Fixed logs for file requests and fixed some tests

Author: Forceu

internal/logging/Logging.go

@@ -126,17 +126,17 @@ func LogEdit(file models.File, user models.User) {
 
 // LogCreateFileRequest adds a log entry when a file request was added. Non-Blocking
 func LogCreateFileRequest(fr models.FileRequest, user models.User) {
-	createLogEntry(categoryEdit, fmt.Sprintf("File request #%d %s created by %s (user #%d)", fr.Id, fr.Name, user.Name, user.Id), false)
+	createLogEntry(categoryEdit, fmt.Sprintf("File request %s (%s) created by %s (user #%d)", fr.Id, fr.Name, user.Name, user.Id), false)
 }
 
 // LogEditFileRequest adds a log entry when a file request was edited. Non-Blocking
 func LogEditFileRequest(fr models.FileRequest, user models.User) {
-	createLogEntry(categoryEdit, fmt.Sprintf("File request #%d %s created by %s (user #%d)", fr.Id, fr.Name, user.Name, user.Id), false)
+	createLogEntry(categoryEdit, fmt.Sprintf("File request %s (%s) created by %s (user #%d)", fr.Id, fr.Name, user.Name, user.Id), false)
 }
 
 // LogDeleteFileRequest adds a log entry when a file request was deleted. Non-Blocking
 func LogDeleteFileRequest(fr models.FileRequest, user models.User) {
-	createLogEntry(categoryEdit, fmt.Sprintf("File request #%d %s and associated files deleted by %s (user #%d)", fr.Id, fr.Name, user.Name, user.Id), false)
+	createLogEntry(categoryEdit, fmt.Sprintf("File request %s (%s) and associated files deleted by %s (user #%d)", fr.Id, fr.Name, user.Name, user.Id), false)
 }
 
 // LogReplace adds a log entry when an upload was replaced. Non-Blocking

internal/models/ApiKey_test.go

@@ -127,21 +127,6 @@ func TestApiPermAllNoApiMod(t *testing.T) {
 	}
 }
 
-func TestApiPermAll(t *testing.T) {
-	key := &ApiKey{}
-	key.GrantPermission(ApiPermAll)
-	if !key.HasPermission(ApiPermView) ||
-		!key.HasPermission(ApiPermUpload) ||
-		!key.HasPermission(ApiPermDelete) ||
-		!key.HasPermission(ApiPermApiMod) ||
-		!key.HasPermission(ApiPermEdit) ||
-		!key.HasPermission(ApiPermReplace) ||
-		!key.HasPermission(ApiPermManageUsers) ||
-		!key.HasPermission(ApiPermManageLogs) {
-		t.Errorf("expected all permissions to be set")
-	}
-}
-
 // Helper function to check only one permission is set
 func checkOnlyPermissionSet(t *testing.T, key *ApiKey, perm ApiPermission) {
 	allPermissions := []struct {

