mirror of
https://github.com/claunia/marechai.git
synced 2026-07-08 17:57:08 +00:00
- Updated SoundSynthVideosController to return ProblemDetails for bad requests and conflicts. - Modified UsersController to return ProblemDetails for user not found and account purge failures. - Enhanced BooksService, DocumentsService, GpusService, InstructionSetExtensionsService, MachineFamiliesService, MagazinesService, ResolutionsService, ScreensService, SoftwareFamiliesService, SoftwarePlatformsService, SoftwareVersionsService, SoundSynthsService, and WwpcImportsService to utilize ExtractDetail for error messages from ApiException. - Introduced ExtractDetail method to standardize error message extraction from ApiException across multiple services.
583 lines
26 KiB
C#
583 lines
26 KiB
C#
/******************************************************************************
|
|
// MARECHAI: Master repository of computing history artifacts information
|
|
// ----------------------------------------------------------------------------
|
|
//
|
|
// Author(s) : Natalia Portillo <claunia@claunia.com>
|
|
//
|
|
// --[ License ] --------------------------------------------------------------
|
|
//
|
|
// This program is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as
|
|
// published by the Free Software Foundation, either version 3 of the
|
|
// License, or (at your option) any later version.
|
|
//
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
//
|
|
// ----------------------------------------------------------------------------
|
|
// Copyright © 2003-2026 Natalia Portillo
|
|
*******************************************************************************/
|
|
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.IO;
|
|
using System.Linq;
|
|
using System.Security.Claims;
|
|
using System.Threading.Tasks;
|
|
using Marechai.Data;
|
|
using Marechai.Data.Dtos;
|
|
using Marechai.Database.Models;
|
|
using Marechai.Helpers;
|
|
using Marechai.Server.Helpers;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Http;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.EntityFrameworkCore;
|
|
using Microsoft.Extensions.Configuration;
|
|
|
|
namespace Marechai.Server.Controllers;
|
|
|
|
[Route("/software/promo-art")]
|
|
[ApiController]
|
|
public class SoftwarePromoArtController(MarechaiContext context, IConfiguration configuration) : ControllerBase
|
|
{
|
|
static readonly HashSet<string> _allowedExtensions = [".jpg", ".jpeg", ".png", ".webp", ".tiff", ".tif", ".bmp"];
|
|
|
|
static readonly HashSet<string> _allowedContentTypes =
|
|
[
|
|
"image/jpeg", "image/png", "image/webp", "image/tiff", "image/bmp"
|
|
];
|
|
|
|
readonly string _assetRootPath = configuration["AssetRootPath"]!;
|
|
|
|
[HttpGet("/software/{softwareId:ulong}/promo-art")]
|
|
[AllowAnonymous]
|
|
[ProducesResponseType(StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status400BadRequest)]
|
|
public Task<List<SoftwarePromoArtDto>> GetBySoftwareAsync(ulong softwareId, [FromQuery] string lang = null)
|
|
{
|
|
string langCode = LanguageResolver.Resolve(HttpContext, lang);
|
|
|
|
// English fast-path: no need for the translation sub-query — return the canonical column.
