Serve a file outside servers public scope to client with node.js - javascript

I've some files placed inside an upload folder which is not accessible without privileges and is outside from servers public scope.
If the owner want to download the previously uploaded file I need to pipe the file. That for I thought Streaming is the right way but I can't get it work.
So my actually working solution is the following example.
Is this still correct?
APP.fs.readFile(media.path, function(error, file) {
if (error === null) {
res.type(media.type);
res.send(file);
} else {
self.Component.send404(res);
}
});

Related

Getting files from file share using Express res.download

I have combed the internet looking for a solution to this, but everything I see points back to serving static files which doesn't appear to do what I want. I'm trying to have my Express server reach out to a local file share using the following:
res.download(pathToFile, fileName, (err) => {
if (err) throw err;
});
pathToFile is the absolute path to the file location with the file name appended at the end, but this perpetually says there is, "No such file or directory at," pathToFile location. I'm at my wits end here and could use some help.
EDIT:
To answer questions, access isn't an issue. I am using a Mac and a Windows machine to access the file share without problems. Path looks like so:
//${ipAddressOfServer}/ParentFolder/ChildFolder/${fileName}

How to download files and store them to s3 by nodejs (through heroku)?

I want to know how to download the files to aws-s3 through heroku, and dosen't use the web page.
I'm using wget in Nodejs to download audio files, and wanting to re-encoding them by ffmpeg. Though I have to store the file first, but heroku doesn't provide the space to store.
Then I find the way that heroku can connect with aws-s3, however the sample code is the page for user to upload, and I'm just want to using codes.
This is the code that haven't connected with s3 yet.
const wget = spawn('wget',['-O', 'upload_audio/'+ sender_psid +'.aac', audioUrl]);
//spit stdout to screen
wget.stdout.on('data', function (data) { process.stdout.write(data.toString()); });
// //spit stderr to screen
wget.stderr.on('data', function (data) { process.stdout.write(data.toString()); });
wget.on('close', function (code) {
console.log(process.env.PATH);
const ffmpeg = spawn('ffmpeg',['-i', 'upload_audio/'+ sender_psid +'.aac', '-ar', '16000', 'upload_audio/'+ sender_psid +'.wav', '-y']);
...
});
And it comes the error:
upload_audio/1847432728691358.aac: No such file or directory
...
Error: ENOENT: no such file or directory, open 'upload_audio/1847432728691358.wav'
How can I solve the problem?
Could anyone give some suggest plz?
Maybe won't use s3 can get it?
I don't recommend using S3 until you've tried the NodeJS Static Files API. On the server, that looks like this:
app.use(express.static(path.join(__dirname, 'my_audio_files_folder')));
More on NodeJS's Static Files API available here.
AWS S3 seems to be adding unneeded complexity, but if you have your heart set on it, have a look at this thread.

ASP.NET MVC Saving to a specific folder on the client

I need to perform those operation on a MVC application:
The user select a file from a grid
The file need to be saved on a shared folder
The user modifies the file with Excel
The file is saved in the same shared folder
A server deamon will process the file
My main problem (and I don't know if I can use handle it) is to prompt the user proposing to save the file on a shared folder...is this possible? or in alternative can I do via javascript to open the file knowing the shared folder and file name?
If you have hosted your application on client's IIS and from your localhost you want to save file to client end.
look at these code, maybe it will help you.
if (!string.IsNullOrEmpty(Path))
{
FileUpload file = new FileUpload();
string Folder = HttpContext.Current.Server.MapPath(Path);
string Path = Path.Combine(Folder, File);
file.SaveAs(Path);
}
but the path of folder must be shared..
Via a web app it is not possible to save a file locally on a specific location on a client's computer due to security restrictions, as far as I know this is true for on all known browsers. With a shared folder or a folder on another machine with a valid path that is accessible from the IIS server you can.
Try this in the controller to get the path of default Download folder on a client end:
string filename = "YourFile.xls";
string path = GetDownloadPath();
private static string GetDownloadPath()
{
String path = String.Empty;
RegistryKey rKey = Registry.CurrentUser.OpenSubKey(#"Software\Microsoft\Internet Explorer\Main");
if (rKey != null)
path = (String)rKey.GetValue("Default Download Directory");
if (String.IsNullOrEmpty(path))
path = Environment.GetFolderPath(Environment.SpecialFolder.UserProfile) + "\\downloads";
return path;
}

Create a child process which cannot access any files a level above with Node.JS?

I'm trying to develop a Node.JS Application that allows for users to create their own Node Apps which run as child processes to the main Node.JS app. The issue that I am having is that I do not know how to only give the corresponding child process permission to access and execute files inside it's own folder, eg. I don't want a child process to be able to see the files of another user.
I thought that I may be able to run a child process inside it's own folder, and only allow access to this folder from the enclosed files and the main Node.JS app (parent).
I have no clue as to how I may be able to do this, but I thought that I may be able to do this by using chmod, but I don't know exactly how this works, and I'm not sure how I would be able to only allow access from the parent process and enclosing files, and not from anywhere else?
I have enclosed a diagram of how I would like the data-flow to occur, incase I haven't explained properly:
Many thanks!
You've mentioned chmod in your question, so I assume you're using a *nix-like operating system.
You can use a chroot jail for this. There's an npm module, chroot, which can help. Here's an example from their docs:
Bind a TCP server to a privileged port before dropping privileges.
var net = require('net');
var chroot = require('chroot');
var server = net.createServer();
server.listen(80, function(err) {
if (err) { throw err; }
try {
chroot('/var/empty', 'nobody');
console.log('changed root to "/var/empty" and user to "nobody"');
} catch(err) {
console.error('changing root or user failed', err);
process.exit(1);
}
});
The first argument is the location that should be seen as "root" by the child process.

Is Meteor backend code always available on client-side?

I created test Meteor application and I found that overall code (server-side too) available to look with dev tools on a client.
Test app (In browser):
(function(){ if (Meteor.isClient) {
Template.hello.greeting = function () {
return "Welcome to test_app.";
};
Template.helo.events({
'click input' : function () {
// template data, if any, is available in 'this'
if (typeof console !== 'undefined')
console.log("You pressed the button");
}
});
}
if (Meteor.isServer) {
Meteor.startup(function () {
// code to run on server at startup
});
}
}).call(this);
Is this by design? Can server-side code stay at server?
If you want to keep server side code on the server you have to restructure your app.
Make these directories in the root directory of your application:
/server - stores everything to run on the server only
/client - stores everything to run on the client only
/public/ - stores anything that should be accessible in at http://yoursite/ (i.e images, fonts). If you place an image a.jpg in /public it will be available at http://yoursite/a.jpg
Once you use this structure you don't have to use the if(Meteor.isServer) {..} or if(Meteor.isClient) {..} conditions anymore as they would run in the right place.
When you put files in the root directory of your meteor application, they would run on both the client and the server so this is why the file is unaltered & everything in the if(Meteor.isServer) would only run on the server.
It is by design and quite helpful to share code between the server and client, though it would be visible to both the client & server

Categories

Resources