M1ngdaXie/DocNest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Enhance real-time collaboration features with user awareness and document sharing

Browse Source 
- Added user information (UserID, UserName, UserAvatar) to Client struct for presence tracking.
- Implemented failure handling in the broadcastMessage function to manage send failures and disconnect clients if necessary.
- Introduced document ownership and sharing capabilities:
  - Added OwnerID and Is_Public fields to Document model.
  - Created DocumentShare model for managing document sharing with permissions.
  - Implemented functions for creating, listing, and managing document shares in the Postgres store.
- Added user management functionality:
  - Created User model and associated functions for user management in the Postgres store.
  - Implemented session management with token hashing for security.
- Updated database schema with migrations for users, sessions, and document shares.
- Enhanced frontend Yjs integration with awareness event logging for user connections and disconnections.
This commit is contained in:
M1ngdaXie
2026-01-03 12:59:53 -08:00
parent 37d89b13b9
commit 7f5f32179b
21 changed files with 2064 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

274
backend/internal/handlers/document.go
View File

@@ -1,8 +1,10 @@
package handlers
import (
"fmt"
"net/http"
"github.com/M1ngdaXie/realtime-collab/internal/auth"
"github.com/M1ngdaXie/realtime-collab/internal/models"
"github.com/M1ngdaXie/realtime-collab/internal/store"
"github.com/gin-gonic/gin"
@@ -10,135 +12,199 @@ import (
)
type DocumentHandler struct {
store *store.Store
store *store.PostgresStore
}
func NewDocumentHandler(s *store.Store) *DocumentHandler {
func NewDocumentHandler(s *store.PostgresStore) *DocumentHandler {
return &DocumentHandler{store: s}
}
// CreateDocument creates a new document
func (h *DocumentHandler) CreateDocument(c *gin.Context) {
var req models.CreateDocumentRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Validate document type
if req.Type != models.DocumentTypeEditor && req.Type != models.DocumentTypeKanban {
c.JSON(http.StatusBadRequest, gin.H{"error": "invalid document type"})
return
}
// CreateDocument creates a new document (requires auth)
func (h *DocumentHandler) CreateDocument(c *gin.Context) {
fmt.Println("getting userId right now.... ")
userID := auth.GetUserFromContext(c)
fmt.Println(userID)
if userID == nil {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
return
}
doc, err := h.store.CreateDocument(req.Name, req.Type)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
var req models.CreateDocumentRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
c.JSON(http.StatusCreated, doc)
}
// Create document with owner_id
doc, err := h.store.CreateDocumentWithOwner(req.Name, req.Type, userID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("Failed to create document: %v", err)})
return
}
c.JSON(http.StatusCreated, doc)
}
// ListDocuments returns all documents
func (h *DocumentHandler) ListDocuments(c *gin.Context) {
documents, err := h.store.ListDocuments()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
userID := auth.GetUserFromContext(c)
if documents == nil {
documents = []models.Document{}
}
var docs []models.Document
var err error
if userID != nil {
// Authenticated: show owned + shared documents
docs, err = h.store.ListUserDocuments(c.Request.Context(), *userID)
} else {
c.JSON(http.StatusUnauthorized, gin.H{"error": fmt.Sprintf("we dont know you: %v", err)})
}
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to list documents"})
return
}
c.JSON(http.StatusOK, models.DocumentListResponse{
Documents: docs,
Total: len(docs),
})
}
c.JSON(http.StatusOK, models.DocumentListResponse{
Documents: documents,
Total: len(documents),
})
}
// GetDocument returns a single document
func (h *DocumentHandler) GetDocument(c *gin.Context) {
idStr := c.Param("id")
id, err := uuid.Parse(idStr)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "invalid document ID"})
return
}
id, err := uuid.Parse(c.Param("id"))
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid document ID"})
return
}
doc, err := h.store.GetDocument(id)
if err != nil {
c.JSON(http.StatusNotFound, gin.H{"error": "document not found"})
return
}
userID := auth.GetUserFromContext(c)
c.JSON(http.StatusOK, doc)
}
// Check permission if authenticated
if userID != nil {
canView, err := h.store.CanViewDocument(c.Request.Context(), id, *userID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to check permissions"})
