wisplite/raster
1
0
Fork 0
mirror of https://github.com/wisplite/raster.git synced 2026-05-01 06:32:44 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
c7d478271d2b0ddeda8da9f41cba02a38478176f
raster/backend/internal/routes/media.go
T
wisplite c7d478271d fix navbar and guest user checks 
previously guest users would cause a response 500 if a private album existed, meaning they couldn't see any albums
they also couldn't load media in any album due to requiring an access token
2025-11-23 02:58:03 -06:00

107 lines
3.0 KiB
Go
Raw Blame History

package routes
import (
"net/http"
"os"
"path/filepath"
"github.com/gin-gonic/gin"
"github.com/wisplite/raster/internal/services"
)
func RegisterMediaRoutes(rg *gin.RouterGroup) {
media := rg.Group("/media")
media.POST("/uploadMedia", func(c *gin.Context) {
file, err := c.FormFile("file")
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
accessToken := c.GetHeader("Authorization")
albumID := c.PostForm("albumId")
media, err := services.UploadMedia(file, albumID, accessToken)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
if err := os.MkdirAll(filepath.Dir(media.Path), 0755); err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to create directory"})
return
}
if err := c.SaveUploadedFile(file, media.Path); err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to save file"})
return
}
c.JSON(http.StatusOK, gin.H{"media": media})
})
media.GET("/getAllMediaInAlbum", func(c *gin.Context) {
accessToken := c.GetHeader("Authorization")
albumID := c.Query("albumId")
isPublic, err := services.IsAlbumPublic(albumID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
if isPublic {
media, err := services.GetAllMediaInPublicAlbum(albumID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
c.JSON(http.StatusOK, gin.H{"media": media})
return
} else {
media, err := services.GetAllMediaInAlbum(albumID, accessToken)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
c.JSON(http.StatusOK, gin.H{"media": media})
}
})
media.GET("/:albumId/:mediaId", func(c *gin.Context) {
albumID := c.Param("albumId")
mediaID := c.Param("mediaId")
if albumID == "root" {
albumID = ""
}
isPublic, err := services.IsAlbumPublic(albumID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
if isPublic {
mediaData, err := services.GetMedia(albumID, mediaID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
c.File(mediaData.Path)
return
}
accessToken := c.GetHeader("Authorization")
userID, err := services.ValidateAccessToken(accessToken)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
accessLevel, err := services.CheckUserAlbumAccess(userID, albumID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
if accessLevel < 0 {
c.JSON(http.StatusForbidden, gin.H{"error": "user does not have permission to view media in this album"})
return
}
mediaData, err := services.GetMedia(albumID, mediaID)
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
c.File(mediaData.Path)
})
}
Reference in New Issue View Git Blame Copy Permalink