feat(files): export markdown as zip with embedded images in assets/ folder

Author: waleedlatif1

apps/sim/app/api/files/export/[id]/route.ts

@@ -0,0 +1,111 @@
+import { createLogger } from '@sim/logger'
+import { toError } from '@sim/utils/errors'
+import JSZip from 'jszip'
+import type { NextRequest } from 'next/server'
+import { NextResponse } from 'next/server'
+import { fileExportContract } from '@/lib/api/contracts/storage-transfer'
+import { parseRequest } from '@/lib/api/server'
+import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
+import { withRouteHandler } from '@/lib/core/utils/with-route-handler'
+import { USE_BLOB_STORAGE } from '@/lib/uploads/config'
+import { downloadFile } from '@/lib/uploads/core/storage-service'
+import { getFileMetadataById } from '@/lib/uploads/server/metadata'
+import { verifyFileAccess } from '@/app/api/files/authorization'
+
+const logger = createLogger('FilesExportAPI')
+
+const MARKDOWN_MIME_TYPES = new Set(['text/markdown', 'text/x-markdown'])
+const MARKDOWN_EXTENSIONS = new Set(['md', 'markdown'])
+const VIEW_URL_RE =
+  /\/api\/files\/view\/([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})/gi
+
+function isMarkdown(originalName: string, contentType: string): boolean {
+  if (MARKDOWN_MIME_TYPES.has(contentType)) return true
+  const ext = originalName.split('.').pop()?.toLowerCase() ?? ''
+  return MARKDOWN_EXTENSIONS.has(ext)
+}
+
+export const GET = withRouteHandler(
+  async (request: NextRequest, context: { params: Promise<{ id: string }> }) => {
+    const parsed = await parseRequest(fileExportContract, request, context)
+    if (!parsed.success) return parsed.response
+
+    const { id } = parsed.data.params
+
+    const authResult = await checkSessionOrInternalAuth(request, { requireWorkflowId: false })
+    if (!authResult.success || !authResult.userId) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+    }
+
+    const record = await getFileMetadataById(id)
+    if (!record) {
+      logger.warn('File not found by ID', { id })
+      return NextResponse.json({ error: 'Not found' }, { status: 404 })
+    }
+
+    const hasAccess = await verifyFileAccess(record.key, authResult.userId)
+    if (!hasAccess) {
+      logger.warn('Unauthorized file export attempt', { id, userId: authResult.userId })
+      return NextResponse.json({ error: 'Forbidden' }, { status: 403 })
+    }
+
+    if (!isMarkdown(record.originalName, record.contentType)) {
+      const storagePrefix = USE_BLOB_STORAGE ? 'blob' : 's3'
+      const servePath = `/api/files/serve/${storagePrefix}/${encodeURIComponent(record.key)}`
+      return NextResponse.redirect(new URL(servePath, request.url), { status: 302 })
+    }
+
+    const mdBuffer = await downloadFile({ key: record.key, context: record.context as 'workspace' })
+    let mdContent = mdBuffer.toString('utf-8')
+
+    const imageIds = [...new Set([...mdContent.matchAll(VIEW_URL_RE)].map((m) => m[1]))]
+    logger.info('Exporting markdown with embedded images', { id, imageCount: imageIds.length })
+
+    const assetMap = new Map<string, { filename: string; buffer: Buffer }>()
+
+    await Promise.allSettled(
+      imageIds.map(async (imageId) => {
+        try {
+          const imgRecord = await getFileMetadataById(imageId)
+          if (!imgRecord) return
+          const imgHasAccess = await verifyFileAccess(imgRecord.key, authResult.userId)
+          if (!imgHasAccess) return
+          const imgBuffer = await downloadFile({
+            key: imgRecord.key,
+            context: imgRecord.context as 'workspace',
+          })
+          assetMap.set(imageId, { filename: imgRecord.originalName, buffer: imgBuffer })
+        } catch (err) {
+          logger.warn('Failed to fetch asset for export', { imageId, error: toError(err).message })
+        }
+      })
+    )
+
+    for (const [imageId, asset] of assetMap) {
+      const escapedId = imageId.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')
+      mdContent = mdContent.replace(
+        new RegExp(`/api/files/view/${escapedId}`, 'g'),
+        `./assets/${asset.filename}`
+      )
+    }
+
+    const zip = new JSZip()
+    zip.file(record.originalName, mdContent)
+    const assets = zip.folder('assets')!
+    for (const { filename, buffer } of assetMap.values()) {
+      assets.file(filename, buffer)
+    }
+
+    const zipBuffer = await zip.generateAsync({ type: 'nodebuffer', compression: 'DEFLATE' })
+    const zipName = `${record.originalName.replace(/\.[^.]+$/, '')}.zip`
+
+    return new NextResponse(zipBuffer, {
+      status: 200,
+      headers: {
+        'Content-Type': 'application/zip',
+        'Content-Disposition': `attachment; filename="${zipName}"`,
+        'Content-Length': String(zipBuffer.length),
+      },
+    })
+  }
+)

