diff --git a/doc/api/share.md b/doc/api/share.md index 5b4dc210..99e99cb7 100644 --- a/doc/api/share.md +++ b/doc/api/share.md @@ -182,39 +182,3 @@ await fetch("http://puter.localhost:4100/share", { "dry_run": true } ``` - -## **deprecated** POST `/share/item-by-username` (auth required) - -### Description - -The `/share/item-by-username` endpoint grants access permission -for an item to the specified user. This user will also receive an -email about the shared item. - -### Parameters - -| Name | Description | Default Value | -| ---- | ----------- | -------- | -| path | Location of the item | **required** | -| username | Username of the user to share to | **required** | -| access_level | Either `'read'` or `'write'` | `'write'` | - -### Response - -This endpoint responds with an empty object (`{}`). - -### Request Example - -```javascript -await fetch("https://api.puter.local/share/item-by-username", { - headers: { - "Content-Type": "application/json", - "Authorization": `Bearer ${puter.authToken}`, - }, - body: JSON.stringify({ - path: "/my-username/Desktop/some-file.txt", - username: "other-username", - }), - method: "POST", -}); -``` diff --git a/packages/backend/src/routers/share.js b/packages/backend/src/routers/share.js index 46e898a2..f5518124 100644 --- a/packages/backend/src/routers/share.js +++ b/packages/backend/src/routers/share.js @@ -5,135 +5,19 @@ const validator = require('validator'); const APIError = require('../api/APIError'); const { get_user, get_app } = require('../helpers'); const { Context } = require('../util/context'); -const auth2 = require('../middleware/auth2'); const config = require('../config'); const FSNodeParam = require('../api/filesystem/FSNodeParam'); const { TYPE_DIRECTORY } = require('../filesystem/FSNodeContext'); const { PermissionUtil } = require('../services/auth/PermissionService'); -const { validate } = require('uuid'); const configurable_auth = require('../middleware/configurable_auth'); const { UsernameNotifSelector } = require('../services/NotificationService'); const { quot } = require('../util/strutil'); const { UtilFn } = require('../util/fnutil'); const { WorkList } = require('../util/workutil'); -const { whatis } = require('../util/langutil'); - -const uuidv4 = require('uuid').v4; const router = express.Router(); -const validate_share_fsnode_params = req => { - let path = req.body.path; - if ( ! (typeof path === 'string') ) { - throw APIError.create('field_invalid', null, { - key: 'path', - expected: 'string', - got: typeof path, - }); - } - - const access_level = req.body.access_level || 'write'; - if ( ! ['read','write'].includes(access_level) ) { - throw APIError.create('field_invalid', null, { - key: 'access_level', - expected: '"read" or "write"', - }); - } - - const permission = PermissionUtil.join('fs', path, access_level); - - return { - path, access_level, permission, - }; -} - -const v0_1 = async (req, res) => { - const svc_token = req.services.get('token'); - const svc_email = req.services.get('email'); - const svc_permission = req.services.get('permission'); - const svc_notification = req.services.get('notification'); - - console.log('which actor exists?', - req.actor, - Context.get('actor')) - const actor = Context.get('actor'); - - const username = req.body.username; - if ( ! (typeof username === 'string') ) { - throw APIError.create('field_invalid', null, { - key: 'username', - expected: 'string', - got: typeof username, - }); - } - - const { path, permission } = - validate_share_fsnode_params(req); - - const recipient = await get_user({ username }); - if ( ! recipient ) { - throw APIError.create('user_does_not_exist', null, { - username - }); - } - - await svc_permission.grant_user_user_permission( - actor, username, permission, {}, {}, - ); - - const node = await (new FSNodeParam('path')).consolidate({ - req, getParam: () => path - }); - - if ( ! await node.exists() ) { - throw APIError.create('subject_does_not_exist'); - } - - let email_path = path; - let is_dir = true; - if ( await node.get('type') !== TYPE_DIRECTORY ) { - is_dir = false; - // remove last component - email_path = email_path.slice(0, path.lastIndexOf('/')+1); - } - - if ( email_path.startsWith('/') ) email_path = email_path.slice(1); - const link = `${config.origin}/show/${email_path}`; - - const email_values = { - link, - susername: req.user.username, - ...(recipient ? { - rusername: recipient.username, - } : {}), - }; - - const email_tmpl = recipient ? - 'share_existing_user' : 'share_new_user'; - - await svc_email.send_email({ email: recipient.email }, email_tmpl, email_values); - - const wut = is_dir ? 'directory' : 'file'; - svc_notification.notify(UsernameNotifSelector(username), { - source: 'sharing', - icon: 'shared.svg', - title: 'A file was shared with you!', - template: 'file-shared-with-you', - fields: { - username: req.user.username, - files: [ - await node.getSafeEntry(), - ], - }, - text: `The user ${quot(req.user.username)} shared a ${wut} ` + - `with you called ${quot(await node.get('name'))}` - }); - - res.send({}); -}; - - const v0_2 = async (req, res) => { const svc_token = req.services.get('token'); const svc_email = req.services.get('email'); @@ -541,14 +425,6 @@ const v0_2 = async (req, res) => { res.send(result); }; -Endpoint({ - // "item" here means a filesystem node - route: '/item-by-username', - mw: [configurable_auth()], - methods: ['POST'], - handler: v0_1, -}).attach(router); - Endpoint({ // "item" here means a filesystem node route: '/',