tech/tanabata
1
1
Fork 0
Code Pull Requests Actions Releases Activity

Compare commits

base: tech/tanabata:master
Branches Tags
tech/tanabata:master tech/tanabata:archive-go tech/tanabata:archive-flask tech/tanabata:archive-c
..
compare: tech/tanabata:4154c1b0b9598358167ba2fd173fe612789dd26c
Branches Tags
tech/tanabata:master tech/tanabata:archive-go tech/tanabata:archive-flask tech/tanabata:archive-c

21 Commits
master .. 4154c1b0b9

Author SHA1 Message Date
H1K0 4154c1b0b9 feat: implement file handler and wire all /files endpoints 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 18:40:04 +03:00
H1K0 1cb2d54c0c feat: implement file service with upload, CRUD, ACL, and audit 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 18:28:59 +03:00
H1K0 a6387f2eb8 feat: seed MIME types and support all image/video formats 
007_seed_data.sql: insert 10 MIME types (4 image, 6 video) with their
canonical extensions into core.mime_types.

disk.go: register golang.org/x/image/webp decoder so imaging.Open
handles WebP still images. Videos (mp4, mov, avi, webm, 3gp, m4v)
continue to go through the ffmpeg frame-extraction path.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 18:21:27 +03:00
H1K0 cf7317747e feat: implement DiskStorage with on-demand thumbnail/preview cache 
Files stored as {files_path}/{id} (no extension). The ext parameter
is removed from Save/Read/Delete in both the port interface and
the implementation.

Thumbnail and Preview both use imaging.Thumbnail (fit within
configured max bounds, never upscale, never crop) — the config
values THUMB_WIDTH/HEIGHT and PREVIEW_WIDTH/HEIGHT are upper limits,
not forced dimensions.

Non-decodable files (video, etc.) receive a #444455 placeholder.
Cache writes use atomic temp→rename; on cache failure the generated
image is served from memory so the request still succeeds.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 18:11:54 +03:00
H1K0 dea6a55dfc feat: implement FileRepo and filter DSL parser 
filter_parser.go — recursive-descent parser for the {token,...} DSL.
Tokens: t=UUID (tag), m=INT (MIME exact), m~PATTERN (MIME LIKE),
operators & | ! ( ) with standard NOT>AND>OR precedence.
All values go through pgx parameters ($N) — SQL injection impossible.

file_repo.go — full FileRepo:
- Create/GetByID/Update via CTE RETURNING with JOIN for one round-trip
- SoftDelete/Restore/DeletePermanent with RowsAffected guards
- SetTags: full replace (DELETE + INSERT per tag)
- ListTags: delegates to loadTagsBatch (single query for N files)
- List: keyset cursor pagination (bidirectional), anchor mode,
  filter DSL, search ILIKE, trash flag, 4 sort columns.
  Cursor is base64url(JSON) encoding sort position; backward
  pagination fetches in reversed ORDER BY then reverses the slice.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 16:55:23 +03:00
H1K0 ee251c8727 feat: implement audit repo and service 
AuditRepo.Log resolves action_type_id/object_type_id via SQL subqueries.
AuditRepo.List supports dynamic filtering by user, action, object type/ID,
and date range with COUNT(*) OVER() for total count.
AuditService.Log reads user from context, marshals details to JSON,
and delegates to the repo.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 01:19:24 +03:00
H1K0 a8ec2a80cb feat: implement ACL repo and service 
Add postgres ACLRepo (List/Get/Set) and ACLService with CanView/CanEdit
checks (admin bypass, public flag, creator shortcut, explicit grants)
and GetPermissions/SetPermissions for the /acl endpoints.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 01:13:21 +03:00
H1K0 6c9b1bf1cd fix: wire handler layer in main.go and fix migration issues 
cmd/server/main.go: replace stub router with full wiring —
  UserRepo, SessionRepo, AuthService, AuthMiddleware, AuthHandler,
  NewRouter; use postgres.NewPool instead of pgxpool.New directly.

migrations/001_init_schemas.sql: wrap uuid_v7 and uuid_extract_timestamp
  function bodies with goose StatementBegin/End so semicolons inside
  dollar-quoted strings are not treated as statement separators.

migrations/007_seed_data.sql: add seed admin user (admin/admin,
  bcrypt cost 10, is_admin=true, can_create=true) for manual testing.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 00:54:54 +03:00
H1K0 caeff6786e feat: implement auth handler, middleware, and router 
domain/context.go: extend WithUser/UserFromContext with session ID

handler/response.go: respondJSON/respondError with domain→HTTP status
  mapping (404/403/401/409/400/415/500)
handler/middleware.go: Bearer JWT extraction, ParseAccessToken,
  domain.WithUser injection; aborts with 401 JSON on failure
handler/auth_handler.go: Login, Refresh, Logout, ListSessions,
  TerminateSession
handler/router.go: /health, /api/v1/auth routes; login and refresh
  are public, session routes protected by AuthMiddleware

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 00:43:41 +03:00
H1K0 296f44b4ed feat: implement auth service with JWT and session management 
Login: bcrypt credential validation, session creation, JWT pair issuance.
Logout/TerminateSession: soft-delete session (is_active = false).
Refresh: token rotation — deactivate old session, issue new pair.
ListSessions: marks IsCurrent by comparing session IDs.
ParseAccessToken: for use by auth middleware.

Claims carry uid (int16), adm (bool), sid (int). Refresh tokens are
stored as SHA-256 hashes; raw tokens never reach the database.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 00:38:21 +03:00
H1K0 f7cf8cb914 feat: implement db helpers and postgres pool/transactor 
- Add is_blocked to core.users (002_core_tables.sql)
- Add is_active to activity.sessions for soft deletes (005_activity_tables.sql)
- Implement UserRepo: List, GetByID, GetByName, Create, Update, Delete
- Implement MimeRepo: List, GetByID, GetByName
- Implement SessionRepo: Create, GetByTokenHash, ListByUser,
  UpdateLastActivity, Delete, DeleteByUserID
- Session deletes are soft (SET is_active = false); is_active is a
  SQL-only filter, not mapped to the domain type

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 00:34:45 +03:00
H1K0 1b3fc04e06 feat: implement db helpers and postgres pool/transactor 
db/db.go: TxFromContext/ContextWithTx for transaction propagation,
Querier interface (QueryRow/Query/Exec), ScanRow generic helper,
ClampLimit/ClampOffset pagination guards.

db/postgres/postgres.go: NewPool with ping validation, Transactor
backed by pgxpool (BeginTx → fn → commit/rollback), connOrTx helper
that returns the active transaction from context or falls back to pool.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 00:15:17 +03:00
H1K0 d8f6364008 feat: implement port interfaces (repository and storage) 
Define all repository interfaces in port/repository.go:
FileRepo, TagRepo, TagRuleRepo, CategoryRepo, PoolRepo, UserRepo,
SessionRepo, ACLRepo, AuditRepo, MimeRepo, and Transactor.
Add OffsetParams and PoolFileListParams as shared parameter structs.

Define FileStorage interface in port/storage.go with Save, Read,
Delete, Thumbnail, and Preview methods.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 00:11:06 +03:00
H1K0 8dd2d631e5 refactor: strengthen domain layer types and add missing page types 
- DomainError struct with Code() string method replaces plain errors.New
  sentinels; errors.Is() still works via pointer equality
- UUIDCreatedAt(uuid.UUID) time.Time helper extracts timestamp from UUID v7
- Add TagOffsetPage, CategoryOffsetPage, PoolOffsetPage
- FileListParams fields grouped with comments matching openapi.yaml params
- Fix mismatched comment on UserPage

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 00:06:44 +03:00
H1K0 a9209ae3a3 feat: initialize SvelteKit frontend with Tailwind and OpenAPI types 
- SvelteKit SPA mode with adapter-static (index.html fallback)
- Tailwind CSS v4 via @tailwindcss/vite with custom color palette
- CSS custom properties for dark/light theme (dark is default)
- Epilogue variable font with preload
- openapi-typescript generates src/lib/api/schema.ts from openapi.yaml
- Friendly domain type aliases in src/lib/api/types.ts

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-04 00:00:26 +03:00
H1K0 ba0713151c feat: config, migrations embed, and server entrypoint 
- internal/config: typed Config struct loaded from env vars via godotenv;
  all fields from docs (listen addr, JWT, DB, storage, thumbs, import)
- migrations/embed.go: embed FS so goose SQL files are baked into the binary
- cmd/server/main.go: load config → connect pgxpool → goose migrations
  (embedded) → Gin server with GET /health returning 200 OK
- .env.example: documents all required and optional env vars
- go.mod: bump to Go 1.26, add gin/pgx/goose/godotenv as direct deps

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-03 18:57:17 +03:00
H1K0 b692fabed5 refactor: split monolithic migration into 7 goose files 
001_init_schemas  — extensions, schemas, uuid_v7 functions
002_core_tables   — core.users, mime_types, object_types
003_data_tables   — data.categories, tags, tag_rules, files, file_tag, pools, file_pool
004_acl_tables    — acl.permissions
005_activity_tables — activity.action_types, sessions, file_views, pool_views, tag_uses, audit_log
006_indexes       — all indexes across all schemas
007_seed_data     — object_types and action_types reference rows

Each file has -- +goose Up / Down annotations; downs drop in reverse
dependency order.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-03 18:40:36 +03:00
H1K0 830e411d92 docs: add reference Python/Flask implementation 
Previous version of Tanabata used as visual and functional reference
for the new Go + SvelteKit rewrite.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-03 18:36:05 +03:00
H1K0 b7995b7e4a chore: add .gitignore and .gitattributes 
.gitignore covers env/secrets, OS files, IDE, Go build artifacts,
frontend build output, data dirs, and vendored reference libs.
.gitattributes enforces LF line endings, marks binaries, configures
diff drivers per language, and sets Linguist hints for repo stats.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-03 18:35:22 +03:00
H1K0 f043d38eb2 feat: initialize Go module and implement domain layer 
- Add go.mod (module tanabata/backend, Go 1.21) with uuid dependency
- Implement internal/domain: File, Tag, TagRule, Category, Pool, PoolFile,
  User, Session, Permission, ObjectType, AuditEntry + all pagination types
- Add domain error sentinels (ErrNotFound, ErrForbidden, etc.)
- Add context helpers WithUser/UserFromContext for JWT propagation
- Fix migration: remove redundant DEFAULT on exif jsonb column

