chore: import upstream snapshot with attribution
CI / Migrate Dev DB (push) Has been skipped
CI / Detect Version (push) Has been cancelled
CI / Migrate DB (push) Has been cancelled
CI / Build Dev ECR (./docker/app.Dockerfile, ECR_APP) (push) Has been cancelled
CI / Build Dev ECR (./docker/db.Dockerfile, ECR_MIGRATIONS) (push) Has been cancelled
CI / Build Dev ECR (./docker/pii.Dockerfile, ECR_PII) (push) Has been cancelled
CI / Build Dev ECR (./docker/realtime.Dockerfile, ECR_REALTIME) (push) Has been cancelled
CI / Deploy Trigger.dev (Dev) (push) Has been cancelled
CI / Build AMD64 (./docker/app.Dockerfile, ECR_APP, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build AMD64 (./docker/db.Dockerfile, ECR_MIGRATIONS, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build AMD64 (./docker/pii.Dockerfile, ECR_PII, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build AMD64 (./docker/realtime.Dockerfile, ECR_REALTIME, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/app.Dockerfile, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/db.Dockerfile, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/pii.Dockerfile, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/realtime.Dockerfile, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Check Docs Changes (push) Has been cancelled
CI / Process Docs (push) Has been cancelled
CI / Create GitHub Release (push) Has been cancelled
CI / Test and Build (push) Has been cancelled
Publish CLI Package / publish-npm (push) Has been cancelled
Publish Python SDK / publish-pypi (push) Has been cancelled
Publish TypeScript SDK / publish-npm (push) Has been cancelled
CI / Migrate Dev DB (push) Has been skipped
CI / Detect Version (push) Has been cancelled
CI / Migrate DB (push) Has been cancelled
CI / Build Dev ECR (./docker/app.Dockerfile, ECR_APP) (push) Has been cancelled
CI / Build Dev ECR (./docker/db.Dockerfile, ECR_MIGRATIONS) (push) Has been cancelled
CI / Build Dev ECR (./docker/pii.Dockerfile, ECR_PII) (push) Has been cancelled
CI / Build Dev ECR (./docker/realtime.Dockerfile, ECR_REALTIME) (push) Has been cancelled
CI / Deploy Trigger.dev (Dev) (push) Has been cancelled
CI / Build AMD64 (./docker/app.Dockerfile, ECR_APP, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build AMD64 (./docker/db.Dockerfile, ECR_MIGRATIONS, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build AMD64 (./docker/pii.Dockerfile, ECR_PII, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build AMD64 (./docker/realtime.Dockerfile, ECR_REALTIME, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/app.Dockerfile, ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/db.Dockerfile, ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/pii.Dockerfile, ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Build ARM64 (GHCR Only) (./docker/realtime.Dockerfile, ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/migrations) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/pii) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/realtime) (push) Has been cancelled
CI / Create GHCR Manifests (ghcr.io/simstudioai/simstudio) (push) Has been cancelled
CI / Check Docs Changes (push) Has been cancelled
CI / Process Docs (push) Has been cancelled
CI / Create GitHub Release (push) Has been cancelled
CI / Test and Build (push) Has been cancelled
Publish CLI Package / publish-npm (push) Has been cancelled
Publish Python SDK / publish-pypi (push) Has been cancelled
Publish TypeScript SDK / publish-npm (push) Has been cancelled
This commit is contained in:
@@ -0,0 +1,195 @@
|
||||
import { createLogger } from '@sim/logger'
|
||||
import { type NextRequest, NextResponse } from 'next/server'
|
||||
import {
|
||||
batchPresignedUploadBodyContract,
|
||||
uploadTypeSchema,
|
||||
} from '@/lib/api/contracts/storage-transfer'
|
||||
import { getValidationErrorMessage, parseRequest } from '@/lib/api/server'
|
||||
import { getSession } from '@/lib/auth'
|
||||
import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
|
||||
import type { StorageContext } from '@/lib/uploads/config'
|
||||
import { USE_BLOB_STORAGE } from '@/lib/uploads/config'
|
||||
import {
|
||||
generateBatchPresignedUploadUrls,
|
||||
hasCloudStorage,
|
||||
} from '@/lib/uploads/core/storage-service'
|
||||
import { recordKnowledgeBaseFileOwnershipMany } from '@/lib/uploads/server/metadata'
|
||||
import { validateFileType } from '@/lib/uploads/utils/validation'
|
||||
import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
|
||||
import { createErrorResponse } from '@/app/api/files/utils'
|
||||
|
||||
const logger = createLogger('BatchPresignedUploadAPI')
|
||||
|
||||
const VALID_UPLOAD_TYPES = ['knowledge-base', 'chat', 'copilot', 'profile-pictures'] as const
|
||||
|
||||
export const POST = withRouteHandler(async (request: NextRequest) => {
|
||||
try {
|
||||
const session = await getSession()
|
||||
if (!session?.user?.id) {
|
||||
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
||||
}
|
||||
|
||||
const parsed = await parseRequest(
|
||||
batchPresignedUploadBodyContract,
|
||||
request,
|
||||
{},
|
||||
{
|
||||
validationErrorResponse: (error) =>
|
||||
NextResponse.json(
|
||||
{ error: getValidationErrorMessage(error, 'Invalid request data') },
|
||||
{ status: 400 }
|
||||
),
|
||||
invalidJsonResponse: () =>
|
||||
NextResponse.json({ error: 'Invalid JSON in request body' }, { status: 400 }),
|
||||
}
|
||||
)
|
||||
if (!parsed.success) return parsed.response
|
||||
|
||||
const { files } = parsed.data.body
|
||||
|
||||
const uploadTypeParam = request.nextUrl.searchParams.get('type')
|
||||
if (!uploadTypeParam) {
|
||||