internal/models/FileList_test.go

@@ -32,8 +32,8 @@ func TestToJsonResult(t *testing.T) {
 		UnlimitedTime:      true,
 		PendingDeletion:    100,
 	}
-	test.IsEqualString(t, file.ToJsonResult("serverurl/", false), `{"Result":"OK","FileInfo":{"Id":"testId","Name":"testName","Size":"10 B","HotlinkId":"hotlinkid","ContentType":"text/html","ExpireAtString":"2025-06-25 11:48:28","UrlDownload":"serverurl/d?id=testId","UrlHotlink":"","UploadDate":1748180908,"ExpireAt":1750852108,"SizeBytes":10,"DownloadsRemaining":1,"DownloadCount":3,"UnlimitedDownloads":true,"UnlimitedTime":true,"RequiresClientSideDecryption":true,"IsEncrypted":true,"IsEndToEndEncrypted":false,"IsPasswordProtected":true,"IsSavedOnLocalStorage":false,"IsPendingDeletion":true,"UploaderId":2},"IncludeFilename":false}`)
-	test.IsEqualString(t, file.ToJsonResult("serverurl/", true), `{"Result":"OK","FileInfo":{"Id":"testId","Name":"testName","Size":"10 B","HotlinkId":"hotlinkid","ContentType":"text/html","ExpireAtString":"2025-06-25 11:48:28","UrlDownload":"serverurl/d/testId/testName","UrlHotlink":"","UploadDate":1748180908,"ExpireAt":1750852108,"SizeBytes":10,"DownloadsRemaining":1,"DownloadCount":3,"UnlimitedDownloads":true,"UnlimitedTime":true,"RequiresClientSideDecryption":true,"IsEncrypted":true,"IsEndToEndEncrypted":false,"IsPasswordProtected":true,"IsSavedOnLocalStorage":false,"IsPendingDeletion":true,"UploaderId":2},"IncludeFilename":true}`)
+	test.IsEqualString(t, file.ToJsonResult("serverurl/", false), `{"Result":"OK","FileInfo":{"Id":"testId","Name":"testName","Size":"10 B","HotlinkId":"hotlinkid","ContentType":"text/html","ExpireAtString":"2025-06-25 11:48:28","UrlDownload":"serverurl/d?id=testId","UrlHotlink":"","FileRequestId":"","UploadDate":1748180908,"ExpireAt":1750852108,"SizeBytes":10,"DownloadsRemaining":1,"DownloadCount":3,"UnlimitedDownloads":true,"UnlimitedTime":true,"RequiresClientSideDecryption":true,"IsEncrypted":true,"IsEndToEndEncrypted":false,"IsPasswordProtected":true,"IsSavedOnLocalStorage":false,"IsPendingDeletion":true,"IsFileRequest":false,"UploaderId":2},"IncludeFilename":false}`)
+	test.IsEqualString(t, file.ToJsonResult("serverurl/", true), `{"Result":"OK","FileInfo":{"Id":"testId","Name":"testName","Size":"10 B","HotlinkId":"hotlinkid","ContentType":"text/html","ExpireAtString":"2025-06-25 11:48:28","UrlDownload":"serverurl/d/testId/testName","UrlHotlink":"","FileRequestId":"","UploadDate":1748180908,"ExpireAt":1750852108,"SizeBytes":10,"DownloadsRemaining":1,"DownloadCount":3,"UnlimitedDownloads":true,"UnlimitedTime":true,"RequiresClientSideDecryption":true,"IsEncrypted":true,"IsEndToEndEncrypted":false,"IsPasswordProtected":true,"IsSavedOnLocalStorage":false,"IsPendingDeletion":true,"IsFileRequest":false,"UploaderId":2},"IncludeFilename":true}`)
 }
 
 func TestIsLocalStorage(t *testing.T) {

internal/models/User_test.go

@@ -249,5 +249,5 @@ func TestUser_ToJson(t *testing.T) {
 		Password:      "1234",
 		ResetPassword: true,
 	}
-	test.IsEqualString(t, user.ToJson(), `{"id":4,"name":"Test User","permissions":255,"userLevel":1,"lastOnline":1337,"resetPassword":true}`)
+	test.IsEqualString(t, user.ToJson(), `{"id":4,"name":"Test User","permissions":511,"userLevel":1,"lastOnline":1337,"resetPassword":true}`)
 }

internal/storage/FileServing_test.go

@@ -554,7 +554,7 @@ func TestServeFile(t *testing.T) {
 	test.IsEqualBool(t, result, true)
 	r := httptest.NewRequest("GET", "/", nil)
 	w := httptest.NewRecorder()
-	ServeFile(file, w, r, true)
+	ServeFile(file, w, r, true, true)
 	_, result = GetFile(idNewFile)
 	test.IsEqualBool(t, result, false)
 
@@ -575,7 +575,7 @@ func TestServeFile(t *testing.T) {
 		w = httptest.NewRecorder()
 		file, result = GetFile("awsTest1234567890123")
 		test.IsEqualBool(t, result, true)
-		ServeFile(file, w, r, false)
+		ServeFile(file, w, r, false, true)
 		if aws.IsMockApi {
 			test.ResponseBodyContains(t, w, "https://redirect.url")
 		} else {
@@ -600,7 +600,7 @@ func TestServeFile(t *testing.T) {
 	file.Encryption.Nonce = nonce
 	r = httptest.NewRequest("GET", "/", nil)
 	w = httptest.NewRecorder()
-	ServeFile(file, w, r, true)
+	ServeFile(file, w, r, true, true)
 	test.ResponseBodyContains(t, w, "Error decrypting file")
 }
 

internal/storage/filesystem/s3filesystem/aws/Aws_mock.go

@@ -5,12 +5,13 @@ package aws
 import (
 	"bytes"
 	"errors"
-	"github.com/forceu/gokapi/internal/models"
 	"io"
 	"net/http"
 	"os"
 	"strconv"
 	"strings"
+
+	"github.com/forceu/gokapi/internal/models"
 )
 
