Allow normal user to upload.

server/api/storage.go

@@ -109,10 +109,34 @@ func handleDeleteStorage(c fiber.Ctx) error {
 	})
 }
 
+func handleSetDefaultStorage(c fiber.Ctx) error {
+	idStr := c.Params("id")
+	id, err := strconv.ParseUint(idStr, 10, 32)
+	if err != nil {
+		return model.NewRequestError("Invalid storage ID")
+	}
+
+	uid, ok := c.Locals("uid").(uint)
+	if !ok {
+		return model.NewUnAuthorizedError("You are not authorized to perform this action")
+	}
+
+	err = service.SetDefaultStorage(uid, uint(id))
+	if err != nil {
+		return err
+	}
+
+	return c.Status(fiber.StatusOK).JSON(model.Response[any]{
+		Success: true,
+		Message: "Default storage set successfully",
+	})
+}
+
 func AddStorageRoutes(r fiber.Router) {
 	s := r.Group("storage")
 	s.Post("/s3", handleCreateS3Storage)
 	s.Post("/local", handleCreateLocalStorage)
 	s.Get("/", handleListStorages)
 	s.Delete("/:id", handleDeleteStorage)
+	s.Put("/:id/default", handleSetDefaultStorage)
 }

server/config/config.go

@@ -28,6 +28,12 @@ type ServerConfig struct {
 	ServerDescription string `json:"server_description"`
 	// SiteInfo is an article that describes the site. It will be displayed on the home page. Markdown format.
 	SiteInfo string `json:"site_info"`
+	// AllowNormalUserUpload indicates whether normal users are allowed to upload files.
+	AllowNormalUserUpload bool `json:"allow_normal_user_upload"`
+	// MaxNormalUserUploadSizeInMB is the maximum size of files that normal users can upload.
+	MaxNormalUserUploadSizeInMB int `json:"max_normal_user_upload_size_in_mb"`
+	// Prompt for upload page
+	UploadPrompt string `json:"upload_prompt"`
 }
 
 func init() {
@@ -42,6 +48,9 @@ func init() {
 			CloudflareTurnstileSecretKey:  "",
 			ServerName:                    "Nysoure",
 			ServerDescription:             "Nysoure is a file sharing service.",
+			AllowNormalUserUpload:         true,
+			MaxNormalUserUploadSizeInMB:   16,
+			UploadPrompt:                  "You can upload your files here.",
 		}
 	} else {
 		data, err := os.ReadFile(p)
@@ -106,3 +115,15 @@ func CloudflareTurnstileSecretKey() string {
 func SiteInfo() string {
 	return config.SiteInfo
 }
+
+func AllowNormalUserUpload() bool {
+	return config.AllowNormalUserUpload
+}
+
+func MaxNormalUserUploadSize() int64 {
+	return int64(config.MaxNormalUserUploadSizeInMB) * 1024 * 1024
+}
+
+func UploadPrompt() string {
+	return config.UploadPrompt
+}

server/dao/storage.go

@@ -1,9 +1,10 @@
 package dao
 
 import (
+	"nysoure/server/model"
+
 	"gorm.io/gorm"
 	"gorm.io/gorm/clause"
-	"nysoure/server/model"
 )
 
 func CreateStorage(s model.Storage) (model.Storage, error) {
@@ -37,3 +38,12 @@ func AddStorageUsage(id uint, offset int64) error {
 		return tx.Model(&model.Storage{}).Where("id = ?", id).Update("current_size", storage.CurrentSize+offset).Error
 	})
 }
+
+func SetDefaultStorage(id uint) error {
+	return db.Transaction(func(tx *gorm.DB) error {
+		if err := tx.Model(&model.Storage{}).Where("is_default = ?", true).Update("is_default", false).Error; err != nil {
+			return err
+		}
+		return tx.Model(&model.Storage{}).Where("id = ?", id).Update("is_default", true).Error
+	})
+}

server/middleware/frontend_middleware.go

@@ -128,6 +128,8 @@ func serveIndexHtml(c fiber.Ctx) error {
 	content = strings.ReplaceAll(content, "{{Url}}", url)
 	content = strings.ReplaceAll(content, "{{CFTurnstileSiteKey}}", cfTurnstileSiteKey)
 	content = strings.ReplaceAll(content, "{{SiteInfo}}", siteInfo)
+	content = strings.ReplaceAll(content, "{{UploadPrompt}}", config.UploadPrompt())
+	content = strings.ReplaceAll(content, "{{AllowNormalUserUpload}}", strconv.FormatBool(config.AllowNormalUserUpload()))
 
 	c.Set("Content-Type", "text/html; charset=utf-8")
 	return c.SendString(content)

server/model/storage.go

@@ -1,8 +1,9 @@
 package model
 
 import (
-	"gorm.io/gorm"
 	"time"
+
+	"gorm.io/gorm"
 )
 
 type Storage struct {
@@ -12,6 +13,7 @@ type Storage struct {
 	Config      string
 	MaxSize     int64
 	CurrentSize int64
+	IsDefault   bool
 }
 
 type StorageView struct {
@@ -21,6 +23,7 @@ type StorageView struct {
 	MaxSize     int64     `json:"maxSize"`
 	CurrentSize int64     `json:"currentSize"`
 	CreatedAt   time.Time `json:"createdAt"`
+	IsDefault   bool      `json:"isDefault"`
 }
 
 func (s *Storage) ToView() StorageView {
@@ -31,5 +34,6 @@ func (s *Storage) ToView() StorageView {
 		MaxSize:     s.MaxSize,
 		CurrentSize: s.CurrentSize,
 		CreatedAt:   s.CreatedAt,
+		IsDefault:   s.IsDefault,
 	}
 }

server/service/file.go

@@ -80,7 +80,9 @@ func CreateUploadingFile(uid uint, filename string, description string, fileSize
 		return nil, model.NewInternalServerError("failed to check user permission")
 	}
 	if !canUpload {
-		return nil, model.NewUnAuthorizedError("user cannot upload file")
+		if !config.AllowNormalUserUpload() || fileSize > config.MaxNormalUserUploadSize()*1024*1024 {
+			return nil, model.NewUnAuthorizedError("user cannot upload file")
+		}
 	}
 
 	if fileSize > config.MaxFileSize() {
@@ -300,7 +302,7 @@ func CreateRedirectFile(uid uint, filename string, description string, resourceI
 		log.Error("failed to check user permission: ", err)
 		return nil, model.NewInternalServerError("failed to check user permission")
 	}
-	if !canUpload {
+	if !canUpload && !config.AllowNormalUserUpload() {
 		return nil, model.NewUnAuthorizedError("user cannot upload file")
 	}
 

server/service/storage.go

@@ -105,3 +105,19 @@ func DeleteStorage(uid, id uint) error {
 	}
 	return nil
 }
+
+func SetDefaultStorage(uid, id uint) error {
+	isAdmin, err := CheckUserIsAdmin(uid)
+	if err != nil {
+		log.Errorf("check user is admin failed: %s", err)
+		return model.NewInternalServerError("check user is admin failed")
+	}
+	if !isAdmin {
+		return model.NewUnAuthorizedError("only admin can set default storage")
+	}
+	err = dao.SetDefaultStorage(id)
+	if err != nil {
+		return err
+	}
+	return nil
+}