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-03 18:28:33 +03:00
H1K0 780f85de59 chore: initial project structure 2026-04-01 16:17:37 +03:00
179 changed files with 645 additions and 31273 deletions
Expand all files Collapse all files
.dockerignore
-33
View File
@@ -1,33 +0,0 @@
# Keep the build context small and reproducible: never ship local state,
# dependencies, or build outputs — they are rebuilt inside the image.
# VCS / tooling
.git
.gitignore
**/.DS_Store
# Compose file — used to build/run, not needed inside the image context
docker-compose.yml
docker-compose.*.yml
# Secrets and local env
.env
.env.*
!.env.example
# Node
frontend/node_modules
frontend/.svelte-kit
frontend/build
frontend/.vite
# Go
backend/server
backend/**/*.test
# Docs / reference (not needed to build the image)
docs/reference
# Editor / OS
.vscode
.idea
.env.example
+4 -114
View File
@@ -1,108 +1,27 @@
# =============================================================================
# Tanabata File Manager — environment variables
#
# Copy to .env and fill in the secrets:
# cp .env.example .env
# docker compose up -d --build
# Copy to .env and fill in the values.
# =============================================================================
# ---------------------------------------------------------------------------
# Docker Compose (read by the compose CLI, ignored by the app)
# ---------------------------------------------------------------------------
# Profiles to enable. "with-db" runs the bundled Postgres container. Leave
# EMPTY to skip it and use a Postgres running on the host instead — then point
# DATABASE_URL at host.docker.internal (see the Database section below).
COMPOSE_PROFILES=with-db
# Host port the app is published on, bound to 127.0.0.1 (loopback) — a reverse
# proxy on the host fronts it (see README → Reverse proxy). The container always
# listens on 42776. To expose the app directly without a proxy, drop the
# "127.0.0.1:" prefix on the ports line in docker-compose.yml.
APP_PORT=42776
# ---------------------------------------------------------------------------
# Volume mounts (Docker Compose; ignored by the app)
# ---------------------------------------------------------------------------
# By default the app's data and the database live in named Docker volumes
# (app_files, app_thumbs, app_import, db_data). To keep them in specific folders
# on the host instead, point any of these at a host path — absolute, or relative
# to this file (e.g. ./data/files). Unset = named volume.
# FILES_DIR=/var/lib/tanabata/files
# THUMBS_DIR=/var/lib/tanabata/thumbs
# IMPORT_DIR=/var/lib/tanabata/import
# DB_DIR=/var/lib/tanabata/db
# When bind-mounting the app folders above, the container must be able to write
# to them. Set PUID/PGID to the owner of those folders and create them with
# matching ownership first, e.g.:
# sudo mkdir -p /var/lib/tanabata/{files,thumbs,import}
# sudo chown -R 1000:1000 /var/lib/tanabata
# PUID=1000
# PGID=1000
# Defaults match the image's tanabata user (42776), which owns the named volumes. The
# DB folder is handled by Postgres itself and needs no PUID/PGID.
# PUID=42776
# PGID=42776
# ---------------------------------------------------------------------------
# Server
# ---------------------------------------------------------------------------
# 42776 is the project's default port: the sum of the Unicode code points of
# 七夕 (七 U+4E03 = 19971, 夕 U+5915 = 22805).
LISTEN_ADDR=:42776
LISTEN_ADDR=:8080
JWT_SECRET=change-me-to-a-random-32-byte-secret
JWT_ACCESS_TTL=15m
JWT_REFRESH_TTL=720h
# How long a content token is valid. It's a single-file capability the client
# puts in a media URL to open/stream an original by link (e.g. a long video in a
# new tab), so playback survives the short access-token expiry and session
# rotation. Longer = fewer interruptions but a wider window in which a leaked URL
# can read that one file; it can't be revoked before expiry. Keep it roughly as
# long as a viewing session lasts.
CONTENT_TOKEN_TTL=6h
# Reverse-proxy hops (comma-separated CIDRs/IPs) whose X-Forwarded-For is trusted,
# so the auth rate limiter sees real client IPs instead of the proxy's. The default
# covers loopback and the Docker bridge ranges a host nginx reaches the container
# through; widen/narrow it to match your proxy. Leave at the default for the
# standard "host nginx → 127.0.0.1" setup.
TRUSTED_PROXIES=127.0.0.1/32,::1/128,172.16.0.0/12
# Initial administrator, created on first startup if it does not yet exist.
# Changing the password later (via the API) is preserved across restarts.
ADMIN_USERNAME=admin
ADMIN_PASSWORD=change-me-before-first-run
# ---------------------------------------------------------------------------
# Database
# ---------------------------------------------------------------------------
# Credentials for the bundled Postgres container (the "with-db" profile).
# Keep these in sync with DATABASE_URL below.
POSTGRES_DB=tanabata
POSTGRES_USER=tanabata
POSTGRES_PASSWORD=password
# Connection string the app uses. Pick ONE to match your database mode:
#
# • Bundled container DB (COMPOSE_PROFILES=with-db) — host is the "db" service:
DATABASE_URL=postgres://tanabata:password@db:5432/tanabata?sslmode=disable
#
# • Postgres on the host (COMPOSE_PROFILES empty):
# DATABASE_URL=postgres://tanabata:password@host.docker.internal:5432/tanabata?sslmode=disable
#
# • Bare-metal `go run` (no Docker):
# DATABASE_URL=postgres://tanabata:password@localhost:5432/tanabata?sslmode=disable
DATABASE_URL=postgres://tanabata:password@localhost:5432/tanabata?sslmode=disable
# ---------------------------------------------------------------------------
# Storage (paths inside the container; backed by named volumes in compose)
# Storage
# ---------------------------------------------------------------------------
FILES_PATH=/data/files
THUMBS_CACHE_PATH=/data/thumbs
# Maximum accepted upload size in bytes (default 500 MiB).
MAX_UPLOAD_BYTES=524288000
# ---------------------------------------------------------------------------
# Thumbnails
# ---------------------------------------------------------------------------
@@ -110,37 +29,8 @@ THUMB_WIDTH=160
THUMB_HEIGHT=160
PREVIEW_WIDTH=1920
PREVIEW_HEIGHT=1080
# Pixel cap (width×height) for the pure-Go fallback decoder, used only when
# vipsthumbnail is NOT installed; larger images then get a placeholder. With vips
# present (the default image) thumbnails shrink on load, so this limit — and its
# RAM cost — don't apply. Also bounds a decompression bomb. Default ~300 Mpx.
THUMB_MAX_PIXELS=300000000
# How many thumbnails/previews may be generated at once. Each resize already uses
# every core, so a burst of large images otherwise pegs the CPU and RAM. 0 = auto
# (half the available CPUs).
THUMB_CONCURRENCY=0
# ---------------------------------------------------------------------------
# Import
# ---------------------------------------------------------------------------
IMPORT_PATH=/data/import
# ---------------------------------------------------------------------------
# Duplicate detection
# ---------------------------------------------------------------------------
# Maximum perceptual-hash distance (Hamming, out of 64 bits) for two files to be
# treated as duplicate candidates. Lower = stricter (fewer, more confident
# matches); higher = looser (catches more re-encodes/resizes but risks false
# positives). Used only by the dedup tool's pairs rebuild — see the dedup CLI /
# `docker compose run --rm dedup`. Default 10.
DUPLICATE_HASH_THRESHOLD=10
# ---------------------------------------------------------------------------
# Static SPA
# ---------------------------------------------------------------------------
# Leave UNSET here. The Docker image already serves the built SPA from
# /app/static and compose pins STATIC_DIR for the container — an empty value in
# .env would be injected into the container and disable SPA serving. Set this
# only for a bare-metal deploy where the Go server serves a built SPA; leave it
# unset in local dev, where the Vite dev server serves the UI.
# STATIC_DIR=/path/to/frontend/build
.gitea/workflows/deploy.yml
-44
View File
@@ -1,44 +0,0 @@
name: deploy
# Build the image and (re)start the compose stack on the production host
# whenever master moves. Also runnable manually from the Gitea Actions tab.
on:
push:
branches: [master]
workflow_dispatch: {}
# One deploy at a time; queue rather than cancel an in-flight run.
concurrency:
group: deploy-prod
cancel-in-progress: false
jobs:
deploy:
# Self-hosted act_runner registered on the prod host with the "host" label
# (shell executor), so the job uses the host's git + Docker daemon and the
# existing clone in /opt/tanabata. See docs/DEPLOY.md for runner setup.
#
# Only shell steps here (no `uses:` actions), so the host needs git + docker
# and nothing else — no node, no rsync.
runs-on: host
env:
DEPLOY_DIR: /opt/tanabata
steps:
- name: Pull latest master
# DEPLOY_DIR is a git clone set up once at deploy time. reset --hard
# makes it match origin exactly; .env is untracked (.gitignore) so it
# is never touched.
run: |
cd "$DEPLOY_DIR"
git fetch --prune origin
git reset --hard origin/master
- name: Build image and start the stack
working-directory: /opt/tanabata
# .env must already exist in DEPLOY_DIR on the host (secrets + DB mode).
run: docker compose up -d --build --remove-orphans
- name: Prune dangling build layers
run: docker image prune -f
CLAUDE.md
+1 -4
View File
@@ -52,7 +52,4 @@ npm run generate:types # regenerate API types from openapi.yaml
- TypeScript: strict mode, named exports
- SQL: snake_case, all migrations via goose
- API errors: { code, message, details? }
- Git: conventional commits with scope — `type(scope): message`
- `(backend)` for Go backend code
- `(frontend)` for SvelteKit/TypeScript code
- `(project)` for root-level files (.gitignore, docs/reference, structure)
- Git: conventional commits (feat:, fix:, docs:, refactor:)
Dockerfile
-96
View File
@@ -1,96 +0,0 @@
# =============================================================================
# Tanabata File Manager — single-image build
#
# Produces one container that serves the SvelteKit SPA (built to static files)
# and the Go API on the same port. There is no Node runtime in the final image:
# the frontend uses adapter-static, so stage 1 emits plain HTML/CSS/JS that the
# Go binary serves directly (see STATIC_DIR).
# =============================================================================
# -----------------------------------------------------------------------------
# Stage 1 — build the frontend (static SPA)
# -----------------------------------------------------------------------------
FROM node:22-alpine AS frontend
WORKDIR /src/frontend
# Install dependencies first so this layer is cached unless the lockfile changes.
COPY frontend/package.json frontend/package-lock.json ./
RUN npm ci
# `npm run build` runs `generate:types`, which reads ../openapi.yaml relative to
# the frontend directory — place the spec one level up to match the repo layout.
COPY openapi.yaml /src/openapi.yaml
COPY frontend/ ./
RUN npm run build
# Output: /src/frontend/build (index.html, _app/, fonts, service-worker.js, …)
# -----------------------------------------------------------------------------
# Stage 2 — build the Go server (static binary)
# -----------------------------------------------------------------------------
FROM golang:1.26-alpine AS backend
WORKDIR /src/backend
# Download modules first so this layer is cached unless go.mod/go.sum changes.
COPY backend/go.mod backend/go.sum ./