 var uploadedFiles []models.File
@@ -199,3 +200,20 @@ func IsCorsCorrectlySet(bucket, gokapiUrl string) (bool, error) {
 func GetDefaultBucketName() string {
 	return bucketName
 }
+
+// Stream downloads a file from AWS sequentially, used for saving to a Zip file
+func Stream(writer io.Writer, file models.File) (int64, error) {
+	if !isValidCredentials() {
+		return 0, errors.New("invalid credentials / invalid bucket / invalid region")
+	}
+
+	if isUploaded(file) {
+		data, err := os.Open("data/" + file.SHA1)
+		if err != nil {
+			return 0, err
+		}
+		defer data.Close()
+		return io.Copy(writer, data)
+	}
+	return 0, errors.New("file not found")
+}

internal/storage/filesystem/s3filesystem/aws/Aws_slim.go

@@ -4,9 +4,10 @@ package aws
 
 import (
 	"errors"
-	"github.com/forceu/gokapi/internal/models"
 	"io"
 	"net/http"
+
+	"github.com/forceu/gokapi/internal/models"
 )
 
 const errorString = "AWS not supported in this build"
@@ -82,3 +83,8 @@ func IsCorsCorrectlySet(bucket, gokapiUrl string) (bool, error) {
 func GetDefaultBucketName() string {
 	return ""
 }
+
+// Stream downloads a file from AWS sequentially, used for saving to a Zip file
+func Stream(writer io.Writer, file models.File) (int64, error) {
+	return 0, errors.New(errorString)
+}

internal/test/testconfiguration/TestConfiguration.go

@@ -262,36 +262,36 @@ func writeApiKeys() {
 	database.SaveApiKey(models.ApiKey{
 		Id:           "validkey",
 		FriendlyName: "First Key",
-		Permissions:  models.ApiPermAll, // TODO
+		Permissions:  models.ApiPermNone,
 		UserId:       5,
 		PublicId:     "taiyeo6uLie6nu6eip0ieweiM5mahv",
 	})
 	database.SaveApiKey(models.ApiKey{
 		Id:           "validkeyid7",
 		FriendlyName: "Key for uid 7",
-		Permissions:  models.ApiPermAll, // TODO
+		Permissions:  models.ApiPermNone,
 		UserId:       7,
 		PublicId:     "vu0eemi8eehaisuth3pahDai2eo6ze",
 	})
 	database.SaveApiKey(models.ApiKey{
 		Id:           "GAh1IhXDvYnqfYLazWBqMB9HSFmNPO",
 		FriendlyName: "Second Key",
 		LastUsed:     1620671580,
-		Permissions:  models.ApiPermAll, // TODO
+		Permissions:  models.ApiPermNone,
 		UserId:       5,
 		PublicId:     "yaeVohng1ohNohsh1vailizeil5ka5",
 	})
 	database.SaveApiKey(models.ApiKey{
 		Id:           "jiREglQJW0bOqJakfjdVfe8T1EM8n8",
 		FriendlyName: "Unnamed Key",
-		Permissions:  models.ApiPermAll, // TODO
+		Permissions:  models.ApiPermNone,
 		UserId:       5,
 		PublicId:     "ahYie4ophoo5OoGhahCe1neic6thah",
 	})
 	database.SaveApiKey(models.ApiKey{
 		Id:           "okeCMWqhVMZSpt5c1qpCWhKvJJPifb",
 		FriendlyName: "Unnamed Key",
-		Permissions:  models.ApiPermAll, // TODO
+		Permissions:  models.ApiPermNone,
 		UserId:       5,
 		PublicId:     "ugoo0roowoanahthei7ohSail5OChu",
 	})

internal/webserver/api/Api_test.go

@@ -73,14 +73,14 @@ func generateTestData() {
 		Id:           idApiKeyAdmin,
 		PublicId:     idApiKeyAdmin,
 		FriendlyName: "Admin",
-		Permissions:  models.ApiPermAll,
+		Permissions:  models.ApiPermNone,
 		UserId:       idAdmin,
 	})
 	database.SaveApiKey(models.ApiKey{
 		Id:           idApiKeySuperAdmin,
 		PublicId:     idPublicApiKeySuperAdmin,
 		FriendlyName: "SuperAdmin",
-		Permissions:  models.ApiPermAll,
+		Permissions:  models.ApiPermNone,
 		UserId:       idSuperAdmin,
 	})
 	database.SaveMetaData(models.File{
@@ -120,7 +120,6 @@ func getRecorderWithBody(url, apikey, method string, headers []test.Header, body
 }
 
