package api import ( "fmt" "io" "log" "net/http" "os" "path/filepath" "strings" "git.freecumextremist.com/grumbulon/pomme/internal" "github.com/go-chi/jwtauth/v5" "github.com/go-chi/render" "github.com/miekg/dns" "gorm.io/gorm" ) // Upload godoc // // @Summary upload a zonefile // @Description upload takes files from the user and stores it locally to be parsed. Uploads are associated with a specific user. // // @Description Rate limited: 10 requests every 10 second // @Description you must specify "Bearer" before entering your token // // @Tags DNS // @Accept mpfd // @Produce json // @Param file formData file true "Zonefile to upload" // @Success 200 {object} internal.SwaggerGenericResponse[internal.Response] // @Failure 500 {object} internal.SwaggerGenericResponse[internal.Response] "internalServerError is a 500 server error with a logged error call back" // @Param Authorization header string true "Bearer Token" // // @Security Bearer // // @Router /api/upload [post] func ReceiveFile(w http.ResponseWriter, r *http.Request) { _, claims, _ := jwtauth.FromContext(r.Context()) r.Body = http.MaxBytesReader(w, r.Body, 1*1024*1024) // approx 1 mb max upload file, header, err := r.FormFile("file") if err != nil { APIError(w, r, genericResponseFields{"message": "File upload failed", "status": http.StatusInternalServerError, "error": err.Error()}) return } defer file.Close() //nolint: errcheck b, err := io.ReadAll(file) if err != nil { APIError(w, r, genericResponseFields{"message": "internal server error", "status": http.StatusInternalServerError, "error": err.Error()}) return } ok := validateContentType(file) if !ok { APIError(w, r, genericResponseFields{"message": "file must be text/plain", "status": http.StatusUnsupportedMediaType}) return } zoneFile := newDNSRequest(header.Filename, claims["username"].(string), b) if err := zoneFile.save(Tmp); err != nil { APIError(w, r, genericResponseFields{"message": "Unable to save zonefile", "status": http.StatusInternalServerError, "error": err.Error()}) return } db, ok := r.Context().Value(keyPrincipalContextID).(*gorm.DB) if !ok { APIError(w, r, genericResponseFields{"message": "internal server error", "status": http.StatusInternalServerError, "error": "unable to connect to DB"}) return } db.Create( &ZoneRequest{ User: claims["username"].(string), Zone: &Zone{ FileName: fmt.Sprintf("tmpfile-%s-%s", header.Filename, claims["username"].(string)), RawFileName: header.Filename, }, }) if err := zoneFile.parse(); err != nil { APIError(w, r, genericResponseFields{"message": "Unable to parse zonefile", "status": http.StatusInternalServerError, "error": err.Error()}) return } if err := zoneFile.save(Perm); err != nil { APIError(w, r, genericResponseFields{"message": "Unable to save zonefile", "status": http.StatusInternalServerError, "error": err.Error()}) return } w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusCreated) resp := internal.Response{ Message: "Successfully uploaded zonefile", } render.JSON(w, r, resp) } func newDNSRequest(filename string, user string, dat []byte) ndr { return &ZoneRequest{ User: user, Zone: &Zone{ FileName: fmt.Sprintf("tmpfile-%s-%s", filename, user), RawFileName: filename, Body: string(dat), }, } } // Parse will be used to parse zonefiles. func (zone *ZoneRequest) parse() error { zp := dns.NewZoneParser(strings.NewReader(zone.Body), "", "") for rr, ok := zp.Next(); ok; rr, ok = zp.Next() { log.Println(rr) } if err := zp.Err(); err != nil { return fmt.Errorf("unable to parse Zonefile: %w", err) } return nil } func (zone *ZoneRequest) save(path) error { // clean up the tmp file defer os.Remove(filepath.Clean("/tmp/" + zone.FileName)) return makeLocal(Perm, zone) } func validateContentType(file io.Reader) bool { bytes, err := io.ReadAll(file) if err != nil { return false } mimeType := http.DetectContentType(bytes) mime := strings.Contains(mimeType, "text/plain") switch mime { case true: return true default: return false } }