User Data Export and import (#967)

Co-authored-by: kolaente <k@knt.li> Reviewed-on: https://kolaente.dev/vikunja/api/pulls/967 Co-authored-by: konrad <k@knt.li> Co-committed-by: konrad <k@knt.li>
2021-09-04 19:26:31 +00:00
parent fc51a3e76f
commit 90146aea5b
46 changed files with 2395 additions and 582 deletions
--- a/pkg/routes/api/v1/info.go
+++ b/pkg/routes/api/v1/info.go
@ -19,6 +19,8 @@ package v1
 import (
 	"net/http"

+	vikunja_file "code.vikunja.io/api/pkg/modules/migration/vikunja-file"
+
 	microsofttodo "code.vikunja.io/api/pkg/modules/migration/microsoft-todo"

 	"code.vikunja.io/api/pkg/modules/migration/trello"
@ -91,6 +93,9 @@ func Info(c echo.Context) error {
 		CaldavEnabled:          config.ServiceEnableCaldav.GetBool(),
 		EmailRemindersEnabled:  config.ServiceEnableEmailReminders.GetBool(),
 		UserDeletionEnabled:    config.ServiceEnableUserDeletion.GetBool(),
+		AvailableMigrators: []string{
+			(&vikunja_file.FileMigrator{}).Name(),
+		},
 		Legal: legalInfo{
 			ImprintURL:       config.LegalImprintURL.GetString(),
 			PrivacyPolicyURL: config.LegalPrivacyURL.GetString(),
--- a/pkg/routes/api/v1/user_deletion.go
+++ b/pkg/routes/api/v1/user_deletion.go
@ -27,7 +27,7 @@ import (
 	"github.com/labstack/echo/v4"
 )

-type UserDeletionRequest struct {
+type UserPasswordConfirmation struct {
 	Password string `json:"password" valid:"required"`
 }