RUN go mod download
COPY backend/ ./
# CGO is disabled: the binary shells out to external tools at runtime
# (vipsthumbnail for image thumbnails, ffmpeg for video frames, exiftool for
# metadata) and falls back to pure-Go image processing (disintegration/imaging)
# when vips is absent, so it stays fully static and portable across base images.
RUN CGO_ENABLED=0 GOOS=linux go build -trimpath -ldflags="-s -w" -o /out/server ./cmd/server
# dedup: offline maintenance CLI for duplicate detection (hash backfill + pairs
# rescan). Shipped alongside the server so it can be run with `docker exec`.
RUN CGO_ENABLED=0 GOOS=linux go build -trimpath -ldflags="-s -w" -o /out/dedup ./cmd/dedup
# -----------------------------------------------------------------------------
# Stage 3 — minimal runtime
#
# Alpine (not distroless/scratch) because thumbnailing and metadata extraction
# invoke external processes (vipsthumbnail, ffmpeg, exiftool) that must be present
# on the runtime image.
# -----------------------------------------------------------------------------
FROM alpine:3.21 AS runtime
# vips-tools: fast, low-memory image thumbnails (shrink-on-load, so multi-hundred-
# Mpx photos cost little). ffmpeg: video frame extraction. exiftool: rich metadata.
# ca-certificates/tzdata: TLS + time zones.
RUN apk add --no-cache vips-tools ffmpeg exiftool ca-certificates tzdata
# Run as an unprivileged user.
RUN addgroup -S -g 42776 tanabata && adduser -S -G tanabata -u 42776 tanabata
WORKDIR /app
# The built SPA, served by the Go binary (matches STATIC_DIR below).
COPY --from=frontend --chown=tanabata:tanabata /src/frontend/build /app/static
# The server binary.
COPY --from=backend --chown=tanabata:tanabata /out/server /app/server
# The dedup maintenance CLI (run via `docker exec`, not the entrypoint).
COPY --from=backend --chown=tanabata:tanabata /out/dedup /app/dedup
# Data directories (overridable via FILES_PATH/THUMBS_CACHE_PATH/IMPORT_PATH).
# Created and owned by the tanabata user so a fresh named volume inherits write access.
RUN mkdir -p /data/files /data/thumbs /data/import && chown -R tanabata:tanabata /data
# Non-secret defaults mirroring .env.example. Secrets (JWT_SECRET, ADMIN_PASSWORD,
# DATABASE_URL) are intentionally NOT baked in — pass them at `docker run`.
ENV LISTEN_ADDR=:42776 \
STATIC_DIR=/app/static \
FILES_PATH=/data/files \
THUMBS_CACHE_PATH=/data/thumbs \
IMPORT_PATH=/data/import
EXPOSE 42776
VOLUME ["/data"]
USER tanabata
HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \
CMD wget -qO- http://127.0.0.1:42776/health >/dev/null 2>&1 || exit 1
ENTRYPOINT ["/app/server"]
README.md
-98
View File
@@ -1,98 +0,0 @@
# Tanabata File Manager
A multi-user, tag-based web file manager for images and video. Go + Gin backend
(Clean Architecture, pgx, goose migrations), SvelteKit SPA frontend, PostgreSQL,
JWT auth — shipped as a single Docker image that serves both the API and the
built SPA on one port.
## Documentation
- [`openapi.yaml`](openapi.yaml) — full REST API specification
- [`docs/DEPLOY.md`](docs/DEPLOY.md) — production deploy (Gitea Actions → host)
- [`docs/GO_PROJECT_STRUCTURE.md`](docs/GO_PROJECT_STRUCTURE.md) — backend architecture
- [`docs/FRONTEND_STRUCTURE.md`](docs/FRONTEND_STRUCTURE.md) — frontend architecture
- [`.env.example`](.env.example) — every configuration variable, documented
## Quick start
```bash
cp .env.example .env # then edit the secrets (JWT_SECRET, ADMIN_PASSWORD, …)
docker compose up -d --build
```
By default this runs the app plus a bundled PostgreSQL container
(`COMPOSE_PROFILES=with-db`). To point at a Postgres already on the host, set
`COMPOSE_PROFILES=` empty and aim `DATABASE_URL` at `host.docker.internal`. See
[`.env.example`](.env.example) for the full matrix.
The app is published on **127.0.0.1** only and expects a reverse proxy in front
(see below). The default port is **42776** — the sum of the Unicode code points
of 七夕.
## Reverse proxy (nginx)
The container publishes its port on loopback (`127.0.0.1:${APP_PORT}:42776` in
[`docker-compose.yml`](docker-compose.yml)), so a reverse proxy on the host
terminates TLS and forwards to it. Three settings matter for this app:
1. **`client_max_body_size`** — uploads go up to `MAX_UPLOAD_BYTES` (500 MiB by
default). nginx caps request bodies at **1 MiB** out of the box, so without
this every large upload fails with `413`.
2. **Forwarded headers** — the app trusts `X-Forwarded-For` only from the hops in
`TRUSTED_PROXIES` (default: loopback + Docker bridge ranges) and keys its
login/refresh rate limiter on the resulting client IP. If the proxy doesn't
send the header, every request looks like it comes from the proxy and shares
one rate-limit bucket.
3. **Streaming for big media** — turning request/response buffering off lets
large uploads stream straight to the app and lets video range-seeks work
without nginx spooling whole files to disk first.
```nginx
server {
listen 443 ssl;
server_name tanabata.example.com;
# ssl_certificate / ssl_certificate_key ... (e.g. from certbot)
# Match MAX_UPLOAD_BYTES (500 MiB default); nginx defaults to 1m → 413.
client_max_body_size 512m;
location / {
proxy_pass http://127.0.0.1:42776; # APP_PORT
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Stream large uploads/downloads instead of buffering to disk; keeps
# video range-seek responsive. Scope these to file/preview locations
# instead if you'd rather keep buffering for small JSON responses.
proxy_request_buffering off;
proxy_buffering off;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
}
```
If you run the app **without** a proxy and want it reachable on the LAN, drop the
`127.0.0.1:` prefix from the `ports` line in
[`docker-compose.yml`](docker-compose.yml) and adjust `TRUSTED_PROXIES`
accordingly.
## Development
```bash
# Backend
cd backend
go run ./cmd/server # dev server
go test ./... # all tests
# Frontend
cd frontend
npm run dev # Vite dev server
npm run build # production build
npm run generate:types # regenerate API types from openapi.yaml
```
backend/cmd/dedup/main.go
-217
View File
@@ -1,217 +0,0 @@
// Command dedup is the offline maintenance tool for duplicate detection. It runs
// in two phases:
//
// hashes — compute the perceptual hash of every live image/video that has none
// yet (images from their bytes, videos from a middle frame via ffmpeg).
// pairs — rebuild data.duplicate_pairs from all current hashes.
//
// Both phases run by default; pass -hashes or -pairs to run only one. It reuses
// the server's configuration (DATABASE_URL, FILES_PATH, THUMBS_CACHE_PATH, …) and
// is safe to re-run: hashing only touches files whose phash is NULL, and the
// pairs rebuild is a full replace.
//
// go run ./cmd/dedup # hashes, then pairs
// go run ./cmd/dedup -pairs # only rebuild pairs
package main
import (
"context"
"flag"
"fmt"
"io"
"os"
"strings"
"github.com/google/uuid"
"tanabata/backend/internal/config"
"tanabata/backend/internal/db/postgres"
"tanabata/backend/internal/imagehash"
"tanabata/backend/internal/service"
"tanabata/backend/internal/storage"
)
func main() {
hashesOnly := flag.Bool("hashes", false, "only (re)compute missing perceptual hashes")
pairsOnly := flag.Bool("pairs", false, "only rebuild the duplicate pairs table")
flag.Parse()
// No flag, or both, means run everything.
doHashes := *hashesOnly || !*pairsOnly
doPairs := *pairsOnly || !*hashesOnly
cfg, err := config.Load()
if err != nil {
fatal("load config", err)
}
ctx := context.Background()
pool, err := postgres.NewPool(ctx, cfg.DatabaseURL)
if err != nil {
fatal("connect to database", err)
}
defer pool.Close()
diskStorage, err := storage.NewDiskStorage(
cfg.FilesPath, cfg.ThumbsCachePath,
cfg.ThumbWidth, cfg.ThumbHeight,
cfg.PreviewWidth, cfg.PreviewHeight,
cfg.ThumbMaxPixels, cfg.ThumbConcurrency,
)
if err != nil {
fatal("init storage", err)
}
fileRepo := postgres.NewFileRepo(pool)
pairRepo := postgres.NewDuplicatePairRepo(pool)
dismissalRepo := postgres.NewDismissalRepo(pool)
aclRepo := postgres.NewACLRepo(pool)
auditRepo := postgres.NewAuditRepo(pool)
tagRepo := postgres.NewTagRepo(pool)
categoryRepo := postgres.NewCategoryRepo(pool)
poolRepo := postgres.NewPoolRepo(pool)
transactor := postgres.NewTransactor(pool)
aclSvc := service.NewACLService(aclRepo, fileRepo, tagRepo, categoryRepo, poolRepo, transactor)
auditSvc := service.NewAuditService(auditRepo)
dupSvc := service.NewDuplicateService(
fileRepo, pairRepo, dismissalRepo, aclSvc, auditSvc, transactor, cfg.DuplicateHashThreshold,
)
if doHashes {
if err := backfillHashes(ctx, fileRepo, diskStorage); err != nil {
fatal("backfill hashes", err)
}
}
if doPairs {
fmt.Printf("rebuilding duplicate pairs (threshold %d)...\n", cfg.DuplicateHashThreshold)
// total is only known once Rescan has loaded the hashes, so create the bar
// lazily on the first progress callback.
var prog *progress
if err := dupSvc.Rescan(ctx, func(done, total int) {
if prog == nil {
prog = newProgress("matching", total)
}
prog.set(done)
}); err != nil {
fatal("rescan pairs", err)
}
if prog != nil {
prog.finish()
}
fmt.Println(" done")
}
}
// backfillHashes computes and stores a perceptual hash for every live image/video
// that lacks one. Failures on individual files are counted and reported, not
// fatal, so one unreadable file doesn't abort the whole run.
func backfillHashes(ctx context.Context, files *postgres.FileRepo, store *storage.DiskStorage) error {
pending, err := files.ListMissingPHash(ctx)
if err != nil {
return err
}
total := len(pending)
fmt.Printf("hashing %d files without a perceptual hash...\n", total)
var hashed, skipped, failed int
prog := newProgress("hashing", total)
for i, f := range pending {
ph, err := hashOne(ctx, store, f.ID, f.MIMEType)
switch {
case err != nil:
failed++
fmt.Fprintf(os.Stderr, "\n %s (%s): %v\n", f.ID, f.MIMEType, err)
case ph == nil:
skipped++ // not decodable; leave phash NULL
default:
if err := files.SetPHash(ctx, f.ID, ph); err != nil {
return fmt.Errorf("set phash for %s: %w", f.ID, err)
}
hashed++
}
prog.set(i + 1)
}
prog.finish()
fmt.Printf(" hashed %d, skipped %d, failed %d\n", hashed, skipped, failed)
return nil
}
// hashOne returns the perceptual hash for one file, or nil when it isn't hashable
// (e.g. an image that won't decode). Images are hashed from their bytes; videos
// from a middle frame.
func hashOne(ctx context.Context, store *storage.DiskStorage, id uuid.UUID, mime string) (*int64, error) {
switch {
case strings.HasPrefix(mime, "image/"):
rc, err := store.Read(ctx, id)
if err != nil {
return nil, err
}
defer rc.Close()
data, err := io.ReadAll(rc)
if err != nil {
return nil, err
}
if h, ok := imagehash.FromBytes(data); ok {
return &h, nil
}
return nil, nil
case strings.HasPrefix(mime, "video/"):
img, err := store.VideoFrameMiddle(ctx, id)
if err != nil {
return nil, err
}
h := imagehash.FromImage(img)
return &h, nil
default:
return nil, nil
}
}
// progress renders a dependency-free progress indicator. On a TTY it draws an
// in-place bar; otherwise (pipe, cron, CI) it prints a line every 10% so logs
// stay readable instead of filling with carriage returns.
type progress struct {
label string
tty bool
total int
lastDec int // last 10%-decile printed in non-TTY mode
}
func newProgress(label string, total int) *progress {
fi, _ := os.Stdout.Stat()
tty := fi != nil && fi.Mode()&os.ModeCharDevice != 0
return &progress{label: label, tty: tty, total: total, lastDec: -1}
}
func (p *progress) set(done int) {
if p.total <= 0 {
return
}
pct := done * 100 / p.total
if p.tty {
const w = 30