|
|
if(string.Equals(langCode, "eng", StringComparison.Ordinal))
|
|
return context.SoftwarePromoArt
|
|
.Where(p => p.SoftwareId == softwareId)
|
|
.OrderBy(p => p.Group.Name)
|
|
.ThenBy(p => p.CreatedOn)
|
|
.ThenBy(p => p.Id)
|
|
.Select(p => new SoftwarePromoArtDto
|
|
{
|
|
Id = p.Id,
|
|
SoftwareId = p.SoftwareId,
|
|
GroupId = p.GroupId,
|
|
GroupName = p.Group.Name,
|
|
Caption = p.Caption,
|
|
OriginalExtension = p.OriginalExtension
|
|
})
|
|
.ToListAsync();
|
|
|
|
return context.SoftwarePromoArt
|
|
.Where(p => p.SoftwareId == softwareId)
|
|
.OrderBy(p => p.Group.Name)
|
|
.ThenBy(p => p.CreatedOn)
|
|
.ThenBy(p => p.Id)
|
|
.Select(p => new SoftwarePromoArtDto
|
|
{
|
|
Id = p.Id,
|
|
SoftwareId = p.SoftwareId,
|
|
GroupId = p.GroupId,
|
|
GroupName = context.SoftwarePromoArtGroupTranslations
|
|
.Where(t => t.GroupId == p.GroupId &&
|
|
t.LanguageCode == langCode)
|
|
.Select(t => t.Name)
|
|
.FirstOrDefault() ?? p.Group.Name,
|
|
Caption = p.Caption,
|
|
OriginalExtension = p.OriginalExtension
|
|
})
|
|
.ToListAsync();
|
|
}
|
|
|
|
[HttpGet("{id:Guid}")]
|
|
[AllowAnonymous]
|
|
[ProducesResponseType(StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
|
public async Task<ActionResult<SoftwarePromoArtDto>> GetAsync(Guid id, [FromQuery] string lang = null)
|
|
{
|
|
string langCode = LanguageResolver.Resolve(HttpContext, lang);
|
|
bool isEnglish = string.Equals(langCode, "eng", StringComparison.Ordinal);
|
|
|
|
var promo = await context.SoftwarePromoArt
|
|
.Where(p => p.Id == id)
|
|
.Select(p => new SoftwarePromoArtDto
|
|
{
|
|
Id = p.Id,
|
|
SoftwareId = p.SoftwareId,
|
|
GroupId = p.GroupId,
|
|
GroupName = isEnglish
|
|
? p.Group.Name
|
|
: context.SoftwarePromoArtGroupTranslations
|
|
.Where(t => t.GroupId == p.GroupId &&
|
|
t.LanguageCode == langCode)
|
|
.Select(t => t.Name)
|
|
.FirstOrDefault() ?? p.Group.Name,
|
|
Caption = p.Caption,
|
|
OriginalExtension = p.OriginalExtension
|
|
})
|
|
.FirstOrDefaultAsync();
|
|
|
|
if(promo is null) return NotFound();
|
|
|
|
return promo;
|
|
}
|
|
|
|
[HttpGet("groups")]
|
|
[AllowAnonymous]
|
|
[ProducesResponseType(StatusCodes.Status200OK)]
|
|
public async Task<List<SoftwarePromoArtGroupDto>> GetGroupsAsync([FromQuery] string lang = null)
|
|
{
|
|
string langCode = LanguageResolver.Resolve(HttpContext, lang);
|
|
bool isEnglish = string.Equals(langCode, "eng", StringComparison.Ordinal);
|
|
|
|
// Project both the localized Name (with English fallback) and the canonical English
|
|
// CanonicalName so edit-path autocompletes can display the localized text but submit
|
|
// the canonical English name back to the get-or-create upload/update endpoints.
|
|
List<SoftwarePromoArtGroupDto> groups = isEnglish
|
|
? await context.SoftwarePromoArtGroups
|
|
.Select(g => new SoftwarePromoArtGroupDto
|
|
{
|
|
Id = g.Id,
|
|
Name = g.Name,
|
|
CanonicalName = g.Name
|
|
})
|
|
.ToListAsync()
|
|
: await context.SoftwarePromoArtGroups
|
|
.Select(g => new SoftwarePromoArtGroupDto
|
|
{
|
|
Id = g.Id,
|
|
Name = context.SoftwarePromoArtGroupTranslations
|
|
.Where(t => t.GroupId == g.Id &&
|
|
t.LanguageCode == langCode)
|
|
.Select(t => t.Name)
|
|
.FirstOrDefault() ?? g.Name,
|
|
CanonicalName = g.Name
|
|
})
|
|
.ToListAsync();
|
|
|
|
// Sort in-memory by the localized Name so the displayed list is alphabetical in the
|
|
// requested language (sorting in EF would force the join into ORDER BY and complicate
|
|
// SQL — the groups list is small).