@ -41,13 +41,13 @@ type UserDeletionRequestConfirm struct {
 // @tags user
 // @Accept json
 // @Produce json
-// @Param credentials body v1.UserDeletionRequest true "The user password."
+// @Param credentials body v1.UserPasswordConfirmation true "The user password."
 // @Success 200 {object} models.Message
 // @Failure 412 {object} web.HTTPError "Bad password provided."
 // @Failure 500 {object} models.Message "Internal error"
 // @Router /user/deletion/request [post]
 func UserRequestDeletion(c echo.Context) error {
-	var deletionRequest UserDeletionRequest
+	var deletionRequest UserPasswordConfirmation
 	if err := c.Bind(&deletionRequest); err != nil {
 		return echo.NewHTTPError(http.StatusBadRequest, "No password provided.")
 	}
@ -149,13 +149,13 @@ func UserConfirmDeletion(c echo.Context) error {
 // @tags user
 // @Accept json
 // @Produce json
-// @Param credentials body v1.UserDeletionRequest true "The user password to confirm."
+// @Param credentials body v1.UserPasswordConfirmation true "The user password to confirm."
 // @Success 200 {object} models.Message
 // @Failure 412 {object} web.HTTPError "Bad password provided."
 // @Failure 500 {object} models.Message "Internal error"
 // @Router /user/deletion/cancel [post]
 func UserCancelDeletion(c echo.Context) error {
-	var deletionRequest UserDeletionRequest
+	var deletionRequest UserPasswordConfirmation
 	if err := c.Bind(&deletionRequest); err != nil {
 		return echo.NewHTTPError(http.StatusBadRequest, "No password provided.")
 	}
--- a/pkg/routes/api/v1/user_export.go
+++ b/pkg/routes/api/v1/user_export.go
@ -0,0 +1,136 @@
+// Vikunja is a to-do list application to facilitate your life.
+// Copyright 2018-2021 Vikunja and contributors. All rights reserved.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public Licensee as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public Licensee for more details.
+//
+// You should have received a copy of the GNU Affero General Public Licensee
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package v1
+
+import (
+	"net/http"
+
+	"code.vikunja.io/api/pkg/db"
+	"code.vikunja.io/api/pkg/events"
+	"code.vikunja.io/api/pkg/files"
+	"code.vikunja.io/api/pkg/models"
+	"code.vikunja.io/api/pkg/user"
+	"code.vikunja.io/web/handler"
+	"github.com/labstack/echo/v4"
+	"xorm.io/xorm"
+)
+
+func checkExportRequest(c echo.Context) (s *xorm.Session, u *user.User, err error) {
+	var pass UserPasswordConfirmation
+	if err := c.Bind(&pass); err != nil {
+		return nil, nil, echo.NewHTTPError(http.StatusBadRequest, "No password provided.")
+	}
+
+	err = c.Validate(pass)
+	if err != nil {
+		return nil, nil, echo.NewHTTPError(http.StatusBadRequest, err)
+	}
+
+	s = db.NewSession()
+	defer s.Close()
+
+	err = s.Begin()
+	if err != nil {
+		return nil, nil, handler.HandleHTTPError(err, c)
+	}
+
+	u, err = user.GetCurrentUserFromDB(s, c)
+	if err != nil {
+		_ = s.Rollback()
+		return nil, nil, handler.HandleHTTPError(err, c)
+	}
+
+	err = user.CheckUserPassword(u, pass.Password)
+	if err != nil {
+		_ = s.Rollback()
+		return nil, nil, handler.HandleHTTPError(err, c)
+	}
+
+	return
+}
+
+// RequestUserDataExport is the handler to request a user data export
+// @Summary Request a user data export.
+// @tags user
+// @Accept json
+// @Produce json
+// @Security JWTKeyAuth
+// @Param password body v1.UserPasswordConfirmation true "User password to confirm the data export request."
+// @Success 200 {object} models.Message
+// @Failure 400 {object} web.HTTPError "Something's invalid."
+// @Failure 500 {object} models.Message "Internal server error."
+// @Router /user/export/request [post]
+func RequestUserDataExport(c echo.Context) error {
+	s, u, err := checkExportRequest(c)
+	if err != nil {
+		return err
+	}
+
+	err = events.Dispatch(&models.UserDataExportRequestedEvent{
+		User: u,
+	})
+	if err != nil {
+		_ = s.Rollback()
+		return handler.HandleHTTPError(err, c)
+	}
+
+	err = s.Commit()
+	if err != nil {
+		_ = s.Rollback()
+		return handler.HandleHTTPError(err, c)
+	}
+
+	return c.JSON(http.StatusOK, models.Message{Message: "Successfully requested data export. We will send you an email when it's ready."})
+}
+
+// DownloadUserDataExport is the handler to download a created user data export
+// @Summary Download a user data export.
+// @tags user
+// @Accept json
+// @Produce json
+// @Security JWTKeyAuth
+// @Param password body v1.UserPasswordConfirmation true "User password to confirm the download."
+// @Success 200 {object} models.Message
+// @Failure 400 {object} web.HTTPError "Something's invalid."
+// @Failure 500 {object} models.Message "Internal server error."
+// @Router /user/export/download [post]
+func DownloadUserDataExport(c echo.Context) error {
+	s, u, err := checkExportRequest(c)
+	if err != nil {
+		return err
+	}
+
+	err = s.Commit()
+	if err != nil {
+		_ = s.Rollback()
+		return handler.HandleHTTPError(err, c)
+	}
+
+	// Download
+	exportFile := &files.File{ID: u.ExportFileID}
+	err = exportFile.LoadFileMetaByID()
+	if err != nil {
+		return handler.HandleHTTPError(err, c)
+	}
+	err = exportFile.LoadFileByID()
+	if err != nil {
+		return handler.HandleHTTPError(err, c)
+	}
+
+	http.ServeContent(c.Response(), c.Request(), exportFile.Name, exportFile.Created, exportFile.File)
+	return nil
+}