return NextResponse.json({ error: 'type query parameter is required' }, { status: 400 })
|
||||
}
|
||||
|
||||
const uploadTypeResult = uploadTypeSchema.safeParse(uploadTypeParam)
|
||||
if (!uploadTypeResult.success) {
|
||||
return NextResponse.json(
|
||||
{ error: `Invalid type parameter. Must be one of: ${VALID_UPLOAD_TYPES.join(', ')}` },
|
||||
{ status: 400 }
|
||||
)
|
||||
}
|
||||
|
||||
const uploadType = uploadTypeResult.data as StorageContext
|
||||
|
||||
const sessionUserId = session.user.id
|
||||
|
||||
let knowledgeBaseWorkspaceId: string | null = null
|
||||
if (uploadType === 'knowledge-base') {
|
||||
for (const file of files) {
|
||||
const fileValidationError = validateFileType(file.fileName, file.contentType)
|
||||
if (fileValidationError) {
|
||||
return NextResponse.json(
|
||||
{
|
||||
error: fileValidationError.message,
|
||||
code: fileValidationError.code,
|
||||
supportedTypes: fileValidationError.supportedTypes,
|
||||
},
|
||||
{ status: 400 }
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
knowledgeBaseWorkspaceId = request.nextUrl.searchParams.get('workspaceId')
|
||||
if (!knowledgeBaseWorkspaceId?.trim()) {
|
||||
return NextResponse.json(
|
||||
{ error: 'workspaceId query parameter is required for knowledge-base uploads' },
|
||||
{ status: 400 }
|
||||
)
|
||||
}
|
||||
|
||||
const permission = await getUserEntityPermissions(
|
||||
sessionUserId,
|
||||
'workspace',
|
||||
knowledgeBaseWorkspaceId
|
||||
)
|
||||
if (permission !== 'write' && permission !== 'admin') {
|
||||
return NextResponse.json(
|
||||
{ error: 'Write or Admin access required for knowledge-base uploads' },
|
||||
{ status: 403 }
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
if (uploadType === 'copilot' && !sessionUserId?.trim()) {
|
||||
return NextResponse.json(
|
||||
{ error: 'Authenticated user session is required for copilot uploads' },
|
||||
{ status: 400 }
|
||||
)
|
||||
}
|
||||
|
||||
if (!hasCloudStorage()) {
|
||||
logger.info(
|
||||
`Local storage detected - batch presigned URLs not available, client will use API fallback`
|
||||
)
|
||||
return NextResponse.json({
|
||||
files: files.map((file) => ({
|
||||
fileName: file.fileName,
|
||||
presignedUrl: '', // Empty URL signals fallback to API upload
|
||||
fileInfo: {
|
||||
path: '',
|
||||
key: '',
|
||||
name: file.fileName,
|
||||
size: file.fileSize,
|
||||
type: file.contentType,
|
||||
},
|
||||
directUploadSupported: false,
|
||||
})),
|
||||
directUploadSupported: false,
|
||||
})
|
||||
}
|
||||
|
||||
logger.info(`Generating batch ${uploadType} presigned URLs for ${files.length} files`)
|
||||
|
||||
const startTime = Date.now()
|
||||
|
||||
const presignedUrls = await generateBatchPresignedUploadUrls(
|
||||
files.map((file) => ({
|
||||
fileName: file.fileName,
|
||||
contentType: file.contentType,
|
||||
fileSize: file.fileSize,
|
||||
})),
|
||||
uploadType,
|
||||
sessionUserId,
|
||||
3600 // 1 hour
|
||||
)
|
||||
|
||||
const duration = Date.now() - startTime
|
||||
logger.info(
|
||||
`Generated ${files.length} presigned URLs in ${duration}ms (avg ${Math.round(duration / files.length)}ms per file)`
|
||||
)
|
||||
|
||||
if (uploadType === 'knowledge-base' && knowledgeBaseWorkspaceId) {
|
||||
const ownerWorkspaceId = knowledgeBaseWorkspaceId
|
||||
await recordKnowledgeBaseFileOwnershipMany(
|
||||
presignedUrls.map((urlResponse, index) => ({
|
||||
key: urlResponse.key,
|
||||
userId: sessionUserId,
|
||||
workspaceId: ownerWorkspaceId,
|
||||
originalName: files[index].fileName,
|
||||
contentType: files[index].contentType,
|
||||
size: files[index].fileSize,
|
||||
}))
|
||||
)
|
||||
}
|
||||
|
||||
const storagePrefix = USE_BLOB_STORAGE ? 'blob' : 's3'
|
||||
|
||||
return NextResponse.json({
|
||||
files: presignedUrls.map((urlResponse, index) => {
|
||||
const finalPath = `/api/files/serve/${storagePrefix}/${encodeURIComponent(urlResponse.key)}?context=${uploadType}`
|
||||
const file = files[index]
|
||||
|
||||
return {
|
||||
fileName: file.fileName,
|
||||
presignedUrl: urlResponse.url,
|
||||
fileInfo: {
|
||||
path: finalPath,
|
||||
key: urlResponse.key,
|
||||
name: file.fileName,
|
||||
size: file.fileSize,
|
||||
type: file.contentType,
|
||||
},
|
||||
uploadHeaders: urlResponse.uploadHeaders,
|
||||
directUploadSupported: true,
|
||||
}
|
||||
}),
|
||||
directUploadSupported: true,
|
||||
})
|
||||
} catch (error) {
|
||||
logger.error('Error generating batch presigned URLs:', error)
|
||||
return createErrorResponse(
|
||||
error instanceof Error ? error : new Error('Failed to generate batch presigned URLs')
|
||||
)
|
||||
}
|
||||
})
|
||||
@@ -0,0 +1,871 @@
|
||||
/**
|
||||
* Tests for file presigned API route
|
||||
*
|
||||
* @vitest-environment node
|
||||
*/
|
||||
|
||||
import { authMockFns, storageServiceMock, storageServiceMockFns } from '@sim/testing'
|
||||
import { NextRequest } from 'next/server'
|
||||
import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'
|
||||
|
||||
const {
|
||||
mockVerifyFileAccess,
|
||||
mockVerifyWorkspaceFileAccess,
|
||||
mockUseBlobStorage,
|
||||
mockUseS3Storage,
|
||||
mockGetStorageConfig,
|
||||
mockIsUsingCloudStorage,
|
||||
mockGetStorageProvider,
|
||||
mockValidateFileType,
|
||||
mockValidateAttachmentFileType,
|
||||
mockGenerateCopilotUploadUrl,
|
||||
mockIsImageFileType,
|
||||
mockGetStorageProviderUploads,
|
||||
mockIsUsingCloudStorageUploads,
|
||||
mockGetUserEntityPermissions,
|
||||
mockGenerateWorkspaceFileKey,
|
||||
mockGenerateExecutionFileKey,
|
||||
mockInsertFileMetadata,
|
||||
} = vi.hoisted(() => ({
|
||||
