Files
marechai/Marechai.Server/Controllers/SoftwarePromoArtController.cs
Natalia Portillo 2572e24e83 Refactor error handling in services and controllers to use ExtractDetail method for consistent error messages
- Updated SoundSynthVideosController to return ProblemDetails for bad requests and conflicts.
- Modified UsersController to return ProblemDetails for user not found and account purge failures.
- Enhanced BooksService, DocumentsService, GpusService, InstructionSetExtensionsService, MachineFamiliesService, MagazinesService, ResolutionsService, ScreensService, SoftwareFamiliesService, SoftwarePlatformsService, SoftwareVersionsService, SoundSynthsService, and WwpcImportsService to utilize ExtractDetail for error messages from ApiException.
- Introduced ExtractDetail method to standardize error message extraction from ApiException across multiple services.
2026-06-04 15:41:26 +01:00

583 lines
26 KiB
C#

/******************************************************************************
// MARECHAI: Master repository of computing history artifacts information
// ----------------------------------------------------------------------------
//
// Author(s) : Natalia Portillo <claunia@claunia.com>
//
// --[ License ] --------------------------------------------------------------
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
// ----------------------------------------------------------------------------
// Copyright © 2003-2026 Natalia Portillo
*******************************************************************************/
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using Marechai.Data;
using Marechai.Data.Dtos;
using Marechai.Database.Models;
using Marechai.Helpers;
using Marechai.Server.Helpers;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
namespace Marechai.Server.Controllers;
[Route("/software/promo-art")]
[ApiController]
public class SoftwarePromoArtController(MarechaiContext context, IConfiguration configuration) : ControllerBase
{
static readonly HashSet<string> _allowedExtensions = [".jpg", ".jpeg", ".png", ".webp", ".tiff", ".tif", ".bmp"];
static readonly HashSet<string> _allowedContentTypes =
[
"image/jpeg", "image/png", "image/webp", "image/tiff", "image/bmp"
];
readonly string _assetRootPath = configuration["AssetRootPath"]!;
[HttpGet("/software/{softwareId:ulong}/promo-art")]
[AllowAnonymous]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
public Task<List<SoftwarePromoArtDto>> GetBySoftwareAsync(ulong softwareId, [FromQuery] string lang = null)
{
string langCode = LanguageResolver.Resolve(HttpContext, lang);
// English fast-path: no need for the translation sub-query — return the canonical column.
if(string.Equals(langCode, "eng", StringComparison.Ordinal))
return context.SoftwarePromoArt
.Where(p => p.SoftwareId == softwareId)
.OrderBy(p => p.Group.Name)
.ThenBy(p => p.CreatedOn)
.ThenBy(p => p.Id)
.Select(p => new SoftwarePromoArtDto
{
Id = p.Id,
SoftwareId = p.SoftwareId,
GroupId = p.GroupId,
GroupName = p.Group.Name,
Caption = p.Caption,
OriginalExtension = p.OriginalExtension
})
.ToListAsync();
return context.SoftwarePromoArt
.Where(p => p.SoftwareId == softwareId)
.OrderBy(p => p.Group.Name)
.ThenBy(p => p.CreatedOn)
.ThenBy(p => p.Id)
.Select(p => new SoftwarePromoArtDto
{
Id = p.Id,
SoftwareId = p.SoftwareId,
GroupId = p.GroupId,
GroupName = context.SoftwarePromoArtGroupTranslations
.Where(t => t.GroupId == p.GroupId &&
t.LanguageCode == langCode)
.Select(t => t.Name)
.FirstOrDefault() ?? p.Group.Name,
Caption = p.Caption,
OriginalExtension = p.OriginalExtension
})
.ToListAsync();
}
[HttpGet("{id:Guid}")]
[AllowAnonymous]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
public async Task<ActionResult<SoftwarePromoArtDto>> GetAsync(Guid id, [FromQuery] string lang = null)
{
string langCode = LanguageResolver.Resolve(HttpContext, lang);
bool isEnglish = string.Equals(langCode, "eng", StringComparison.Ordinal);
var promo = await context.SoftwarePromoArt
.Where(p => p.Id == id)
.Select(p => new SoftwarePromoArtDto
{
Id = p.Id,
SoftwareId = p.SoftwareId,
GroupId = p.GroupId,
GroupName = isEnglish
? p.Group.Name
: context.SoftwarePromoArtGroupTranslations
.Where(t => t.GroupId == p.GroupId &&
t.LanguageCode == langCode)
.Select(t => t.Name)
.FirstOrDefault() ?? p.Group.Name,
Caption = p.Caption,
OriginalExtension = p.OriginalExtension
})
.FirstOrDefaultAsync();
if(promo is null) return NotFound();
return promo;
}
[HttpGet("groups")]
[AllowAnonymous]
[ProducesResponseType(StatusCodes.Status200OK)]
public async Task<List<SoftwarePromoArtGroupDto>> GetGroupsAsync([FromQuery] string lang = null)
{
string langCode = LanguageResolver.Resolve(HttpContext, lang);
bool isEnglish = string.Equals(langCode, "eng", StringComparison.Ordinal);
// Project both the localized Name (with English fallback) and the canonical English
// CanonicalName so edit-path autocompletes can display the localized text but submit
// the canonical English name back to the get-or-create upload/update endpoints.
