big refactor

package.json

@@ -24,30 +24,30 @@
   },
   "dependencies": {
     "@socket.io/redis-adapter": "^8.3.0",
-    "@tsed/ajv": "^7.79.4",
-    "@tsed/common": "^7.79.4",
-    "@tsed/core": "^7.79.4",
-    "@tsed/di": "^7.79.4",
-    "@tsed/engines": "^7.79.4",
-    "@tsed/exceptions": "^7.79.4",
-    "@tsed/json-mapper": "^7.79.4",
+    "@tsed/ajv": "^7.80.3",
+    "@tsed/common": "^7.80.3",
+    "@tsed/core": "^7.80.3",
+    "@tsed/di": "^7.80.3",
+    "@tsed/engines": "^7.80.3",
+    "@tsed/exceptions": "^7.80.3",
+    "@tsed/json-mapper": "^7.80.3",
     "@tsed/logger": "^6.7.5",
     "@tsed/logger-file": "^6.7.5",
-    "@tsed/passport": "^7.79.4",
-    "@tsed/platform-cache": "^7.79.4",
-    "@tsed/platform-exceptions": "^7.79.4",
-    "@tsed/platform-express": "^7.79.4",
-    "@tsed/platform-log-middleware": "^7.79.4",
-    "@tsed/platform-middlewares": "^7.79.4",
-    "@tsed/platform-params": "^7.79.4",
-    "@tsed/platform-response-filter": "^7.79.4",
-    "@tsed/platform-views": "^7.79.4",
-    "@tsed/schema": "^7.79.4",
-    "@tsed/socketio": "^7.79.4",
-    "@tsed/swagger": "^7.79.4",
+    "@tsed/passport": "^7.80.3",
+    "@tsed/platform-cache": "^7.80.3",
+    "@tsed/platform-exceptions": "^7.80.3",
+    "@tsed/platform-express": "^7.80.3",
+    "@tsed/platform-log-middleware": "^7.80.3",
+    "@tsed/platform-middlewares": "^7.80.3",
+    "@tsed/platform-params": "^7.80.3",
+    "@tsed/platform-response-filter": "^7.80.3",
+    "@tsed/platform-views": "^7.80.3",
+    "@tsed/schema": "^7.80.3",
+    "@tsed/socketio": "^7.80.3",
+    "@tsed/swagger": "^7.80.3",
     "@types/socket.io": "^3.0.2",
     "ajv": "^8.17.1",
-    "argon2": "^0.40.3",
+    "argon2": "^0.41.0",
     "better-sqlite3": "^9.6.0",
     "body-parser": "^1.20.2",
     "builder-pattern": "^2.2.0",
@@ -85,9 +85,9 @@
     "xss": "^1.0.15"
   },
   "devDependencies": {
-    "@eslint/js": "^9.9.0",
+    "@eslint/js": "^9.9.1",
     "@swc/cli": "^0.4.0",
-    "@swc/core": "^1.7.11",
+    "@swc/core": "^1.7.21",
     "@tsed/cli-plugin-passport": "5.2.4",
     "@types/compression": "^1.7.5",
     "@types/cookie-parser": "^1.4.7",
@@ -96,24 +96,24 @@
     "@types/express-session": "^1.18.0",
     "@types/jsdom": "^21.1.7",
     "@types/method-override": "^0.0.35",
-    "@types/multer": "^1.4.11",
-    "@types/node": "^22.4.0",
+    "@types/multer": "^1.4.12",
+    "@types/node": "^22.5.1",
     "@types/node-schedule": "^2.1.7",
     "@types/passport": "^1.0.16",
     "@types/passport-http": "^0.3.11",
     "@types/passport-local": "^1.0.38",
     "@types/punycode": "^2.1.4",
     "barrelsby": "^2.8.1",
     "eslint": "^8.57.0",
-    "husky": "^9.1.4",
+    "husky": "^9.1.5",
     "lint-staged": "^15.2.9",
     "nodemon": "^3.1.4",
     "prettier": "3.3.3",
     "ts-node": "^10.9.2",
     "ts-node-dev": "^2.0.0",
     "tsc-files": "^1.1.4",
     "tsconfig-paths": "^4.2.0",
-    "tslib": "^2.6.3",
+    "tslib": "^2.7.0",
     "typescript": "5.5.4",
     "typescript-eslint": "^7.16.1"
   },

