package drive import ( "io" "log/slog" "net/http" "github.com/go-chi/chi/v5" "github.com/ultisuite/ulti-backend/internal/api/apiresponse" "github.com/ultisuite/ulti-backend/internal/api/apivalidate" "github.com/ultisuite/ulti-backend/internal/api/middleware" "github.com/ultisuite/ulti-backend/internal/api/query" "github.com/ultisuite/ulti-backend/internal/nextcloud" "github.com/ultisuite/ulti-backend/internal/permission" ) type Handler struct { svc *Service logger *slog.Logger } func NewHandler(nc *nextcloud.Client) *Handler { return &Handler{ svc: NewService(nc), logger: slog.Default().With("component", "drive-api"), } } func (h *Handler) Routes() chi.Router { r := chi.NewRouter() read := middleware.RequirePermission(permission.ResourceDrive, permission.LevelRead) write := middleware.RequirePermission(permission.ResourceDrive, permission.LevelWrite) admin := middleware.RequirePermission(permission.ResourceDrive, permission.LevelAdmin) r.With(read).Get("/files/*", h.ListFiles) r.With(read).Get("/download/*", h.Download) r.With(write).Post("/files/*", h.Upload) r.With(write).Delete("/files/*", h.DeleteFile) r.With(write).Post("/folders/*", h.CreateFolder) r.With(write).Post("/move", h.Move) r.With(admin).Post("/shares", h.CreateShare) return r } func (h *Handler) ListFiles(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) params, err := query.ParseListRequest(r) if err != nil { apivalidate.WriteQueryError(w, r, err) return } path := chi.URLParam(r, "*") result, err := h.svc.ListFiles(r.Context(), claims.Sub, path, params) if err != nil { h.logger.Error("list files", "error", err) apivalidate.WriteInternal(w, r) return } apiresponse.WriteJSON(w, http.StatusOK, result) } func (h *Handler) Upload(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) path := chi.URLParam(r, "*") if verr := validatePath(path); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } if err := h.svc.Upload(r.Context(), claims.Sub, path, r.Body, r.Header.Get("Content-Type")); err != nil { h.logger.Error("upload", "error", err) apivalidate.WriteInternal(w, r) return } apiresponse.WriteJSON(w, http.StatusCreated, map[string]string{"status": "uploaded", "path": path}) } func (h *Handler) Download(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) path := chi.URLParam(r, "*") if verr := validatePath(path); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } body, contentType, err := h.svc.Download(r.Context(), claims.Sub, path) if err != nil { apivalidate.WriteNotFound(w, r, "not found") return } defer body.Close() w.Header().Set("Content-Type", contentType) io.Copy(w, body) } func (h *Handler) DeleteFile(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) path := chi.URLParam(r, "*") if verr := validatePath(path); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } if err := h.svc.Delete(r.Context(), claims.Sub, path); err != nil { h.logger.Error("delete file", "error", err) apivalidate.WriteInternal(w, r) return } w.WriteHeader(http.StatusNoContent) } func (h *Handler) CreateFolder(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) path := chi.URLParam(r, "*") if verr := validatePath(path); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } if err := h.svc.CreateFolder(r.Context(), claims.Sub, path); err != nil { h.logger.Error("create folder", "error", err) apivalidate.WriteInternal(w, r) return } w.WriteHeader(http.StatusCreated) } func (h *Handler) Move(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) var req moveRequest if err := apivalidate.DecodeJSON(w, r, maxJSONRequestBody, &req); err != nil { return } if verr := validateMoveRequest(&req); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } if err := h.svc.Move(r.Context(), claims.Sub, req.Source, req.Destination); err != nil { h.logger.Error("move", "error", err) apivalidate.WriteInternal(w, r) return } w.WriteHeader(http.StatusNoContent) } func (h *Handler) CreateShare(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) var req createShareRequest if err := apivalidate.DecodeJSON(w, r, maxJSONRequestBody, &req); err != nil { return } if verr := validateCreateShareRequest(&req); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } share, err := h.svc.CreateShare(r.Context(), claims.Sub, req.Path, req.ShareType, req.Permissions) if err != nil { h.logger.Error("create share", "error", err) apivalidate.WriteInternal(w, r) return } apiresponse.WriteJSON(w, http.StatusCreated, share) }