Initial UI/JS created with Claude

Author: Forceu

docs/setup.rst

@@ -254,6 +254,7 @@ This disables all of Gokapi's internal authentication except for API calls. The
 - ``/e2eSetup``
 - ``/filerequests``
 - ``/logs``
+- ``/paste``
 - ``/uploadChunk``
 - ``/uploadStatus``
 - ``/users``

internal/configuration/setup/ProtectedUrls.go

@@ -113,6 +113,7 @@ func Start() {
 	mux.HandleFunc("/e2eSetup", requireLogin(showE2ESetup, true, false))
 	mux.HandleFunc("/error", showError)
 	mux.HandleFunc("/filerequests", requireLogin(showUploadRequest, true, false))
+	mux.HandleFunc("/paste", requireLogin(showPaste, true, false))
 	mux.HandleFunc("/forgotpw", forgotPassword)
 	mux.HandleFunc("/h/", showHotlink)
 	mux.HandleFunc("/hotlink/", showHotlink) // backward compatibility
@@ -435,6 +436,18 @@ func showUploadRequest(w http.ResponseWriter, r *http.Request) {
 	helper.CheckIgnoreTimeout(err)
 }
 
+// Handling of /paste
+// Lists existing pastes for the current user and provides the paste creation UI
+func showPaste(w http.ResponseWriter, r *http.Request) {
+	user, err := authentication.GetUserFromRequest(r)
+	if err != nil {
+		panic(err)
+	}
+	view := (&AdminView{}).convertGlobalConfig(ViewPaste, user)
+	err = templateFolder.ExecuteTemplate(w, "paste", view)
+	helper.CheckIgnoreTimeout(err)
+}
+
 // Handling of /api
 // If the user is authenticated, this menu lists all uploads and enables uploading new files
 func showApiAdmin(w http.ResponseWriter, r *http.Request) {
@@ -741,6 +754,7 @@ type e2ESetupView struct {
 // AdminView contains parameters for all admin-related pages
 type AdminView struct {
 	Items                 []models.FileApiOutput
+	Pastes                []models.FileApiOutput
 	ApiKeys               []models.ApiKey
 	Users                 []userInfo
 	FileRequests          []models.FileRequest
@@ -804,6 +818,8 @@ const (
 	ViewUsers
 	// ViewFileRequests is the identifier for the file request menu
 	ViewFileRequests
+	// ViewPaste is the identifier for the paste menu
+	ViewPaste
 )
 
 // Converts the globalConfig variable to an AdminView struct to pass the infos to
@@ -868,6 +884,19 @@ func (u *AdminView) convertGlobalConfig(view int, user models.User) *AdminView {
 			}
 			u.Users = append(u.Users, userWithUploads)
 		}
+	case ViewPaste:
+		for _, element := range database.GetAllMetadata() {
+			if !element.IsPaste {
+				continue
+			}
+			if element.UserId != user.Id && !user.HasPermissionListOtherUploads() {
+				continue
+			}
+			fileInfo, err := element.ToFileApiOutput(config.ServerUrl, config.IncludeFilename)
+			helper.Check(err)
+			u.Pastes = append(u.Pastes, fileInfo)
+		}
+		u.Pastes = sortMetaDataApi(u.Pastes)
 	case ViewFileRequests:
 		for _, fileRequest := range filerequest.GetAll() {
 			// Double-checking if the owner of the file request exists

internal/webserver/Webserver.go

@@ -690,6 +690,9 @@ func apiPasteAdd(w http.ResponseWriter, r requestParser, user models.User) {
 	if !ok {
 		panic("invalid parameter passed")
 	}
+	if request.Title == "" {
+		request.Title = "Untitled Paste"
+	}
 	file, err := storage.NewPaste([]byte(request.PasteContent), request.Title, user.Id, models.UploadParameters{
 		UserId:              user.Id,
 		AllowedDownloads:    request.AllowedDownloads,

internal/webserver/api/Api.go

@@ -1026,3 +1026,56 @@ async function apiURequestSave(id, name, maxfiles, maxsize, expiry, notes) {
         throw error;
     }
 }
+
+// /files/addPaste
+
+async function apiAddPaste(content, title, allowedDownloads, expiryDays, password) {
+    const apiUrl = './api/files/addPaste';
+    const reqPerm = 'PERM_UPLOAD';
+
+    let token;
+    try {
+        token = await getToken(reqPerm, false);
+    } catch (error) {
+        console.error("Unable to gain permission token:", error);
+        throw error;
+    }
+
+    const formData = new FormData();
+    formData.append("pasteContent", content);
+    if (title) {
+        formData.append("title", title);
+    }
+    formData.append("allowedDownloads", allowedDownloads);
+    formData.append("expiryDays", expiryDays);
+    if (password) {
+        formData.append("password", password);
+    }
+
+    const requestOptions = {
+        method: 'POST',
+        headers: {
+            'apikey': token,
+        },
+        body: formData,
+    };
+
+    try {
+        const response = await fetch(apiUrl, requestOptions);
+        if (!response.ok) {
+            let errorMessage;
+            try {
+                const errorResponse = await response.json();
+                errorMessage = errorResponse.ErrorMessage || `Request failed with status: ${response.status}`;
+            } catch {
+                const errorText = await response.text();
+                errorMessage = errorText || `Request failed with status: ${response.status}`;
+            }
+            throw new Error(errorMessage);
+        }
+        return await response.json();
+    } catch (error) {
+        console.error("Error in apiAddPaste:", error);
+        throw error;
+    }
+}