filled := done * w / p.total
fmt.Printf("\r %s [%s%s] %3d%% (%d/%d)",
p.label,
strings.Repeat("#", filled), strings.Repeat("-", w-filled),
pct, done, p.total)
return
}
if dec := pct / 10; dec != p.lastDec {
p.lastDec = dec
fmt.Printf(" %s %d%% (%d/%d)\n", p.label, pct, done, p.total)
}
}
// finish ends the in-place bar with a newline (TTY only).
func (p *progress) finish() {
if p.tty && p.total > 0 {
fmt.Println()
}
}
func fatal(what string, err error) {
fmt.Fprintf(os.Stderr, "dedup: %s: %v\n", what, err)
os.Exit(1)
}
backend/cmd/server/main.go
+4 -54
View File
@@ -3,9 +3,7 @@ package main
import (
"context"
"log/slog"
"net/http"
"os"
"time"
"github.com/jackc/pgx/v5/stdlib"
"github.com/pressly/goose/v3"
@@ -52,7 +50,6 @@ func main() {
cfg.ThumbsCachePath,
cfg.ThumbWidth, cfg.ThumbHeight,
cfg.PreviewWidth, cfg.PreviewHeight,
cfg.ThumbMaxPixels, cfg.ThumbConcurrency,
)
if err != nil {
slog.Error("failed to initialise storage", "err", err)
@@ -66,12 +63,6 @@ func main() {
mimeRepo := postgres.NewMimeRepo(pool)
aclRepo := postgres.NewACLRepo(pool)
auditRepo := postgres.NewAuditRepo(pool)
tagRepo := postgres.NewTagRepo(pool)
tagRuleRepo := postgres.NewTagRuleRepo(pool)
categoryRepo := postgres.NewCategoryRepo(pool)
poolRepo := postgres.NewPoolRepo(pool)
duplicatePairRepo := postgres.NewDuplicatePairRepo(pool)
dismissalRepo := postgres.NewDismissalRepo(pool)
transactor := postgres.NewTransactor(pool)
// Services
@@ -81,69 +72,28 @@ func main() {
cfg.JWTSecret,
cfg.JWTAccessTTL,
cfg.JWTRefreshTTL,
cfg.ContentTokenTTL,
)
aclSvc := service.NewACLService(aclRepo, fileRepo, tagRepo, categoryRepo, poolRepo, transactor)
aclSvc := service.NewACLService(aclRepo)
auditSvc := service.NewAuditService(auditRepo)
tagSvc := service.NewTagService(tagRepo, tagRuleRepo, aclSvc, auditSvc, transactor)
categorySvc := service.NewCategoryService(categoryRepo, tagRepo, aclSvc, auditSvc)
poolSvc := service.NewPoolService(poolRepo, aclSvc, auditSvc)
duplicateSvc := service.NewDuplicateService(
fileRepo, duplicatePairRepo, dismissalRepo, aclSvc, auditSvc, transactor, cfg.DuplicateHashThreshold,
)
fileSvc := service.NewFileService(
fileRepo,
mimeRepo,
diskStorage,
aclSvc,
auditSvc,
tagSvc,
transactor,
cfg.ImportPath,
)
userSvc := service.NewUserService(userRepo, sessionRepo, auditSvc)
// Bootstrap the initial administrator (idempotent).
if err := userSvc.EnsureAdmin(context.Background(), cfg.AdminUsername, cfg.AdminPassword); err != nil {
slog.Error("failed to bootstrap admin user", "err", err)
os.Exit(1)
}
// Handlers
authMiddleware := handler.NewAuthMiddleware(authSvc)
authHandler := handler.NewAuthHandler(authSvc)
fileHandler := handler.NewFileHandler(fileSvc, tagSvc, authSvc, cfg.MaxUploadBytes)
duplicateHandler := handler.NewDuplicateHandler(duplicateSvc)
tagHandler := handler.NewTagHandler(tagSvc, fileSvc)
categoryHandler := handler.NewCategoryHandler(categorySvc)
poolHandler := handler.NewPoolHandler(poolSvc)
userHandler := handler.NewUserHandler(userSvc)
aclHandler := handler.NewACLHandler(aclSvc)
auditHandler := handler.NewAuditHandler(auditSvc)
fileHandler := handler.NewFileHandler(fileSvc)
r, err := handler.NewRouter(
authMiddleware, authHandler,
fileHandler, duplicateHandler, tagHandler, categoryHandler, poolHandler,
userHandler, aclHandler, auditHandler,
cfg.StaticDir,
cfg.TrustedProxies,
)
if err != nil {
slog.Error("building router", "err", err)
os.Exit(1)
}
// ReadHeaderTimeout bounds slow-header (Slowloris) attacks; body read/write
// are left unbounded so large file uploads and downloads can stream.
srv := &http.Server{
Addr: cfg.ListenAddr,
Handler: r,
ReadHeaderTimeout: 10 * time.Second,
IdleTimeout: 120 * time.Second,
}
r := handler.NewRouter(authMiddleware, authHandler, fileHandler)
slog.Info("starting server", "addr", cfg.ListenAddr)
if err := srv.ListenAndServe(); err != nil {
if err := r.Run(cfg.ListenAddr); err != nil {
slog.Error("server error", "err", err)
os.Exit(1)
}
backend/go.mod
+9 -58
View File
@@ -5,100 +5,51 @@ go 1.26
toolchain go1.26.1
require (
github.com/disintegration/imaging v1.6.2
github.com/gabriel-vasile/mimetype v1.4.12
github.com/gin-gonic/gin v1.9.1
github.com/golang-jwt/jwt/v5 v5.3.1
github.com/google/uuid v1.6.0
github.com/jackc/pgx/v5 v5.5.5
github.com/joho/godotenv v1.5.1
github.com/pressly/goose/v3 v3.21.1
github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd
github.com/stretchr/testify v1.11.1
github.com/testcontainers/testcontainers-go v0.41.0
github.com/testcontainers/testcontainers-go/modules/postgres v0.41.0
golang.org/x/crypto v0.48.0
golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8
)
require (
dario.cat/mergo v1.0.2 // indirect
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/bytedance/gopkg v0.1.3 // indirect
github.com/bytedance/sonic v1.15.0 // indirect
github.com/bytedance/sonic/loader v0.5.0 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/cloudwego/base64x v0.1.6 // indirect
github.com/containerd/errdefs v1.0.0 // indirect
github.com/containerd/errdefs/pkg v0.3.0 // indirect
github.com/containerd/log v0.1.0 // indirect
github.com/containerd/platforms v0.2.1 // indirect
github.com/cpuguy83/dockercfg v0.3.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/distribution/reference v0.6.0 // indirect
github.com/docker/docker v28.5.2+incompatible // indirect
github.com/docker/go-connections v0.6.0 // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/ebitengine/purego v0.10.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/disintegration/imaging v1.6.2 // indirect
github.com/gabriel-vasile/mimetype v1.4.12 // indirect
github.com/gin-contrib/sse v0.1.0 // indirect
github.com/go-logr/logr v1.4.3 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-ole/go-ole v1.2.6 // indirect
github.com/go-playground/locales v0.14.1 // indirect
github.com/go-playground/universal-translator v0.18.1 // indirect
github.com/go-playground/validator/v10 v10.22.0 // indirect
github.com/goccy/go-json v0.10.5 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 // indirect
github.com/golang-jwt/jwt/v5 v5.3.1 // indirect
github.com/jackc/pgpassfile v1.0.0 // indirect
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
github.com/jackc/puddle/v2 v2.2.1 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/klauspost/compress v1.18.2 // indirect
github.com/klauspost/cpuid/v2 v2.2.9 // indirect
github.com/kr/text v0.2.0 // indirect
github.com/leodido/go-urn v1.4.0 // indirect
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
github.com/magiconair/properties v1.8.10 // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mfridman/interpolate v0.0.2 // indirect
github.com/moby/docker-image-spec v1.3.1 // indirect
github.com/moby/go-archive v0.2.0 // indirect
github.com/moby/patternmatcher v0.6.0 // indirect
github.com/moby/sys/sequential v0.6.0 // indirect
github.com/moby/sys/user v0.4.0 // indirect
github.com/moby/sys/userns v0.1.0 // indirect
github.com/moby/term v0.5.2 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/morikuni/aec v1.0.0 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.1 // indirect
github.com/pelletier/go-toml/v2 v2.2.4 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
github.com/rogpeppe/go-internal v1.14.1 // indirect
github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd // indirect
github.com/sethvargo/go-retry v0.3.0 // indirect
github.com/shirou/gopsutil/v4 v4.26.2 // indirect
github.com/sirupsen/logrus v1.9.3 // indirect
github.com/tklauser/go-sysconf v0.3.16 // indirect
github.com/tklauser/numcpus v0.11.0 // indirect
github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
github.com/ugorji/go/codec v1.3.1 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
go.opentelemetry.io/otel v1.41.0 // indirect
go.opentelemetry.io/otel/metric v1.41.0 // indirect
go.opentelemetry.io/otel/trace v1.41.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/arch v0.22.0 // indirect
golang.org/x/net v0.49.0 // indirect
golang.org/x/crypto v0.39.0 // indirect
golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8 // indirect
golang.org/x/net v0.33.0 // indirect
golang.org/x/sync v0.19.0 // indirect
golang.org/x/sys v0.41.0 // indirect
golang.org/x/text v0.34.0 // indirect
google.golang.org/grpc v1.79.1 // indirect
google.golang.org/protobuf v1.36.11 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
)
backend/go.sum
+8 -142
View File
@@ -1,69 +1,25 @@
dario.cat/mergo v1.0.2 h1:85+piFYR1tMbRrLcDwR18y4UKJ3aH1Tbzi24VRW1TK8=
dario.cat/mergo v1.0.2/go.mod h1:E/hbnu0NxMFBjpMIE34DRGLWqDy0g5FuKDhCb31ngxA=
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 h1:He8afgbRMd7mFxO99hRNu+6tazq8nFF9lIwo9JFroBk=
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8=
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c h1:udKWzYgxTojEKWjV8V+WSxDXJ4NFATAsZjh8iIbsQIg=
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
github.com/bytedance/gopkg v0.1.3 h1:TPBSwH8RsouGCBcMBktLt1AymVo2TVsBVCY4b6TnZ/M=
github.com/bytedance/gopkg v0.1.3/go.mod h1:576VvJ+eJgyCzdjS+c4+77QF3p7ubbtiKARP3TxducM=
github.com/bytedance/sonic v1.15.0 h1:/PXeWFaR5ElNcVE84U0dOHjiMHQOwNIx3K4ymzh/uSE=
github.com/bytedance/sonic v1.15.0/go.mod h1:tFkWrPz0/CUCLEF4ri4UkHekCIcdnkqXw9VduqpJh0k=
github.com/bytedance/sonic/loader v0.5.0 h1:gXH3KVnatgY7loH5/TkeVyXPfESoqSBSBEiDd5VjlgE=
github.com/bytedance/sonic/loader v0.5.0/go.mod h1:AR4NYCk5DdzZizZ5djGqQ92eEhCCcdf5x77udYiSJRo=
github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/cenkalti/backoff/v5 v5.0.3 h1:ZN+IMa753KfX5hd8vVaMixjnqRZ3y8CuJKRKj1xcsSM=
github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw=
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/cloudwego/base64x v0.1.6 h1:t11wG9AECkCDk5fMSoxmufanudBtJ+/HemLstXDLI2M=
github.com/cloudwego/base64x v0.1.6/go.mod h1:OFcloc187FXDaYHvrNIjxSe8ncn0OOM8gEHfghB2IPU=
github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI=
github.com/containerd/errdefs v1.0.0/go.mod h1:+YBYIdtsnF4Iw6nWZhJcqGSg/dwvV7tyJ/kCkyJ2k+M=
github.com/containerd/errdefs/pkg v0.3.0 h1:9IKJ06FvyNlexW690DXuQNx2KA2cUJXx151Xdx3ZPPE=
github.com/containerd/errdefs/pkg v0.3.0/go.mod h1:NJw6s9HwNuRhnjJhM7pylWwMyAkmCQvQ4GpJHEqRLVk=
github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I=
github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo=
github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpSBQv6A=
github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw=
github.com/cpuguy83/dockercfg v0.3.2 h1:DlJTyZGBDlXqUZ2Dk2Q3xHs/FtnooJJVaad2S9GKorA=
github.com/cpuguy83/dockercfg v0.3.2/go.mod h1:sugsbF4//dDlL/i+S+rtpIWp+5h0BHJHfjj5/jFyUJc=
github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/disintegration/imaging v1.6.2 h1:w1LecBlG2Lnp8B3jk5zSuNqd7b4DXhcjwek1ei82L+c=
github.com/disintegration/imaging v1.6.2/go.mod h1:44/5580QXChDfwIclfc/PCwrr44amcmDAg8hxG0Ewe4=
github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
github.com/docker/docker v28.5.2+incompatible h1:DBX0Y0zAjZbSrm1uzOkdr1onVghKaftjlSWt4AFexzM=
github.com/docker/docker v28.5.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/go-connections v0.6.0 h1:LlMG9azAe1TqfR7sO+NJttz1gy6KO7VJBh+pMmjSD94=
github.com/docker/go-connections v0.6.0/go.mod h1:AahvXYshr6JgfUJGdDCs2b5EZG/vmaMAntpSFH5BFKE=
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
github.com/ebitengine/purego v0.10.0 h1:QIw4xfpWT6GWTzaW5XEKy3HXoqrJGx1ijYHzTF0/ISU=
github.com/ebitengine/purego v0.10.0/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/gabriel-vasile/mimetype v1.4.12 h1:e9hWvmLYvtp846tLHam2o++qitpguFiYCKbn0w9jyqw=
github.com/gabriel-vasile/mimetype v1.4.12/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