src/controllers/rest/IAdminController.ts

@@ -0,0 +1,19 @@
+import { PlatformResponse } from "@tsed/common";
+import type { DatatableColumn, DatatableOrder, DatatableSearch } from "../../utils/typeings.js";
+
+export interface IAdminController {
+    getAllEntries(): Promise<unknown>;
+
+    deleteEntries(res: PlatformResponse, ids: number[]): Promise<unknown>;
+
+    getStatsData(): Promise<unknown>;
+
+    getDatatablesEntries(
+        draw: number,
+        start: number,
+        length: number,
+        order: DatatableOrder[],
+        columns: DatatableColumn[],
+        search: DatatableSearch,
+    ): Promise<unknown>;
+}

src/controllers/rest/impl/security/AbstractAdminController.ts

@@ -0,0 +1,36 @@
+import { PlatformResponse } from "@tsed/common";
+import { NotFound } from "@tsed/exceptions";
+import type { DatatableColumn, DatatableOrder, DatatableSearch } from "../../../../utils/typeings.js";
+import { IAdminService } from "../../../../services/IAdminService.js";
+import { BaseRestController } from "../../BaseRestController.js";
+
+export abstract class AbstractAdminController extends BaseRestController {
+    protected constructor(protected adminService: IAdminService) {
+        super();
+    }
+
+    public getAllEntries(): Promise<unknown> {
+        return this.adminService.getAllEntries();
+    }
+
+    public async deleteEntries(res: PlatformResponse, ids: number[]): Promise<unknown> {
+        const result = await this.adminService.deleteEntries(ids);
+        if (!result) {
+            throw new NotFound(`No entry with IDs ${ids.join(", ")} found.`);
+        }
+        return super.doSuccess(res, `Entries have been deleted.`);
+    }
+
+    public getStatsData(): Promise<unknown> {
+        return this.adminService.getStatsData();
+    }
+
+    public abstract getDatatablesEntries(
+        draw: number,
+        start: number,
+        length: number,
+        order: DatatableOrder[],
+        columns: DatatableColumn[],
+        search: DatatableSearch,
+    ): Promise<unknown>;
+}

src/controllers/rest/impl/security/AdminController.ts

@@ -1,35 +1,24 @@
-import { Delete, Get, Hidden, Post, Required, Returns } from "@tsed/schema";
+import { AbstractAdminController } from "./AbstractAdminController.js";
 import { Controller, Inject } from "@tsed/di";
-import { AdminService } from "../../../../services/AdminService.js";
-import { Authorize } from "@tsed/passport";
-import { BodyParams } from "@tsed/platform-params";
+import { UserAdminService } from "../../../../services/UserAdminService.js";
+import { Delete, Get, Hidden, Post, Required } from "@tsed/schema";
 import { PlatformResponse, QueryParams, Res } from "@tsed/common";
-import { NotFound } from "@tsed/exceptions";
-import { BaseRestController } from "../../BaseRestController.js";
-import { StatusCodes } from "http-status-codes";
 import type { DatatableColumn, DatatableOrder, DatatableSearch } from "../../../../utils/typeings.js";
-import { DefaultRenderException } from "../../../../model/rest/DefaultRenderException.js";
-import { BucketService } from "../../../../services/BucketService.js";
+import { BodyParams } from "@tsed/platform-params";
+import { StatusCodes } from "http-status-codes";
+import { Authorize } from "@tsed/passport";
+import { IAdminController } from "../../IAdminController.js";
 
 @Hidden()
-@Controller("/admin")
-@(Returns(StatusCodes.FORBIDDEN, DefaultRenderException).Description("If your IP has been blocked"))
 @Authorize("loginAuthProvider")
-export class AdminController extends BaseRestController {
-    public constructor(
-        @Inject() private adminService: AdminService,
-        @Inject() private bucketService: BucketService,
-    ) {
-        super();
-    }
-
-    @Get("/allEntries")
-    public getAllEntries(): Promise<unknown> {
-        return this.adminService.getAllEntries();
+@Controller("/admin")
+export class AdminController extends AbstractAdminController implements IAdminController {
+    public constructor(@Inject() private UserAdminService: UserAdminService) {
+        super(UserAdminService);
     }
 