mockVerifyFileAccess: vi.fn().mockResolvedValue(true),
|
||||
mockVerifyWorkspaceFileAccess: vi.fn().mockResolvedValue(true),
|
||||
mockUseBlobStorage: { value: false },
|
||||
mockUseS3Storage: { value: true },
|
||||
mockGetStorageConfig: vi.fn(),
|
||||
mockIsUsingCloudStorage: vi.fn(),
|
||||
mockGetStorageProvider: vi.fn(),
|
||||
mockValidateFileType: vi.fn().mockReturnValue(null),
|
||||
mockValidateAttachmentFileType: vi.fn().mockReturnValue(null),
|
||||
mockGenerateCopilotUploadUrl: vi.fn().mockResolvedValue({
|
||||
url: 'https://example.com/presigned-url',
|
||||
key: 'copilot/test-key.txt',
|
||||
}),
|
||||
mockIsImageFileType: vi.fn().mockReturnValue(true),
|
||||
mockGetStorageProviderUploads: vi.fn(),
|
||||
mockIsUsingCloudStorageUploads: vi.fn(),
|
||||
mockGetUserEntityPermissions: vi.fn().mockResolvedValue('admin'),
|
||||
mockGenerateWorkspaceFileKey: vi.fn(
|
||||
(workspaceId: string, fileName: string) => `workspace/${workspaceId}/${fileName}`
|
||||
),
|
||||
mockGenerateExecutionFileKey: vi.fn(
|
||||
(ctx: { workspaceId: string; workflowId: string; executionId: string }, fileName: string) =>
|
||||
`execution/${ctx.workspaceId}/${ctx.workflowId}/${ctx.executionId}/${fileName}`
|
||||
),
|
||||
mockInsertFileMetadata: vi.fn().mockResolvedValue({ id: 'wf_test' }),
|
||||
}))
|
||||
|
||||
vi.mock('@/app/api/files/authorization', () => ({
|
||||
verifyFileAccess: mockVerifyFileAccess,
|
||||
verifyWorkspaceFileAccess: mockVerifyWorkspaceFileAccess,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/uploads/config', () => ({
|
||||
get USE_BLOB_STORAGE() {
|
||||
return mockUseBlobStorage.value
|
||||
},
|
||||
get USE_S3_STORAGE() {
|
||||
return mockUseS3Storage.value
|
||||
},
|
||||
UPLOAD_DIR: '/uploads',
|
||||
getStorageConfig: mockGetStorageConfig,
|
||||
isUsingCloudStorage: mockIsUsingCloudStorage,
|
||||
getStorageProvider: mockGetStorageProvider,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/uploads/core/storage-service', () => storageServiceMock)
|
||||
|
||||
vi.mock('@/lib/uploads/utils/validation', () => ({
|
||||
validateFileType: mockValidateFileType,
|
||||
validateAttachmentFileType: mockValidateAttachmentFileType,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/workspaces/permissions/utils', () => ({
|
||||
getUserEntityPermissions: mockGetUserEntityPermissions,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/uploads/contexts/workspace/workspace-file-manager', () => ({
|
||||
generateWorkspaceFileKey: mockGenerateWorkspaceFileKey,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/uploads/contexts/execution/utils', () => ({
|
||||
generateExecutionFileKey: mockGenerateExecutionFileKey,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/uploads/server/metadata', () => ({
|
||||
insertFileMetadata: mockInsertFileMetadata,
|
||||
recordKnowledgeBaseFileOwnership: (ownership: Record<string, unknown>) =>
|
||||
mockInsertFileMetadata({ ...ownership, context: 'knowledge-base' }),
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/uploads/utils/file-utils', () => ({
|
||||
isImageFileType: mockIsImageFileType,
|
||||
}))
|
||||
|
||||
vi.mock('@/lib/uploads', () => ({
|
||||
CopilotFiles: {
|
||||
generateCopilotUploadUrl: mockGenerateCopilotUploadUrl,
|
||||
},
|
||||
getStorageProvider: mockGetStorageProviderUploads,
|
||||
isUsingCloudStorage: mockIsUsingCloudStorageUploads,
|
||||
}))
|
||||
|
||||
import { POST } from '@/app/api/files/presigned/route'
|
||||
|
||||
const defaultMockUser = {
|
||||
id: 'test-user-id',
|
||||
name: 'Test User',
|
||||
email: 'test@example.com',
|
||||
}
|
||||
|
||||
function setupFileApiMocks(
|
||||
options: {
|
||||
authenticated?: boolean
|
||||
storageProvider?: 's3' | 'blob' | 'local'
|
||||
cloudEnabled?: boolean
|
||||
} = {}
|
||||
) {
|
||||
const { authenticated = true, storageProvider = 's3', cloudEnabled = true } = options
|
||||
|
||||
if (authenticated) {
|
||||
authMockFns.mockGetSession.mockResolvedValue({ user: defaultMockUser })
|
||||
} else {
|
||||
authMockFns.mockGetSession.mockResolvedValue(null)
|
||||
}
|
||||
|
||||
const useBlobStorage = storageProvider === 'blob' && cloudEnabled
|
||||
const useS3Storage = storageProvider === 's3' && cloudEnabled
|
||||
|
||||
mockUseBlobStorage.value = useBlobStorage
|
||||
mockUseS3Storage.value = useS3Storage
|
||||
|
||||
mockGetStorageConfig.mockReturnValue(
|
||||
useBlobStorage
|
||||
? {
|
||||
accountName: 'testaccount',
|
||||
accountKey: 'testkey',
|
||||
connectionString: 'testconnection',
|
||||
containerName: 'testcontainer',
|
||||
}
|
||||
: {
|
||||
bucket: 'test-bucket',
|
||||
region: 'us-east-1',
|
||||
}
|
||||
)
|
||||
mockIsUsingCloudStorage.mockReturnValue(cloudEnabled)
|
||||
mockGetStorageProvider.mockReturnValue(
|
||||
storageProvider === 'blob' ? 'Azure Blob' : storageProvider === 's3' ? 'S3' : 'Local'
|
||||
)
|
||||
|
||||
storageServiceMockFns.mockHasCloudStorage.mockReturnValue(cloudEnabled)
|
||||
storageServiceMockFns.mockGeneratePresignedUploadUrl.mockImplementation(
|
||||
async (opts: { fileName: string; context: string; customKey?: string }) => {
|
||||
const timestamp = Date.now()
|
||||
const safeFileName = opts.fileName.replace(/[^a-zA-Z0-9.-]/g, '_')
|
||||
const key = opts.customKey ?? `${opts.context}/${timestamp}-ik3a6w4-${safeFileName}`
|
||||
return {
|
||||
url: 'https://example.com/presigned-url',
|
||||
key,
|
||||
}
|
||||
}
|
||||
)
|
||||
storageServiceMockFns.mockGeneratePresignedDownloadUrl.mockResolvedValue(
|
||||
'https://example.com/presigned-url'
|
||||
)
|
||||
|
||||
mockValidateFileType.mockReturnValue(null)
|
||||
mockValidateAttachmentFileType.mockReturnValue(null)