 func testAuthorisation(t *testing.T, url string, requiredPermission models.ApiPermission) models.ApiKey {
-	t.Helper()
 	w, r := getRecorder(url, "", []test.Header{{}})
 	Process(w, r)
 	test.IsEqualBool(t, w.Code != 200, true)
@@ -131,13 +130,13 @@ func testAuthorisation(t *testing.T, url string, requiredPermission models.ApiPe
 	test.IsEqualBool(t, w.Code != 200, true)
 	test.ResponseBodyContains(t, w, `{"Result":"error","ErrorMessage":"Unauthorized"}`)
 
-	newApiKeyUser := generateNewKey(false, idUser, "")
+	newApiKeyUser := generateNewKey(false, idUser, "", "")
 	w, r = getRecorder(url, newApiKeyUser.Id, []test.Header{{}})
 	Process(w, r)
 	test.IsEqualBool(t, w.Code != 200, true)
 	test.ResponseBodyContains(t, w, `{"Result":"error","ErrorMessage":"Unauthorized"}`)
 
-	for _, permission := range getAvailableApiPermissions(t) {
+	for _, permission := range getAvailableApiPermissions() {
 		if permission == requiredPermission {
 			continue
 		}
@@ -148,7 +147,7 @@ func testAuthorisation(t *testing.T, url string, requiredPermission models.ApiPe
 		test.ResponseBodyContains(t, w, `{"Result":"error","ErrorMessage":"Unauthorized"}`)
 		removePermissionApikey(t, newApiKeyUser.Id, permission)
 	}
-	newApiKeyUser.Permissions = models.ApiPermAll
+	newApiKeyUser.Permissions = getPermissionAll()
 	newApiKeyUser.RemovePermission(requiredPermission)
 	database.SaveApiKey(newApiKeyUser)
 	w, r = getRecorder(url, newApiKeyUser.Id, []test.Header{{}})
@@ -432,7 +431,7 @@ func testDeleteUserCall(t *testing.T, apiKey string, mode int) {
 	database.SaveSession("sessionApiDelete", session)
 	_, ok = database.GetSession("sessionApiDelete")
 	test.IsEqualBool(t, ok, true)
-	userApiKey := generateNewKey(false, retrievedUser.Id, "")
+	userApiKey := generateNewKey(false, retrievedUser.Id, "", "")
 	_, ok = database.GetApiKey(userApiKey.Id)
 	test.IsEqualBool(t, ok, true)
 	testFile := models.File{
@@ -699,16 +698,16 @@ func TestIsValidApiKey(t *testing.T) {
 	test.IsEqualBool(t, ok, true)
 	test.IsEqualBool(t, key.LastUsed == 0, false)
 
-	newApiKey := generateNewKey(false, 5, "")
+	newApiKey := generateNewKey(false, 5, "", "")
 	user, _, isValid = isValidApiKey(newApiKey.Id, true, models.ApiPermNone)
 	test.IsEqualBool(t, isValid, true)
-	for _, permission := range getAvailableApiPermissions(t) {
+	for _, permission := range getAvailableApiPermissions() {
 		_, _, isValid = isValidApiKey(newApiKey.Id, true, permission)
 		test.IsEqualBool(t, isValid, false)
 	}
-	for _, newPermission := range getAvailableApiPermissions(t) {
+	for _, newPermission := range getAvailableApiPermissions() {
 		setPermissionApikey(t, newApiKey.Id, newPermission)
-		for _, permission := range getAvailableApiPermissions(t) {
+		for _, permission := range getAvailableApiPermissions() {
 			_, _, isValid = isValidApiKey(newApiKey.Id, true, permission)
 			test.IsEqualBool(t, isValid, permission == newPermission)
 		}
@@ -717,7 +716,7 @@ func TestIsValidApiKey(t *testing.T) {
 	setPermissionApikey(t, newApiKey.Id, models.ApiPermEdit|models.ApiPermDelete)
 	_, _, isValid = isValidApiKey(newApiKey.Id, true, models.ApiPermEdit)
 	test.IsEqualBool(t, isValid, true)
-	_, _, isValid = isValidApiKey(newApiKey.Id, true, models.ApiPermAll)
+	_, _, isValid = isValidApiKey(newApiKey.Id, true, getPermissionAll())
 	test.IsEqualBool(t, isValid, false)
 	_, _, isValid = isValidApiKey(newApiKey.Id, true, models.ApiPermView)
 	test.IsEqualBool(t, isValid, false)
@@ -736,7 +735,7 @@ func removePermissionApikey(t *testing.T, key string, newPermission models.ApiPe
 	database.SaveApiKey(apiKey)
 }
 