internal/webserver/web/static/js/admin_api.js

@@ -0,0 +1,117 @@
+// This file contains JS code for the paste view.
+// All files named admin_*.js will be merged together and minimised by calling
+// go generate ./...
+
+function pasteToggleDownloads(checkbox) {
+    document.getElementById("paste-downloads").disabled = !checkbox.checked;
+}
+
+function pasteToggleExpiry(checkbox) {
+    document.getElementById("paste-expiry").disabled = !checkbox.checked;
+}
+
+function pasteTogglePassword(checkbox) {
+    document.getElementById("paste-password").disabled = !checkbox.checked;
+}
+
+function submitPaste() {
+    const content = document.getElementById("paste-content").value.trim();
+    if (!content) {
+        alert("Please enter some content before creating a paste.");
+        return;
+    }
+
+    const title        = document.getElementById("paste-title").value.trim();
+    const limitViews   = document.getElementById("paste-enable-downloads").checked;
+    const limitExpiry  = document.getElementById("paste-enable-expiry").checked;
+    const usePassword  = document.getElementById("paste-enable-password").checked;
+
+    const allowedDownloads = limitViews  ? parseInt(document.getElementById("paste-downloads").value, 10) : 0;
+    const expiryDays       = limitExpiry ? parseInt(document.getElementById("paste-expiry").value,    10) : 0;
+    const password         = usePassword ? document.getElementById("paste-password").value : "";
+
+    apiAddPaste(content, title, allowedDownloads, expiryDays, password)
+        .then(data => {
+            const info = data.FileInfo;
+            pasteInsertRow(info);
+            document.getElementById("paste-content").value = "";
+            document.getElementById("paste-title").value   = "";
+            pasteCopyUrl(info.UrlDownload, info.Id);
+        })
+        .catch(error => {
+            alert("Failed to create paste: " + error);
+            console.error("Error:", error);
+        });
+}
+
+function pasteInsertRow(info) {
+    const tbody = document.getElementById("paste-tbody");
+    const row   = document.createElement("tr");
+    row.id      = "pasterow-" + info.Id;
+
+    const views = info.UnlimitedDownloads ? "Unlimited" : info.DownloadsRemaining;
+
+    row.innerHTML = `
+        <td>${escapeHtml(info.Name)}</td>
+        <td><span id="paste-created-${info.Id}"></span></td>
+        <td><span id="paste-expiry-${info.Id}"></span></td>
+        <td>${escapeHtml(String(views))}</td>
+        <td>
+          <div class="btn-group" role="group">
+            <button type="button" class="btn btn-outline-light btn-sm" title="Copy URL"
+              onclick="pasteCopyUrl('${escapeHtml(info.UrlDownload)}', '${escapeHtml(info.Id)}')">
+              <i class="bi bi-copy"></i>
+            </button>
+            <button type="button" class="btn btn-outline-danger btn-sm" title="Delete"
+              onclick="pasteDelete('${escapeHtml(info.Id)}')">
+              <i class="bi bi-trash3"></i>
+            </button>
+          </div>
+        </td>`;
+
+    tbody.prepend(row);
+    insertDateWithNegative(info.UploadDate, "paste-created-" + info.Id, "Unknown");
+
+    if (info.UnlimitedTime) {
+        document.getElementById("paste-expiry-" + info.Id).innerText = "Never";
+    } else {
+        insertFileRequestExpiry(info.ExpireAt, "paste-expiry-" + info.Id);
+    }
+}
+
+function pasteCopyUrl(url, id) {
+    navigator.clipboard.writeText(url).then(() => {
+        const toastEl = document.getElementById("paste-toast");
+        document.getElementById("paste-toast-body").innerText = "URL copied to clipboard!";
+        bootstrap.Toast.getOrCreateInstance(toastEl).show();
+    }).catch(() => {
+        prompt("Copy this URL:", url);
+    });
+}
+
+function pasteDelete(id) {
+    if (!confirm("Delete this paste?")) {
+        return;
+    }
+    apiFilesDelete(id, 0)
+        .then(() => {
+            const row = document.getElementById("pasterow-" + id);
+            if (row) {
+                row.classList.add("rowDeleting");
+                setTimeout(() => row.remove(), 290);
+            }
+        })
+        .catch(error => {
+            alert("Failed to delete paste: " + error);
+            console.error("Error:", error);
+        });
+}
+
+function escapeHtml(str) {
+    return String(str)
+        .replace(/&/g, "&amp;")
+        .replace(/</g, "&lt;")
+        .replace(/>/g, "&gt;")
+        .replace(/"/g, "&quot;")
+        .replace(/'/g, "&#39;");
+}

internal/webserver/web/static/js/admin_ui_paste.js

@@ -79,6 +79,7 @@
           <h1>{{.PublicName}}</h1>
           <nav class="nav nav-masthead justify-content-center">
             <a class="nav-link {{ if eq .ActiveView 0}}active{{ end }}" href="./admin">Upload</a>
+            <a class="nav-link {{ if eq .ActiveView 5 }}active{{ end }}" href="./paste">Paste</a>
             {{ if .ActiveUser.HasPermissionCreateFileRequests }}
             <a class="nav-link {{ if eq .ActiveView 4 }}active{{ end }}" href="./filerequests">File Requests</a>
             {{ end }}