ebook-manager/backend/src/API/Books.hs

{-# Language DuplicateRecordFields #-}
{-# Language DataKinds #-}
{-# Language TypeFamilies #-}
{-# Language TypeOperators #-}
{-# Language NoImplicitPrelude #-}
{-# Language MultiParamTypeClasses #-}
{-# Language OverloadedStrings #-}
{-# Language TemplateHaskell #-}
{-# Language QuasiQuotes #-}
{-# Language RecordWildCards #-}
{-# Language DeriveGeneric #-}
{-# Language FlexibleInstances #-}
{-# Language TypeApplications #-}
{-# Language DataKinds #-}
{-# Language NamedFieldPuns #-}
module API.Books where

import           ClassyPrelude
import           Control.Lens
import           Control.Monad.Catch (throwM, MonadThrow)
import           Data.Aeson
import           Data.Generics.Product
import           Database
import           Database.Book
import           Database.Channel
import           Database.Tag
import           Servant hiding (contentType)
import           Servant.Auth as SA
import           Server.Auth
import           Types

import           Control.Monad.Trans.Maybe

import qualified Datastore as DS
import           Data.ByteArray (convert)
import           Crypto.Hash (digestFromByteString)

data JsonBook = JsonBook { identifier :: BookID
                         , contentType :: Text
                         , title :: Text
                         , description :: Maybe Text
                         , channels :: [Text]
                         , tags :: [Text] }
              deriving (Generic, Show)

data PostBook = PostBook { contentType :: Text
                         , title :: Text
                         , description :: Maybe Text
                         , channels :: [Text]
                         , tags :: [Text] }
              deriving (Generic, Show)


instance ToJSON JsonBook
instance FromJSON JsonBook
instance ToJSON PostBook
instance FromJSON PostBook

type API = Auth '[SA.BasicAuth, SA.JWT] SafeUser :> BaseAPI

type BaseAPI = "books" :> Get '[JSON] [JsonBook]
       :<|> "books" :> ReqBody '[JSON] PostBook :> Post '[JSON] JsonBook
       :<|> "books" :> Capture "book_id" BookID :> "meta" :> ReqBody '[JSON] JsonBook :> Put '[JSON] JsonBook
       :<|> "books" :> Capture "book_id" BookID :> ReqBody '[OctetStream] ByteString :> Put '[JSON] NoContent
       :<|> GetBook

type GetBook = "books" :> Capture "book_id" BookID :> Get '[OctetStream] ByteString

handler :: ServerT API AppM
handler user = listBooksHandler user
          :<|> postBookMetaHandler user
          :<|> putBookMetaHandler user
          :<|> putBookContentHandler user
          :<|> getBookContentHandler user

getBookContentHandler :: AuthResult SafeUser -> BookID -> AppM ByteString
getBookContentHandler auth bookId = requireBookOwner auth bookId $ \SafeUser{username} -> do
  content <- runMaybeT $ do
    Book{contentHash=mHash} <- MaybeT $ runDB (getBook bookId username)
    contentHash <- MaybeT $ return (mHash >>= digestFromByteString . unHex)
    MaybeT $ DS.get contentHash
  maybe (throwM err404) return content

requireBookOwner :: AuthResult SafeUser -> BookID -> (SafeUser -> AppM a) -> AppM a
requireBookOwner auth bookId f = flip requireLoggedIn auth $ \u@SafeUser{username} -> do
  exists <- runDB $ bookExists bookId
  unless exists $ throwM err404
  runDB (isBookOwner bookId username) >>= \o -> if o then f u else throwM err403

putBookContentHandler :: AuthResult SafeUser -> BookID -> ByteString -> AppM NoContent
putBookContentHandler auth bookId content = requireBookOwner auth bookId $ \SafeUser{username} -> do
  key <- HashDigest . convert <$> DS.put content
  runDB (setContent bookId username key)
  return NoContent

postBookMetaHandler :: AuthResult SafeUser -> PostBook -> AppM JsonBook
postBookMetaHandler auth PostBook{..} = flip requireLoggedIn auth $ \SafeUser{username} -> do
  mIdentifier <- runDB $ insertBook InsertBook{owner=username,..}
  maybe (throwM err403{errBody="Could not insert book"}) (\identifier -> pure JsonBook{..}) mIdentifier


putBookMetaHandler :: AuthResult SafeUser -> BookID -> JsonBook -> AppM JsonBook
putBookMetaHandler auth bookId JsonBook{..}
  | bookId == identifier = requireBookOwner auth bookId $ \SafeUser{username=owner} ->
        maybe (throwM err403) (return . view (super @JsonBook)) =<< runDB (updateBook UpdateBook{..})
  | otherwise = throwM err403