|
||||
mockGetUserEntityPermissions.mockResolvedValue('admin')
|
||||
|
||||
mockGetStorageProviderUploads.mockReturnValue(
|
||||
storageProvider === 'blob' ? 'Azure Blob' : storageProvider === 's3' ? 'S3' : 'Local'
|
||||
)
|
||||
mockIsUsingCloudStorageUploads.mockReturnValue(cloudEnabled)
|
||||
}
|
||||
|
||||
describe('/api/files/presigned', () => {
|
||||
beforeEach(() => {
|
||||
vi.clearAllMocks()
|
||||
vi.useFakeTimers()
|
||||
vi.setSystemTime(new Date('2024-01-01T00:00:00Z'))
|
||||
|
||||
vi.stubGlobal('crypto', {
|
||||
randomUUID: vi.fn().mockReturnValue('mock-uuid-1234-5678'),
|
||||
})
|
||||
})
|
||||
|
||||
afterEach(() => {
|
||||
vi.useRealTimers()
|
||||
})
|
||||
|
||||
describe('POST', () => {
|
||||
it('should return graceful fallback response when cloud storage is not enabled', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: false,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned?type=chat', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'test.txt',
|
||||
contentType: 'text/plain',
|
||||
fileSize: 1024,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(200)
|
||||
expect(data.directUploadSupported).toBe(false)
|
||||
expect(data.presignedUrl).toBe('')
|
||||
expect(data.fileName).toBe('test.txt')
|
||||
expect(data.fileInfo).toBeDefined()
|
||||
expect(data.fileInfo.name).toBe('test.txt')
|
||||
expect(data.fileInfo.size).toBe(1024)
|
||||
expect(data.fileInfo.type).toBe('text/plain')
|
||||
})
|
||||
|
||||
it('should return error when fileName is missing', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
contentType: 'text/plain',
|
||||
fileSize: 1024,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(400)
|
||||
expect(data.error).toBe('fileName is required and cannot be empty')
|
||||
expect(data.code).toBe('VALIDATION_ERROR')
|
||||
})
|
||||
|
||||
it('should return error when contentType is missing', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'test.txt',
|
||||
fileSize: 1024,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(400)
|
||||
expect(data.error).toBe('contentType is required and cannot be empty')
|
||||
expect(data.code).toBe('VALIDATION_ERROR')
|
||||
})
|
||||
|
||||
it('should return error when fileSize is invalid', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'test.txt',
|
||||
contentType: 'text/plain',
|
||||
fileSize: 0,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(400)
|
||||
expect(data.error).toBe('fileSize must be a positive number')
|
||||
expect(data.code).toBe('VALIDATION_ERROR')
|
||||
})
|
||||
|
||||
it('should return error when file size exceeds limit', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
const largeFileSize = 150 * 1024 * 1024 // 150MB (exceeds 100MB limit)
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'large-file.txt',
|
||||
contentType: 'text/plain',
|
||||
fileSize: largeFileSize,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(400)
|
||||
expect(data.error).toContain('exceeds maximum allowed size')
|
||||
expect(data.code).toBe('VALIDATION_ERROR')
|
||||
})
|
||||
|
||||
it('should generate S3 presigned URL successfully', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned?type=chat', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'test document.txt',
|
||||
contentType: 'text/plain',
|
||||
fileSize: 1024,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(200)
|
||||
expect(data.presignedUrl).toBe('https://example.com/presigned-url')
|
||||
expect(data.fileInfo).toMatchObject({
|
||||
path: expect.stringMatching(/\/api\/files\/serve\/s3\/.+\?context=chat$/),
|
||||
key: expect.stringMatching(/.*test.document\.txt$/),
|
||||
name: 'test document.txt',
|
||||
size: 1024,
|
||||
type: 'text/plain',
|
||||
})
|
||||
expect(data.directUploadSupported).toBe(true)
|
||||
})
|
||||
|
||||
it('should generate knowledge-base S3 presigned URL with kb prefix', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=knowledge-base&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'knowledge-doc.pdf',
|
||||
contentType: 'application/pdf',
|
||||
fileSize: 2048,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(200)
|
||||
expect(data.fileInfo.key).toMatch(/^kb\/.*knowledge-doc\.pdf$/)
|
||||
expect(data.directUploadSupported).toBe(true)
|
||||
})
|
||||
|
||||
it('should generate chat S3 presigned URL with chat prefix and direct path', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned?type=chat', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'chat-logo.png',
|
||||
contentType: 'image/png',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(200)
|
||||
expect(data.fileInfo.key).toMatch(/^chat\/.*chat-logo\.png$/)
|
||||
expect(data.fileInfo.path).toMatch(/\/api\/files\/serve\/s3\/.+\?context=chat$/)
|
||||
expect(data.presignedUrl).toBeTruthy()
|
||||
expect(data.directUploadSupported).toBe(true)
|
||||
})
|
||||
|
||||
it('should generate Azure Blob presigned URL successfully', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 'blob',
|
||||
})
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned?type=chat', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'test document.txt',
|
||||
contentType: 'text/plain',
|
||||
fileSize: 1024,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(200)
|
||||
expect(data.presignedUrl).toBeTruthy()
|
||||
expect(typeof data.presignedUrl).toBe('string')
|
||||
expect(data.fileInfo).toMatchObject({
|
||||
key: expect.stringMatching(/.*test.document\.txt$/),
|
||||
name: 'test document.txt',
|
||||
size: 1024,
|
||||
type: 'text/plain',
|
||||
})
|
||||
expect(data.directUploadSupported).toBe(true)
|
||||
})