return
}
if !canView {
c.JSON(http.StatusForbidden, gin.H{"error": "Access denied"})
return
}
}else{
c.JSON("this file is not public")
return
}
doc, err := h.store.GetDocument(id)
if err != nil {
c.JSON(http.StatusNotFound, gin.H{"error": "Document not found"})
return
}
c.JSON(http.StatusOK, doc)
}
// GetDocumentState returns the Yjs state for a document
func (h *DocumentHandler) GetDocumentState(c *gin.Context) {
idStr := c.Param("id")
id, err := uuid.Parse(idStr)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "invalid document ID"})
return
}
// GetDocumentState retrieves document state (requires view permission)
func (h *DocumentHandler) GetDocumentState(c *gin.Context) {
id, err := uuid.Parse(c.Param("id"))
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid document ID"})
return
}
doc, err := h.store.GetDocument(id)
if err != nil {
c.JSON(http.StatusNotFound, gin.H{"error": "document not found"})
return
}
userID := auth.GetUserFromContext(c)
// Return binary state
if doc.YjsState == nil {
c.Data(http.StatusOK, "application/octet-stream", []byte{})
return
}
// Check permission if authenticated
if userID != nil {
canView, err := h.store.CanViewDocument(c.Request.Context(), id, *userID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to check permissions"})
return
}
if !canView {
c.JSON(http.StatusForbidden, gin.H{"error": "Access denied"})
return
}
}
c.Data(http.StatusOK, "application/octet-stream", doc.YjsState)
}
doc, err := h.store.GetDocument(id)
if err != nil {
c.JSON(http.StatusNotFound, gin.H{"error": "Document not found"})
return
}
// UpdateDocumentState updates the Yjs state for a document
func (h *DocumentHandler) UpdateDocumentState(c *gin.Context) {
idStr := c.Param("id")
id, err := uuid.Parse(idStr)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "invalid document ID"})
return
}
c.Data(http.StatusOK, "application/octet-stream", doc.YjsState)
}
// Read binary body
state, err := c.GetRawData()
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "failed to read request body"})
return
}
// UpdateDocumentState updates document state (requires edit permission)
func (h *DocumentHandler) UpdateDocumentState(c *gin.Context) {
id, err := uuid.Parse(c.Param("id"))
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid document ID"})
return
}
err = h.store.UpdateDocumentState(id, state)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
userID := auth.GetUserFromContext(c)
if userID == nil {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
return
}
c.JSON(http.StatusOK, gin.H{"message": "state updated successfully"})
}
// Check edit permission
canEdit, err := h.store.CanEditDocument(c.Request.Context(), id, *userID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to check permissions"})
return
}
if !canEdit {
c.JSON(http.StatusForbidden, gin.H{"error": "Edit access denied"})
return
}
// DeleteDocument deletes a document
func (h *DocumentHandler) DeleteDocument(c *gin.Context) {
idStr := c.Param("id")
id, err := uuid.Parse(idStr)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "invalid document ID"})
return
}
var req models.UpdateStateRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
err = h.store.DeleteDocument(id)
if err != nil {
c.JSON(http.StatusNotFound, gin.H{"error": "document not found"})
return
}
if err := h.store.UpdateDocumentState(id, req.State); err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to update state"})
return
}
c.JSON(http.StatusOK, gin.H{"message": "document deleted successfully"})
}
c.JSON(http.StatusOK, gin.H{"message": "State updated successfully"})
}
// DeleteDocument deletes a document (owner only)
func (h *DocumentHandler) DeleteDocument(c *gin.Context) {
id, err := uuid.Parse(c.Param("id"))
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid document ID"})
return
}
userID := auth.GetUserFromContext(c)
if userID == nil {
c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
return
}
// Check ownership
isOwner, err := h.store.IsDocumentOwner(c.Request.Context(), id, *userID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to check ownership"})
return
}
if !isOwner {
c.JSON(http.StatusForbidden, gin.H{"error": "Only owner can delete documents"})
return
}
if err := h.store.DeleteDocument(id); err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to delete document"})
return
}
c.JSON(http.StatusOK, gin.H{"message": "Document deleted successfully"})
}