listBooksHandler :: AuthResult SafeUser -> AppM [JsonBook]
listBooksHandler = requireLoggedIn $ \user -> do
  runDB (usersBooks (view (field @"username") user) >>= mapM augment)
    where
      augment Book{identifier=bookId,contentType,title,description} = do
        channels <- fmap (view (field @"channel")) <$> booksChannels bookId
        tags <- fmap (view (field @"tag")) <$> booksTags bookId
        pure JsonBook{identifier=bookId,..}
Migrations properly through flyway 2018-08-07 23:25:21 +03:00			`{-# Language DuplicateRecordFields #-}`
Listing books 2018-08-05 23:42:37 +03:00			`{-# Language DataKinds #-}`
			`{-# Language TypeFamilies #-}`
			`{-# Language TypeOperators #-}`
			`{-# Language NoImplicitPrelude #-}`
			`{-# Language MultiParamTypeClasses #-}`
			`{-# Language OverloadedStrings #-}`
			`{-# Language TemplateHaskell #-}`
			`{-# Language QuasiQuotes #-}`
			`{-# Language RecordWildCards #-}`
			`{-# Language DeriveGeneric #-}`
			`{-# Language FlexibleInstances #-}`
			`{-# Language TypeApplications #-}`
			`{-# Language DataKinds #-}`
Migrations properly through flyway 2018-08-07 23:25:21 +03:00			`{-# Language NamedFieldPuns #-}`
Listing books 2018-08-05 23:42:37 +03:00			`module API.Books where`

Upgrade 2018-10-17 23:51:30 +03:00			`import ClassyPrelude`
			`import Control.Lens`
			`import Control.Monad.Catch (throwM, MonadThrow)`
			`import Data.Aeson`
			`import Data.Generics.Product`
			`import Database`
			`import Database.Book`
			`import Database.Channel`
			`import Database.Tag`
			`import Servant hiding (contentType)`
			`import Servant.Auth as SA`
			`import Server.Auth`
			`import Types`
Listing books 2018-08-05 23:42:37 +03:00
Upgrade 2018-10-17 23:51:30 +03:00			`import Control.Monad.Trans.Maybe`
Reading and writing binary files 2018-08-08 23:56:16 +03:00
			`import qualified Datastore as DS`
Upgrade 2018-10-17 23:51:30 +03:00			`import Data.ByteArray (convert)`
			`import Crypto.Hash (digestFromByteString)`
Reading and writing binary files 2018-08-08 23:56:16 +03:00
Migrations properly through flyway 2018-08-07 23:25:21 +03:00			`data JsonBook = JsonBook { identifier :: BookID`
			`, contentType :: Text`
Initial OPDS support Channel listing (#2) List books (#2) Closes (#2) 2018-08-14 22:11:52 +03:00			`, title :: Text`
Migrations properly through flyway 2018-08-07 23:25:21 +03:00			`, description :: Maybe Text`
#8 Attach tags to books 2018-08-14 22:19:55 +03:00			`, channels :: [Text]`
			`, tags :: [Text] }`
Migrations properly through flyway 2018-08-07 23:25:21 +03:00			`deriving (Generic, Show)`

			`data PostBook = PostBook { contentType :: Text`
Initial OPDS support Channel listing (#2) List books (#2) Closes (#2) 2018-08-14 22:11:52 +03:00			`, title :: Text`
Listing books 2018-08-05 23:42:37 +03:00			`, description :: Maybe Text`
#8 Attach tags to books 2018-08-14 22:19:55 +03:00			`, channels :: [Text]`
			`, tags :: [Text] }`
Listing books 2018-08-05 23:42:37 +03:00			`deriving (Generic, Show)`

WIP 2018-08-06 00:09:41 +03:00
Listing books 2018-08-05 23:42:37 +03:00			`instance ToJSON JsonBook`
			`instance FromJSON JsonBook`
Migrations properly through flyway 2018-08-07 23:25:21 +03:00			`instance ToJSON PostBook`
			`instance FromJSON PostBook`
Listing books 2018-08-05 23:42:37 +03:00
			`type API = Auth '[SA.BasicAuth, SA.JWT] SafeUser :> BaseAPI`