-func getAvailableApiPermissions(t *testing.T) []models.ApiPermission {
+func getAvailableApiPermissions() []models.ApiPermission {
 	result := []models.ApiPermission{
 		models.ApiPermView,
 		models.ApiPermUpload,
@@ -745,17 +744,21 @@ func getAvailableApiPermissions(t *testing.T) []models.ApiPermission {
 		models.ApiPermEdit,
 		models.ApiPermReplace,
 		models.ApiPermManageUsers,
-		models.ApiPermManageLogs}
-	sum := 0
-	for _, perm := range result {
-		sum = sum + int(perm)
-	}
-	if sum != int(models.ApiPermAll) {
-		t.Fatal("List of permissions are incorrect")
+		models.ApiPermManageLogs,
+		models.ApiPermManageFileRequests,
+		models.ApiPermDownload,
 	}
 	return result
 }
 
+func getPermissionAll() models.ApiPermission {
+	allPermissions := models.ApiPermNone
+	for _, permission := range getAvailableApiPermissions() {
+		allPermissions += permission
+	}
+	return allPermissions
+}
+
 func getApiPermMap(t *testing.T) map[models.ApiPermission]string {
 	result := make(map[models.ApiPermission]string)
 	result[models.ApiPermView] = "PERM_VIEW"
@@ -766,12 +769,14 @@ func getApiPermMap(t *testing.T) map[models.ApiPermission]string {
 	result[models.ApiPermReplace] = "PERM_REPLACE"
 	result[models.ApiPermManageUsers] = "PERM_MANAGE_USERS"
 	result[models.ApiPermManageLogs] = "PERM_MANAGE_LOGS"
+	result[models.ApiPermManageFileRequests] = "PERM_MANAGE_FILE_REQUESTS"
+	result[models.ApiPermDownload] = "PERM_DOWNLOAD"
 
 	sum := 0
 	for perm := range result {
 		sum = sum + int(perm)
 	}
-	if sum != int(models.ApiPermAll) {
+	if sum != int(getPermissionAll()) {
 		t.Fatal("List of permissions are incorrect")
 	}
 
@@ -1291,7 +1296,7 @@ func uploadNewFile(t *testing.T) (models.Result, *bytes.Buffer) {
 	test.IsNil(t, err)
 	err = writer.Close()
 	test.IsNil(t, err)
-	newApiKeyUser := generateNewKey(true, idUser, "")
+	newApiKeyUser := generateNewKey(true, idUser, "", "")
 	w, r := test.GetRecorder("POST", "/api/files/add", nil, []test.Header{{
 		Name:  "apikey",
 		Value: newApiKeyUser.Id,

internal/webserver/web/templates/html_public_upload.tmpl

@@ -14,9 +14,6 @@ const COMPLETE_URL = "./api/chunk/uploadRequestComplete";
 const FILE_REQUEST_ID = "{{ .FileRequestId }}";
 const API_KEY = "{{ .ApiKey }}";
 
-function generateUUID() {
-  return crypto.randomUUID();
-}
 
 async function startUpload() {
   const files = document.getElementById("fileInput").files;
@@ -36,7 +33,7 @@ async function startUpload() {
     const progressBar = fileDiv.querySelector("progress");
     const progressText = fileDiv.querySelector(".progressText");
 
-    const uuid = generateUUID();
+    const uuid = getUuid();
     let offset = 0;
 
     while (offset < file.size) {
@@ -98,6 +95,7 @@ function encodeFilename(name) {
   return "base64:" + btoa(unescape(encodeURIComponent(name)));
 }
 </script>
+        <script src="./js/min/uuid.min.js"></script>
 
 {{ template "pagename" "PublicUpload"}}
 {{ template "customjs" .}}