List<SoftwarePromoArtGroupDto> groups = isEnglish
? await context.SoftwarePromoArtGroups
.Select(g => new SoftwarePromoArtGroupDto
{
Id = g.Id,
Name = g.Name,
CanonicalName = g.Name
})
.ToListAsync()
: await context.SoftwarePromoArtGroups
.Select(g => new SoftwarePromoArtGroupDto
{
Id = g.Id,
Name = context.SoftwarePromoArtGroupTranslations
.Where(t => t.GroupId == g.Id &&
t.LanguageCode == langCode)
.Select(t => t.Name)
.FirstOrDefault() ?? g.Name,
CanonicalName = g.Name
})
.ToListAsync();
// Sort in-memory by the localized Name so the displayed list is alphabetical in the
// requested language (sorting in EF would force the join into ORDER BY and complicate
// SQL — the groups list is small).
groups.Sort((a, b) => string.Compare(a.Name, b.Name, StringComparison.CurrentCultureIgnoreCase));
return groups;
}
[HttpPost("upload")]
[Authorize(Roles = "Admin,UberAdmin")]
[RequestSizeLimit(50 * 1024 * 1024)]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
public async Task<ActionResult<SoftwarePromoArtDto>> UploadAsync(IFormFile file,
[FromForm] ulong softwareId,
[FromForm] string groupName,
[FromForm] string caption)
{
string userId = User.FindFirstValue(ClaimTypes.Sid);
if(userId is null) return Unauthorized();
if(file is null || file.Length == 0)
return Problem(detail: "No file provided.", statusCode: StatusCodes.Status400BadRequest);
if(file.Length > 50 * 1024 * 1024)
return Problem(detail: "File exceeds 50 MB limit.", statusCode: StatusCodes.Status400BadRequest);
string extension = Path.GetExtension(file.FileName)?.ToLowerInvariant() ?? string.Empty;
if(!_allowedExtensions.Contains(extension))
return Problem(detail: "Unsupported file format. Accepted: JPEG, PNG, WebP, TIFF, BMP.", statusCode: StatusCodes.Status400BadRequest);
if(!string.IsNullOrEmpty(file.ContentType) &&
!_allowedContentTypes.Contains(file.ContentType.ToLowerInvariant()))
return Problem(detail: "Unsupported content type.", statusCode: StatusCodes.Status400BadRequest);
string trimmedGroup = groupName?.Trim();
if(string.IsNullOrWhiteSpace(trimmedGroup))
return Problem(detail: "Group name is required.", statusCode: StatusCodes.Status400BadRequest);
if(trimmedGroup.Length > 256)
return Problem(detail: "Group name exceeds 256 characters.", statusCode: StatusCodes.Status400BadRequest);
bool softwareExists = await context.Softwares.AnyAsync(s => s.Id == softwareId);
if(!softwareExists)
return Problem(detail: "Referenced software does not exist.", statusCode: StatusCodes.Status400BadRequest);
SoftwarePromoArtGroup group =
await context.SoftwarePromoArtGroups.FirstOrDefaultAsync(g => g.Name == trimmedGroup);
if(group is null)
{
group = new SoftwarePromoArtGroup { Name = trimmedGroup };
await context.SoftwarePromoArtGroups.AddAsync(group);
await context.SaveChangesWithUserAsync(userId);
}
using var ms = new MemoryStream();
await file.CopyToAsync(ms);
ms.Position = 0;
var model = new SoftwarePromoArt
{
Id = Guid.NewGuid(),
SoftwareId = softwareId,
GroupId = group.Id,
Caption = string.IsNullOrWhiteSpace(caption) ? null : caption,
OriginalExtension = extension.TrimStart('.')
