OpenSource
/
dify
Watch 4
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 152 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6856 Commits
4 Branches
Tree: 18dce66443
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '18dce66443'
${ noResults }
dify/api/controllers/service_api/app/file_preview.py

file_preview.py 6.9KB
Raw Normal View History

feat: add Service API file preview endpoint (#23534) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2 months ago
try flask_restful -> flask_restx (#24310) Signed-off-by: -LAN- <laipz8200@outlook.com> Co-authored-by: -LAN- <laipz8200@outlook.com>
2 months ago
feat: add Service API file preview endpoint (#23534) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2 months ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186 
  1. import logging

  2. from urllib.parse import quote

  3. 

  4. from flask import Response

  5. from flask_restx import Resource, reqparse

  6. 

  7. from controllers.service_api import api

  8. from controllers.service_api.app.error import (

  9.     FileAccessDeniedError,

  10.     FileNotFoundError,

  11. )

  12. from controllers.service_api.wraps import FetchUserArg, WhereisUserArg, validate_app_token

  13. from extensions.ext_database import db

  14. from extensions.ext_storage import storage

  15. from models.model import App, EndUser, Message, MessageFile, UploadFile

  16. 

  17. logger = logging.getLogger(__name__)

  18. 

  19. 

  20. class FilePreviewApi(Resource):

  21.     """

  22.     Service API File Preview endpoint

  23. 

  24.     Provides secure file preview/download functionality for external API users.

  25.     Files can only be accessed if they belong to messages within the requesting app's context.

  26.     """

  27. 

  28.     @validate_app_token(fetch_user_arg=FetchUserArg(fetch_from=WhereisUserArg.QUERY))

  29.     def get(self, app_model: App, end_user: EndUser, file_id: str):

  30.         """

  31.         Preview/Download a file that was uploaded via Service API

  32. 

  33.         Args:

  34.             app_model: The authenticated app model

  35.             end_user: The authenticated end user (optional)

  36.             file_id: UUID of the file to preview

  37. 

  38.         Query Parameters:

  39.             user: Optional user identifier

  40.             as_attachment: Boolean, whether to download as attachment (default: false)

  41. 

  42.         Returns:

  43.             Stream response with file content

  44. 

  45.         Raises:

  46.             FileNotFoundError: File does not exist

  47.             FileAccessDeniedError: File access denied (not owned by app)

  48.         """

  49.         file_id = str(file_id)

  50. 

  51.         # Parse query parameters

  52.         parser = reqparse.RequestParser()

  53.         parser.add_argument("as_attachment", type=bool, required=False, default=False, location="args")

  54.         args = parser.parse_args()

  55. 

  56.         # Validate file ownership and get file objects

  57.         message_file, upload_file = self._validate_file_ownership(file_id, app_model.id)

  58. 

  59.         # Get file content generator

  60.         try:

  61.             generator = storage.load(upload_file.key, stream=True)

  62.         except Exception as e:

  63.             raise FileNotFoundError(f"Failed to load file content: {str(e)}")

  64. 

  65.         # Build response with appropriate headers

  66.         response = self._build_file_response(generator, upload_file, args["as_attachment"])

  67. 

  68.         return response

  69. 

  70.     def _validate_file_ownership(self, file_id: str, app_id: str) -> tuple[MessageFile, UploadFile]:

  71.         """

  72.         Validate that the file belongs to a message within the requesting app's context

  73. 

  74.         Security validations performed:

  75.         1. File exists in MessageFile table (was used in a conversation)

  76.         2. Message belongs to the requesting app

  77.         3. UploadFile record exists and is accessible

  78.         4. File tenant matches app tenant (additional security layer)

  79. 

  80.         Args:

  81.             file_id: UUID of the file to validate

  82.             app_id: UUID of the requesting app

  83. 

  84.         Returns:

  85.             Tuple of (MessageFile, UploadFile) if validation passes

  86. 