|
||||
|
||||
it('should generate chat Azure Blob presigned URL with chat prefix and direct path', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 'blob',
|
||||
})
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned?type=chat', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'chat-logo.png',
|
||||
contentType: 'image/png',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(200)
|
||||
expect(data.fileInfo.key).toMatch(/^chat\/.*chat-logo\.png$/)
|
||||
expect(data.fileInfo.path).toMatch(/\/api\/files\/serve\/blob\/.+\?context=chat$/)
|
||||
expect(data.presignedUrl).toBeTruthy()
|
||||
expect(data.directUploadSupported).toBe(true)
|
||||
})
|
||||
|
||||
it('should return error for unknown storage provider', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
storageServiceMockFns.mockGeneratePresignedUploadUrl.mockRejectedValue(
|
||||
new Error('Unknown storage provider: unknown')
|
||||
)
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned?type=chat', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'test.txt',
|
||||
contentType: 'text/plain',
|
||||
fileSize: 1024,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(500)
|
||||
expect(data.error).toBeTruthy()
|
||||
expect(typeof data.error).toBe('string')
|
||||
})
|
||||
|
||||
it('should handle S3 errors gracefully', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
storageServiceMockFns.mockGeneratePresignedUploadUrl.mockRejectedValue(
|
||||
new Error('S3 service unavailable')
|
||||
)
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned?type=chat', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'test.txt',
|
||||
contentType: 'text/plain',
|
||||
fileSize: 1024,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(500)
|
||||
expect(data.error).toBeTruthy()
|
||||
expect(typeof data.error).toBe('string')
|
||||
})
|
||||
|
||||
it('should handle Azure Blob errors gracefully', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 'blob',
|
||||
})
|
||||
|
||||
storageServiceMockFns.mockGeneratePresignedUploadUrl.mockRejectedValue(
|
||||
new Error('Azure service unavailable')
|
||||
)
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned?type=chat', {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'test.txt',
|
||||
contentType: 'text/plain',
|
||||
fileSize: 1024,
|
||||
}),
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(500)
|
||||
expect(data.error).toBeTruthy()
|
||||
expect(typeof data.error).toBe('string')
|
||||
})
|
||||
|
||||
it('should handle malformed JSON gracefully', async () => {
|
||||
setupFileApiMocks({
|
||||
cloudEnabled: true,
|
||||
storageProvider: 's3',
|
||||
})
|
||||
|
||||
const request = new NextRequest('http://localhost:3000/api/files/presigned', {
|
||||
method: 'POST',
|
||||
body: 'invalid json',
|
||||
})
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(400) // Changed from 500 to 400 (ValidationError)
|
||||
expect(data.error).toBe('Invalid JSON in request body') // Updated error message
|
||||
expect(data.code).toBe('VALIDATION_ERROR')
|
||||
})
|
||||
})
|
||||
|
||||
describe('mothership uploads', () => {
|
||||
it('uses validateAttachmentFileType (not validateFileType) — accepts images', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=mothership&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'screenshot.png',
|
||||
contentType: 'image/png',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
expect(response.status).toBe(200)
|
||||
expect(mockValidateAttachmentFileType).toHaveBeenCalledWith('screenshot.png')
|
||||
expect(mockValidateFileType).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('rejects unsupported types when validator returns an error', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
mockValidateAttachmentFileType.mockReturnValue({
|
||||
code: 'UNSUPPORTED_FILE_TYPE',
|
||||
message: 'Unsupported file type: exe.',
|
||||
supportedTypes: [],
|
||||
})
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=mothership&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'virus.exe',
|
||||
contentType: 'application/octet-stream',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
expect(response.status).toBe(400)
|
||||
expect(data.code).toBe('VALIDATION_ERROR')
|
||||
expect(data.error).toContain('exe')
|
||||
})
|
||||
|
||||
it('returns 403 when user lacks workspace write permission', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
mockGetUserEntityPermissions.mockResolvedValue('read')
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=mothership&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'doc.pdf',
|
||||
contentType: 'application/pdf',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
expect(response.status).toBe(403)
|
||||
})
|
||||
|
||||
it('inserts a workspaceFiles row with context=mothership so previews authorize', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=mothership&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'screenshot.png',
|
||||
contentType: 'image/png',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(200)
|
||||
expect(mockInsertFileMetadata).toHaveBeenCalledTimes(1)
|
||||
expect(mockInsertFileMetadata).toHaveBeenCalledWith({
|
||||
key: data.fileInfo.key,
|
||||
userId: 'test-user-id',
|
||||
workspaceId: 'ws-1',
|
||||
context: 'mothership',
|
||||
originalName: 'screenshot.png',
|
||||
contentType: 'image/png',
|
||||
size: 4096,
|
||||
})
|
||||
})
|
||||
|
||||
it('returns 500 when insertFileMetadata fails so callers do not get an unauthorizable URL', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
mockInsertFileMetadata.mockRejectedValueOnce(new Error('DB connection lost'))