};
Photos.EnsureCreated(_assetRootPath, false, "software-promo-art");
string originalsDir = Path.Combine(_assetRootPath, "photos", "software-promo-art", "originals");
string originalPath = Path.Combine(originalsDir, $"{model.Id}{extension}");
ms.Position = 0;
await using(var fs = new FileStream(originalPath, FileMode.CreateNew, FileAccess.Write))
{
await ms.CopyToAsync(fs);
}
string sourceFormat = extension.TrimStart('.');
_ = Task.Run(() =>
{
var photos = new Photos();
photos.ConversionWorker(_assetRootPath, model.Id, originalPath, sourceFormat, false,
"software-promo-art");
});
await context.SoftwarePromoArt.AddAsync(model);
await context.SaveChangesWithUserAsync(userId);
return Ok(new SoftwarePromoArtDto
{
Id = model.Id,
SoftwareId = model.SoftwareId,
GroupId = model.GroupId,
GroupName = group.Name,
Caption = model.Caption,
OriginalExtension = model.OriginalExtension
});
}
[HttpPut("{id:Guid}")]
[Authorize(Roles = "Admin,UberAdmin")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
public async Task<ActionResult> UpdateAsync(Guid id, [FromBody] UpdateSoftwarePromoArtRequest dto)
{
string userId = User.FindFirstValue(ClaimTypes.Sid);
if(userId is null) return Unauthorized();
SoftwarePromoArt model = await context.SoftwarePromoArt.FirstOrDefaultAsync(p => p.Id == id);
if(model is null) return NotFound();
int oldGroupId = model.GroupId;
if(dto.GroupName is not null)
{
string trimmedGroup = dto.GroupName.Trim();
if(string.IsNullOrWhiteSpace(trimmedGroup))
return Problem(detail: "Group name cannot be empty.", statusCode: StatusCodes.Status400BadRequest);
if(trimmedGroup.Length > 256)
return Problem(detail: "Group name exceeds 256 characters.", statusCode: StatusCodes.Status400BadRequest);
SoftwarePromoArtGroup group =
await context.SoftwarePromoArtGroups.FirstOrDefaultAsync(g => g.Name == trimmedGroup);
if(group is null)
{
group = new SoftwarePromoArtGroup { Name = trimmedGroup };
await context.SoftwarePromoArtGroups.AddAsync(group);
await context.SaveChangesWithUserAsync(userId);
}
model.GroupId = group.Id;
}
model.Caption = string.IsNullOrWhiteSpace(dto.Caption) ? null : dto.Caption;
await context.SaveChangesWithUserAsync(userId);
// Auto-purge orphan group if reassignment left it empty.
if(model.GroupId != oldGroupId)
{
bool oldGroupHasItems = await context.SoftwarePromoArt.AnyAsync(p => p.GroupId == oldGroupId);
if(!oldGroupHasItems)
{
SoftwarePromoArtGroup oldGroup =
await context.SoftwarePromoArtGroups.FirstOrDefaultAsync(g => g.Id == oldGroupId);
if(oldGroup is not null)
{
context.SoftwarePromoArtGroups.Remove(oldGroup);
await context.SaveChangesWithUserAsync(userId);
}
}
}
return Ok();
}
[HttpDelete("{id:Guid}")]
[Authorize(Roles = "Admin,UberAdmin")]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
public async Task<ActionResult> DeleteAsync(Guid id)
{
string userId = User.FindFirstValue(ClaimTypes.Sid);
if(userId is null) return Unauthorized();
SoftwarePromoArt model = await context.SoftwarePromoArt.FirstOrDefaultAsync(p => p.Id == id);
if(model is null) return NotFound();
int oldGroupId = model.GroupId;
context.SoftwarePromoArt.Remove(model);
await context.SaveChangesWithUserAsync(userId);
// Auto-purge orphan group if it became empty.
