upload file and get the file endpoint

Author: huseinnashr

src/app.module.ts

@@ -13,6 +13,7 @@ import { TaskModule } from './task/task.module';
 import { ProjectTaskModule } from './project-task/project-task.module';
 import { UpdateModule } from './task-update/task-update.module';
 import { UpdateCommentModule } from './update-comment/update-comment.module';
+import { FileModule } from './file/file.module';
 
 @Module({
   imports: [
@@ -24,6 +25,7 @@ import { UpdateCommentModule } from './update-comment/update-comment.module';
     ProjectTaskModule,
     UpdateModule,
     UpdateCommentModule,
+    FileModule,
   ],
   providers: [
     {

src/config/multer.config.ts

@@ -0,0 +1,20 @@
+import { MulterModuleOptions } from '@nestjs/platform-express';
+import { MulterFile } from '../core/interface';
+import { MimeType } from '../database/enum';
+
+const acceptedMimes = [
+  MimeType.DOCX,
+  MimeType.JPEG,
+  MimeType.PNG,
+  MimeType.PDF,
+];
+
+export const MulterConfig: MulterModuleOptions = {
+  dest: './upload',
+  fileFilter: (_, file: MulterFile, callback) => {
+    if (acceptedMimes.includes(<MimeType>file.mimetype)) {
+      return callback(null, true);
+    }
+    return callback(new Error('Only Image, PDF or Docx allowed'), false);
+  },
+};

src/core/app.service.ts

@@ -26,4 +26,13 @@ export abstract class AppService {
       );
     }
   }
+
+  /** if can not manage return '403 Forbidden' */
+  canView(can: boolean, entityName: string): void {
+    if (!can) {
+      throw new ForbiddenException(
+        `You don't have the permission to veiw this ${entityName}`,
+      );
+    }
+  }
 }

src/core/interface/index.ts

@@ -0,0 +1 @@
+export * from './multer';

src/core/interface/multer.ts

@@ -0,0 +1,43 @@
+import { Readable } from 'stream';
+
+// Type definitions for multer 1.4
+// Project: https://github.com/expressjs/multer
+// Definitions by: jt000 <https://github.com/jt000>
+//                 vilicvane <https://github.com/vilic>
+//                 David Broder-Rodgers <https://github.com/DavidBR-SW>
+//                 Michael Ledin <https://github.com/mxl>
+//                 HyunSeob Lee <https://github.com/hyunseob>
+//                 Pierre Tchuente <https://github.com/PierreTchuente>
+//                 Oliver Emery <https://github.com/thrymgjol>
+// Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped
+// TypeScript Version: 2.8
+
+export interface MulterFile {
+  /** Name of the form field associated with this file. */
+  fieldname: string;
+  /** Name of the file on the uploader's computer. */
+  originalname: string;
+  /**
+   * Value of the `Content-Transfer-Encoding` header for this file.
+   * @deprecated since July 2015
+   * @see RFC 7578, Section 4.7
+   */
+  encoding: string;
+  /** Value of the `Content-Type` header for this file. */
+  mimetype: string;
+  /** Size of the file in bytes. */
+  size: number;
+  /**
+   * A readable stream of this file. Only available to the `_handleFile`
+   * callback for custom `StorageEngine`s.
+   */
+  stream: Readable;
+  /** `DiskStorage` only: Directory to which this file has been uploaded. */
+  destination: string;
+  /** `DiskStorage` only: Name of this file within `destination`. */
+  filename: string;
+  /** `DiskStorage` only: Full path to the uploaded file. */
+  path: string;
+  /** `MemoryStorage` only: A Buffer containing the entire file. */
+  buffer: Buffer;
+}

src/database/entity/employee.entity.ts

@@ -11,6 +11,7 @@ import { Role } from '../enum/role.enum';
 import { Project } from './project.entity';
 import { Task } from './task.entity';
 import { Comment } from './comment.entity';
+import { File } from './file.entity';
 
 @Entity()
 @Unique(['username'])
@@ -46,6 +47,13 @@ export class Employee {
   @Exclude()
   comments: Comment[];
 