github.com/gin-gonic/gin v1.9.1 h1:4idEAncQnU5cB7BeOkPtxjfCSye0AAm1R0RVIqJ+Jmg=
github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU=
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
@@ -76,14 +32,11 @@ github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
github.com/golang-jwt/jwt/v5 v5.3.1 h1:kYf81DTWFe7t+1VvL7eS+jKFVWaUnK9cB1qbwn63YCY=
github.com/golang-jwt/jwt/v5 v5.3.1/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 h1:HWRh5R2+9EifMyIHV7ZV+MIZqgz+PMpZ14Jynv3O2Zs=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0/go.mod h1:JfhWUomR1baixubs02l85lZYYOm7LV6om4ceouMv45c=
github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
@@ -98,65 +51,29 @@ github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
github.com/klauspost/compress v1.18.2 h1:iiPHWW0YrcFgpBYhsA6D1+fqHssJscY/Tm/y2Uqnapk=
github.com/klauspost/compress v1.18.2/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4=
github.com/klauspost/cpuid/v2 v2.2.9 h1:66ze0taIn2H33fBvCkXuv9BmCwDfafmiIVpKV9kKGuY=
github.com/klauspost/cpuid/v2 v2.2.9/go.mod h1:rqkxqrZ1EhYM9G+hXH7YdowN5R5RGN6NK4QwQ3WMXF8=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0=
github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4=
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
github.com/magiconair/properties v1.8.10 h1:s31yESBquKXCV9a/ScB3ESkOjUYYv+X0rg8SYxI99mE=
github.com/magiconair/properties v1.8.10/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mdelapenya/tlscert v0.2.0 h1:7H81W6Z/4weDvZBNOfQte5GpIMo0lGYEeWbkGp5LJHI=
github.com/mdelapenya/tlscert v0.2.0/go.mod h1:O4njj3ELLnJjGdkN7M/vIVCpZ+Cf0L6muqOG4tLSl8o=
github.com/mfridman/interpolate v0.0.2 h1:pnuTK7MQIxxFz1Gr+rjSIx9u7qVjf5VOoM/u6BbAxPY=
github.com/mfridman/interpolate v0.0.2/go.mod h1:p+7uk6oE07mpE/Ik1b8EckO0O4ZXiGAfshKBWLUM9Xg=
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
github.com/moby/go-archive v0.2.0 h1:zg5QDUM2mi0JIM9fdQZWC7U8+2ZfixfTYoHL7rWUcP8=
github.com/moby/go-archive v0.2.0/go.mod h1:mNeivT14o8xU+5q1YnNrkQVpK+dnNe/K6fHqnTg4qPU=
github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk=
github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc=
github.com/moby/sys/atomicwriter v0.1.0 h1:kw5D/EqkBwsBFi0ss9v1VG3wIkVhzGvLklJ+w3A14Sw=
github.com/moby/sys/atomicwriter v0.1.0/go.mod h1:Ul8oqv2ZMNHOceF643P6FKPXeCmYtlQMvpizfsSoaWs=
github.com/moby/sys/sequential v0.6.0 h1:qrx7XFUd/5DxtqcoH1h438hF5TmOvzC/lspjy7zgvCU=
github.com/moby/sys/sequential v0.6.0/go.mod h1:uyv8EUTrca5PnDsdMGXhZe6CCe8U/UiTWd+lL+7b/Ko=
github.com/moby/sys/user v0.4.0 h1:jhcMKit7SA80hivmFJcbB1vqmw//wU61Zdui2eQXuMs=
github.com/moby/sys/user v0.4.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs=
github.com/moby/sys/userns v0.1.0 h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g=
github.com/moby/sys/userns v0.1.0/go.mod h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28=
github.com/moby/term v0.5.2 h1:6qk3FJAFDs6i/q3W/pQ97SX192qKfZgGjCQqfCJkgzQ=
github.com/moby/term v0.5.2/go.mod h1:d3djjFCrjnB+fl8NJux+EJzu0msscUP+f8it8hPkFLc=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU=
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
github.com/pressly/goose/v3 v3.21.1 h1:5SSAKKWej8LVVzNLuT6KIvP1eFDuPvxa+B6H0w78buQ=
github.com/pressly/goose/v3 v3.21.1/go.mod h1:sqthmzV8PitchEkjecFJII//l43dLOCzfWh8pHEe+vE=
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
@@ -167,88 +84,39 @@ github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd h1:CmH9+J6ZSsIjUK
github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd/go.mod h1:hPqNNc0+uJM6H+SuU8sEs5K5IQeKccPqeSjfgcKGgPk=
github.com/sethvargo/go-retry v0.3.0 h1:EEt31A35QhrcRZtrYFDTBg91cqZVnFL2navjDrah2SE=
github.com/sethvargo/go-retry v0.3.0/go.mod h1:mNX17F0C/HguQMyMyJxcnU471gOZGxCLyYaFyAZraas=
github.com/shirou/gopsutil/v4 v4.26.2 h1:X8i6sicvUFih4BmYIGT1m2wwgw2VG9YgrDTi7cIRGUI=
github.com/shirou/gopsutil/v4 v4.26.2/go.mod h1:LZ6ewCSkBqUpvSOf+LsTGnRinC6iaNUNMGBtDkJBaLQ=
github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
github.com/testcontainers/testcontainers-go v0.41.0 h1:mfpsD0D36YgkxGj2LrIyxuwQ9i2wCKAD+ESsYM1wais=
github.com/testcontainers/testcontainers-go v0.41.0/go.mod h1:pdFrEIfaPl24zmBjerWTTYaY0M6UHsqA1YSvsoU40MI=
github.com/testcontainers/testcontainers-go/modules/postgres v0.41.0 h1:AOtFXssrDlLm84A2sTTR/AhvJiYbrIuCO59d+Ro9Tb0=
github.com/testcontainers/testcontainers-go/modules/postgres v0.41.0/go.mod h1:k2a09UKhgSp6vNpliIY0QSgm4Hi7GXVTzWvWgUemu/8=
github.com/tklauser/go-sysconf v0.3.16 h1:frioLaCQSsF5Cy1jgRBrzr6t502KIIwQ0MArYICU0nA=
github.com/tklauser/go-sysconf v0.3.16/go.mod h1:/qNL9xxDhc7tx3HSRsLWNnuzbVfh3e7gh/BmM179nYI=
github.com/tklauser/numcpus v0.11.0 h1:nSTwhKH5e1dMNsCdVBukSZrURJRoHbSEQjdEbY+9RXw=
github.com/tklauser/numcpus v0.11.0/go.mod h1:z+LwcLq54uWZTX0u/bGobaV34u6V7KNlTZejzM6/3MQ=
github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
github.com/ugorji/go/codec v1.3.1 h1:waO7eEiFDwidsBN6agj1vJQ4AG7lh2yqXyOXqhgQuyY=
github.com/ugorji/go/codec v1.3.1/go.mod h1:pRBVtBSKl77K30Bv8R2P+cLSGaTtex6fsA2Wjqmfxj4=
github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw=
go.opentelemetry.io/otel v1.41.0 h1:YlEwVsGAlCvczDILpUXpIpPSL/VPugt7zHThEMLce1c=
go.opentelemetry.io/otel v1.41.0/go.mod h1:Yt4UwgEKeT05QbLwbyHXEwhnjxNO6D8L5PQP51/46dE=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 h1:Mne5On7VWdx7omSrSSZvM4Kw7cS7NQkOOmLcgscI51U=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0/go.mod h1:IPtUMKL4O3tH5y+iXVyAXqpAwMuzC1IrxVS81rummfE=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.41.0 h1:inYW9ZhgqiDqh6BioM7DVHHzEGVq76Db5897WLGZ5Go=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.41.0/go.mod h1:Izur+Wt8gClgMJqO/cZ8wdeeMryJ/xxiOVgFSSfpDTY=
go.opentelemetry.io/otel/metric v1.41.0 h1:rFnDcs4gRzBcsO9tS8LCpgR0dxg4aaxWlJxCno7JlTQ=
go.opentelemetry.io/otel/metric v1.41.0/go.mod h1:xPvCwd9pU0VN8tPZYzDZV/BMj9CM9vs00GuBjeKhJps=
go.opentelemetry.io/otel/sdk v1.41.0 h1:YPIEXKmiAwkGl3Gu1huk1aYWwtpRLeskpV+wPisxBp8=
go.opentelemetry.io/otel/sdk v1.41.0/go.mod h1:ahFdU0G5y8IxglBf0QBJXgSe7agzjE4GiTJ6HT9ud90=
go.opentelemetry.io/otel/trace v1.41.0 h1:Vbk2co6bhj8L59ZJ6/xFTskY+tGAbOnCtQGVVa9TIN0=
go.opentelemetry.io/otel/trace v1.41.0/go.mod h1:U1NU4ULCoxeDKc09yCWdWe+3QoyweJcISEVa1RBzOis=
go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I=
go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM=
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
golang.org/x/arch v0.22.0 h1:c/Zle32i5ttqRXjdLyyHZESLD/bB90DCU1g9l/0YBDI=
golang.org/x/arch v0.22.0/go.mod h1:dNHoOeKiyja7GTvF9NJS1l3Z2yntpQNzgrjh1cU103A=
golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8 h1:hVwzHzIUGRjiF7EcUjqNxk3NCfkPxbDKRdnNE1Rpg0U=
golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o=
golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8=
golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k=
golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg=
golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.34.0 h1:oL/Qq0Kdaqxa1KbNeMKwQq0reLCCaFtqu2eNuSeNHbk=
golang.org/x/text v0.34.0/go.mod h1:homfLqTYRFyVYemLBFl5GgL/DWEiH5wcsQ5gSh1yziA=
golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 h1:vVKdlvoWBphwdxWKrFZEuM0kGgGLxUOYcY4U/2Vjg44=
golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/genproto/googleapis/api v0.0.0-20260209200024-4cfbd4190f57 h1:JLQynH/LBHfCTSbDWl+py8C+Rg/k1OVH3xfcaiANuF0=
google.golang.org/genproto/googleapis/api v0.0.0-20260209200024-4cfbd4190f57/go.mod h1:kSJwQxqmFXeo79zOmbrALdflXQeAYcUbgS7PbpMknCY=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260209200024-4cfbd4190f57 h1:mWPCjDEyshlQYzBpMNHaEof6UX1PmHcaUODUywQ0uac=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260209200024-4cfbd4190f57/go.mod h1:j9x/tPzZkyxcgEFkiKEEGxfvyumM01BEtsW8xzOahRQ=
google.golang.org/grpc v1.79.1 h1:zGhSi45ODB9/p3VAawt9a+O/MULLl9dpizzNNpq7flY=
google.golang.org/grpc v1.79.1/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ=
google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -257,8 +125,6 @@ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EV
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gotest.tools/v3 v3.5.2 h1:7koQfIKdy+I8UTetycgUqXWSDwpgv193Ka+qRsmBY8Q=
gotest.tools/v3 v3.5.2/go.mod h1:LtdLGcnqToBH83WByAAi/wiwSFCArdFIUV/xxN4pcjA=
modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 h1:5D53IMaUuA5InSeMu9eJtlQXS2NxAhyWQvkKEgXZhHI=
modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6/go.mod h1:Qz0X07sNOR1jWYCrJMEnbW/X55x206Q7Vt4mz6/wHp4=
modernc.org/libc v1.41.0 h1:g9YAc6BkKlgORsUWj+JwqoB1wU3o4DE3bM3yvA3k+Gk=
backend/internal/config/config.go
+1 -88
View File
@@ -5,7 +5,6 @@ import (
"fmt"
"os"
"strconv"
"strings"
"time"
"github.com/joho/godotenv"
@@ -18,24 +17,6 @@ type Config struct {
JWTSecret string
JWTAccessTTL time.Duration
JWTRefreshTTL time.Duration
// ContentTokenTTL is how long a content token stays valid. The token is a
// single-file capability used to open or stream an original by URL (e.g. a
// long video in a new tab); it is deliberately longer-lived than the access
// token and independent of the session, so playback survives access-token
// expiry and refresh rotation. Keep it only as long as a viewing session
// plausibly lasts — it is a bearer credential for that one file until expiry.
ContentTokenTTL time.Duration
// TrustedProxies lists the reverse-proxy hops (CIDRs or IPs) whose
// X-Forwarded-For header is trusted. The auth rate limiter keys on the
// client IP, so this must match the proxy in front of the app — otherwise
// every request appears to come from the proxy (one shared bucket) or a
// direct caller could forge the header. Default covers loopback and the
// Docker bridge ranges a host reverse proxy reaches the container through.
TrustedProxies []string
// Initial admin bootstrap (applied on startup if the user does not exist)
AdminUsername string
AdminPassword string
// Database
DatabaseURL string
@@ -43,36 +24,15 @@ type Config struct {
// Storage
FilesPath string
ThumbsCachePath string
MaxUploadBytes int64 // reject uploads larger than this (bytes)
// Thumbnails
ThumbWidth int
ThumbHeight int
PreviewWidth int
PreviewHeight int
// ThumbMaxPixels caps the pixel count of a source image decoded in-process by
// the pure-Go fallback (a decompression-bomb guard and memory bound); larger
// images then get a placeholder. It does not apply when vipsthumbnail is
// installed, which shrinks on load regardless of source size.
ThumbMaxPixels int
// ThumbConcurrency bounds how many thumbnails/previews are generated at once,
// so a burst of large images can't saturate every core or exhaust RAM. 0 =
// auto (half the available CPUs).
ThumbConcurrency int
// Import
ImportPath string
// DuplicateHashThreshold is the maximum Hamming distance (out of 64) between
// two perceptual hashes for the files to be treated as duplicate candidates.
// Lower = stricter (fewer, more confident matches); higher = looser. Used only
// by the dedup rescan that (re)builds data.duplicate_pairs.
DuplicateHashThreshold int
// Static SPA. When set, the server serves the built frontend (and falls
// back to index.html for client routes) on the same port as the API. Empty
// in local development, where the Vite dev server serves the UI separately.
StaticDir string
}
// Load reads a .env file (if present) then loads all configuration from
@@ -98,10 +58,6 @@ func Load() (*Config, error) {
return def
}
// parseDuration parses a duration env var. Every duration in this config is a
// token TTL, which must be strictly positive — a zero/negative TTL would mint
