7 +139,7 @@
|
||||
{#each crimesList as item, i}
|
||||
<li>
|
||||
<a
|
||||
href="/view/{$page.params.vorgang}/{item.name}"
|
||||
href="/view/{$page.params.vorgang}/{item.name}?token={token}"
|
||||
class=" flex justify-between gap-x-6 py-5"
|
||||
aria-label="zum 3D-modell"
|
||||
>
|
||||
@@ -206,9 +207,8 @@
|
||||
let url = new URL($page.url);
|
||||
url.pathname += `/${filename}`;
|
||||
|
||||
console.log(`--- ${vorgang} + ${filename} + ${url}`);
|
||||
try {
|
||||
const response = await fetch(url, { method: 'DELETE' });
|
||||
const response = await fetch(`api/${url}`, { method: 'DELETE' });
|
||||
if (response.status == 204) {
|
||||
setTimeout(() => {
|
||||
window.location.reload();
|
||||
@@ -264,12 +264,6 @@
|
||||
</Modal>
|
||||
</div>
|
||||
|
||||
{#if data.error}
|
||||
<div class="max-w-xl mx-auto bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative mt-4">
|
||||
<strong class="font-bold">Fehler: </strong>
|
||||
<span class="block sm:inline">{data.error}</span>
|
||||
</div>
|
||||
{/if}
|
||||
<style>
|
||||
ul {
|
||||
min-width: 24rem;
|
||||
|
||||
@@ -1,11 +0,0 @@
|
||||
import { BUCKET, client } from '$lib/minio';
|
||||
|
||||
export async function DELETE({ request }: { request: Request }) {
|
||||
const url_fragments = request.url.split('/');
|
||||
const item = url_fragments.at(-1);
|
||||
const vorgang = url_fragments.at(-2);
|
||||
|
||||
await client.removeObject(BUCKET, `${vorgang}/${item}`);
|
||||
|
||||
return new Response(null, { status: 204 });
|
||||
}
|
||||
@@ -1,6 +1,5 @@
|
||||
import { redirect } from '@sveltejs/kit';
|
||||
|
||||
/** @type {import('./$types').Actions} */
|
||||
export const actions = {
|
||||
default: async ({request}: {request: Request}) => {
|
||||
const data = await request.formData();
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
import { client } from '$lib/minio';
|
||||
import type { PageServerLoad } from './$types';
|
||||
|
||||
/** @type {import('./$types').PageServerLoad} */
|
||||
export const load: PageServerLoad = async ({ params }) => {
|
||||
const { vorgang, tatort } = params;
|
||||
const url = await client.presignedUrl('GET', 'tatort', `${vorgang}/${tatort}`);
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
import { loginUser, logoutUser } from '$lib/server/authService';
|
||||
import { checkIfVorgangExists, hasValidToken } from '$lib/server/vorgangService.js';
|
||||
import { redirect } from '@sveltejs/kit';
|
||||
|
||||
export const actions = {
|
||||
@@ -10,10 +9,7 @@ export const actions = {
|
||||
const caseId = data.get('case-id');
|
||||
const caseToken = data.get('case-token');
|
||||
|
||||
const isVorgangValid = await checkIfVorgangExists(caseId);
|
||||
if (isVorgangValid !== true) return isVorgangValid;
|
||||
const isTokenValid = await hasValidToken(caseId, caseToken);
|
||||
if ( isTokenValid !== true) return isTokenValid;
|
||||
if (!caseId || !caseToken) return;
|
||||
|
||||
throw redirect(303, `/list/${caseId}?token=${caseToken}`);
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import { client } from '$lib/minio';
|
||||
import { BUCKET, client } from '$lib/minio';
|
||||
|
||||
export async function GET() {
|
||||
const stream = client.listObjectsV2('tatort', '', true);
|
||||
const stream = client.listObjectsV2(BUCKET, '', true);
|
||||
const result = new ReadableStream({
|
||||
start(controller) {
|
||||
stream.on('data', (data) => {
|
||||
@@ -22,3 +22,14 @@ export async function GET() {
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
export async function DELETE({ request }: { request: Request }) {
|
||||
const url_fragments = request.url.split('/');
|
||||
const item = url_fragments.at(-1);
|
||||
const vorgang = url_fragments.at(-2);
|
||||
|
||||
await client.removeObject(BUCKET, `${vorgang}/${item}`);
|
||||
|
||||
return new Response(null, { status: 204 });
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user