Initial commit

2026-03-09 21:29:04 +00:00 · 2025-12-28 21:16:03 +01:00
commit 62e3c6439e
552 changed files with 104858 additions and 0 deletions
--- a/routes/api/volumes/[name]/browse/+server.ts
+++ b/routes/api/volumes/[name]/browse/+server.ts
@@ -0,0 +1,52 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { listVolumeDirectory, getVolumeUsage } from '$lib/server/docker';
+import { authorize } from '$lib/server/authorize';
+
+export const GET: RequestHandler = async ({ params, url, cookies }) => {
+	const auth = await authorize(cookies);
+
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+	const path = url.searchParams.get('path') || '/';
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('volumes', 'inspect', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	try {
+		// Check if volume is in use by any containers
+		const usage = await getVolumeUsage(params.name, envIdNum);
+		const isInUse = usage.length > 0;
+
+		// Mount read-only if in use, otherwise writable
+		const result = await listVolumeDirectory(params.name, path, envIdNum, isInUse);
+
+		// Note: Helper container is cached and reused for subsequent requests.
+		// Cache TTL handles cleanup automatically.
+
+		return json({
+			path: result.path,
+			entries: result.entries,
+			usage,
+			isInUse,
+			// Expose helper container ID so frontend can use container file endpoints
+			helperId: result.containerId
+		});
+	} catch (error: any) {
+		console.error('Failed to browse volume:', error);
+
+		if (error.message?.includes('No such file or directory')) {
+			return json({ error: 'Directory not found', path: url.searchParams.get('path') || '/' }, { status: 404 });
+		}
+		if (error.message?.includes('Permission denied')) {
+			return json({ error: 'Permission denied to access this path' }, { status: 403 });
+		}
+
+		return json({
+			error: 'Failed to browse volume',
+			details: error.message || String(error)
+		}, { status: 500 });
+	}
+};
--- a/routes/api/volumes/[name]/browse/content/+server.ts
+++ b/routes/api/volumes/[name]/browse/content/+server.ts
@@ -0,0 +1,53 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { readVolumeFile } from '$lib/server/docker';
+import { authorize } from '$lib/server/authorize';
+
+// Max file size for reading (1MB)
+const MAX_FILE_SIZE = 1024 * 1024;
+
+export const GET: RequestHandler = async ({ params, url, cookies }) => {
+	const auth = await authorize(cookies);
+
+	const path = url.searchParams.get('path');
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('volumes', 'inspect', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	try {
+		if (!path) {
+			return json({ error: 'Path is required' }, { status: 400 });
+		}
+
+		const content = await readVolumeFile(
+			params.name,
+			path,
+			envIdNum
+		);
+
+		// Check if content is too large
+		if (content.length > MAX_FILE_SIZE) {
+			return json({ error: 'File is too large to view (max 1MB)' }, { status: 413 });
+		}
+
+		return json({ content, path });
+	} catch (error: any) {
+		console.error('Error reading volume file:', error);
+
+		if (error.message?.includes('No such file or directory')) {
+			return json({ error: 'File not found' }, { status: 404 });
+		}
+		if (error.message?.includes('Permission denied')) {
+			return json({ error: 'Permission denied to read this file' }, { status: 403 });
+		}
+		if (error.message?.includes('Is a directory')) {
+			return json({ error: 'Cannot read a directory' }, { status: 400 });
+		}
+
+		return json({ error: 'Failed to read file' }, { status: 500 });
+	}
+};
--- a/routes/api/volumes/[name]/browse/release/+server.ts
+++ b/routes/api/volumes/[name]/browse/release/+server.ts
@@ -0,0 +1,33 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { releaseVolumeHelperContainer } from '$lib/server/docker';
+import { authorize } from '$lib/server/authorize';
+
+/**
+ * Release the cached volume helper container when done browsing.
+ * This is called when the volume browser modal is closed.
+ */
+export const POST: RequestHandler = async ({ params, url, cookies }) => {
+	const auth = await authorize(cookies);
+
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('volumes', 'inspect', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	try {
+
+		await releaseVolumeHelperContainer(params.name, envIdNum);
+
+		return json({ success: true });
+	} catch (error: any) {
+		console.error('Failed to release volume helper:', error);
+		return json({
+			error: 'Failed to release volume helper',
+			details: error.message || String(error)
+		}, { status: 500 });
+	}
+};