// already-expired tokens (no login, no media playback) — so reject those here
// rather than fail mysteriously at runtime.
parseDuration := func(key, def string) time.Duration {
raw := defaultStr(key, def)
d, err := time.ParseDuration(raw)
@@ -109,10 +65,6 @@ func Load() (*Config, error) {
errs = append(errs, fmt.Errorf("%s: invalid duration %q: %w", key, raw, err))
return 0
}
if d <= 0 {
errs = append(errs, fmt.Errorf("%s must be positive, got %q", key, raw))
return 0
}
return d
}
@@ -129,62 +81,23 @@ func Load() (*Config, error) {
return n
}
parseCSV := func(key, def string) []string {
raw := defaultStr(key, def)
parts := strings.Split(raw, ",")
out := make([]string, 0, len(parts))
for _, p := range parts {
if p = strings.TrimSpace(p); p != "" {
out = append(out, p)
}
}
return out
}
parseInt64 := func(key string, def int64) int64 {
raw := os.Getenv(key)
if raw == "" {
return def
}
n, err := strconv.ParseInt(raw, 10, 64)
if err != nil {
errs = append(errs, fmt.Errorf("%s: invalid integer %q: %w", key, raw, err))
return def
}
return n
}
cfg := &Config{
ListenAddr: defaultStr("LISTEN_ADDR", ":42776"),
ListenAddr: defaultStr("LISTEN_ADDR", ":8080"),
JWTSecret: requireStr("JWT_SECRET"),
JWTAccessTTL: parseDuration("JWT_ACCESS_TTL", "15m"),
JWTRefreshTTL: parseDuration("JWT_REFRESH_TTL", "720h"),
ContentTokenTTL: parseDuration("CONTENT_TOKEN_TTL", "6h"),
TrustedProxies: parseCSV("TRUSTED_PROXIES", "127.0.0.1/32,::1/128,172.16.0.0/12"),
AdminUsername: defaultStr("ADMIN_USERNAME", "admin"),
AdminPassword: requireStr("ADMIN_PASSWORD"),
DatabaseURL: requireStr("DATABASE_URL"),
FilesPath: requireStr("FILES_PATH"),
ThumbsCachePath: requireStr("THUMBS_CACHE_PATH"),
MaxUploadBytes: parseInt64("MAX_UPLOAD_BYTES", 500<<20), // 500 MiB
ThumbWidth: parseInt("THUMB_WIDTH", 160),
ThumbHeight: parseInt("THUMB_HEIGHT", 160),
PreviewWidth: parseInt("PREVIEW_WIDTH", 1920),
PreviewHeight: parseInt("PREVIEW_HEIGHT", 1080),
ThumbMaxPixels: parseInt("THUMB_MAX_PIXELS", 300_000_000), // ~300 Mpx (e.g. 13000×17000)
ThumbConcurrency: parseInt("THUMB_CONCURRENCY", 0), // 0 = auto
ImportPath: requireStr("IMPORT_PATH"),
DuplicateHashThreshold: parseInt("DUPLICATE_HASH_THRESHOLD", 10),
StaticDir: defaultStr("STATIC_DIR", ""),
}
if len(errs) > 0 {
backend/internal/config/config_test.go
-57
View File
@@ -1,57 +0,0 @@
package config
import (
"strings"
"testing"
)
// setValidEnv sets every required variable to a valid dummy value, so a test can
// then override one var to exercise a single validation path.
func setValidEnv(t *testing.T) {
t.Helper()
t.Setenv("JWT_SECRET", "test-secret")
t.Setenv("ADMIN_PASSWORD", "test-password")
t.Setenv("DATABASE_URL", "postgres://u:p@localhost:5432/db?sslmode=disable")
t.Setenv("FILES_PATH", "/tmp/files")
t.Setenv("THUMBS_CACHE_PATH", "/tmp/thumbs")
t.Setenv("IMPORT_PATH", "/tmp/import")
// Pin the TTLs to valid values so an ambient env var can't perturb the case
// under test; individual tests override the one they exercise.
t.Setenv("JWT_ACCESS_TTL", "15m")
t.Setenv("JWT_REFRESH_TTL", "720h")
t.Setenv("CONTENT_TOKEN_TTL", "6h")
}
func TestLoadValid(t *testing.T) {
setValidEnv(t)
cfg, err := Load()
if err != nil {
t.Fatalf("Load: %v", err)
}
if cfg.JWTAccessTTL <= 0 || cfg.JWTRefreshTTL <= 0 || cfg.ContentTokenTTL <= 0 {
t.Fatalf("TTLs should be positive: access=%v refresh=%v content=%v",
cfg.JWTAccessTTL, cfg.JWTRefreshTTL, cfg.ContentTokenTTL)
}
}
func TestLoadRejectsNonPositiveTTL(t *testing.T) {
cases := []struct{ key, val string }{
{"JWT_ACCESS_TTL", "0"},
{"JWT_REFRESH_TTL", "-1h"},
{"CONTENT_TOKEN_TTL", "0s"},
}
for _, tc := range cases {
t.Run(tc.key, func(t *testing.T) {
setValidEnv(t)
t.Setenv(tc.key, tc.val)
_, err := Load()
if err == nil {
t.Fatalf("expected error for %s=%q", tc.key, tc.val)
}
if !strings.Contains(err.Error(), tc.key) || !strings.Contains(err.Error(), "must be positive") {
t.Fatalf("error should name %s and mention positivity, got: %v", tc.key, err)
}
})
}
}
backend/internal/db/postgres/category_repo.go
-303
View File
@@ -1,303 +0,0 @@
package postgres
import (
"context"
"encoding/json"
"errors"
"fmt"
"strings"
"github.com/google/uuid"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgxpool"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
)
// ---------------------------------------------------------------------------
// Row struct
// ---------------------------------------------------------------------------
type categoryRow struct {
ID uuid.UUID `db:"id"`
Name string `db:"name"`
Notes *string `db:"notes"`
Color *string `db:"color"`
Metadata []byte `db:"metadata"`
CreatorID int16 `db:"creator_id"`
CreatorName string `db:"creator_name"`
IsPublic bool `db:"is_public"`
}
type categoryRowWithTotal struct {
categoryRow
Total int `db:"total"`
}
// ---------------------------------------------------------------------------
// Converter
// ---------------------------------------------------------------------------
func toCategory(r categoryRow) domain.Category {
c := domain.Category{
ID: r.ID,
Name: r.Name,
Notes: r.Notes,
Color: r.Color,
CreatorID: r.CreatorID,
CreatorName: r.CreatorName,
IsPublic: r.IsPublic,
CreatedAt: domain.UUIDCreatedAt(r.ID),
}
if len(r.Metadata) > 0 && string(r.Metadata) != "null" {
c.Metadata = json.RawMessage(r.Metadata)
}
return c
}
// ---------------------------------------------------------------------------
// Shared SQL
// ---------------------------------------------------------------------------
const categorySelectFrom = `
SELECT
c.id,
c.name,
c.notes,
c.color,
c.metadata,
c.creator_id,
u.name AS creator_name,
c.is_public
FROM data.categories c
JOIN core.users u ON u.id = c.creator_id`
func categorySortColumn(s string) string {
if s == "name" {
return "c.name"
}
return "c.id" // "created"
}
// ---------------------------------------------------------------------------
// CategoryRepo — implements port.CategoryRepo
// ---------------------------------------------------------------------------
// CategoryRepo handles category CRUD using PostgreSQL.
type CategoryRepo struct {
pool *pgxpool.Pool
}
var _ port.CategoryRepo = (*CategoryRepo)(nil)
// NewCategoryRepo creates a CategoryRepo backed by pool.
func NewCategoryRepo(pool *pgxpool.Pool) *CategoryRepo {
return &CategoryRepo{pool: pool}
}
// ---------------------------------------------------------------------------
// List
// ---------------------------------------------------------------------------
func (r *CategoryRepo) List(ctx context.Context, params port.OffsetParams) (*domain.CategoryOffsetPage, error) {
order := "ASC"
if strings.ToLower(params.Order) == "desc" {
order = "DESC"
}
sortCol := categorySortColumn(params.Sort)
args := []any{}
n := 1
var conditions []string
if params.Search != "" {
conditions = append(conditions, fmt.Sprintf("lower(c.name) LIKE lower($%d)", n))
args = append(args, "%"+params.Search+"%")
n++
}
// Restrict to categories the viewer may see (private-by-default), unless admin.
if !params.ViewerIsAdmin {
var aclCond string
aclCond, n, args = aclVisibilityCond("c", objTypeCategory, params.ViewerID, n, args)
conditions = append(conditions, aclCond)
}
where := ""
if len(conditions) > 0 {
where = "WHERE " + strings.Join(conditions, " AND ")
}
limit := params.Limit
if limit <= 0 {
limit = 50
}
offset := params.Offset
if offset < 0 {
offset = 0
}
query := fmt.Sprintf(`
SELECT
c.id, c.name, c.notes, c.color, c.metadata,
c.creator_id, u.name AS creator_name, c.is_public,
COUNT(*) OVER() AS total
FROM data.categories c
JOIN core.users u ON u.id = c.creator_id
%s
ORDER BY %s %s NULLS LAST, c.id ASC
LIMIT $%d OFFSET $%d`, where, sortCol, order, n, n+1)
args = append(args, limit, offset)
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, args...)
if err != nil {
return nil, fmt.Errorf("CategoryRepo.List query: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[categoryRowWithTotal])
if err != nil {
return nil, fmt.Errorf("CategoryRepo.List scan: %w", err)
}
items := make([]domain.Category, len(collected))
total := 0
for i, row := range collected {
items[i] = toCategory(row.categoryRow)
total = row.Total
}
return &domain.CategoryOffsetPage{
Items: items,
Total: total,
Offset: offset,
Limit: limit,
}, nil
}
// ---------------------------------------------------------------------------
// GetByID
// ---------------------------------------------------------------------------
func (r *CategoryRepo) GetByID(ctx context.Context, id uuid.UUID) (*domain.Category, error) {
const query = categorySelectFrom + `
WHERE c.id = $1`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, id)
if err != nil {
return nil, fmt.Errorf("CategoryRepo.GetByID: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[categoryRow])
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
return nil, domain.ErrNotFound
}
return nil, fmt.Errorf("CategoryRepo.GetByID scan: %w", err)
}
c := toCategory(row)
return &c, nil
}
// ---------------------------------------------------------------------------
// Create
// ---------------------------------------------------------------------------
func (r *CategoryRepo) Create(ctx context.Context, c *domain.Category) (*domain.Category, error) {
const query = `
WITH ins AS (
INSERT INTO data.categories (name, notes, color, metadata, creator_id, is_public)
VALUES ($1, $2, $3, $4, $5, $6)
RETURNING *
)
SELECT ins.id, ins.name, ins.notes, ins.color, ins.metadata,
ins.creator_id, u.name AS creator_name, ins.is_public
FROM ins
JOIN core.users u ON u.id = ins.creator_id`
var meta any
if len(c.Metadata) > 0 {
meta = c.Metadata
}
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query,
c.Name, c.Notes, c.Color, meta, c.CreatorID, c.IsPublic)
if err != nil {
return nil, fmt.Errorf("CategoryRepo.Create: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[categoryRow])
if err != nil {
if isPgUniqueViolation(err) {
return nil, domain.ErrConflict
}
return nil, fmt.Errorf("CategoryRepo.Create scan: %w", err)
}
created := toCategory(row)
return &created, nil
}
// ---------------------------------------------------------------------------
// Update
// ---------------------------------------------------------------------------
// Update replaces all mutable fields. The caller must merge current values
// with the patch before calling (read-then-write semantics).
func (r *CategoryRepo) Update(ctx context.Context, id uuid.UUID, c *domain.Category) (*domain.Category, error) {
const query = `
WITH upd AS (
UPDATE data.categories SET
name = $2,
notes = $3,
color = $4,
metadata = COALESCE($5, metadata),
is_public = $6
WHERE id = $1
RETURNING *
)
SELECT upd.id, upd.name, upd.notes, upd.color, upd.metadata,
upd.creator_id, u.name AS creator_name, upd.is_public
FROM upd
JOIN core.users u ON u.id = upd.creator_id`
var meta any
if len(c.Metadata) > 0 {
meta = c.Metadata
}
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query,
id, c.Name, c.Notes, c.Color, meta, c.IsPublic)
if err != nil {
return nil, fmt.Errorf("CategoryRepo.Update: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[categoryRow])
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
return nil, domain.ErrNotFound
}
if isPgUniqueViolation(err) {
return nil, domain.ErrConflict
}
return nil, fmt.Errorf("CategoryRepo.Update scan: %w", err)
}
updated := toCategory(row)
return &updated, nil
}
// ---------------------------------------------------------------------------
// Delete
// ---------------------------------------------------------------------------
func (r *CategoryRepo) Delete(ctx context.Context, id uuid.UUID) error {