+  @OneToMany(
+    () => File,
+    file => file.owner,
+  )
+  @Exclude()
+  files: File[];
+
   @Column()
   @Exclude()
   password: string;

src/database/entity/file.entity.ts

@@ -0,0 +1,31 @@
+import { Entity, PrimaryGeneratedColumn, Column, ManyToOne } from 'typeorm';
+import { Exclude } from 'class-transformer';
+import { Employee } from '.';
+import { MimeType } from '../enum';
+
+@Entity()
+export class File {
+  @PrimaryGeneratedColumn()
+  id: number;
+
+  @Column()
+  mime: MimeType;
+
+  @Column()
+  filename: string;
+
+  @Column()
+  @Exclude()
+  filepath: string;
+
+  @ManyToOne(
+    () => Employee,
+    employee => employee.files,
+    { eager: true },
+  )
+  owner: Employee;
+
+  isOwner(employee: Employee): boolean {
+    return this.owner.id === employee.id;
+  }
+}

src/database/entity/index.ts

@@ -3,3 +3,4 @@ export * from './project.entity';
 export * from './task.entity';
 export * from './update.entity';
 export * from './comment.entity';
+export * from './file.entity';

src/database/enum/index.ts

@@ -2,3 +2,4 @@ export * from './role.enum';
 export * from './project-status.enum';
 export * from './task-status.enum';
 export * from './update-type.enum';
+export * from './mime-type.enum';

src/database/enum/mime-type.enum.ts

@@ -0,0 +1,6 @@
+export enum MimeType {
+  DOCX = 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+  JPEG = 'image/jpeg',
+  PNG = 'image/png',
+  PDF = 'application/pdf',
+}

src/database/repository/file.repository.ts

@@ -0,0 +1,10 @@
+import { EntityRepository } from 'typeorm';
+import { File } from '../entity';
+import { AppRepository } from '../../core/app.repository';
+
+@EntityRepository(File)
+export class FileRepository extends AppRepository<File> {
+  constructor() {
+    super('File');
+  }
+}

src/database/repository/index.ts

@@ -3,3 +3,4 @@ export * from './project.repository';
 export * from './task.repository';
 export * from './update.repository';
 export * from './comment.repository ';
+export * from './file.repository';

src/file/file.controller.ts

@@ -0,0 +1,44 @@
+import {
+  Controller,
+  Post,
+  UseInterceptors,
+  UploadedFile,
+  Get,
+  Param,
+  Res,
+} from '@nestjs/common';
+import { FileInterceptor } from '@nestjs/platform-express';
+import { File, Employee } from '../database/entity';
+import { MulterFile } from '../core/interface';
+import { FileService } from './file.service';
+import { Auth, CurrentEmployee } from '../core/decorator';
+import { Response } from 'express';
+
+@Controller('file')
+export class FileController {
+  constructor(private fileService: FileService) {}
+
+  @Post('/')
+  @Auth()
+  @UseInterceptors(FileInterceptor('file'))
+  async create(
+    @UploadedFile() uploadedFile: MulterFile,
+    @CurrentEmployee() employee: Employee,
+  ): Promise<File> {
+    return this.fileService.create(uploadedFile, employee);
+  }
+
+  @Get('/:id')
+  @Auth()
+  async get(
+    @Param('id') fileId: number,
+    @CurrentEmployee() employee: Employee,
+    @Res() res: Response,
+  ): Promise<void> {
+    const file = await this.fileService.get(fileId, employee);
+    res.setHeader('Content-Type', file.mime);
+    res.setHeader('Content-Length', file.length);
+
+    file.stream.pipe(res);
+  }
+}

src/file/file.module.ts

@@ -0,0 +1,19 @@
+import { Module } from '@nestjs/common';
+import { FileController } from './file.controller';
+import { FileService } from './file.service';
+import { TypeOrmModule } from '@nestjs/typeorm';
+import { FileRepository } from '../database/repository';
+import { AuthModule } from '../auth/auth.module';
+import { MulterConfig } from '../config/multer.config';
+import { MulterModule } from '@nestjs/platform-express';
+
+@Module({
+  imports: [
+    MulterModule.register(MulterConfig),
+    TypeOrmModule.forFeature([FileRepository]),
+    AuthModule,
+  ],
+  controllers: [FileController],
+  providers: [FileService],
+})
+export class FileModule {}

