From e471057af8de019abcab403496bd8cbc1666dd5c Mon Sep 17 00:00:00 2001
From: metalicn20 <metalicn20@gmail.com>
Date: Sat, 30 Oct 2021 16:47:08 +0330
Subject: [PATCH] Return 404 on file not found

---
 .../storage/app/controller/FileController.kt  | 20 ++++++++++---------
 .../storage/app/service/StorageService.kt     |  1 +
 .../storage/app/service/StorageServiceImpl.kt |  4 ++++
 3 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/controller/FileController.kt b/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/controller/FileController.kt
index c6ee996a0..545317bc4 100644
--- a/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/controller/FileController.kt
+++ b/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/controller/FileController.kt
@@ -13,6 +13,7 @@ import org.springframework.web.bind.annotation.*
 import reactor.core.publisher.Mono
 import java.net.URLConnection
 import java.nio.file.Paths
+import kotlin.io.path.exists
 
 @RestController
 class FileController(private val storageService: StorageService) {
@@ -20,9 +21,9 @@ class FileController(private val storageService: StorageService) {
 
     @PostMapping("/{uid}")
     suspend fun fileUpload(
-        @PathVariable("uid") uid: String,
-        @RequestPart("file") file: Mono<FilePart>,
-        @CurrentSecurityContext securityContext: SecurityContext
+            @PathVariable("uid") uid: String,
+            @RequestPart("file") file: Mono<FilePart>,
+            @CurrentSecurityContext securityContext: SecurityContext
     ): Any {
         if (securityContext.authentication.name != uid) throw OpexException(OpexError.UnAuthorized)
         file.awaitFirstOrNull().apply {
@@ -39,12 +40,13 @@ class FileController(private val storageService: StorageService) {
     @GetMapping("/{uid}/{filename}")
     @ResponseBody
     suspend fun fileDownload(
-        @PathVariable("uid") uid: String,
-        @PathVariable("filename") filename: String,
-        @CurrentSecurityContext securityContext: SecurityContext
+            @PathVariable("uid") uid: String,
+            @PathVariable("filename") filename: String,
+            @CurrentSecurityContext securityContext: SecurityContext
     ): ResponseEntity<ByteArray> {
         if (securityContext.authentication.name != uid) throw OpexException(OpexError.UnAuthorized)
         val path = Paths.get("").resolve("/opex-storage/$uid/$filename")
+        if (!storageService.exists(path.toString())) throw OpexException(OpexError.NotFound)
         val file = storageService.load(path.toString())
         val mimeType = URLConnection.getFileNameMap().getContentTypeFor(path.fileName.toString())
         return ResponseEntity.ok().contentType(MediaType.parseMediaType(mimeType)).body(file.readBytes())
@@ -53,11 +55,11 @@ class FileController(private val storageService: StorageService) {
     @GetMapping("/admin/download/{uid}/{filename}")
     @ResponseBody
     suspend fun adminFileDownload(
-        @PathVariable("uid") uid: String,
-        @PathVariable("filename") filename: String,
-        @CurrentSecurityContext securityContext: SecurityContext
+            @PathVariable("uid") uid: String,
+            @PathVariable("filename") filename: String
     ): ResponseEntity<ByteArray> {
         val path = Paths.get("").resolve("/opex-storage/$uid/$filename")
+        if (!storageService.exists(path.toString())) throw OpexException(OpexError.NotFound)
         val file = storageService.load(path.toString())
         val mimeType = URLConnection.getFileNameMap().getContentTypeFor(path.fileName.toString())
         return ResponseEntity.ok().contentType(MediaType.parseMediaType(mimeType)).body(file.readBytes())
diff --git a/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/service/StorageService.kt b/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/service/StorageService.kt
index 4756b9ee5..8e5bc6295 100644
--- a/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/service/StorageService.kt
+++ b/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/service/StorageService.kt
@@ -7,6 +7,7 @@ import java.io.FileInputStream
 
 interface StorageService {
     suspend fun store(path: String, file: FilePart)
+    suspend fun exists(filename: String): Boolean
     suspend fun load(filename: String): FileInputStream
     suspend fun delete(filename: String)
     suspend fun deleteAll(folderName: String)
diff --git a/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/service/StorageServiceImpl.kt b/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/service/StorageServiceImpl.kt
index f1123e79f..8f8cc3911 100644
--- a/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/service/StorageServiceImpl.kt
+++ b/Storage/storage-app/src/main/kotlin/co/nilin/opex/storage/app/service/StorageServiceImpl.kt
@@ -19,6 +19,10 @@ class StorageServiceImpl(private val resourceLoader: ResourceLoader) : StorageSe
         file.transferTo(p).awaitFirstOrNull()
     }
 
+    override suspend fun exists(filename: String): Boolean {
+        return Files.exists(Paths.get(filename))
+    }
+
     override suspend fun load(filename: String): FileInputStream {
         return ResourceUtils.getFile(filename).inputStream()
     }