From d5c49d73a9b7f759da6dffad530f1e320b932a5e Mon Sep 17 00:00:00 2001
From: blek <me@blek.codes>
Date: Tue, 12 Dec 2023 17:11:09 +1000
Subject: [PATCH] add config checks to api upload

---
 filed/src/web/api/files/upload.rs | 32 +++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/filed/src/web/api/files/upload.rs b/filed/src/web/api/files/upload.rs
index 28a9b8f..a2836e0 100644
--- a/filed/src/web/api/files/upload.rs
+++ b/filed/src/web/api/files/upload.rs
@@ -82,6 +82,38 @@ impl UploadAPIPayload {
 
 pub async fn upload(state: SharedState, data: FormData, ip: Option<IpAddr>) -> Result<Box<dyn Reply>, Rejection> {
 
+    if (!state.config.api.enabled) || (!state.config.api.upload) {
+        return Ok(
+            Box::new(
+                with_status(
+                    json(&ErrorMessage::new(Error::APIDisabled)),
+                    StatusCode::UNAUTHORIZED
+                )
+            )
+        )
+    }
+
+    if ! state.config.files.allow_uploads {
+        return Ok(
+            Box::new(
+                with_status(
+                    json(
+                        &ErrorMessage {
+                            error: Error::APIDisabled,
+                            details: Some(
+                                match state.config.files.upload_disable_reason {
+                                    Some(reason) => format!("Uploads were disabled for the following reason: {reason}"),
+                                    None => format!("Uploads were disabled by the administrator")
+                                }
+                            )
+                        }
+                    ),
+                    StatusCode::UNAUTHORIZED
+                )
+            )
+        )
+    }
+
     let data = FormElement::from_formdata(data)
         .await;