const query = `DELETE FROM data.categories WHERE id = $1`
q := connOrTx(ctx, r.pool)
ct, err := q.Exec(ctx, query, id)
if err != nil {
return fmt.Errorf("CategoryRepo.Delete: %w", err)
}
if ct.RowsAffected() == 0 {
return domain.ErrNotFound
}
return nil
}
backend/internal/db/postgres/duplicate_repo.go
-145
View File
@@ -1,145 +0,0 @@
package postgres
import (
"bytes"
"context"
"fmt"
"github.com/google/uuid"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgxpool"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
)
// ---------------------------------------------------------------------------
// DuplicatePairRepo
// ---------------------------------------------------------------------------
// DuplicatePairRepo implements port.DuplicatePairRepo using PostgreSQL.
type DuplicatePairRepo struct {
pool *pgxpool.Pool
}
// NewDuplicatePairRepo creates a DuplicatePairRepo backed by pool.
func NewDuplicatePairRepo(pool *pgxpool.Pool) *DuplicatePairRepo {
return &DuplicatePairRepo{pool: pool}
}
var _ port.DuplicatePairRepo = (*DuplicatePairRepo)(nil)
// ReplaceAll atomically replaces the entire pairs table with the given set.
// The rescan recomputes pairs from scratch, so a full DELETE + COPY is both
// correct and the simplest way to drop pairs that no longer qualify.
func (r *DuplicatePairRepo) ReplaceAll(ctx context.Context, pairs []domain.DuplicatePair) error {
tx, err := r.pool.Begin(ctx)
if err != nil {
return fmt.Errorf("DuplicatePairRepo.ReplaceAll begin: %w", err)
}
defer tx.Rollback(ctx) //nolint:errcheck // no-op after a successful commit
if _, err := tx.Exec(ctx, `DELETE FROM data.duplicate_pairs`); err != nil {
return fmt.Errorf("DuplicatePairRepo.ReplaceAll delete: %w", err)
}
if len(pairs) > 0 {
rows := make([][]any, len(pairs))
for i, p := range pairs {
rows[i] = []any{p.FileA, p.FileB, int16(p.Distance)}
}
if _, err := tx.CopyFrom(ctx,
pgx.Identifier{"data", "duplicate_pairs"},
[]string{"file_a", "file_b", "distance"},
pgx.CopyFromRows(rows),
); err != nil {
return fmt.Errorf("DuplicatePairRepo.ReplaceAll copy: %w", err)
}
}
if err := tx.Commit(ctx); err != nil {
return fmt.Errorf("DuplicatePairRepo.ReplaceAll commit: %w", err)
}
return nil
}
type pairRow struct {
FileA uuid.UUID `db:"file_a"`
FileB uuid.UUID `db:"file_b"`
Distance int16 `db:"distance"`
}
// ListVisible returns every stored pair where both files are live (not trashed),
// the pair is not dismissed, and — for non-admins — both files are visible to the
// viewer under the private-by-default model. This is the input to clustering.
func (r *DuplicatePairRepo) ListVisible(ctx context.Context, viewerID int16, isAdmin bool) ([]domain.DuplicatePair, error) {
args := make([]any, 0, 4)
n := 1
aclWhere := ""
if !isAdmin {
var ca, cb string
ca, n, args = aclVisibilityCond("fa", objTypeFile, viewerID, n, args)
cb, n, args = aclVisibilityCond("fb", objTypeFile, viewerID, n, args)
aclWhere = "AND " + ca + " AND " + cb
}
sqlStr := fmt.Sprintf(`
SELECT p.file_a, p.file_b, p.distance
FROM data.duplicate_pairs p
JOIN data.files fa ON fa.id = p.file_a AND fa.is_deleted = false
JOIN data.files fb ON fb.id = p.file_b AND fb.is_deleted = false
WHERE NOT EXISTS (
SELECT 1 FROM data.duplicate_dismissals d
WHERE d.file_a = p.file_a AND d.file_b = p.file_b
)
%s
ORDER BY p.file_a, p.file_b`, aclWhere)
rows, err := r.pool.Query(ctx, sqlStr, args...)
if err != nil {
return nil, fmt.Errorf("DuplicatePairRepo.ListVisible: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[pairRow])
if err != nil {
return nil, fmt.Errorf("DuplicatePairRepo.ListVisible scan: %w", err)
}
out := make([]domain.DuplicatePair, len(collected))
for i, row := range collected {
out[i] = domain.DuplicatePair{FileA: row.FileA, FileB: row.FileB, Distance: int(row.Distance)}
}
return out, nil
}
// ---------------------------------------------------------------------------
// DismissalRepo
// ---------------------------------------------------------------------------
// DismissalRepo implements port.DismissalRepo using PostgreSQL.
type DismissalRepo struct {
pool *pgxpool.Pool
}
// NewDismissalRepo creates a DismissalRepo backed by pool.
func NewDismissalRepo(pool *pgxpool.Pool) *DismissalRepo {
return &DismissalRepo{pool: pool}
}
var _ port.DismissalRepo = (*DismissalRepo)(nil)
// Add records a pair as "not a duplicate". The two ids are stored in canonical
// (file_a < file_b) order to match the table's CHECK and avoid (a,b)/(b,a)
// duplicates; a repeated dismissal is a no-op.
func (r *DismissalRepo) Add(ctx context.Context, a, b uuid.UUID, userID int16) error {
if bytes.Compare(a[:], b[:]) > 0 {
a, b = b, a
}
const sqlStr = `
INSERT INTO data.duplicate_dismissals (file_a, file_b, dismissed_by)
VALUES ($1, $2, $3)
ON CONFLICT (file_a, file_b) DO NOTHING`
q := connOrTx(ctx, r.pool)
if _, err := q.Exec(ctx, sqlStr, a, b, userID); err != nil {
return fmt.Errorf("DismissalRepo.Add: %w", err)
}
return nil
}
backend/internal/db/postgres/file_repo.go
+12 -174
View File
@@ -36,7 +36,6 @@ type fileRow struct {
CreatorName string `db:"creator_name"`
IsPublic bool `db:"is_public"`
IsDeleted bool `db:"is_deleted"`
NeedsReview bool `db:"needs_review"`
}
// fileTagRow is used for both single-file and batch tag loading.
@@ -82,7 +81,6 @@ func toFile(r fileRow) domain.File {
CreatorName: r.CreatorName,
IsPublic: r.IsPublic,
IsDeleted: r.IsDeleted,
NeedsReview: r.NeedsReview,
CreatedAt: domain.UUIDCreatedAt(r.ID),
}
}
@@ -295,7 +293,7 @@ const fileSelectCTE = `
mt.name AS mime_type, mt.extension AS mime_extension,
r.content_datetime, r.notes, r.metadata, r.exif, r.phash,
r.creator_id, u.name AS creator_name,
r.is_public, r.is_deleted, r.needs_review
r.is_public, r.is_deleted
FROM r
JOIN core.mime_types mt ON mt.id = r.mime_id
JOIN core.users u ON u.id = r.creator_id`
@@ -304,27 +302,25 @@ const fileSelectCTE = `
// Create
// ---------------------------------------------------------------------------
// Create inserts a new file record using the ID already set on f.
// The MIME type is resolved from f.MIMEType (name string) via a subquery.
// Create inserts a new file record. The MIME type is resolved from
// f.MIMEType (name string) via a subquery; the DB generates the UUID v7 id.
func (r *FileRepo) Create(ctx context.Context, f *domain.File) (*domain.File, error) {
const sqlStr = `
WITH r AS (
INSERT INTO data.files
(id, original_name, mime_id, content_datetime, notes, metadata, exif, phash, creator_id, is_public)
(original_name, mime_id, content_datetime, notes, metadata, exif, phash, creator_id, is_public)
VALUES (
$1,
$2,
(SELECT id FROM core.mime_types WHERE name = $3),
$4, $5, $6, $7, $8, $9, $10
(SELECT id FROM core.mime_types WHERE name = $2),
$3, $4, $5, $6, $7, $8, $9
)
RETURNING id, original_name, mime_id, content_datetime, notes,
metadata, exif, phash, creator_id, is_public, is_deleted,
needs_review
metadata, exif, phash, creator_id, is_public, is_deleted
)` + fileSelectCTE
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, sqlStr,
f.ID, f.OriginalName, f.MIMEType, f.ContentDatetime,
f.OriginalName, f.MIMEType, f.ContentDatetime,
f.Notes, f.Metadata, f.EXIF, f.PHash,
f.CreatorID, f.IsPublic,
)
@@ -349,7 +345,7 @@ func (r *FileRepo) GetByID(ctx context.Context, id uuid.UUID) (*domain.File, err
mt.name AS mime_type, mt.extension AS mime_extension,
f.content_datetime, f.notes, f.metadata, f.exif, f.phash,
f.creator_id, u.name AS creator_name,
f.is_public, f.is_deleted, f.needs_review
f.is_public, f.is_deleted
FROM data.files f
JOIN core.mime_types mt ON mt.id = f.mime_id
JOIN core.users u ON u.id = f.creator_id
@@ -392,8 +388,7 @@ func (r *FileRepo) Update(ctx context.Context, id uuid.UUID, f *domain.File) (*d
is_public = $6
WHERE id = $1
RETURNING id, original_name, mime_id, content_datetime, notes,
metadata, exif, phash, creator_id, is_public, is_deleted,
needs_review
metadata, exif, phash, creator_id, is_public, is_deleted
)` + fileSelectCTE
q := connOrTx(ctx, r.pool)
@@ -420,115 +415,6 @@ func (r *FileRepo) Update(ctx context.Context, id uuid.UUID, f *domain.File) (*d
return &updated, nil
}
// SetNeedsReview sets the review status on the given files in one statement.
// Trashed files are left untouched. No-op for an empty id list.
func (r *FileRepo) SetNeedsReview(ctx context.Context, ids []uuid.UUID, value bool) error {
if len(ids) == 0 {
return nil
}
const sqlStr = `UPDATE data.files SET needs_review = $2 WHERE id = ANY($1) AND is_deleted = false`
q := connOrTx(ctx, r.pool)
if _, err := q.Exec(ctx, sqlStr, ids, value); err != nil {
return fmt.Errorf("FileRepo.SetNeedsReview: %w", err)
}
return nil
}
// SetPHash sets (or clears, when phash is nil) the perceptual hash of a file.
// Used by the dedup backfill and on content replacement; phash is non-critical,
// recomputable metadata, so callers may treat failures as best-effort.
func (r *FileRepo) SetPHash(ctx context.Context, id uuid.UUID, phash *int64) error {
const sqlStr = `UPDATE data.files SET phash = $2 WHERE id = $1`
q := connOrTx(ctx, r.pool)
if _, err := q.Exec(ctx, sqlStr, id, phash); err != nil {
return fmt.Errorf("FileRepo.SetPHash: %w", err)
}
return nil
}
// ---------------------------------------------------------------------------
// Perceptual-hash / duplicate support
// ---------------------------------------------------------------------------
// ListMissingPHash returns live image/video files that have no perceptual hash
// yet — the work list for the dedup backfill. Tags are not loaded (the backfill
// only needs the id and MIME type to choose image vs video hashing).
func (r *FileRepo) ListMissingPHash(ctx context.Context) ([]domain.File, error) {
const sqlStr = `
SELECT f.id, f.original_name,
mt.name AS mime_type, mt.extension AS mime_extension,
f.content_datetime, f.notes, f.metadata, f.exif, f.phash,
f.creator_id, u.name AS creator_name,
f.is_public, f.is_deleted, f.needs_review
FROM data.files f
JOIN core.mime_types mt ON mt.id = f.mime_id
JOIN core.users u ON u.id = f.creator_id
WHERE f.phash IS NULL AND f.is_deleted = false
AND (mt.name LIKE 'image/%' OR mt.name LIKE 'video/%')
ORDER BY f.id`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, sqlStr)
if err != nil {
return nil, fmt.Errorf("FileRepo.ListMissingPHash: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[fileRow])
if err != nil {
return nil, fmt.Errorf("FileRepo.ListMissingPHash scan: %w", err)
}
files := make([]domain.File, len(collected))
for i, row := range collected {
files[i] = toFile(row)
}
return files, nil
}
// phashRow is the minimal projection used to build duplicate clusters.
type phashRow struct {
ID uuid.UUID `db:"id"`
PHash int64 `db:"phash"`
}
// ListAllPHashes returns the id and perceptual hash of every live, hashed file.
// It is the global input to the dedup rescan, so it deliberately ignores ACL —
// the rescan builds the shared pairs table; visibility is enforced on read.
func (r *FileRepo) ListAllPHashes(ctx context.Context) ([]domain.PHashEntry, error) {
const sqlStr = `SELECT id, phash FROM data.files WHERE is_deleted = false AND phash IS NOT NULL`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, sqlStr)
if err != nil {
return nil, fmt.Errorf("FileRepo.ListAllPHashes: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[phashRow])
if err != nil {
return nil, fmt.Errorf("FileRepo.ListAllPHashes scan: %w", err)
}
out := make([]domain.PHashEntry, len(collected))
for i, row := range collected {
out[i] = domain.PHashEntry{ID: row.ID, PHash: row.PHash}
}
return out, nil
}
// CopyPoolMemberships adds targetID to every pool sourceID belongs to (copying