     @Get("/datatablesEntries")
-    public async getDatatablesEntries(
+    public override async getDatatablesEntries(
         @QueryParams("draw") draw: number,
         @QueryParams("start") start: number,
         @QueryParams("length") length: number,
@@ -44,19 +33,10 @@ export class AdminController extends BaseRestController {
             sortOrder = order[0]?.dir.toUpperCase();
             sortColumn = columns[order[0]?.column ?? 0]?.data;
         }
-        const bucket = await this.bucketService.getBucket();
-        const bucketToken = bucket ? bucket.bucketToken : undefined;
-        const data = await this.adminService.getPagedEntries(
-            start,
-            length,
-            sortColumn,
-            sortOrder,
-            searchVal,
-            bucketToken,
-        );
+        const data = await this.adminService.getPagedEntries(start, length, sortColumn, sortOrder, searchVal);
         const records = searchVal
-            ? await this.adminService.getFileSearchRecordCount(search.value, bucketToken)
-            : await this.adminService.getFileRecordCount(bucketToken);
+            ? await this.adminService.getFileSearchRecordCount(search.value)
+            : await this.adminService.getFileRecordCount();
         return {
             draw: draw,
             recordsTotal: records,
@@ -65,14 +45,9 @@ export class AdminController extends BaseRestController {
         };
     }
 
-    @Get("/statsData")
-    public getStatsData(): Promise<unknown> {
-        return this.adminService.getStatsData();
-    }
-
     @Get("/blockedIps")
     public getAllBlockedIps(): Promise<unknown> {
-        return this.adminService.getAllBlockedIps();
+        return this.UserAdminService.getAllBlockedIps();
     }
 
     @Post("/blockIp")
@@ -81,25 +56,31 @@ export class AdminController extends BaseRestController {
         @QueryParams("removeRelatedData", Boolean) removeRelatedData = false,
         @Required() @BodyParams("ip") ip: string,
     ): Promise<unknown> {
-        await this.adminService.blockIp(ip, removeRelatedData);
+        await this.UserAdminService.blockIp(ip, removeRelatedData);
         return super.doSuccess(res, "IP blocked");
     }
 
     @Post("/unblockIps")
     public async unblockIps(@Res() res: PlatformResponse, @BodyParams() ips: string[]): Promise<unknown> {
-        const success = await this.adminService.removeBlockedIps(ips);
+        const success = await this.UserAdminService.removeBlockedIps(ips);
         if (!success) {
             return super.doError(res, "Unable to remove selected ips", StatusCodes.INTERNAL_SERVER_ERROR);
         }
         return super.doSuccess(res, "IP un-blocked");
     }
 
+    @Get("/allEntries")
+    public override getAllEntries(): Promise<unknown> {
+        return super.getAllEntries();
+    }
+
     @Delete("/deleteEntries")
-    public async deleteEntries(@Res() res: PlatformResponse, @BodyParams() ids: number[]): Promise<unknown> {
-        const result = await this.adminService.deleteEntries(ids);
-        if (!result) {
-            throw new NotFound(`No entry with IDs ${ids.join(", ")} found.`);
-        }
-        return super.doSuccess(res, `Entries have been deleted.`);
+    public override deleteEntries(@Res() res: PlatformResponse, @BodyParams() ids: number[]): Promise<unknown> {
+        return super.deleteEntries(res, ids);
+    }
+
+    @Get("/statsData")
+    public override getStatsData(): Promise<unknown> {
+        return super.getStatsData();
     }
 }

src/controllers/rest/impl/security/PassportCtrl.ts → src/controllers/rest/impl/security/AuthenticationController.ts

@@ -1,7 +1,7 @@
 import { Controller, Inject, ProviderScope, Scope } from "@tsed/di";
 import { Authenticate, Authorize } from "@tsed/passport";
 import { Get, Hidden, Post, Returns, Security } from "@tsed/schema";
-import { PlatformResponse, Req, Res, UseBefore } from "@tsed/common";
+import { PlatformResponse, Req, Res, Session, UseBefore } from "@tsed/common";
 import { StatusCodes } from "http-status-codes";
 import { BodyParams } from "@tsed/platform-params";
 import { UserModel } from "../../../../model/db/User.model.js";
@@ -11,19 +11,20 @@ import { UserService } from "../../../../services/UserService.js";
 import { CaptchaMiddleWare } from "../../../../middleware/endpoint/CaptchaMiddleWare.js";
 import { DefaultRenderException } from "../../../../model/rest/DefaultRenderException.js";
 import type { Request, Response } from "express";
+import { AuthenticateBucket } from "../../../../middleware/endpoint/AuthenticateBucket.js";
 