|
|
groups.Sort((a, b) => string.Compare(a.Name, b.Name, StringComparison.CurrentCultureIgnoreCase));
|
|
|
|
return groups;
|
|
}
|
|
|
|
[HttpPost("upload")]
|
|
[Authorize(Roles = "Admin,UberAdmin")]
|
|
[RequestSizeLimit(50 * 1024 * 1024)]
|
|
[ProducesResponseType(StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status400BadRequest)]
|
|
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
|
public async Task<ActionResult<SoftwarePromoArtDto>> UploadAsync(IFormFile file,
|
|
[FromForm] ulong softwareId,
|
|
[FromForm] string groupName,
|
|
[FromForm] string caption)
|
|
{
|
|
string userId = User.FindFirstValue(ClaimTypes.Sid);
|
|
|
|
if(userId is null) return Unauthorized();
|
|
|
|
if(file is null || file.Length == 0)
|
|
return Problem(detail: "No file provided.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
if(file.Length > 50 * 1024 * 1024)
|
|
return Problem(detail: "File exceeds 50 MB limit.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
string extension = Path.GetExtension(file.FileName)?.ToLowerInvariant() ?? string.Empty;
|
|
|
|
if(!_allowedExtensions.Contains(extension))
|
|
return Problem(detail: "Unsupported file format. Accepted: JPEG, PNG, WebP, TIFF, BMP.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
if(!string.IsNullOrEmpty(file.ContentType) &&
|
|
!_allowedContentTypes.Contains(file.ContentType.ToLowerInvariant()))
|
|
return Problem(detail: "Unsupported content type.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
string trimmedGroup = groupName?.Trim();
|
|
|
|
if(string.IsNullOrWhiteSpace(trimmedGroup))
|
|
return Problem(detail: "Group name is required.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
if(trimmedGroup.Length > 256)
|
|
return Problem(detail: "Group name exceeds 256 characters.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
bool softwareExists = await context.Softwares.AnyAsync(s => s.Id == softwareId);
|
|
|
|
if(!softwareExists)
|
|
return Problem(detail: "Referenced software does not exist.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
SoftwarePromoArtGroup group =
|
|
await context.SoftwarePromoArtGroups.FirstOrDefaultAsync(g => g.Name == trimmedGroup);
|
|
|
|
if(group is null)
|
|
{
|
|
group = new SoftwarePromoArtGroup { Name = trimmedGroup };
|
|
await context.SoftwarePromoArtGroups.AddAsync(group);
|
|
await context.SaveChangesWithUserAsync(userId);
|
|
}
|
|
|
|
using var ms = new MemoryStream();
|
|
await file.CopyToAsync(ms);
|
|
ms.Position = 0;
|
|
|
|
var model = new SoftwarePromoArt
|
|
{
|
|
Id = Guid.NewGuid(),
|
|
SoftwareId = softwareId,
|
|
GroupId = group.Id,
|
|
Caption = string.IsNullOrWhiteSpace(caption) ? null : caption,
|
|
OriginalExtension = extension.TrimStart('.')
|
|
};
|
|
|
|
Photos.EnsureCreated(_assetRootPath, false, "software-promo-art");
|
|
|
|
string originalsDir = Path.Combine(_assetRootPath, "photos", "software-promo-art", "originals");
|
|
string originalPath = Path.Combine(originalsDir, $"{model.Id}{extension}");
|
|
|
|
ms.Position = 0;
|
|
|
|
await using(var fs = new FileStream(originalPath, FileMode.CreateNew, FileAccess.Write))
|
|
{
|
|
await ms.CopyToAsync(fs);
|
|
}
|
|
|
|
string sourceFormat = extension.TrimStart('.');
|
|
|
|
_ = Task.Run(() =>
|
|
{
|
|
var photos = new Photos();
|
|
|
|
photos.ConversionWorker(_assetRootPath, model.Id, originalPath, sourceFormat, false,
|
|
"software-promo-art");
|
|
});
|
|
|
|
await context.SoftwarePromoArt.AddAsync(model);
|
|
await context.SaveChangesWithUserAsync(userId);
|
|
|
|
return Ok(new SoftwarePromoArtDto
|
|
{
|
|
Id = model.Id,
|
|
SoftwareId = model.SoftwareId,
|
|
GroupId = model.GroupId,
|
|
GroupName = group.Name,
|
|
Caption = model.Caption,
|
|
OriginalExtension = model.OriginalExtension
|
|
});
|
|
}
|
|
|
|
[HttpPut("{id:Guid}")]
|
|
[Authorize(Roles = "Admin,UberAdmin")]
|
|
[ProducesResponseType(StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status400BadRequest)]
|
|
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
|
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
|
public async Task<ActionResult> UpdateAsync(Guid id, [FromBody] UpdateSoftwarePromoArtRequest dto)
|
|
{
|
|
string userId = User.FindFirstValue(ClaimTypes.Sid);
|
|
|
|
if(userId is null) return Unauthorized();
|
|
|
|
SoftwarePromoArt model = await context.SoftwarePromoArt.FirstOrDefaultAsync(p => p.Id == id);
|
|
|
|
if(model is null) return NotFound();
|
|
|
|
int oldGroupId = model.GroupId;
|
|
|
|
if(dto.GroupName is not null)
|
|
{
|
|
string trimmedGroup = dto.GroupName.Trim();
|
|
|
|
if(string.IsNullOrWhiteSpace(trimmedGroup))
|
|
return Problem(detail: "Group name cannot be empty.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
if(trimmedGroup.Length > 256)
|
|
return Problem(detail: "Group name exceeds 256 characters.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
SoftwarePromoArtGroup group =
|
|
await context.SoftwarePromoArtGroups.FirstOrDefaultAsync(g => g.Name == trimmedGroup);
|
|
|
|
if(group is null)
|
|
{
|
|
group = new SoftwarePromoArtGroup { Name = trimmedGroup };
|
|
await context.SoftwarePromoArtGroups.AddAsync(group);
|
|
await context.SaveChangesWithUserAsync(userId);
|
|
}
|
|
|
|
model.GroupId = group.Id;
|
|
}
|
|
|
|
model.Caption = string.IsNullOrWhiteSpace(dto.Caption) ? null : dto.Caption;
|
|
|
|
await context.SaveChangesWithUserAsync(userId);
|
|
|
|
// Auto-purge orphan group if reassignment left it empty.
