Merge pull request #2616 from weseek/imprv/create-api-for-attachment

Imprv/create api for attachment

src/server/routes/apiv3/attachment.js

@@ -0,0 +1,41 @@
+const loggerFactory = require('@alias/logger');
+
+const logger = loggerFactory('growi:routes:apiv3:attachment'); // eslint-disable-line no-unused-vars
+
+const express = require('express');
+
+const router = express.Router();
+
+const ErrorV3 = require('../../models/vo/error-apiv3');
+
+// TODO: add swagger by GW3441
+
+module.exports = (crowi) => {
+  const accessTokenParser = require('../../middlewares/access-token-parser')(crowi);
+  const loginRequired = require('../../middlewares/login-required')(crowi);
+  const Page = crowi.model('Page');
+  const Attachment = crowi.model('Attachment');
+
+  router.get('/list', accessTokenParser, loginRequired, async(req, res) => {
+
+    try {
+      const pageId = req.query.page;
+
+      // check whether accessible
+      const isAccessible = await Page.isAccessiblePageByViewer(pageId, req.user);
+      if (!isAccessible) {
+        const msg = 'Current user is not accessible to this page.';
+        return res.apiv3Err(new ErrorV3(msg, 'attachment-list-failed'), 403);
+      }
+
+      const attachments = await Attachment.find({ page: pageId });
+      return res.apiv3({ attachments });
+    }
+    catch (err) {
+      logger.error('Attachment not found', err);
+      return res.apiv3Err(err, 500);
+    }
+  });
+
+  return router;
+};

src/server/routes/apiv3/index.js

@@ -41,6 +41,7 @@ module.exports = (crowi) => {
   router.use('/pages', require('./pages')(crowi));
 
   router.use('/bookmarks', require('./bookmarks')(crowi));
+  router.use('/attachment', require('./attachment')(crowi));
 
   return router;
 };