✨ Add support for uploading books

Cargo.toml

@@ -20,6 +20,7 @@ derive_builder = "0.20.0"
 chrono = { version = "0.4.38", features = ["serde"] }
 futures = "0.3.30"
 futures-util = "0.3.30"
+infer = "0.16.0"
 itertools = "0.13.0"
 keyring = { version = "3.4.0", features = ["apple-native", "windows-native", "sync-secret-service"] }
 lettre = { version = "0.11.4", default-features = false, features = [
@@ -66,3 +67,5 @@ urlencoding = "2.1.3"
 proc-macro2 = "1.0.87"
 quote = "1.0.37"
 syn = "2.0.79"
+# Note: We need to keep this downgraded for the time being. See https://github.com/stumpapp/stump/issues/427#issuecomment-2332857700
+zip = { version = "=1.1.3", features = ["deflate"], default-features = false }

apps/server/Cargo.toml

@@ -12,6 +12,7 @@ axum = { version = "0.7.5", features = [
   "multipart",
 ] }
 axum-macros = "0.4.1"
+axum_typed_multipart = "0.13.1"
 axum-extra = { version = "0.9.3", features = [
   "typed-header",
   "query"
@@ -22,6 +23,7 @@ cli = { path = "../../crates/cli" }
 chrono = { workspace = true }
 futures-util = { workspace = true }
 hyper = "0.14.27"
+infer = { workspace = true }
 jsonwebtoken = "9.3.0"
 linemux = { git = "https://github.com/jmagnuson/linemux.git", rev = "acaafc602afac5d7a9cd3e087dafc937cac1e364" }
 local-ip-address = "0.6.2"
@@ -36,6 +38,7 @@ serde-untagged = "0.1.2"
 serde_with = { workspace = true }
 specta = { workspace = true }
 stump_core = { path = "../../core" }
+tempfile = "3.13.0"
 tower-http = { version = "0.5.2", features = [
   "fs",
   "cors",
@@ -52,6 +55,7 @@ tracing = { workspace = true }
 urlencoding = { workspace = true }
 utoipa = { version = "4.2.3", features = ["axum_extras"] }
 utoipa-swagger-ui = { version = "7.1.0", features = ["axum"] }
+zip = { workspace = true }
 
 [dev-dependencies]
 axum-test = "15.3.1"

apps/server/src/routers/api/mod.rs

@@ -18,6 +18,8 @@
 		NamedType,
 	};
 
+	use stump_core::config::StumpConfig;
+
 	use crate::{
 		config::jwt::CreatedToken,
 		filter::{
@@ -35,6 +37,7 @@
 				CreateBookClubScheduleBookOption, GetBookClubsParams, UpdateBookClub,
 				UpdateBookClubMember,
 			},
+			config::UploadConfig,
 			emailer::{
 				CreateOrUpdateEmailDevice, CreateOrUpdateEmailer, EmailerIncludeParams,
 				EmailerSendRecordIncludeParams, PatchEmailDevice,
@@ -240,6 +243,10 @@
 			format!("{}\n\n", ts_export::<CreateOrUpdateSmartListView>()?).as_bytes(),
 		)?;
 
+		file.write_all(format!("{}\n\n", ts_export::<UploadConfig>()?).as_bytes())?;
+
+		file.write_all(format!("{}\n\n", ts_export::<StumpConfig>()?).as_bytes())?;
+
 		Ok(())
 	}
 }

apps/server/src/routers/api/v1/config.rs

@@ -0,0 +1,64 @@
+use axum::{extract::State, middleware, routing::get, Extension, Json, Router};
+use serde::{Deserialize, Serialize};
+use specta::Type;
+use stump_core::{config::StumpConfig, db::entity::UserPermission};
+
+use crate::{
+	config::state::AppState,
+	errors::APIResult,
+	middleware::auth::{auth_middleware, RequestContext},
+};
+
+pub(crate) fn mount(app_state: AppState) -> Router<AppState> {
+	Router::new()
+		.route("/config", get(get_server_config))
+		.route("/config/upload", get(get_upload_config))
+		.layer(middleware::from_fn_with_state(app_state, auth_middleware))
+}
+
+#[utoipa::path(
+	get,
+	path = "/api/v1/config",
+	tag = "config",
+	responses(
+		(status = 200, description = "Successfully retrieved server config"),
+		(status = 401, description = "Unauthorized"),
+		(status = 500, description = "Internal server error")
+	)
+)]
+async fn get_server_config(
+	State(ctx): State<AppState>,
+	Extension(req): Extension<RequestContext>,
+) -> APIResult<Json<StumpConfig>> {
+	req.enforce_permissions(&[UserPermission::ManageServer])?;
+
+	Ok(Json(StumpConfig::clone(&ctx.config)))
+}
+
+#[derive(Debug, Deserialize, Serialize, Type)]
+pub struct UploadConfig {
+	enabled: bool,
+	max_file_upload_size: usize,
+}
+
+#[utoipa::path(
+	get,
+	path = "/api/v1/config/upload",
+	tag = "config",
+	responses(
+		(status = 200, description = "Successfully retrieved upload config"),
+		(status = 401, description = "Unauthorized"),
+		(status = 500, description = "Internal server error")
+	)
+)]
+async fn get_upload_config(
+	State(ctx): State<AppState>,
+	Extension(req): Extension<RequestContext>,
+) -> APIResult<Json<UploadConfig>> {
+	req.enforce_permissions(&[UserPermission::UploadFile])?;
+
+	Ok(Json(UploadConfig {
+		enabled: ctx.config.enable_upload,
+		max_file_upload_size: ctx.config.max_file_upload_size,
+	}))
+}

apps/server/src/routers/api/v1/library.rs

@@ -728,11 +728,11 @@
 		.await?
 		.ok_or(APIError::NotFound(String::from("Library not found")))?;
 
