slackbridge
slackbridge copied to clipboard
ossobv
Handle file uploads
Turns out we can handle file uploads in a fairly reasonable manner:
- the file is posted as:
Handle POST: /outgoing, FieldStorage(None, None, [
MiniFieldStorage('token', 'O3xxx'),
MiniFieldStorage('team_id', 'T0xxx'),
MiniFieldStorage('team_domain', 'gexxx'),
MiniFieldStorage('service_id', '11xxx'),
MiniFieldStorage('channel_id', 'C0xxx'),
MiniFieldStorage('channel_name', 'osxxx'),
MiniFieldStorage('timestamp', '1503649959.000043'),
MiniFieldStorage('user_id', 'U0xxx'),
MiniFieldStorage('user_name', 'e.xxx'),
MiniFieldStorage('text',
'<@U0xxx|e.xxx> uploaded a file: <https://gexxx.slack.com/files/e.xxx/F6xxx/img.jpg|a bit of text>')])
- we can fetch it using files.info: curl 'https://slack.com/api/files.info' -XPOST -d token=$XXX -d file=F6xxx -- which returns:
{
"ok": true,
"file": {
"id": "F6xxx",
"created": 1503649955,
"timestamp": 1503649955,
"name": "img.jpg",
"title": "a bit of text",
"mimetype": "image/jpeg",
"filetype": "jpg",
"pretty_type": "JPEG",
"user": "U0xxx",
"editable": false,
"size": 307887,
"mode": "hosted",
"is_external": false,
"external_type": "",
"is_public": true,
"public_url_shared": false,
"display_as_bot": false,
"username": "",
"url_private": "xxx",
"url_private_download": "https://files.slack.com/files-pri/T0xxx-F6xxx/download/img.jpg",
"thumb_64": "xxx",
"thumb_80": "xxx",
"...": "..."
}
}
- the file can be downloaded: curl -i -H "Authorization: Bearer $XXX" "https://files.slack.com/files-pri/T0xxx-F6xxx/download/img.jpg"
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 307887
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Content-Disposition: attachment; filename="img.jpg"; filename*=utf8''img%20with%20space%20in%20the%20name.jpg
Date: Tue, 29 Aug 2017 14:58:52 GMT
Etag: "c3xxx"
X-Backend: imgproxy-0fxxx
X-Robots-Tag: noindex
X-Slack-Meta: S3TA
X-Cache: Miss from cloudfront
Via: 1.1 1e07xxx.cloudfront.net (CloudFront)
X-Amz-Cf-Id: HwWxxx-hMxxx==
- we can reupload this file: curl 'https://slack.com/api/files.upload' -XPOST -F token=$YYY -F channels=C0otherchan -F file=@recently_downloaded.jpg -d filename=img.jpg -d title='a bit of text'
{"ok":true,"file":{"id":"F6yyy","created":1504019408,"timestamp":1504019408,
"name":"img.jpg","title":"a bit of text",
"mimetype":"image\/jpeg","filetype":"jpg","pretty_type":"JPEG","user":"U6botuser",
"editable":false,"size":307887,"mode":"hosted","is_external":false,"external_type":"",
"is_public":true,"public_url_shared":false,"display_as_bot":false,"username":"",
"url_private":"https:\/\/files.slack.com\/files-pri\/T0yyy-F6yyy\/yyy.jpg",
"url_private_download":"https:\/\/files.slack.com\/files-pri\/T0yyy-F6yyy\/download\/yyy.jpg",
"...": "...",
"original_w":2550,"original_h":3489,
"permalink":"https:\/\/osso.slack.com\/files\/slyyy\/F6yyy\/yyy.jpg",
"permalink_public":"https:\/\/slack-files.com\/T0yyy-F6yyy-e0yyy",
"channels":["C0otherchan"],"groups":[],"ims":[],"comments_count":0}}
- we will however get this message in the outgoing webhook again, which we'll need to exclude:
[2017-08-29 17:10:12 CEST] DEBUG/9917: Handle POST: /outgoing, FieldStorage(None, None, [
MiniFieldStorage('token', 'cnyyy'), MiniFieldStorage('team_id', 'T0xxx'),
MiniFieldStorage('team_domain', 'osyyy'), MiniFieldStorage('service_id', '11yyy'),
MiniFieldStorage('channel_id', 'C0yyy'), MiniFieldStorage('channel_name', 'shyyy'),
MiniFieldStorage('timestamp', '1504019411.000464'), MiniFieldStorage('user_id', 'U6botuser'),
MiniFieldStorage('user_name', 'slackbridge'), MiniFieldStorage('text',
'<@U6botuser|slackbridge> uploaded a file: <https://osso.slack.com/files/slackbridge/F6yyy/img.jpg|a bit of text>')])
- so: if we look up the BOTUSER username at login time, and then exclude all "file uploads" from that user, we should be good: we can still forward the rest as-is, as we'll get the link to the original private URL and a proper reference to who uploaded the original.
