vantzs/corrosion-admin-panel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 18 Wiki Activity

feat(api): per-instance file bridge — list/read/write via the new agent file manager
All checks were successful
CI / backend-types (push) Successful in 9s
Details
CI / frontend-build (push) Successful in 16s
Details
CI / agent-tests (push) Successful in 44s
Details
CI / integration (push) Successful in 21s
Details

Browse Source 
GET /api/instances/:id/files (list) + /file (read), PUT /file (write) —
tenant-guarded, routed through requestScoped to the per-instance
corrosion.{license}.{instance}.files.cmd using the new agent's {op,path}
protocol (jailed to the instance root, symlink-safe). files.view /
files.manage perms. Foundation for the per-game config editor and for
fixing the legacy VueFinder File Manager (which still speaks the retired
Go fm_* protocol on the wrong subject and is broken under per-license
auth — separate reconciliation).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
Vantz Stockwell
2026-06-11 19:00:28 -04:00
parent e897a4802f
commit 877fadcb6c
2 changed files with 85 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
backend-nest/src/modules/instances/instances.controller.ts
View File

@@ -1,4 +1,4 @@
import { Controller, Post, Body, Param } from '@nestjs/common';
import { Controller, Post, Get, Put, Body, Param, Query } from '@nestjs/common';
import { ApiTags, ApiBearerAuth, ApiOperation } from '@nestjs/swagger';
import { CurrentTenant } from '../../common/decorators/current-tenant.decorator';
import { RequirePermission } from '../../common/decorators/require-permission.decorator';
@@ -31,4 +31,37 @@ export class InstancesController {
) {
return this.instances.rcon(licenseId, id, body.command);
}
@Get(':id/files')
@RequirePermission('files.view')
@ApiOperation({ summary: 'List a directory in the instance (jailed to its root)' })
async listFiles(
@CurrentTenant() licenseId: string,
@Param('id') id: string,
@Query('path') path?: string,
) {
return this.instances.listFiles(licenseId, id, path ?? '');
}
@Get(':id/file')
@RequirePermission('files.view')
@ApiOperation({ summary: 'Read a text file from the instance (jailed, 5 MiB cap)' })
async readFile(
@CurrentTenant() licenseId: string,
@Param('id') id: string,
@Query('path') path: string,
) {
return this.instances.readFile(licenseId, id, path);
}
@Put(':id/file')
@RequirePermission('files.manage')
@ApiOperation({ summary: 'Write a text file in the instance (jailed)' })
async writeFile(
@CurrentTenant() licenseId: string,
@Param('id') id: string,
@Body() body: { path: string; content: string },
) {
return this.instances.writeFile(licenseId, id, body.path, body.content ?? '');
}
}