|
|
if(model.GroupId != oldGroupId)
|
|
{
|
|
bool oldGroupHasItems = await context.SoftwarePromoArt.AnyAsync(p => p.GroupId == oldGroupId);
|
|
|
|
if(!oldGroupHasItems)
|
|
{
|
|
SoftwarePromoArtGroup oldGroup =
|
|
await context.SoftwarePromoArtGroups.FirstOrDefaultAsync(g => g.Id == oldGroupId);
|
|
|
|
if(oldGroup is not null)
|
|
{
|
|
context.SoftwarePromoArtGroups.Remove(oldGroup);
|
|
await context.SaveChangesWithUserAsync(userId);
|
|
}
|
|
}
|
|
}
|
|
|
|
return Ok();
|
|
}
|
|
|
|
[HttpDelete("{id:Guid}")]
|
|
[Authorize(Roles = "Admin,UberAdmin")]
|
|
[ProducesResponseType(StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
|
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
|
public async Task<ActionResult> DeleteAsync(Guid id)
|
|
{
|
|
string userId = User.FindFirstValue(ClaimTypes.Sid);
|
|
|
|
if(userId is null) return Unauthorized();
|
|
|
|
SoftwarePromoArt model = await context.SoftwarePromoArt.FirstOrDefaultAsync(p => p.Id == id);
|
|
|
|
if(model is null) return NotFound();
|
|
|
|
int oldGroupId = model.GroupId;
|
|
|
|
context.SoftwarePromoArt.Remove(model);
|
|
await context.SaveChangesWithUserAsync(userId);
|
|
|
|
// Auto-purge orphan group if it became empty.
|
|
bool oldGroupHasItems = await context.SoftwarePromoArt.AnyAsync(p => p.GroupId == oldGroupId);
|
|
|
|
if(!oldGroupHasItems)
|
|
{
|
|
SoftwarePromoArtGroup oldGroup =
|
|
await context.SoftwarePromoArtGroups.FirstOrDefaultAsync(g => g.Id == oldGroupId);
|
|
|
|
if(oldGroup is not null)
|
|
{
|
|
context.SoftwarePromoArtGroups.Remove(oldGroup);
|
|
await context.SaveChangesWithUserAsync(userId);
|
|
}
|
|
}
|
|
|
|
string photosRoot = Path.Combine(_assetRootPath, "photos", "software-promo-art");
|
|
string guidStr = id.ToString();
|
|
|
|
DeleteFilesByPattern(Path.Combine(photosRoot, "originals"), $"{guidStr}.*");
|
|
|
|
string[] formats = ["jpeg", "webp", "avif"];
|
|
string[] resolutions = ["4k"];
|
|
|
|
foreach(string format in formats)
|
|
{
|
|
string ext = format switch
|
|
{
|
|
"jpeg" => ".jpg",
|
|
"webp" => ".webp",
|
|
"avif" => ".avif",
|
|
_ => $".{format}"
|
|
};
|
|
|
|
foreach(string res in resolutions)
|
|
{
|
|
string fullPath = Path.Combine(photosRoot, format, res, $"{guidStr}{ext}");
|
|
string thumbPath = Path.Combine(photosRoot, "thumbs", format, res, $"{guidStr}{ext}");
|
|
|
|
if(System.IO.File.Exists(fullPath))
|
|
System.IO.File.Delete(fullPath);
|
|
|
|
if(System.IO.File.Exists(thumbPath))
|
|
System.IO.File.Delete(thumbPath);
|
|
}
|
|
}
|
|
|
|
return Ok();
|
|
}
|
|
|
|
/// <summary>
|
|
/// Maximum in-flight pending promo art images a single collaborator may stage for a
|
|
/// given Software before they submit (or cancel) the suggestion. Mirrors the
|
|
/// per-batch cap enforced by the dialog.