src/file/file.service.ts

@@ -0,0 +1,46 @@
+import { Injectable, BadRequestException } from '@nestjs/common';
+import { AppService } from '../core/app.service';
+import { InjectRepository } from '@nestjs/typeorm';
+import { FileRepository } from '../database/repository';
+import { MulterFile } from '../core/interface';
+import { File, Employee } from '../database/entity';
+import { MimeType } from '../database/enum';
+import { promises as fs } from 'fs';
+import { Readable, Stream } from 'stream';
+
+@Injectable()
+export class FileService extends AppService {
+  constructor(
+    @InjectRepository(FileRepository) private fileRepo: FileRepository,
+  ) {
+    super();
+  }
+
+  async create(uploadedFile: MulterFile, employee: Employee): Promise<File> {
+    if (!uploadedFile) throw new BadRequestException('File cannot be empty');
+
+    const file = new File();
+    file.filename = uploadedFile.originalname;
+    file.mime = <MimeType>uploadedFile.mimetype;
+    file.filepath = uploadedFile.path;
+    file.owner = employee;
+
+    return this.fileRepo.save(file);
+  }
+
+  async get(
+    fileId: number,
+    employee: Employee,
+  ): Promise<{ stream: Stream; length: number; mime: MimeType }> {
+    const file = await this.fileRepo.findOneOrException(fileId);
+
+    this.canView(file.isOwner(employee), 'file');
+
+    const buffer = await fs.readFile(file.filepath);
+    const stream = new Readable();
+    stream.push(buffer);
+    stream.push(null);
+
+    return { stream, length: buffer.byteLength, mime: file.mime };
+  }
+}

test/file.e2e-spec.ts

@@ -0,0 +1,83 @@
+import * as request from 'supertest';
+import { INestApplication } from '@nestjs/common';
+import { Test, TestingModule } from '@nestjs/testing';
+import { AppModule } from '../src/app.module';
+import { FileRepository } from '../src/database/repository';
+import { Role } from '../src/database/enum';
+import { AuthHelper, TestHelper, FileHelper } from './helper';
+import { classToPlain } from 'class-transformer';
+
+describe('FileController (e2e)', () => {
+  let app: INestApplication;
+  let fileRepo: FileRepository;
+  let auth: AuthHelper;
+  let test: TestHelper;
+  let file: FileHelper;
+
+  beforeEach(async () => {
+    const moduleRef: TestingModule = await Test.createTestingModule({
+      imports: [AppModule],
+    }).compile();
+
+    fileRepo = moduleRef.get(FileRepository);
+    app = moduleRef.createNestApplication();
+
+    auth = new AuthHelper(app);
+    test = new TestHelper(app, auth);
+    file = new FileHelper();
+
+    await app.init();
+  });
+
+  afterEach(async () => {
+    await app.close();
+  });
+
+  it('test /file (POST, GET) specs', async () => {
+    const [token, staff] = await auth.signUp({ role: Role.STAFF });
+
+    const testFile = {
+      filename: 'image.jpg',
+      contentType: 'image/jpeg',
+      filepath: './test/file/image.jpg',
+    };
+    const testFileStat = await file.stat(testFile.filepath);
+
+    const res = await request(app.getHttpServer())
+      .post(`/file`)
+      .attach('file', testFile.filepath)
+      .set({ Authorization: token });
+
+    // A.1. Return 201 Created on correct create request as task staff
+    expect(res.status).toEqual(201);
+
+    const expected = {
+      id: res.body.id,
+      mime: testFile.contentType,
+      filename: testFile.filename,
+      owner: { id: staff.id, username: staff.username },
+    };
+
+    // A.2. Return response contain expected file response payload;
+    expect(res.body).toEqual(expected);
+
+    // A.3. File entity is saved in the database
+    const [files, count] = await fileRepo.findAndCount();
+    expect(count).toEqual(1);
+    expect(classToPlain(files[0])).toEqual(expected);
+
+    const getRes = await request(app.getHttpServer())
+      .get(`/file/${res.body.id}`)
+      .set({ Authorization: token });
+
+    // B. Return correct get file payload
+    expect(getRes.status).toBe(200);
+    expect(getRes.header['content-type']).toBe(testFile.contentType);
+    expect(getRes.header['content-length']).toBe(testFileStat.size.toString());
+
+    // C. returns 401 Unauthorized when not logged in
+    await test.unauthorized('POST', `/file`);
+
+    await file.emptyFolder('./upload', ['.gitignore']);
+  });
+});