Home Explore Help
Register Sign In
shenzhen
/
tjdify
Watch 2
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1dae1a71fc
Branches Tags
tjdify
/
api
/
controllers
/
web
/
remote_files.py

remote_files.py 2.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869 
  1. import urllib.parse
    2. 

  2. 

  3. from flask_restful import marshal_with, reqparse
    4. 

  4. 

  5. from controllers.common import helpers
    6. 

  6. from controllers.web.wraps import WebApiResource
    7. 

  7. from core.file import helpers as file_helpers
    8. 

  8. from core.helper import ssrf_proxy
    9. 

  9. from fields.file_fields import file_fields_with_signed_url, remote_file_info_fields
    10. 

  10. from services.file_service import FileService
    11. 

  11. 

  12. 

  13. class RemoteFileInfoApi(WebApiResource):
    14. 

  14.     @marshal_with(remote_file_info_fields)
    15. 

  15.     def get(self, url):
    16. 

  16.         decoded_url = urllib.parse.unquote(url)
    17. 

  17.         try:
    18. 

  18.             response = ssrf_proxy.head(decoded_url)
    19. 

  19.             return {
    20. 

  20.                 "file_type": response.headers.get("Content-Type", "application/octet-stream"),
    21. 

  21.                 "file_length": int(response.headers.get("Content-Length", -1)),
    22. 

  22.             }
    23. 

  23.         except Exception as e:
    24. 

  24.             return {"error": str(e)}, 400
    25. 

  25. 

  26. 

  27. class RemoteFileUploadApi(WebApiResource):
    28. 

  28.     @marshal_with(file_fields_with_signed_url)
    29. 

  29.     def post(self, app_model, end_user):  # Add app_model and end_user parameters
    30. 

  30.         parser = reqparse.RequestParser()
    31. 

  31.         parser.add_argument("url", type=str, required=True, help="URL is required")
    32. 

  32.         args = parser.parse_args()
    33. 

  33. 

  34.         url = args["url"]
    35. 

  35. 

  36.         response = ssrf_proxy.head(url)
    37. 

  37.         response.raise_for_status()
    38. 

  38. 

  39.         file_info = helpers.guess_file_info_from_response(response)
    40. 

  40. 

  41.         if not FileService.is_file_size_within_limit(extension=file_info.extension, file_size=file_info.size):
    42. 

  42.             return {"error": "File size exceeded"}, 400
    43. 

  43. 

  44.         response = ssrf_proxy.get(url)
    45. 

  45.         response.raise_for_status()
    46. 

  46.         content = response.content
    47. 

  47. 

  48.         try:
    49. 

  49.             upload_file = FileService.upload_file(
    50. 

  50.                 filename=file_info.filename,
    51. 

  51.                 content=content,
    52. 

  52.                 mimetype=file_info.mimetype,
    53. 

  53.                 user=end_user,  # Use end_user instead of current_user
    54. 

  54.                 source_url=url,
    55. 

  55.             )
    56. 

  56.         except Exception as e:
    57. 

  57.             return {"error": str(e)}, 400
    58. 

  58. 

  59.         return {
    60. 

  60.             "id": upload_file.id,
    61. 

  61.             "name": upload_file.name,
    62. 

  62.             "size": upload_file.size,
    63. 

  63.             "extension": upload_file.extension,
    64. 

  64.             "url": file_helpers.get_signed_file_url(upload_file_id=upload_file.id),
    65. 

  65.             "mime_type": upload_file.mime_type,
    66. 

  66.             "created_by": upload_file.created_by,
    67. 

  67.             "created_at": upload_file.created_at,
    68. 

  68.         }, 201
    69. 

  69.