  87.         Raises:

  88.             FileNotFoundError: File or related records not found

  89.             FileAccessDeniedError: File does not belong to the app's context

  90.         """

  91.         try:

  92.             # Input validation

  93.             if not file_id or not app_id:

  94.                 raise FileAccessDeniedError("Invalid file or app identifier")

  95. 

  96.             # First, find the MessageFile that references this upload file

  97.             message_file = db.session.query(MessageFile).where(MessageFile.upload_file_id == file_id).first()

  98. 

  99.             if not message_file:

  100.                 raise FileNotFoundError("File not found in message context")

  101. 

  102.             # Get the message and verify it belongs to the requesting app

  103.             message = (

  104.                 db.session.query(Message).where(Message.id == message_file.message_id, Message.app_id == app_id).first()

  105.             )

  106. 

  107.             if not message:

  108.                 raise FileAccessDeniedError("File access denied: not owned by requesting app")

  109. 

  110.             # Get the actual upload file record

  111.             upload_file = db.session.query(UploadFile).where(UploadFile.id == file_id).first()

  112. 

  113.             if not upload_file:

  114.                 raise FileNotFoundError("Upload file record not found")

  115. 

  116.             # Additional security: verify tenant isolation

  117.             app = db.session.query(App).where(App.id == app_id).first()

  118.             if app and upload_file.tenant_id != app.tenant_id:

  119.                 raise FileAccessDeniedError("File access denied: tenant mismatch")

  120. 

  121.             return message_file, upload_file

  122. 

  123.         except (FileNotFoundError, FileAccessDeniedError):

  124.             # Re-raise our custom exceptions

  125.             raise

  126.         except Exception as e:

  127.             # Log unexpected errors for debugging

  128.             logger.exception(

  129.                 "Unexpected error during file ownership validation",

  130.                 extra={"file_id": file_id, "app_id": app_id, "error": str(e)},

  131.             )

  132.             raise FileAccessDeniedError("File access validation failed")

  133. 

  134.     def _build_file_response(self, generator, upload_file: UploadFile, as_attachment: bool = False) -> Response:

  135.         """

  136.         Build Flask Response object with appropriate headers for file streaming

  137. 

  138.         Args:

  139.             generator: File content generator from storage

  140.             upload_file: UploadFile database record

  141.             as_attachment: Whether to set Content-Disposition as attachment

  142. 

  143.         Returns:

  144.             Flask Response object with streaming file content

  145.         """

  146.         response = Response(

  147.             generator,

  148.             mimetype=upload_file.mime_type,

  149.             direct_passthrough=True,

  150.             headers={},

  151.         )

  152. 

  153.         # Add Content-Length if known

  154.         if upload_file.size and upload_file.size > 0:

  155.             response.headers["Content-Length"] = str(upload_file.size)

  156. 

  157.         # Add Accept-Ranges header for audio/video files to support seeking

  158.         if upload_file.mime_type in [

  159.             "audio/mpeg",

  160.             "audio/wav",

  161.             "audio/mp4",

  162.             "audio/ogg",

  163.             "audio/flac",

  164.             "audio/aac",

  165.             "video/mp4",

  166.             "video/webm",

  167.             "video/quicktime",

  168.             "audio/x-m4a",

  169.         ]:

  170.             response.headers["Accept-Ranges"] = "bytes"

  171. 

  172.         # Set Content-Disposition for downloads

  173.         if as_attachment and upload_file.name:

  174.             encoded_filename = quote(upload_file.name)

  175.             response.headers["Content-Disposition"] = f"attachment; filename*=UTF-8''{encoded_filename}"

  176.             # Override content-type for downloads to force download

  177.             response.headers["Content-Type"] = "application/octet-stream"

  178. 

  179.         # Add caching headers for performance

  180.         response.headers["Cache-Control"] = "public, max-age=3600"  # Cache for 1 hour

  181. 

  182.         return response

  183. 

  184. 

  185. # Register the API endpoint

  186. api.add_resource(FilePreviewApi, "/files/<uuid:file_id>/preview")