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=mothership&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'screenshot.png',
|
||||
contentType: 'image/png',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
expect(response.status).toBe(500)
|
||||
})
|
||||
})
|
||||
|
||||
describe('execution uploads', () => {
|
||||
it('uses validateAttachmentFileType — accepts video', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=execution&workspaceId=ws-1&workflowId=wf-1&executionId=exec-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'output.mp4',
|
||||
contentType: 'video/mp4',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
expect(response.status).toBe(200)
|
||||
expect(mockValidateAttachmentFileType).toHaveBeenCalledWith('output.mp4')
|
||||
expect(mockValidateFileType).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('rejects when validator returns an error', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
mockValidateAttachmentFileType.mockReturnValue({
|
||||
code: 'UNSUPPORTED_FILE_TYPE',
|
||||
message: 'Unsupported file type: bin.',
|
||||
supportedTypes: [],
|
||||
})
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=execution&workspaceId=ws-1&workflowId=wf-1&executionId=exec-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'blob.bin',
|
||||
contentType: 'application/octet-stream',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
expect(response.status).toBe(400)
|
||||
expect(data.code).toBe('VALIDATION_ERROR')
|
||||
})
|
||||
|
||||
it('returns 400 when missing workflowId/executionId', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=execution&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'output.mp4',
|
||||
contentType: 'video/mp4',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
expect(response.status).toBe(400)
|
||||
})
|
||||
|
||||
it('inserts a workspaceFiles row with context=execution so previews authorize', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=execution&workspaceId=ws-1&workflowId=wf-1&executionId=exec-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'output.mp4',
|
||||
contentType: 'video/mp4',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(200)
|
||||
expect(mockInsertFileMetadata).toHaveBeenCalledTimes(1)
|
||||
expect(mockInsertFileMetadata).toHaveBeenCalledWith({
|
||||
key: data.fileInfo.key,
|
||||
userId: 'test-user-id',
|
||||
workspaceId: 'ws-1',
|
||||
context: 'execution',
|
||||
originalName: 'output.mp4',
|
||||
contentType: 'video/mp4',
|
||||
size: 4096,
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
describe('workspace-logos uploads', () => {
|
||||
it('inserts a workspaceFiles row with context=workspace-logos so logos authorize', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=workspace-logos&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'logo.png',
|
||||
contentType: 'image/png',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
const data = await response.json()
|
||||
|
||||
expect(response.status).toBe(200)
|
||||
expect(mockInsertFileMetadata).toHaveBeenCalledTimes(1)
|
||||
expect(mockInsertFileMetadata).toHaveBeenCalledWith({
|
||||
key: data.fileInfo.key,
|
||||
userId: 'test-user-id',
|
||||
workspaceId: 'ws-1',
|
||||
context: 'workspace-logos',
|
||||
originalName: 'logo.png',
|
||||
contentType: 'image/png',
|
||||
size: 4096,
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
describe('knowledge-base uploads', () => {
|
||||
it('uses validateFileType (docs-only), not validateAttachmentFileType', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=knowledge-base&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'doc.pdf',
|
||||
contentType: 'application/pdf',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
expect(response.status).toBe(200)
|
||||
expect(mockValidateFileType).toHaveBeenCalledWith('doc.pdf', 'application/pdf')
|
||||
expect(mockValidateAttachmentFileType).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('requires workspaceId for knowledge-base uploads', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=knowledge-base',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'doc.pdf',
|
||||
contentType: 'application/pdf',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
expect(response.status).toBe(400)
|
||||
})
|
||||
|
||||
it('returns 403 when the user lacks write access to the workspace', async () => {
|
||||
setupFileApiMocks({ cloudEnabled: true, storageProvider: 's3' })
|
||||
mockGetUserEntityPermissions.mockResolvedValue('read')
|
||||
|
||||
const request = new NextRequest(
|
||||
'http://localhost:3000/api/files/presigned?type=knowledge-base&workspaceId=ws-1',
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
fileName: 'doc.pdf',
|
||||
contentType: 'application/pdf',
|
||||
fileSize: 4096,
|
||||
}),
|
||||
}
|
||||
)
|
||||
|
||||
const response = await POST(request)
|
||||
expect(response.status).toBe(403)
|
||||
})
|
||||
})
|
||||
})
|
||||
@@ -0,0 +1,349 @@
|
||||
import { createLogger } from '@sim/logger'
|
||||
import { getErrorMessage } from '@sim/utils/errors'
|
||||
import { type NextRequest, NextResponse } from 'next/server'
|
||||
import { presignedUploadBodyContract, uploadTypeSchema } from '@/lib/api/contracts/storage-transfer'
|
||||
import { getValidationErrorMessage, parseRequest } from '@/lib/api/server'
|
||||
import { getSession } from '@/lib/auth'
|
||||
import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
|
||||
import { CopilotFiles } from '@/lib/uploads'
|
||||
import type { StorageContext } from '@/lib/uploads/config'
|
||||
import { USE_BLOB_STORAGE } from '@/lib/uploads/config'
|
||||