			`type BaseAPI = "books" :> Get '[JSON] [JsonBook]`
Migrations properly through flyway 2018-08-07 23:25:21 +03:00			`:<\|> "books" :> ReqBody '[JSON] PostBook :> Post '[JSON] JsonBook`
Reading and writing binary files 2018-08-08 23:56:16 +03:00			`:<\|> "books" :> Capture "book_id" BookID :> "meta" :> ReqBody '[JSON] JsonBook :> Put '[JSON] JsonBook`
			`:<\|> "books" :> Capture "book_id" BookID :> ReqBody '[OctetStream] ByteString :> Put '[JSON] NoContent`
Initial OPDS support Channel listing (#2) List books (#2) Closes (#2) 2018-08-14 22:11:52 +03:00			`:<\|> GetBook`

			`type GetBook = "books" :> Capture "book_id" BookID :> Get '[OctetStream] ByteString`
Listing books 2018-08-05 23:42:37 +03:00
			`handler :: ServerT API AppM`
Reading and writing binary files 2018-08-08 23:56:16 +03:00			`handler user = listBooksHandler user`
			`:<\|> postBookMetaHandler user`
			`:<\|> putBookMetaHandler user`
			`:<\|> putBookContentHandler user`
			`:<\|> getBookContentHandler user`

			`getBookContentHandler :: AuthResult SafeUser -> BookID -> AppM ByteString`
			`getBookContentHandler auth bookId = requireBookOwner auth bookId $ \SafeUser{username} -> do`
			`content <- runMaybeT $ do`
			`Book{contentHash=mHash} <- MaybeT $ runDB (getBook bookId username)`
			`contentHash <- MaybeT $ return (mHash >>= digestFromByteString . unHex)`
			`MaybeT $ DS.get contentHash`
			`maybe (throwM err404) return content`

			`requireBookOwner :: AuthResult SafeUser -> BookID -> (SafeUser -> AppM a) -> AppM a`
			`requireBookOwner auth bookId f = flip requireLoggedIn auth $ \u@SafeUser{username} -> do`
			`exists <- runDB $ bookExists bookId`
			`unless exists $ throwM err404`
			`runDB (isBookOwner bookId username) >>= \o -> if o then f u else throwM err403`

			`putBookContentHandler :: AuthResult SafeUser -> BookID -> ByteString -> AppM NoContent`
			`putBookContentHandler auth bookId content = requireBookOwner auth bookId $ \SafeUser{username} -> do`
			`key <- HashDigest . convert <$> DS.put content`
			`runDB (setContent bookId username key)`
			`return NoContent`
Migrations properly through flyway 2018-08-07 23:25:21 +03:00
			`postBookMetaHandler :: AuthResult SafeUser -> PostBook -> AppM JsonBook`
			`postBookMetaHandler auth PostBook{..} = flip requireLoggedIn auth $ \SafeUser{username} -> do`
Change book schema 2018-08-08 21:58:36 +03:00			`mIdentifier <- runDB $ insertBook InsertBook{owner=username,..}`
Migrations properly through flyway 2018-08-07 23:25:21 +03:00			`maybe (throwM err403{errBody="Could not insert book"}) (\identifier -> pure JsonBook{..}) mIdentifier`


			`putBookMetaHandler :: AuthResult SafeUser -> BookID -> JsonBook -> AppM JsonBook`
Complete functions (#15) 2018-08-15 22:10:15 +03:00			`putBookMetaHandler auth bookId JsonBook{..}`
Reading and writing binary files 2018-08-08 23:56:16 +03:00			`\| bookId == identifier = requireBookOwner auth bookId $ \SafeUser{username=owner} ->`
Complete functions (#15) 2018-08-15 22:10:15 +03:00			`maybe (throwM err403) (return . view (super @JsonBook)) =<< runDB (updateBook UpdateBook{..})`
Modify metadata 2018-08-08 22:21:15 +03:00			`\| otherwise = throwM err403`
Listing books 2018-08-05 23:42:37 +03:00
			`listBooksHandler :: AuthResult SafeUser -> AppM [JsonBook]`
			`listBooksHandler = requireLoggedIn $ \user -> do`
			`runDB (usersBooks (view (field @"username") user) >>= mapM augment)`
			`where`
Change book schema 2018-08-08 21:58:36 +03:00			`augment Book{identifier=bookId,contentType,title,description} = do`
#8 Attach tags to books 2018-08-14 22:19:55 +03:00			`channels <- fmap (view (field @"channel")) <$> booksChannels bookId`
			`tags <- fmap (view (field @"tag")) <$> booksTags bookId`
Migrations properly through flyway 2018-08-07 23:25:21 +03:00			`pure JsonBook{identifier=bookId,..}`