diff --git a/app/api.js b/app/api.js index 58b75cb0..6b4a1695 100644 --- a/app/api.js +++ b/app/api.js @@ -1,12 +1,16 @@ import { arrayToB64, b64ToArray, delay } from './utils'; import { ECE_RECORD_SIZE } from './ece'; -function post(obj) { +function post(obj, bearerToken) { + const h = { + 'Content-Type': 'application/json' + }; + if (bearerToken) { + h['Authentication'] = `Bearer ${bearerToken}`; + } return { method: 'POST', - headers: new Headers({ - 'Content-Type': 'application/json' - }), + headers: new Headers(h), body: JSON.stringify(obj) }; } @@ -43,13 +47,16 @@ export async function del(id, owner_token) { return response.ok; } -export async function setParams(id, owner_token, params) { +export async function setParams(id, owner_token, bearerToken, params) { const response = await fetch( `/api/params/${id}`, - post({ - owner_token, - dlimit: params.dlimit - }) + post( + { + owner_token, + dlimit: params.dlimit + }, + bearerToken + ) ); return response.ok; } diff --git a/app/fileManager.js b/app/fileManager.js index 4dd61ad3..c3065f2c 100644 --- a/app/fileManager.js +++ b/app/fileManager.js @@ -56,7 +56,11 @@ export default function(state, emitter) { }); emitter.on('changeLimit', async ({ file, value }) => { - await file.changeLimit(value); + const ok = await file.changeLimit(value, state.user); + if (!ok) { + // TODO + return; + } state.storage.writeFile(file); metrics.changedDownloadLimit(file); }); @@ -138,6 +142,7 @@ export default function(state, emitter) { metrics.completedUpload(ownedFile); state.storage.addFile(ownedFile); + // TODO integrate password and limit into /upload request if (password) { emitter.emit('password', { password, file: ownedFile }); } diff --git a/app/ownedFile.js b/app/ownedFile.js index 7fd8a94b..3fef67cb 100644 --- a/app/ownedFile.js +++ b/app/ownedFile.js @@ -48,10 +48,10 @@ export default class OwnedFile { return del(this.id, this.ownerToken); } - changeLimit(dlimit) { + changeLimit(dlimit, user = {}) { if (this.dlimit !== dlimit) { this.dlimit = dlimit; - return setParams(this.id, this.ownerToken, { dlimit }); + return setParams(this.id, this.ownerToken, user.bearerToken, { dlimit }); } return Promise.resolve(true); } diff --git a/app/pages/welcome/index.js b/app/pages/welcome/index.js index c64a1416..e94c42e5 100644 --- a/app/pages/welcome/index.js +++ b/app/pages/welcome/index.js @@ -129,7 +129,7 @@ module.exports = function(state, emit) { emit('upload', { type: 'click', - dlCount: state.downloadCount, + dlCount: state.downloadCount || 1, password: state.password }); } diff --git a/public/locales/en-US/send.ftl b/public/locales/en-US/send.ftl index 29218ca5..fc462745 100644 --- a/public/locales/en-US/send.ftl +++ b/public/locales/en-US/send.ftl @@ -84,8 +84,14 @@ errorPageHeader = Something went wrong! errorPageMessage = There has been an error uploading the file. errorPageLink = Send another file fileTooBig = That file is too big to upload. It should be less than { $size }. -tooManyFiles = Only { $count } files can be uploaded at a time. -tooManyArchives = Only { $count } archives are allowed. +# count will always be > 10 +tooManyFiles = { $count -> + *[other] Only { $count } files can be uploaded at a time. +} +# count will always be > 10 +tooManyArchives = { $count -> + *[other] Only { $count } archives are allowed. +} linkExpiredAlt = Link expired expiredPageHeader = This link has expired or never existed in the first place! notSupportedHeader = Your browser is not supported. diff --git a/server/routes/index.js b/server/routes/index.js index 590becb4..08c2cf4a 100644 --- a/server/routes/index.js +++ b/server/routes/index.js @@ -87,7 +87,12 @@ module.exports = function(app) { app.post('/api/upload', auth.fxa, require('./upload')); app.post(`/api/delete/:id${ID_REGEX}`, auth.owner, require('./delete')); app.post(`/api/password/:id${ID_REGEX}`, auth.owner, require('./password')); - app.post(`/api/params/:id${ID_REGEX}`, auth.owner, require('./params')); + app.post( + `/api/params/:id${ID_REGEX}`, + auth.owner, + auth.fxa, + require('./params') + ); app.post(`/api/info/:id${ID_REGEX}`, auth.owner, require('./info')); app.get('/__version__', function(req, res) { diff --git a/server/routes/params.js b/server/routes/params.js index 24d1546f..08e22f25 100644 --- a/server/routes/params.js +++ b/server/routes/params.js @@ -2,9 +2,9 @@ const config = require('../config'); const storage = require('../storage'); module.exports = function(req, res) { + const max = req.user ? config.max_downloads : config.anon_max_downloads; const dlimit = req.body.dlimit; - // TODO: fxa auth - if (!dlimit || dlimit > config.max_downloads) { + if (!dlimit || dlimit > max) { return res.sendStatus(400); }