apps/sim/lib/api/contracts/storage-transfer.ts

@@ -454,6 +454,10 @@ export const fileViewParamsSchema = z.object({
   id: z.string().uuid('File ID must be a valid UUID'),
 })
 
+export const fileExportParamsSchema = z.object({
+  id: z.string().uuid('File ID must be a valid UUID'),
+})
+
 export const boxUploadContract = defineRouteContract({
   method: 'POST',
   path: '/api/tools/box/upload',
@@ -707,6 +711,13 @@ export const fileViewContract = defineRouteContract({
   response: { mode: 'binary' },
 })
 
+export const fileExportContract = defineRouteContract({
+  method: 'GET',
+  path: '/api/files/export/[id]',
+  params: fileExportParamsSchema,
+  response: { mode: 'binary' },
+})
+
 export type BoxUploadBody = ContractBodyInput<typeof boxUploadContract>
 export type BoxUploadResponse = ContractJsonResponse<typeof boxUploadContract>
 export type DropboxUploadBody = ContractBodyInput<typeof dropboxUploadContract>
@@ -749,3 +760,4 @@ export type GetMultipartPartUrlsBody = z.output<typeof getMultipartPartUrlsBodyS
 export type FileServeParams = ContractParamsInput<typeof fileServeContract>
 export type FileServeQuery = ContractQueryInput<typeof fileServeContract>
 export type FileViewParams = ContractParamsInput<typeof fileViewContract>
+export type FileExportParams = ContractParamsInput<typeof fileExportContract>

apps/sim/lib/uploads/utils/file-utils.ts

@@ -797,20 +797,37 @@ export function getViewerUrl(fileKey: string, workspaceId?: string): string | nu
 }
 
 /**
- * Downloads a workspace file to the user's device via the serve API.
- * Fetches the file as a blob and triggers a browser download.
+ * Downloads a workspace file to the user's device.
+ * Markdown files with embedded images are exported as a zip with an assets/ folder.
+ * All other files are fetched directly from the serve API.
  */
-export async function downloadWorkspaceFile(file: { key: string; name: string }): Promise<void> {
-  const serveUrl = `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace&t=${Date.now()}`
-  const response = await fetch(serveUrl, { cache: 'no-store' })
+export async function downloadWorkspaceFile(file: {
+  id?: string
+  key: string
+  name: string
+  type?: string
+}): Promise<void> {
+  const isMarkdown =
+    file.type === 'text/markdown' ||
+    file.type === 'text/x-markdown' ||
+    /\.(?:md|markdown)$/i.test(file.name)
+
+  const fetchUrl =
+    isMarkdown && file.id
+      ? `/api/files/export/${encodeURIComponent(file.id)}`
+      : `/api/files/serve/${encodeURIComponent(file.key)}?context=workspace&t=${Date.now()}`
+
+  const response = await fetch(fetchUrl, { cache: 'no-store' })
   if (!response.ok) {
     throw new Error(`Failed to download file: ${response.statusText}`)
   }
   const blob = await response.blob()
   const url = URL.createObjectURL(blob)
   const a = document.createElement('a')
   a.href = url
-  a.download = file.name
+  const contentDisposition = response.headers.get('Content-Disposition')
+  const filenameMatch = contentDisposition?.match(/filename="([^"]+)"/)
+  a.download = filenameMatch?.[1] ?? file.name
   document.body.appendChild(a)
   a.click()
   document.body.removeChild(a)

scripts/check-api-validation-contracts.ts

@@ -9,8 +9,8 @@ const QUERY_HOOKS_DIR = path.join(ROOT, 'apps/sim/hooks/queries')
 const SELECTOR_HOOKS_DIR = path.join(ROOT, 'apps/sim/hooks/selectors')
 
 const BASELINE = {
-  totalRoutes: 722,
-  zodRoutes: 722,
+  totalRoutes: 723,
+  zodRoutes: 723,
   nonZodRoutes: 0,
 } as const