-	let (content_type, bytes) =
+	let upload_data =
 		validate_and_load_image(&mut upload, Some(ctx.config.max_image_upload_size))
 			.await?;
 
-	let ext = content_type.extension();
+	let ext = upload_data.content_type.extension();
 	let library_id = library.id;
 
 	// Note: I chose to *safely* attempt the removal as to not block the upload, however after some
@@ -745,10 +745,11 @@
 		),
 	}
 
-	let path_buf = place_thumbnail(&library_id, ext, &bytes, &ctx.config).await?;
+	let path_buf =
+		place_thumbnail(&library_id, ext, &upload_data.bytes, &ctx.config).await?;
 
 	Ok(ImageResponse::from((
-		content_type,
+		upload_data.content_type,
 		fs::read(path_buf).await?,
 	)))
 }

apps/server/src/routers/api/v1/media/thumbnails.rs

@@ -266,10 +266,10 @@
 		.await?
 		.ok_or(APIError::NotFound(String::from("Media not found")))?;
 
-	let (content_type, bytes) =
+	let upload_data =
 		validate_and_load_image(&mut upload, Some(ctx.config.max_image_upload_size))
 			.await?;
-	let ext = content_type.extension();
+	let ext = upload_data.content_type.extension();
 	let book_id = media.id;
 
 	// Note: I chose to *safely* attempt the removal as to not block the upload, however after some
@@ -283,10 +283,11 @@
 		);
 	}
 
-	let path_buf = place_thumbnail(&book_id, ext, &bytes, &ctx.config).await?;
+	let path_buf =
+		place_thumbnail(&book_id, ext, &upload_data.bytes, &ctx.config).await?;
 
 	Ok(ImageResponse::from((
-		content_type,
+		upload_data.content_type,
 		fs::read(path_buf).await?,
 	)))
 }

apps/server/src/routers/api/v1/mod.rs

@@ -20,6 +20,7 @@
 
 pub(crate) mod auth;
 pub(crate) mod book_club;
+pub(crate) mod config;
 pub(crate) mod emailer;
 pub(crate) mod epub;
 pub(crate) mod filesystem;
@@ -33,10 +34,11 @@
 pub(crate) mod series;
 pub(crate) mod smart_list;
 pub(crate) mod tag;
+pub(crate) mod upload;
 pub(crate) mod user;
 
 pub(crate) fn mount(app_state: AppState) -> Router<AppState> {
-	Router::new()
+	let mut router = Router::new()
 		.merge(auth::mount(app_state.clone()))
 		.merge(epub::mount(app_state.clone()))
 		.merge(emailer::mount(app_state.clone()))
@@ -52,12 +54,20 @@
 		.merge(user::mount(app_state.clone()))
 		.merge(reading_list::mount(app_state.clone()))
 		.merge(smart_list::mount(app_state.clone()))
-		.merge(book_club::mount(app_state))
+		.merge(book_club::mount(app_state.clone()))
+		.merge(config::mount(app_state.clone()))
 		.route("/claim", get(claim))
 		.route("/ping", get(ping))
 		// TODO: should /version or /check-for-updates be behind any auth reqs?
 		.route("/version", post(version))
-		.route("/check-for-update", get(check_for_updates))
+		.route("/check-for-update", get(check_for_updates));
+
+	// Conditionally attach upload routes based on settings.
+	if app_state.config.enable_upload {
+		router = router.merge(upload::mount(app_state.clone()));
+	}
+
+	router
 }
 
 #[derive(Serialize, Type, ToSchema)]

apps/server/src/routers/api/v1/series.rs

@@ -612,10 +612,10 @@
 		.await?
 		.ok_or(APIError::NotFound(String::from("Series not found")))?;
 
-	let (content_type, bytes) =
+	let upload_data =
 		validate_and_load_image(&mut upload, Some(ctx.config.max_image_upload_size))
 			.await?;
-	let ext = content_type.extension();
+	let ext = upload_data.content_type.extension();
 	let series_id = series.id;
 
 	// Note: I chose to *safely* attempt the removal as to not block the upload, however after some
@@ -628,10 +628,11 @@
 		),
 	}
 
-	let path_buf = place_thumbnail(&series_id, ext, &bytes, &ctx.config).await?;
+	let path_buf =
+		place_thumbnail(&series_id, ext, &upload_data.bytes, &ctx.config).await?;
 
 	Ok(ImageResponse::from((
-		content_type,
+		upload_data.content_type,
 		fs::read(path_buf).await?,
 	)))
 }