-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: upload files in shared workspaces and create new workspaces in …
…those
- Loading branch information
Showing
8 changed files
with
80 additions
and
59 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
import { createClient } from "@supabase/supabase-js"; | ||
|
||
export const supabase = createClient( | ||
import.meta.env.VITE_SUPABASE_PROJECT_URL as string, | ||
process.env.SUPABASE_SERVICE_ROLE_KEY as string, | ||
{ | ||
auth: { persistSession: false }, | ||
} | ||
); | ||
|
||
import { getUserProfile as _getUserProfile } from "./utils"; | ||
export const getUserProfile = (token: string) => _getUserProfile(supabase, token); | ||
|
||
export { getPermissionForWorkspace } from "./utils"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
import type { WorkspaceMeta, UserProfile } from "@/types/api"; | ||
import type { SupabaseClient } from "@supabase/supabase-js"; | ||
|
||
export const getUserProfile = async (supabase: SupabaseClient, token: string) => { | ||
const { data: user_profile } = await supabase.from("profiles") | ||
.select() | ||
.eq("api_token", token) | ||
.limit(1) | ||
.single(); | ||
|
||
return user_profile as UserProfile; | ||
}; | ||
|
||
export const getPermissionForWorkspace = (workspace_data: WorkspaceMeta | undefined | null, user_profile: UserProfile | undefined) => { | ||
if (!workspace_data || !user_profile) return false; | ||
const isCreator = workspace_data.creator === user_profile.user_id; | ||
const isSharedWith = workspace_data.shared_with.includes(user_profile.user_id); | ||
if (!isCreator && !isSharedWith) return false; | ||
return true; | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,14 @@ | ||
import { type UserProfile } from "../../../src/types/api.ts"; | ||
import { createClient } from "https://esm.sh/@supabase/[email protected]"; | ||
import { createClient } from "@supabase/supabase-js"; | ||
|
||
export const supabase = createClient( | ||
Deno.env.get('SUPABASE_URL') as string, | ||
Deno.env.get('SUPABASE_SERVICE_ROLE_KEY') as string, | ||
Deno.env.get("SUPABASE_URL") as string, | ||
Deno.env.get("SUPABASE_SERVICE_ROLE_KEY") as string, | ||
{ | ||
auth: { persistSession: false }, | ||
auth: { persistSession: false } | ||
} | ||
); | ||
|
||
export const getUserProfile = async (token: string) => { | ||
const { data: user_profile } = await supabase.from("profiles") | ||
.select() | ||
.eq("api_token", token) | ||
.limit(1) | ||
.single(); | ||
import { getUserProfile as _getUserProfile } from "../../../src/supabase/server/utils.ts"; | ||
export const getUserProfile = (token: string) => _getUserProfile(supabase, token); | ||
|
||
return user_profile as UserProfile; | ||
}; | ||
export { getPermissionForWorkspace } from "../../../src/supabase/server/utils.ts"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
{ | ||
"imports": { | ||
"@supabase/supabase-js": "https://esm.sh/@supabase/[email protected]" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,7 @@ | ||
import { serve } from "https://deno.land/[email protected]/http/server.ts"; | ||
|
||
import type { UploadedFile, UserProfile } from "../../../src/types/api.ts"; | ||
import { supabase, getUserProfile } from "../_shared/supabase.ts"; | ||
import type { UploadedFile, UserProfile, WorkspaceMeta } from "../../../src/types/api.ts"; | ||
import { supabase, getUserProfile, getPermissionForWorkspace } from "../_shared/supabase.ts"; | ||
|
||
const corsHeaders = { | ||
"Access-Control-Allow-Origin": "*", | ||
|
@@ -17,6 +17,7 @@ const json = <T>(data: T, options?: { status: number }) => new Response( | |
/** | ||
* PUT / - Body should be FormData. | ||
* | ||
* `api_token?: string` to authenticate the user. | ||
* `files: File[]` contains all the files to upload. | ||
* `workspace_id: string` is the workspace where we should upload the files. | ||
* `private?: "0" | "1"` is the accessibility of the file, where `0` means `public` and `1` means private. | ||
|
@@ -30,8 +31,21 @@ serve(async (req: Request) => { | |
let user_profile: UserProfile | undefined; | ||
if (formDataApiToken) (user_profile = await getUserProfile(formDataApiToken)); | ||
|
||
const workspaceId = (formData.get("workspace_id") as string | undefined) ?? user_profile?.root_workspace_id ?? undefined; | ||
|
||
const workspace_id = (formData.get("workspace_id") as string | undefined) ?? user_profile?.root_workspace_id ?? undefined; | ||
if (workspace_id) { | ||
const { data: workspace_data } = await supabase | ||
.from("workspaces") | ||
.select() | ||
.eq("id", workspace_id) | ||
.limit(1) | ||
.single<WorkspaceMeta>(); | ||
|
||
if (!getPermissionForWorkspace(workspace_data, user_profile)) return json({ | ||
success: false, | ||
message: "Not allowed to upload in this directory." | ||
}, { status: 403 }); | ||
} | ||
|
||
const isPrivate = parseInt((formData.get("private") as string | null) ?? "1"); | ||
const newUploadsInDatabase: UploadedFile[] = []; | ||
|
||
|
@@ -45,7 +59,7 @@ serve(async (req: Request) => { | |
// Always public for anonymous uploads. | ||
private: user_profile ? Boolean(isPrivate) : false, | ||
shared_with: [], | ||
workspace_id: user_profile ? workspaceId : null, | ||
workspace_id: user_profile ? workspace_id : null, | ||
name: file.name | ||
}) | ||
.select(); | ||
|
@@ -70,5 +84,5 @@ serve(async (req: Request) => { | |
return json({ | ||
success: false, | ||
message: "Unknown method." | ||
}); | ||
}, { status: 404 }); | ||
}); |