import { generateExecutionFileKey } from '@/lib/uploads/contexts/execution/utils'
|
||||
import { generateKnowledgeBaseFileKey } from '@/lib/uploads/contexts/knowledge-base/knowledge-base-file-manager'
|
||||
import { generateWorkspaceFileKey } from '@/lib/uploads/contexts/workspace/workspace-file-manager'
|
||||
import { generatePresignedUploadUrl, hasCloudStorage } from '@/lib/uploads/core/storage-service'
|
||||
import { insertFileMetadata, recordKnowledgeBaseFileOwnership } from '@/lib/uploads/server/metadata'
|
||||
import { isImageFileType } from '@/lib/uploads/utils/file-utils'
|
||||
import { validateAttachmentFileType, validateFileType } from '@/lib/uploads/utils/validation'
|
||||
import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
|
||||
import { createErrorResponse } from '@/app/api/files/utils'
|
||||
|
||||
const logger = createLogger('PresignedUploadAPI')
|
||||
|
||||
const VALID_UPLOAD_TYPES = [
|
||||
'knowledge-base',
|
||||
'chat',
|
||||
'copilot',
|
||||
'profile-pictures',
|
||||
'mothership',
|
||||
'workspace-logos',
|
||||
'execution',
|
||||
] as const
|
||||
|
||||
class PresignedUrlError extends Error {
|
||||
constructor(
|
||||
message: string,
|
||||
public code: string,
|
||||
public statusCode = 400
|
||||
) {
|
||||
super(message)
|
||||
this.name = 'PresignedUrlError'
|
||||
}
|
||||
}
|
||||
|
||||
class ValidationError extends PresignedUrlError {
|
||||
constructor(message: string) {
|
||||
super(message, 'VALIDATION_ERROR', 400)
|
||||
}
|
||||
}
|
||||
|
||||
export const POST = withRouteHandler(async (request: NextRequest) => {
|
||||
try {
|
||||
const session = await getSession()
|
||||
if (!session?.user?.id) {
|
||||
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
|
||||
}
|
||||
|
||||
const parsed = await parseRequest(
|
||||
presignedUploadBodyContract,
|
||||
request,
|
||||
{},
|
||||
{
|
||||
validationErrorResponse: (error) => {
|
||||
throw new ValidationError(getValidationErrorMessage(error, 'Invalid request data'))
|
||||
},
|
||||
invalidJsonResponse: () => {
|
||||
throw new ValidationError('Invalid JSON in request body')
|
||||
},
|
||||
}
|
||||
)
|
||||
if (!parsed.success) return parsed.response
|
||||
|
||||
const { fileName, contentType, fileSize } = parsed.data.body
|
||||
|
||||
const uploadTypeParam = request.nextUrl.searchParams.get('type')
|
||||
if (!uploadTypeParam) {
|
||||
throw new ValidationError('type query parameter is required')
|
||||
}
|
||||
|
||||
const uploadTypeResult = uploadTypeSchema.safeParse(uploadTypeParam)
|
||||
if (!uploadTypeResult.success) {
|
||||
throw new ValidationError(
|
||||
`Invalid type parameter. Must be one of: ${VALID_UPLOAD_TYPES.join(', ')}`
|
||||
)
|
||||
}
|
||||
|
||||
const uploadType = uploadTypeResult.data as StorageContext
|
||||
|
||||
if (uploadType === 'knowledge-base') {
|
||||
const fileValidationError = validateFileType(fileName, contentType)
|
||||
if (fileValidationError) {
|
||||
throw new ValidationError(`${fileValidationError.message}`)
|
||||
}
|
||||
}
|
||||
|
||||
const sessionUserId = session.user.id
|
||||
|
||||
if (!hasCloudStorage()) {
|
||||
logger.info(
|
||||
`Local storage detected - presigned URL not available for ${fileName}, client will use API fallback`
|
||||
)
|
||||
return NextResponse.json({
|
||||
fileName,
|
||||
presignedUrl: '', // Empty URL signals fallback to API upload
|
||||
fileInfo: {
|
||||
path: '',
|
||||
key: '',
|
||||
name: fileName,
|
||||
size: fileSize,
|
||||
type: contentType,
|
||||
},
|
||||
directUploadSupported: false,
|
||||
})
|
||||
}
|
||||
|
||||
logger.info(`Generating ${uploadType} presigned URL for ${fileName}`)
|
||||
|
||||
let presignedUrlResponse
|
||||
|
||||
if (uploadType === 'copilot') {
|
||||
try {
|
||||
presignedUrlResponse = await CopilotFiles.generateCopilotUploadUrl({
|
||||
fileName,
|
||||
contentType,
|
||||
fileSize,
|
||||
userId: sessionUserId,
|
||||
expirationSeconds: 3600,
|
||||
})
|
||||
} catch (error) {
|
||||
throw new ValidationError(getErrorMessage(error, 'Chat validation failed'))
|
||||
}
|
||||
} else if (uploadType === 'mothership') {
|
||||
const workspaceId = request.nextUrl.searchParams.get('workspaceId')
|
||||
if (!workspaceId?.trim()) {
|
||||
throw new ValidationError('workspaceId query parameter is required for chat uploads')
|
||||
}
|
||||
|
||||
const permission = await getUserEntityPermissions(sessionUserId, 'workspace', workspaceId)
|
||||
if (permission !== 'write' && permission !== 'admin') {
|
||||
return NextResponse.json(
|
||||
{ error: 'Write or Admin access required for chat uploads' },
|
||||
{ status: 403 }
|
||||
)
|
||||
}
|
||||
|
||||
const fileValidationError = validateAttachmentFileType(fileName)
|
||||
if (fileValidationError) {
|
||||
throw new ValidationError(fileValidationError.message)
|
||||
}
|
||||
|
||||
const customKey = generateWorkspaceFileKey(workspaceId, fileName)
|
||||
presignedUrlResponse = await generatePresignedUploadUrl({
|
||||
fileName,
|
||||
contentType,
|
||||
fileSize,
|
||||
context: 'mothership',
|
||||
userId: sessionUserId,
|
||||
customKey,
|
||||
expirationSeconds: 3600,
|
||||
metadata: { workspaceId },
|
||||
})
|
||||
|
||||
await insertFileMetadata({
|
||||
key: presignedUrlResponse.key,
|
||||
userId: sessionUserId,
|
||||
workspaceId,
|
||||
context: 'mothership',
|
||||
originalName: fileName,
|
||||
contentType,
|
||||
size: fileSize,
|
||||
})
|
||||
} else if (uploadType === 'execution') {
|
||||
const workflowId = request.nextUrl.searchParams.get('workflowId')
|
||||
const executionId = request.nextUrl.searchParams.get('executionId')
|
||||