|
|
/// </summary>
|
|
const int PendingPhotosPerUserPerSoftwareCap = 30;
|
|
|
|
/// <summary>
|
|
/// Allowed extensions for collaborator-uploaded promo art images (narrower than the
|
|
/// admin upload set; must match server-side JS validation).
|
|
/// </summary>
|
|
static readonly HashSet<string> _pendingAllowedExtensions = new(StringComparer.OrdinalIgnoreCase)
|
|
{
|
|
".jpg", ".jpeg", ".png", ".webp"
|
|
};
|
|
|
|
/// <summary>
|
|
/// Allowed content types for collaborator-uploaded promo art images (narrower than
|
|
/// the admin upload set; must match server-side JS validation).
|
|
/// </summary>
|
|
static readonly HashSet<string> _pendingAllowedContentTypes = new(StringComparer.OrdinalIgnoreCase)
|
|
{
|
|
"image/jpeg", "image/png", "image/webp"
|
|
};
|
|
|
|
/// <summary>
|
|
/// Stage a single pending promo art image for a brand-new collaborative suggestion.
|
|
/// The uploader keeps each pending file on the server (sidecar tracks ownership +
|
|
/// parent <c>softwareId</c>) until they call <c>POST /suggestions</c> referencing the
|
|
/// returned <c>guid</c>. Per-uploader cap of 30 in-flight pending images per Software.
|
|
/// </summary>
|
|
[HttpPost("pending")]
|
|
[Authorize]
|
|
[RequestSizeLimit(50 * 1024 * 1024)]
|
|
[ProducesResponseType(StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status400BadRequest)]
|
|
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
|
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
|
[ProducesResponseType(StatusCodes.Status409Conflict)]
|
|
public async Task<ActionResult<PendingImageUploadDto>> UploadPendingAsync(IFormFile file,
|
|
[FromQuery] ulong softwareId)
|
|
{
|
|
string userId = User.FindFirstValue(ClaimTypes.Sid);
|
|
|
|
if(string.IsNullOrEmpty(userId)) return Unauthorized();
|
|
|
|
if(file is null || file.Length == 0) return Problem(detail: "No file provided.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
if(file.Length > 50 * 1024 * 1024) return Problem(detail: "File exceeds 50 MB limit.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
string extension = Path.GetExtension(file.FileName)?.ToLowerInvariant() ?? string.Empty;
|
|
|
|
if(!_pendingAllowedExtensions.Contains(extension))
|
|
return Problem(detail: "Unsupported file format. Accepted: JPEG, PNG, WebP.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
if(!string.IsNullOrEmpty(file.ContentType) &&
|
|
!_pendingAllowedContentTypes.Contains(file.ContentType.ToLowerInvariant()))
|
|
return Problem(detail: "Unsupported content type.", statusCode: StatusCodes.Status400BadRequest);
|
|
|
|
bool softwareExists = await context.Softwares.AnyAsync(s => s.Id == softwareId);
|
|
|
|
if(!softwareExists) return Problem(detail: "Software not found.", statusCode: StatusCodes.Status404NotFound);
|
|
|
|
long parentEntityId = (long)softwareId;
|
|
|
|
int currentCount = PendingImageStore.CountByUploaderForParentEntity(_assetRootPath, "software-promo-art",
|
|
userId, (byte)SuggestionEntityType.SoftwarePromoArt, parentEntityId);
|
|
|
|
if(currentCount >= PendingPhotosPerUserPerSoftwareCap)
|
|
return Problem(detail: $"You already have {currentCount} pending promo art images for this software. Maximum " +
|
|
$"is {PendingPhotosPerUserPerSoftwareCap} per software. Submit or remove some first.",
|
|
statusCode: StatusCodes.Status409Conflict);
|
|
|
|
Guid guid;
|
|
|
|
await using(Stream stream = file.OpenReadStream())
|
|
{
|
|
// EntityId stays 0 because the suggestion row that will reference these images
|
|
// doesn't exist yet. ParentEntityId carries the softwareId so the per-uploader
|
|
// cap and cleanup-by-parent helpers can scope correctly.
