From e628921a338684a4bc3f196c5c39beba8b8f9b68 Mon Sep 17 00:00:00 2001
From: Johannes Zellner <johannes@cloudron.io>
Date: Tue, 7 Feb 2017 16:26:17 +0100
Subject: Add rename functionality

This also break backwardscompat since PUT is now POST
and PUT is used for renaming
---
 src/files.js | 33 +++++++++++++++++++++++++++++----
 1 file changed, 29 insertions(+), 4 deletions(-)

(limited to 'src/files.js')

diff --git a/src/files.js b/src/files.js
index 747acf7..876ff4e 100644
--- a/src/files.js
+++ b/src/files.js
@@ -17,6 +17,7 @@ exports = module.exports = function (basePath) {
     return {
         get: get,
         put: put,
+        post: post,
         del: del
     };
 };
@@ -111,22 +112,22 @@ function get(req, res, next) {
     });
 }
 
-function put(req, res, next) {
+function post(req, res, next) {
     var filePath = decodeURIComponent(req.params[0]);
 
     if (!(req.files && req.files.file) && !req.query.directory) return next(new HttpError(400, 'missing file or directory'));
     if ((req.files && req.files.file) && req.query.directory) return next(new HttpError(400, 'either file or directory'));
 
+    debug('post:', filePath);
+
     var absoluteFilePath = getAbsolutePath(filePath);
     if (!absoluteFilePath || isProtected(absoluteFilePath)) return next(new HttpError(403, 'Path not allowed'));
 
     fs.stat(absoluteFilePath, function (error, result) {
         if (error && error.code !== 'ENOENT') return next(new HttpError(500, error));
 
-        debug('put', absoluteFilePath);
-
         if (result && req.query.directory) return next(new HttpError(409, 'name already exists'));
-        if (result && result.isDirectory()) return next(new HttpError(409, 'cannot put on directories'));
+        if (result && result.isDirectory()) return next(new HttpError(409, 'cannot post on directories'));
 
         if (req.query.directory) {
             return createDirectory(absoluteFilePath, function (error) {
@@ -144,6 +145,30 @@ function put(req, res, next) {
     });
 }
 
+function put(req, res, next) {
+    var oldFilePath = decodeURIComponent(req.params[0]);
+
+    if (!req.body || !req.body.newFilePath) return next(new HttpError(400, 'missing newFilePath'));
+
+    var newFilePath = decodeURIComponent(req.body.newFilePath);
+
+    debug('put: %s -> %s', oldFilePath, newFilePath);
+
+    var absoluteOldFilePath = getAbsolutePath(oldFilePath);
+    if (!absoluteOldFilePath || isProtected(absoluteOldFilePath)) return next(new HttpError(403, 'Path not allowed'));
+
+    var absoluteNewFilePath = getAbsolutePath(newFilePath);
+    if (!absoluteNewFilePath || isProtected(absoluteNewFilePath)) return next(new HttpError(403, 'Path not allowed'));
+
+    fs.rename(absoluteOldFilePath, absoluteNewFilePath, function (error) {
+        if (error) return next (new HttpError(500, error));
+
+        debug('put: successful');
+
+        return next(new HttpSuccess(200, {}));
+    });
+}
+
 function del(req, res, next) {
     var filePath = decodeURIComponent(req.params[0]);
     var recursive = !!req.query.recursive;
-- 
cgit v1.2.3