X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=src%2Ffiles.js;h=1af4a18a3ece1f215342cd2b90fda8fa871d28ff;hb=HEAD;hp=6c67539c7b61445c14289498660013bd50eb15ac;hpb=5d361bf98214a6838f1beb886f0443dc7e1b0ab7;p=perso%2FImmae%2FProjets%2FNodejs%2FSurfer.git

diff --git a/src/files.js b/src/files.js
index 6c67539..1af4a18 100644
--- a/src/files.js
+++ b/src/files.js
@@ -17,6 +17,7 @@ exports = module.exports = function (basePath) {
     return {
         get: get,
         put: put,
+        post: post,
         del: del
     };
 };
@@ -77,7 +78,7 @@ function removeBasePath(filePath) {
 }
 
 function get(req, res, next) {
-    var filePath = req.params[0];
+    var filePath = decodeURIComponent(req.params[0]);
     var absoluteFilePath = getAbsolutePath(filePath);
     if (!absoluteFilePath) return next(new HttpError(403, 'Path not allowed'));
 
@@ -87,7 +88,7 @@ function get(req, res, next) {
         debug('get', absoluteFilePath);
 
         if (!result.isDirectory() && !result.isFile()) return next(new HttpError(500, 'unsupported type'));
-        if (result.isFile()) return res.sendFile(absoluteFilePath);
+        if (result.isFile()) return res.download(absoluteFilePath);
 
         async.map(fs.readdirSync(absoluteFilePath), function (filePath, callback) {
             fs.stat(path.join(absoluteFilePath, filePath), function (error, result) {
@@ -111,22 +112,22 @@ function get(req, res, next) {
     });
 }
 
-function put(req, res, next) {
+function post(req, res, next) {
     var filePath = decodeURIComponent(req.params[0]);
 
     if (!(req.files && req.files.file) && !req.query.directory) return next(new HttpError(400, 'missing file or directory'));
     if ((req.files && req.files.file) && req.query.directory) return next(new HttpError(400, 'either file or directory'));
 
+    debug('post:', filePath);
+
     var absoluteFilePath = getAbsolutePath(filePath);
     if (!absoluteFilePath || isProtected(absoluteFilePath)) return next(new HttpError(403, 'Path not allowed'));
 
     fs.stat(absoluteFilePath, function (error, result) {
         if (error && error.code !== 'ENOENT') return next(new HttpError(500, error));
 
-        debug('put', absoluteFilePath);
-
         if (result && req.query.directory) return next(new HttpError(409, 'name already exists'));
-        if (result && result.isDirectory()) return next(new HttpError(409, 'cannot put on directories'));
+        if (result && result.isDirectory()) return next(new HttpError(409, 'cannot post on directories'));
 
         if (req.query.directory) {
             return createDirectory(absoluteFilePath, function (error) {
@@ -144,8 +145,32 @@ function put(req, res, next) {
     });
 }
 
+function put(req, res, next) {
+    var oldFilePath = decodeURIComponent(req.params[0]);
+
+    if (!req.body || !req.body.newFilePath) return next(new HttpError(400, 'missing newFilePath'));
+
+    var newFilePath = decodeURIComponent(req.body.newFilePath);
+
+    debug('put: %s -> %s', oldFilePath, newFilePath);
+
+    var absoluteOldFilePath = getAbsolutePath(oldFilePath);
+    if (!absoluteOldFilePath || isProtected(absoluteOldFilePath)) return next(new HttpError(403, 'Path not allowed'));
+
+    var absoluteNewFilePath = getAbsolutePath(newFilePath);
+    if (!absoluteNewFilePath || isProtected(absoluteNewFilePath)) return next(new HttpError(403, 'Path not allowed'));
+
+    fs.rename(absoluteOldFilePath, absoluteNewFilePath, function (error) {
+        if (error) return next (new HttpError(500, error));
+
+        debug('put: successful');
+
+        return next(new HttpSuccess(200, {}));
+    });
+}
+
 function del(req, res, next) {
-    var filePath = req.params[0];
+    var filePath = decodeURIComponent(req.params[0]);
     var recursive = !!req.query.recursive;
     var dryRun = !!req.query.dryRun;