Skip to content

Commit

Permalink
Add Delete Files / Buckets in Admin Interface
Browse files Browse the repository at this point in the history
  • Loading branch information
@Alkl58
Alkl58 committed Mar 11, 2022
1 parent 8bba6e7 commit fe8a745
Show file tree
Hide file tree
Showing 2 changed files with 73 additions and 6 deletions.
33 changes: 29 additions & 4 deletions app/src/Admin.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,11 @@
template(v-else) {{ sum[sid].firstExpire }}
td.text-right {{ humanFileSize(sum[sid].size) }}
td
a(:href="baseURI + sid", title='Open bucket', target="_blank")
a(:href="baseURI + sid", title="Open bucket", target="_blank")
icon(name="folder-open")
|
a.text-danger(@click="deleteBucket(sid)", title="Delete bucket")
icon(name="trash")
tbody.expanded(v-if="expand === sid")
template(v-for="file in bucket")
tr.file
Expand All @@ -58,6 +61,8 @@
template(v-else) {{ file.expireDate }}
td.text-right {{ humanFileSize(file.size) }}
td
a.text-danger(@click="deleteFile(file.metadata.sid, file.metadata.key)", title="Delete file")
icon(name="trash")
tfoot
tr
td(colspan="3")
Expand All @@ -73,7 +78,7 @@
import 'vue-awesome/icons/sign-in-alt';
import 'vue-awesome/icons/key';
import 'vue-awesome/icons/folder-open';
import 'vue-awesome/icons/trash';
export default {
name: 'app',
Expand Down Expand Up @@ -168,9 +173,29 @@
return Math.max(fileSizeInBytes, 0.00).toFixed(2) + byteUnits[i];
},
},
deleteFile(sid, key, bucketDelete = false) {
const xhr = new XMLHttpRequest();
xhr.open('DELETE', this.$root.baseURI + 'delete');
xhr.setRequestHeader('Content-Type', 'application/json');
xhr.setRequestHeader('x-passwd', this.password);
xhr.send(JSON.stringify({'sid': sid, 'key': key, 'bucketDelete': bucketDelete}));
xhr.onload = () => {
if(xhr.status === 200) {
try {
this.login();
} catch(e) {
this.error = e.toString();
}
} else {
this.error = `${xhr.status} ${xhr.statusText}: ${xhr.responseText}`;
}
};
},
deleteBucket(sid) {
this.deleteFile(sid, '', true);
},
},
}
</script>

Expand Down
46 changes: 44 additions & 2 deletions lib/endpoints.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,8 +292,7 @@ app.get(`${ config.baseUrl }files/:fid`, async (req, res, next) => {


// Upload file
app.use(`${ config.uploadAppPath }files`,
function(req, res, next) {
app.use(`${ config.uploadAppPath }files`, function(req, res, next) {
// Upload password protection
if (config.uploadPass) {
const bfTimeout = 500;
Expand Down Expand Up @@ -371,6 +370,49 @@ app.use(`${ config.uploadAppPath }files`,
})
);

// Delete File / Bucket
app.use(`${ config.baseUrl }delete`, async function(req, res, next) {
if (!config.adminPass) return next();

const bfTimeout = 500;
if (!req.get('x-passwd')) {
// delay answer to make brute force attacks more difficult
setTimeout(() => res.status(401).send('Unauthorized'), bfTimeout);
return;
}
if (req.get('x-passwd') !== config.adminPass) {
setTimeout(() => res.status(403).send('Forbidden'), bfTimeout);
return;
}

if (req.method === 'GET') return res.status(405).end();
if (req.method === 'POST') return res.status(405).end();

// Delete File
if (req.method === 'DELETE') {
try {
if (req.body.bucketDelete == true) {
// Delete Multiple Files
const bucket = db.get(req.body.sid);
bucket.forEach(async file => {
await db.remove(file.metadata.sid, file.metadata.key);
});
}
else {
// Delete Single File
await db.remove(req.body.sid, req.body.key);
}

// Redirect to admin page to update the view
res.send(adminPage({ ...pugVars, lang: req.translations }));
}
catch (e) {
console.error(e);
return res.status(400).end(e.message);
}
}
});

app.use((req, res, next) => {
if (req.url === config.baseUrl) {
return res.redirect(config.uploadAppPath);
Expand Down

0 comments on commit fe8a745

Please sign in to comment.