const workspaceId = request.nextUrl.searchParams.get('workspaceId')
|
||||
if (!workflowId?.trim() || !executionId?.trim() || !workspaceId?.trim()) {
|
||||
throw new ValidationError(
|
||||
'workflowId, executionId, and workspaceId query parameters are required for execution uploads'
|
||||
)
|
||||
}
|
||||
|
||||
const permission = await getUserEntityPermissions(sessionUserId, 'workspace', workspaceId)
|
||||
if (permission !== 'write' && permission !== 'admin') {
|
||||
return NextResponse.json(
|
||||
{ error: 'Write or Admin access required for execution uploads' },
|
||||
{ status: 403 }
|
||||
)
|
||||
}
|
||||
|
||||
const fileValidationError = validateAttachmentFileType(fileName)
|
||||
if (fileValidationError) {
|
||||
throw new ValidationError(fileValidationError.message)
|
||||
}
|
||||
|
||||
const customKey = generateExecutionFileKey({ workspaceId, workflowId, executionId }, fileName)
|
||||
presignedUrlResponse = await generatePresignedUploadUrl({
|
||||
fileName,
|
||||
contentType,
|
||||
fileSize,
|
||||
context: 'execution',
|
||||
userId: sessionUserId,
|
||||
customKey,
|
||||
expirationSeconds: 3600,
|
||||
metadata: { workspaceId, workflowId, executionId },
|
||||
})
|
||||
|
||||
await insertFileMetadata({
|
||||
key: presignedUrlResponse.key,
|
||||
userId: sessionUserId,
|
||||
workspaceId,
|
||||
context: 'execution',
|
||||
originalName: fileName,
|
||||
contentType,
|
||||
size: fileSize,
|
||||
})
|
||||
} else if (uploadType === 'workspace-logos') {
|
||||
const workspaceId = request.nextUrl.searchParams.get('workspaceId')
|
||||
if (!workspaceId?.trim()) {
|
||||
throw new ValidationError(
|
||||
'workspaceId query parameter is required for workspace-logos uploads'
|
||||
)
|
||||
}
|
||||
|
||||
const permission = await getUserEntityPermissions(sessionUserId, 'workspace', workspaceId)
|
||||
if (permission !== 'admin') {
|
||||
return NextResponse.json(
|
||||
{ error: 'Admin access required for workspace logo uploads' },
|
||||
{ status: 403 }
|
||||
)
|
||||
}
|
||||
|
||||
if (!isImageFileType(contentType)) {
|
||||
throw new ValidationError(
|
||||
'Only image files (JPEG, PNG, GIF, WebP, SVG) are allowed for workspace logo uploads'
|
||||
)
|
||||
}
|
||||
|
||||
presignedUrlResponse = await generatePresignedUploadUrl({
|
||||
fileName,
|
||||
contentType,
|
||||
fileSize,
|
||||
context: 'workspace-logos',
|
||||
userId: sessionUserId,
|
||||
expirationSeconds: 3600,
|
||||
metadata: { workspaceId },
|
||||
})
|
||||
|
||||
await insertFileMetadata({
|
||||
key: presignedUrlResponse.key,
|
||||
userId: sessionUserId,
|
||||
workspaceId,
|
||||
context: 'workspace-logos',
|
||||
originalName: fileName,
|
||||
contentType,
|
||||
size: fileSize,
|
||||
})
|
||||
} else if (uploadType === 'knowledge-base') {
|
||||
const workspaceId = request.nextUrl.searchParams.get('workspaceId')
|
||||
if (!workspaceId?.trim()) {
|
||||
throw new ValidationError(
|
||||
'workspaceId query parameter is required for knowledge-base uploads'
|
||||
)
|
||||
}
|
||||
|
||||
const permission = await getUserEntityPermissions(sessionUserId, 'workspace', workspaceId)
|
||||
if (permission !== 'write' && permission !== 'admin') {
|
||||
return NextResponse.json(
|
||||
{ error: 'Write or Admin access required for knowledge-base uploads' },
|
||||
{ status: 403 }
|
||||
)
|
||||
}
|
||||
|
||||
const customKey = generateKnowledgeBaseFileKey(fileName)
|
||||
presignedUrlResponse = await generatePresignedUploadUrl({
|
||||
fileName,
|
||||
contentType,
|
||||
fileSize,
|
||||
context: 'knowledge-base',
|
||||
userId: sessionUserId,
|
||||
customKey,
|
||||
expirationSeconds: 3600,
|
||||
metadata: { workspaceId },
|
||||
})
|
||||
|
||||
await recordKnowledgeBaseFileOwnership({
|
||||
key: presignedUrlResponse.key,
|
||||
userId: sessionUserId,
|
||||
workspaceId,
|
||||
originalName: fileName,
|
||||
contentType,
|
||||
size: fileSize,
|
||||
})
|
||||
} else {
|
||||
if (uploadType === 'profile-pictures') {
|
||||
if (!sessionUserId?.trim()) {
|
||||
throw new ValidationError(
|
||||
'Authenticated user session is required for profile picture uploads'
|
||||
)
|
||||
}
|
||||
if (!isImageFileType(contentType)) {
|
||||
throw new ValidationError(
|
||||
'Only image files (JPEG, PNG, GIF, WebP, SVG) are allowed for profile picture uploads'
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
presignedUrlResponse = await generatePresignedUploadUrl({
|
||||
fileName,
|
||||
contentType,
|
||||
fileSize,
|
||||
context: uploadType,
|
||||
userId: sessionUserId,
|
||||
expirationSeconds: 3600, // 1 hour
|
||||
})
|
||||
}
|
||||
|
||||
const finalPath = `/api/files/serve/${USE_BLOB_STORAGE ? 'blob' : 's3'}/${encodeURIComponent(presignedUrlResponse.key)}?context=${uploadType}`
|
||||
|
||||
return NextResponse.json({
|
||||
fileName,
|
||||
presignedUrl: presignedUrlResponse.url,
|
||||
fileInfo: {
|
||||
path: finalPath,
|
||||
key: presignedUrlResponse.key,
|
||||
name: fileName,
|
||||
size: fileSize,
|
||||
type: contentType,
|
||||
},
|
||||
uploadHeaders: presignedUrlResponse.uploadHeaders,
|
||||
directUploadSupported: true,
|
||||
})
|
||||
} catch (error) {
|
||||
logger.error('Error generating presigned URL:', error)
|
||||
|
||||
if (error instanceof PresignedUrlError) {
|
||||
return NextResponse.json(
|
||||
{
|
||||
error: error.message,
|
||||
code: error.code,
|
||||
directUploadSupported: false,
|
||||
},
|
||||
{ status: error.statusCode }
|
||||
)
|
||||
}
|
||||
|
||||
return createErrorResponse(
|
||||
error instanceof Error ? error : new Error('Failed to generate presigned URL')
|
||||
)
|
||||
}
|
||||
})
|
||||
Reference in New Issue
Block a user