 @Controller("/auth")
 @Scope(ProviderScope.SINGLETON)
 @Hidden()
 @(Returns(StatusCodes.FORBIDDEN, DefaultRenderException).Description("If your IP has been blocked"))
-export class PassportCtrl extends BaseRestController {
+export class AuthenticationController extends BaseRestController {
     public constructor(@Inject() private usersService: UserService) {
         super();
     }
 
     @Post("/authenticate_bucket")
     @UseBefore(CaptchaMiddleWare)
-    @Authenticate("bucketAuthProvider", { failWithError: true })
+    @UseBefore(AuthenticateBucket)
     @Returns(StatusCodes.MOVED_TEMPORARILY)
     @Returns(StatusCodes.UNAUTHORIZED)
     public authenticateBucket(@Res() res: Response): void {
@@ -39,6 +40,15 @@ export class PassportCtrl extends BaseRestController {
         res.redirect("/admin");
     }
 
+    @Get("/close_bucket")
+    @Returns(StatusCodes.MOVED_TEMPORARILY)
+    public closeBucket(@Session() session: Record<string, unknown>, @Res() res: Response): void {
+        if (session && session.bucket) {
+            delete session.bucket;
+        }
+        res.redirect("/bucketAccess");
+    }
+
     @Get("/logout")
     @Returns(StatusCodes.MOVED_TEMPORARILY)
     public logout(@Req() request: Request, @Res() res: Response): Promise<void> {

src/controllers/rest/impl/security/BucketAdminController.ts

@@ -0,0 +1,74 @@
+import { AbstractAdminController } from "./AbstractAdminController.js";
+import { Controller, Inject } from "@tsed/di";
+import { Delete, Get, Hidden } from "@tsed/schema";
+import { PlatformResponse, QueryParams, Res, UseBefore } from "@tsed/common";
+import type { DatatableColumn, DatatableOrder, DatatableSearch } from "../../../../utils/typeings.js";
+import { AuthoriseBucket } from "../../../../middleware/endpoint/AuthoriseBucket.js";
+import { BodyParams } from "@tsed/platform-params";
+import { IAdminController } from "../../IAdminController.js";
+import { BucketAdminService } from "../../../../services/BucketAdminService.js";
+import { BucketService } from "../../../../services/BucketService.js";
+
+@Hidden()
+@Controller("/admin/bucket")
+@UseBefore(AuthoriseBucket)
+export class BucketAdminController extends AbstractAdminController implements IAdminController {
+    public constructor(
+        @Inject() private bucketAdminService: BucketAdminService,
+        @Inject() private bucketService: BucketService,
+    ) {
+        super(bucketAdminService);
+    }
+
+    @Get("/datatablesEntries")
+    public override async getDatatablesEntries(
+        @QueryParams("draw") draw: number,
+        @QueryParams("start") start: number,
+        @QueryParams("length") length: number,
+        @QueryParams("order") order: DatatableOrder[],
+        @QueryParams("columns") columns: DatatableColumn[],
+        @QueryParams("search") search: DatatableSearch,
+    ): Promise<unknown> {
+        let sortColumn;
+        let sortOrder;
+        const searchVal = search ? search.value : undefined;
+        if (order && columns) {
+            sortOrder = order[0]?.dir.toUpperCase();
+            sortColumn = columns[order[0]?.column ?? 0]?.data;
+        }
+        const bucket = await this.bucketService.getBucket();
+        const bucketToken = bucket!.bucketToken;
+        const data = await this.bucketAdminService.getPagedEntries(
+            start,
+            length,
+            sortColumn,
+            sortOrder,
+            bucketToken,
+            searchVal,
+        );
+        const records = searchVal
+            ? await this.bucketAdminService.getFileSearchRecordCount(search.value, bucketToken)
+            : await this.bucketAdminService.getFileRecordCount(bucketToken);
+        return {
+            draw: draw,
+            recordsTotal: records,
+            recordsFiltered: records,
+            data: data,
+        };
+    }
+
+    @Get("/allEntries")
+    public override getAllEntries(): Promise<unknown> {
+        return super.getAllEntries();
+    }
+
+    @Delete("/deleteEntries")
+    public override deleteEntries(@Res() res: PlatformResponse, @BodyParams() ids: number[]): Promise<unknown> {
+        return super.deleteEntries(res, ids);
+    }
+
+    @Get("/statsData")
+    public override getStatsData(): Promise<unknown> {
+        return super.getStatsData();
+    }
+}