feat: Add filesystem and projects API#389
Conversation
Codecov Report
@@ Coverage Diff @@
## main #389 +/- ##
==========================================
+ Coverage 84.10% 84.21% +0.11%
==========================================
Files 174 176 +2
Lines 9964 10135 +171
Branches 1097 1101 +4
==========================================
+ Hits 8380 8535 +155
- Misses 1573 1589 +16
Partials 11 11
... and 3 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
|
|
||
| # Filesystem API | ||
| # -------------- | ||
| @filesystem_api.put("/{project_id}/{filepath:path}") |
There was a problem hiding this comment.
@cguedes This will respect the filepath provided, so uploading a named foo.pdf to uploads/test.pdf will result in the appropriate directory being created and test.pdf being written there.
I think this is what we were discussing this morning, but let me know otherwise.
There was a problem hiding this comment.
Yes, this is exactly what we want.
| project_path = projects.get_project_path(user_id, project_id) | ||
| filepath = project_path / filepath | ||
| try: | ||
| os.remove(filepath) |
There was a problem hiding this comment.
@cguedes I ended up deleting filesystem.py because once I cleaned this PR up, this line was literally the only one remaining that was actually used.
FastAPI gave us a lot for free with FileResponse and UploadFile.
|
There was a lot of code to knock out today and there's probably some clean up necessary, but I think it's better to get the functionality in place first to unblock others. Any clean up can happen in subsequent PRs. |
Great work @gjreda I've just added a commit to ensure that the server path exists (/tmp/....) and some code cleanup for the paths. Also, move the There is still work to do, for example in the response payload for the project files (not sure if it should be a list of files/directories vs nested structure), but this def unblock the frontend work for the web. |
| } | ||
|
|
||
|
|
||
| @filesystem_api.get("/{project_id}/{filepath:path}") |
There was a problem hiding this comment.
Is there anything that prevents reading from outside the project path here? Could filepath be something like ../../../some-other-folder or /etc/passwd? Just wondering about security here.
fixes #365
This PR adds APIs for both managing files and projects.
Running the server
Project API
Create a project
List projects
Get project details
Delete a project
List project files
Filesystem API
Create a file (this will respect directory segments)
Read a file
Delete a file