bool oldGroupHasItems = await context.SoftwarePromoArt.AnyAsync(p => p.GroupId == oldGroupId);
if(!oldGroupHasItems)
{
SoftwarePromoArtGroup oldGroup =
await context.SoftwarePromoArtGroups.FirstOrDefaultAsync(g => g.Id == oldGroupId);
if(oldGroup is not null)
{
context.SoftwarePromoArtGroups.Remove(oldGroup);
await context.SaveChangesWithUserAsync(userId);
}
}
string photosRoot = Path.Combine(_assetRootPath, "photos", "software-promo-art");
string guidStr = id.ToString();
DeleteFilesByPattern(Path.Combine(photosRoot, "originals"), $"{guidStr}.*");
string[] formats = ["jpeg", "webp", "avif"];
string[] resolutions = ["4k"];
foreach(string format in formats)
{
string ext = format switch
{
"jpeg" => ".jpg",
"webp" => ".webp",
"avif" => ".avif",
_ => $".{format}"
};
foreach(string res in resolutions)
{
string fullPath = Path.Combine(photosRoot, format, res, $"{guidStr}{ext}");
string thumbPath = Path.Combine(photosRoot, "thumbs", format, res, $"{guidStr}{ext}");
if(System.IO.File.Exists(fullPath))
System.IO.File.Delete(fullPath);
if(System.IO.File.Exists(thumbPath))
System.IO.File.Delete(thumbPath);
}
}
return Ok();
}
/// <summary>
/// Maximum in-flight pending promo art images a single collaborator may stage for a
/// given Software before they submit (or cancel) the suggestion. Mirrors the
/// per-batch cap enforced by the dialog.
/// </summary>
const int PendingPhotosPerUserPerSoftwareCap = 30;
/// <summary>
/// Allowed extensions for collaborator-uploaded promo art images (narrower than the
/// admin upload set; must match server-side JS validation).
/// </summary>
static readonly HashSet<string> _pendingAllowedExtensions = new(StringComparer.OrdinalIgnoreCase)
{
".jpg", ".jpeg", ".png", ".webp"
};
/// <summary>
/// Allowed content types for collaborator-uploaded promo art images (narrower than
/// the admin upload set; must match server-side JS validation).
/// </summary>
static readonly HashSet<string> _pendingAllowedContentTypes = new(StringComparer.OrdinalIgnoreCase)
{
"image/jpeg", "image/png", "image/webp"
};
/// <summary>
/// Stage a single pending promo art image for a brand-new collaborative suggestion.
/// The uploader keeps each pending file on the server (sidecar tracks ownership +
/// parent <c>softwareId</c>) until they call <c>POST /suggestions</c> referencing the
/// returned <c>guid</c>. Per-uploader cap of 30 in-flight pending images per Software.
/// </summary>
[HttpPost("pending")]
[Authorize]
[RequestSizeLimit(50 * 1024 * 1024)]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status400BadRequest)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
[ProducesResponseType(StatusCodes.Status409Conflict)]
public async Task<ActionResult<PendingImageUploadDto>> UploadPendingAsync(IFormFile file,
[FromQuery] ulong softwareId)
{
string userId = User.FindFirstValue(ClaimTypes.Sid);
if(string.IsNullOrEmpty(userId)) return Unauthorized();
if(file is null || file.Length == 0) return Problem(detail: "No file provided.", statusCode: StatusCodes.Status400BadRequest);
if(file.Length > 50 * 1024 * 1024) return Problem(detail: "File exceeds 50 MB limit.", statusCode: StatusCodes.Status400BadRequest);
string extension = Path.GetExtension(file.FileName)?.ToLowerInvariant() ?? string.Empty;
if(!_pendingAllowedExtensions.Contains(extension))
return Problem(detail: "Unsupported file format. Accepted: JPEG, PNG, WebP.", statusCode: StatusCodes.Status400BadRequest);
if(!string.IsNullOrEmpty(file.ContentType) &&
!_pendingAllowedContentTypes.Contains(file.ContentType.ToLowerInvariant()))
return Problem(detail: "Unsupported content type.", statusCode: StatusCodes.Status400BadRequest);
bool softwareExists = await context.Softwares.AnyAsync(s => s.Id == softwareId);
if(!softwareExists) return Problem(detail: "Software not found.", statusCode: StatusCodes.Status404NotFound);
long parentEntityId = (long)softwareId;
int currentCount = PendingImageStore.CountByUploaderForParentEntity(_assetRootPath, "software-promo-art",
userId, (byte)SuggestionEntityType.SoftwarePromoArt, parentEntityId);
if(currentCount >= PendingPhotosPerUserPerSoftwareCap)
return Problem(detail: $"You already have {currentCount} pending promo art images for this software. Maximum " +
$"is {PendingPhotosPerUserPerSoftwareCap} per software. Submit or remove some first.",
statusCode: StatusCodes.Status409Conflict);
Guid guid;
await using(Stream stream = file.OpenReadStream())
{
// EntityId stays 0 because the suggestion row that will reference these images
// doesn't exist yet. ParentEntityId carries the softwareId so the per-uploader
// cap and cleanup-by-parent helpers can scope correctly.
