tueit_GmbH/tueit_Transkriptor
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: DELETE /transcripts/{filename} — delete transcript with path-confinement check

Browse Source
This commit is contained in:
Thomas Kopp
2026-04-01 14:13:02 +02:00
parent aa3eef8fb1
commit ae3ae61593
2 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/router.py
+12
View File
@@ -134,6 +134,18 @@ async def get_transcript(filename: str, user: dict = Depends(current_user)):
return PlainTextResponse(content)
@router.delete("/transcripts/{filename}")
async def delete_transcript(filename: str, user: dict = Depends(current_user)):
user_dir = os.path.join(user["output_dir"], user["username"])
if os.path.basename(filename) != filename or not filename.endswith(".md"):
raise HTTPException(status_code=404, detail="Nicht gefunden")
path = os.path.join(user_dir, filename)
if not os.path.exists(path):
raise HTTPException(status_code=404, detail="Nicht gefunden")
os.unlink(path)
return {"ok": True}
@router.get("/config")
async def get_config(user: dict = Depends(current_user)):
return load_config()