|
|
guid = await PendingImageStore.StoreAsync(_assetRootPath, "software-promo-art", extension,
|
|
(byte)SuggestionEntityType.SoftwarePromoArt, entityId: 0L, userId, file.ContentType, stream,
|
|
parentEntityId: parentEntityId);
|
|
}
|
|
|
|
return Ok(new PendingImageUploadDto
|
|
{
|
|
Guid = guid,
|
|
Extension = extension.TrimStart('.')
|
|
});
|
|
}
|
|
|
|
/// <summary>
|
|
/// Delete a pending promo art image before it has been submitted as part of a
|
|
/// suggestion. Only the original uploader (or an admin) may delete.
|
|
/// </summary>
|
|
[HttpDelete("pending/{guid:guid}")]
|
|
[Authorize]
|
|
[ProducesResponseType(StatusCodes.Status204NoContent)]
|
|
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
|
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
|
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
|
public async Task<ActionResult> DeletePendingAsync(Guid guid)
|
|
{
|
|
string userId = User.FindFirstValue(ClaimTypes.Sid);
|
|
|
|
if(string.IsNullOrEmpty(userId)) return Unauthorized();
|
|
|
|
PendingImageStore.PendingMetadata meta =
|
|
await PendingImageStore.GetMetadataAsync(_assetRootPath, "software-promo-art", guid);
|
|
|
|
if(meta is null) return NotFound();
|
|
if(meta.EntityType != (byte)SuggestionEntityType.SoftwarePromoArt) return NotFound();
|
|
|
|
bool isAdmin = User.IsInRole("Admin") || User.IsInRole("UberAdmin");
|
|
|
|
if(!PendingImageStore.CanAccess(meta, userId, isAdmin)) return Forbid();
|
|
|
|
PendingImageStore.Delete(_assetRootPath, "software-promo-art", guid);
|
|
|
|
return NoContent();
|
|
}
|
|
|
|
/// <summary>
|
|
/// Stream the binary contents of a pending promo art image. Used by the dialog
|
|
/// thumbnail preview AND by the admin SuggestionDiffPanel preview. Auth-gated: only
|
|
/// the uploader and admins can read.
|
|
/// </summary>
|
|
[HttpGet("pending/{guid:guid}")]
|
|
[Authorize]
|
|
[ProducesResponseType(StatusCodes.Status200OK)]
|
|
[ProducesResponseType(StatusCodes.Status401Unauthorized)]
|
|
[ProducesResponseType(StatusCodes.Status403Forbidden)]
|
|
[ProducesResponseType(StatusCodes.Status404NotFound)]
|
|
public async Task<ActionResult> GetPendingAsync(Guid guid)
|
|
{
|
|
string userId = User.FindFirstValue(ClaimTypes.Sid);
|
|
|
|
if(string.IsNullOrEmpty(userId)) return Unauthorized();
|
|
|
|
PendingImageStore.PendingMetadata meta =
|
|
await PendingImageStore.GetMetadataAsync(_assetRootPath, "software-promo-art", guid);
|
|
|
|
if(meta is null) return NotFound();
|
|
if(meta.EntityType != (byte)SuggestionEntityType.SoftwarePromoArt) return NotFound();
|
|
|
|
bool isAdmin = User.IsInRole("Admin") || User.IsInRole("UberAdmin");
|
|
|
|
if(!PendingImageStore.CanAccess(meta, userId, isAdmin)) return Forbid();
|
|
|
|
string path = await PendingImageStore.GetImagePathAsync(_assetRootPath, "software-promo-art", guid);
|
|
|
|
if(path is null || !System.IO.File.Exists(path)) return NotFound();
|
|
|
|
var stream = new FileStream(path, FileMode.Open, FileAccess.Read, FileShare.Read);
|
|
|
|
return File(stream, meta.ContentType ?? "application/octet-stream");
|
|
}
|
|
|
|
static void DeleteFilesByPattern(string directory, string pattern)
|
|
{
|
|
if(!System.IO.Directory.Exists(directory)) return;
|
|
|
|
foreach(string file in System.IO.Directory.GetFiles(directory, pattern))
|
|
System.IO.File.Delete(file);
|
|
}
|
|
}
|