guid = await PendingImageStore.StoreAsync(_assetRootPath, "software-promo-art", extension,
(byte)SuggestionEntityType.SoftwarePromoArt, entityId: 0L, userId, file.ContentType, stream,
parentEntityId: parentEntityId);
}
return Ok(new PendingImageUploadDto
{
Guid = guid,
Extension = extension.TrimStart('.')
});
}
/// <summary>
/// Delete a pending promo art image before it has been submitted as part of a
/// suggestion. Only the original uploader (or an admin) may delete.
/// </summary>
[HttpDelete("pending/{guid:guid}")]
[Authorize]
[ProducesResponseType(StatusCodes.Status204NoContent)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(StatusCodes.Status403Forbidden)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
public async Task<ActionResult> DeletePendingAsync(Guid guid)
{
string userId = User.FindFirstValue(ClaimTypes.Sid);
if(string.IsNullOrEmpty(userId)) return Unauthorized();
PendingImageStore.PendingMetadata meta =
await PendingImageStore.GetMetadataAsync(_assetRootPath, "software-promo-art", guid);
if(meta is null) return NotFound();
if(meta.EntityType != (byte)SuggestionEntityType.SoftwarePromoArt) return NotFound();
bool isAdmin = User.IsInRole("Admin") || User.IsInRole("UberAdmin");
if(!PendingImageStore.CanAccess(meta, userId, isAdmin)) return Forbid();
PendingImageStore.Delete(_assetRootPath, "software-promo-art", guid);
return NoContent();
}
/// <summary>
/// Stream the binary contents of a pending promo art image. Used by the dialog
/// thumbnail preview AND by the admin SuggestionDiffPanel preview. Auth-gated: only
/// the uploader and admins can read.
/// </summary>
[HttpGet("pending/{guid:guid}")]
[Authorize]
[ProducesResponseType(StatusCodes.Status200OK)]
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
[ProducesResponseType(StatusCodes.Status403Forbidden)]
[ProducesResponseType(StatusCodes.Status404NotFound)]
public async Task<ActionResult> GetPendingAsync(Guid guid)
{
string userId = User.FindFirstValue(ClaimTypes.Sid);
if(string.IsNullOrEmpty(userId)) return Unauthorized();
PendingImageStore.PendingMetadata meta =
await PendingImageStore.GetMetadataAsync(_assetRootPath, "software-promo-art", guid);
if(meta is null) return NotFound();
if(meta.EntityType != (byte)SuggestionEntityType.SoftwarePromoArt) return NotFound();
bool isAdmin = User.IsInRole("Admin") || User.IsInRole("UberAdmin");
if(!PendingImageStore.CanAccess(meta, userId, isAdmin)) return Forbid();
string path = await PendingImageStore.GetImagePathAsync(_assetRootPath, "software-promo-art", guid);
if(path is null || !System.IO.File.Exists(path)) return NotFound();
var stream = new FileStream(path, FileMode.Open, FileAccess.Read, FileShare.Read);
return File(stream, meta.ContentType ?? "application/octet-stream");
}
static void DeleteFilesByPattern(string directory, string pattern)
{
if(!System.IO.Directory.Exists(directory)) return;
foreach(string file in System.IO.Directory.GetFiles(directory, pattern))
System.IO.File.Delete(file);
}
}