// the source's position), skipping pools the target is already in. Used by the
// duplicate merge to preserve the discarded file's pool memberships on the
// survivor. The merge is authorised at the file level, so pool ACL is not
// re-checked here.
func (r *FileRepo) CopyPoolMemberships(ctx context.Context, targetID, sourceID uuid.UUID) error {
const sqlStr = `
INSERT INTO data.file_pool (file_id, pool_id, position)
SELECT $1, fp.pool_id, fp.position
FROM data.file_pool fp
WHERE fp.file_id = $2
ON CONFLICT (file_id, pool_id) DO NOTHING`
q := connOrTx(ctx, r.pool)
if _, err := q.Exec(ctx, sqlStr, targetID, sourceID); err != nil {
return fmt.Errorf("FileRepo.CopyPoolMemberships: %w", err)
}
return nil
}
// ---------------------------------------------------------------------------
// SoftDelete / Restore / DeletePermanent
// ---------------------------------------------------------------------------
@@ -557,8 +443,7 @@ func (r *FileRepo) Restore(ctx context.Context, id uuid.UUID) (*domain.File, err
SET is_deleted = false
WHERE id = $1 AND is_deleted = true
RETURNING id, original_name, mime_id, content_datetime, notes,
metadata, exif, phash, creator_id, is_public, is_deleted,
needs_review
metadata, exif, phash, creator_id, is_public, is_deleted
)` + fileSelectCTE
q := connOrTx(ctx, r.pool)
@@ -721,13 +606,6 @@ func (r *FileRepo) List(ctx context.Context, params domain.FileListParams) (*dom
}
}
// Restrict to files the viewer may see (private-by-default), unless admin.
if !params.ViewerIsAdmin {
var aclCond string
aclCond, n, args = aclVisibilityCond("f", objTypeFile, params.ViewerID, n, args)
conds = append(conds, aclCond)
}
var orderBy string
if hasCursor {
ksWhere, ksOrder, nextN, ksArgs := buildKeysetCond(
@@ -752,7 +630,7 @@ func (r *FileRepo) List(ctx context.Context, params domain.FileListParams) (*dom
mt.name AS mime_type, mt.extension AS mime_extension,
f.content_datetime, f.notes, f.metadata, f.exif, f.phash,
f.creator_id, u.name AS creator_name,
f.is_public, f.is_deleted, f.needs_review
f.is_public, f.is_deleted
FROM data.files f
JOIN core.mime_types mt ON mt.id = f.mime_id
JOIN core.users u ON u.id = f.creator_id
@@ -915,43 +793,3 @@ func (r *FileRepo) loadTagsBatch(ctx context.Context, fileIDs []uuid.UUID) (map[
}
return result, nil
}
// RecordView appends a row to activity.file_views. viewed_at defaults to
// statement_timestamp(), so each call records a distinct view in the history.
func (r *FileRepo) RecordView(ctx context.Context, fileID uuid.UUID, userID int16) error {
const query = `INSERT INTO activity.file_views (file_id, user_id) VALUES ($1, $2)`
if _, err := connOrTx(ctx, r.pool).Exec(ctx, query, fileID, userID); err != nil {
return fmt.Errorf("FileRepo.RecordView: %w", err)
}
return nil
}
// RecordTagUses appends a row to activity.tag_uses for each tag referenced in a
// filter DSL, flagging it included (positive) or excluded (negated). Tags are
// deduplicated per call, so one statement_timestamp() never collides on the
// (tag_id, used_at, user_id) PK; ON CONFLICT DO NOTHING guards the rest. A
// filter with no tag terms is a no-op.
func (r *FileRepo) RecordTagUses(ctx context.Context, userID int16, filterDSL string) error {
uses := filterTagUses(filterDSL)
if len(uses) == 0 {
return nil
}
var sb strings.Builder
sb.WriteString("INSERT INTO activity.tag_uses (tag_id, user_id, is_included) VALUES ")
args := make([]any, 0, len(uses)*3)
for i, u := range uses {
if i > 0 {
sb.WriteString(", ")
}
base := i * 3
fmt.Fprintf(&sb, "($%d, $%d, $%d)", base+1, base+2, base+3)
args = append(args, u.tagID, userID, u.included)
}
sb.WriteString(" ON CONFLICT DO NOTHING")
if _, err := connOrTx(ctx, r.pool).Exec(ctx, sb.String(), args...); err != nil {
return fmt.Errorf("FileRepo.RecordTagUses: %w", err)
}
return nil
}
backend/internal/db/postgres/filter_parser.go
+15 -90
View File
@@ -23,7 +23,6 @@ const (
ftkTag // t=<uuid>
ftkMimeExact // m=<int>
ftkMimeLike // m~<pattern>
ftkReview // r=<0|1>
)
type filterToken struct {
@@ -32,7 +31,6 @@ type filterToken struct {
untagged bool // ftkTag with zero UUID → "file has no tags"
mimeID int16 // ftkMimeExact
pattern string // ftkMimeLike
review bool // ftkReview → needs_review value
}
// ---------------------------------------------------------------------------
@@ -82,8 +80,6 @@ func (l *leafNode) toSQL(n int, args []any) (string, int, []any) {
case ftkMimeLike:
// mt alias comes from the JOIN in the main file query (always present).
return fmt.Sprintf("mt.name LIKE $%d", n), n + 1, append(args, l.tok.pattern)
case ftkReview:
return fmt.Sprintf("f.needs_review = $%d", n), n + 1, append(args, l.tok.review)
}
panic("filterNode.toSQL: unknown leaf kind")
}
@@ -134,15 +130,6 @@ func lexFilter(dsl string) ([]filterToken, error) {
case strings.HasPrefix(p, "m~"):
// The pattern value is passed as a query parameter, so no SQL injection risk.
tokens = append(tokens, filterToken{kind: ftkMimeLike, pattern: p[2:]})
case strings.HasPrefix(p, "r="):
switch p[2:] {
case "1":
tokens = append(tokens, filterToken{kind: ftkReview, review: true})
case "0":
tokens = append(tokens, filterToken{kind: ftkReview, review: false})
default:
return nil, fmt.Errorf("filter: invalid review flag %q (want r=0 or r=1)", p[2:])
}
default:
return nil, fmt.Errorf("filter: unknown token %q", p)
}
@@ -254,7 +241,7 @@ func (p *filterParser) parseAtom() (filterNode, error) {
return expr, nil
}
switch t.kind {
case ftkTag, ftkMimeExact, ftkMimeLike, ftkReview:
case ftkTag, ftkMimeExact, ftkMimeLike:
p.next()
return &leafNode{t}, nil
default:
@@ -266,31 +253,6 @@ func (p *filterParser) parseAtom() (filterNode, error) {
// Public entry point
// ---------------------------------------------------------------------------
// parseFilterAST lexes and parses a filter DSL into an AST. Returns (nil, nil)
// for an empty or trivial DSL.
func parseFilterAST(dsl string) (filterNode, error) {
dsl = strings.TrimSpace(dsl)
if dsl == "" || dsl == "{}" {
return nil, nil
}
toks, err := lexFilter(dsl)
if err != nil {
return nil, err
}
if len(toks) == 0 {
return nil, nil
}
p := &filterParser{tokens: toks}
node, err := p.parseExpr()
if err != nil {
return nil, err
}
if p.pos != len(p.tokens) {
return nil, fmt.Errorf("filter: trailing tokens at position %d", p.pos)
}
return node, nil
}
// ParseFilter parses a filter DSL string into a parameterized SQL fragment.
//
// argStart is the 1-based index for the first $N placeholder; this lets the
@@ -300,62 +262,25 @@ func parseFilterAST(dsl string) (filterNode, error) {
// SQL injection is structurally impossible: every user-supplied value is
// bound as a query parameter ($N), never interpolated into the SQL string.
func ParseFilter(dsl string, argStart int) (sql string, nextN int, args []any, err error) {
node, err := parseFilterAST(dsl)
dsl = strings.TrimSpace(dsl)
if dsl == "" || dsl == "{}" {
return "", argStart, nil, nil
}
toks, err := lexFilter(dsl)
if err != nil {
return "", argStart, nil, err
}
if node == nil {
if len(toks) == 0 {
return "", argStart, nil, nil
}
p := &filterParser{tokens: toks}
node, err := p.parseExpr()
if err != nil {
return "", argStart, nil, err
}
if p.pos != len(p.tokens) {
return "", argStart, nil, fmt.Errorf("filter: trailing tokens at position %d", p.pos)
}
sql, nextN, args = node.toSQL(argStart, nil)
return sql, nextN, args, nil
}
// tagUse is a tag referenced by a filter, with whether it was included
// (positive) or excluded (negated under an odd number of NOTs).
type tagUse struct {
tagID uuid.UUID
included bool
}
// filterTagUses extracts the distinct tag references in a filter DSL, marking
// each as included or excluded. The "untagged" pseudo-token (zero UUID) is
// skipped. Returns nil for a filter with no tag terms; an unparseable filter
// also yields nil (extraction is best-effort analytics, not validation).
func filterTagUses(dsl string) []tagUse {
node, err := parseFilterAST(dsl)
if err != nil || node == nil {
return nil
}
seen := make(map[uuid.UUID]bool)
collectTagUses(node, true, seen)
if len(seen) == 0 {
return nil
}
uses := make([]tagUse, 0, len(seen))
for id, inc := range seen {
uses = append(uses, tagUse{tagID: id, included: inc})
}
return uses
}
// collectTagUses walks the AST, recording each real tag leaf into out keyed by
// id. included flips under every NOT, so a tag is "excluded" only when nested
// under an odd number of NOTs. A tag appearing under both polarities keeps the
// last seen — pathological, but it avoids a duplicate-key insert.
func collectTagUses(node filterNode, included bool, out map[uuid.UUID]bool) {
switch nd := node.(type) {
case *andNode:
collectTagUses(nd.left, included, out)
collectTagUses(nd.right, included, out)
case *orNode:
collectTagUses(nd.left, included, out)
collectTagUses(nd.right, included, out)
case *notNode:
collectTagUses(nd.child, !included, out)
case *leafNode:
if nd.tok.kind == ftkTag && !nd.tok.untagged {
out[nd.tok.tagID] = included
}
}
}
backend/internal/db/postgres/filter_parser_test.go
-97
View File
@@ -1,97 +0,0 @@
package postgres
import (
"testing"
"github.com/google/uuid"
)
func TestParseFilterReview(t *testing.T) {
t.Run("r=1 needs review", func(t *testing.T) {
sql, n, args, err := ParseFilter("{r=1}", 1)
if err != nil {
t.Fatalf("ParseFilter: %v", err)
}
if sql != "f.needs_review = $1" {
t.Fatalf("sql = %q", sql)
}
if n != 2 || len(args) != 1 || args[0] != true {
t.Fatalf("n=%d args=%v", n, args)
}
})
t.Run("r=0 reviewed", func(t *testing.T) {
sql, _, args, err := ParseFilter("{r=0}", 1)
if err != nil {
t.Fatalf("ParseFilter: %v", err)
}
if sql != "f.needs_review = $1" || len(args) != 1 || args[0] != false {
t.Fatalf("sql=%q args=%v", sql, args)
}
})
t.Run("combined with mime", func(t *testing.T) {
sql, n, args, err := ParseFilter("{r=1,&,m~image/%}", 1)
if err != nil {
t.Fatalf("ParseFilter: %v", err)
}
if sql != "(f.needs_review = $1 AND mt.name LIKE $2)" {
t.Fatalf("sql = %q", sql)
}
if n != 3 || len(args) != 2 || args[0] != true || args[1] != "image/%" {
t.Fatalf("n=%d args=%v", n, args)
}
})
t.Run("invalid flag rejected", func(t *testing.T) {
if _, _, _, err := ParseFilter("{r=2}", 1); err == nil {
t.Fatal("expected error for r=2")
}
})
}
func TestFilterTagUses(t *testing.T) {
a := uuid.MustParse("11111111-1111-1111-1111-111111111111")
b := uuid.MustParse("22222222-2222-2222-2222-222222222222")
tests := []struct {
name string
dsl string
want map[uuid.UUID]bool // tag → included; absence means "not recorded"
}{
{"single included", "{t=" + a.String() + "}", map[uuid.UUID]bool{a: true}},
{"single excluded", "{!,t=" + a.String() + "}", map[uuid.UUID]bool{a: false}},
{"double negation is included", "{!,!,t=" + a.String() + "}", map[uuid.UUID]bool{a: true}},
{
"and of two included",
"{t=" + a.String() + ",&,t=" + b.String() + "}",
map[uuid.UUID]bool{a: true, b: true},
},
{
"not over a group excludes both",
"{!,(,t=" + a.String() + ",|,t=" + b.String() + ",)}",
map[uuid.UUID]bool{a: false, b: false},
},
{"untagged pseudo-token skipped", "{t=" + uuid.Nil.String() + "}", map[uuid.UUID]bool{}},
{"mime-only filter records nothing", "{m=3}", map[uuid.UUID]bool{}},
{"empty filter", "{}", map[uuid.UUID]bool{}},
{"unparseable filter is best-effort nil", "{t=not-a-uuid}", map[uuid.UUID]bool{}},
}
for _, tc := range tests {
t.Run(tc.name, func(t *testing.T) {
got := make(map[uuid.UUID]bool)
for _, u := range filterTagUses(tc.dsl) {
got[u.tagID] = u.included
}
if len(got) != len(tc.want) {
t.Fatalf("got %d uses %v, want %d %v", len(got), got, len(tc.want), tc.want)
}
for id, inc := range tc.want {
if g, ok := got[id]; !ok || g != inc {
t.Errorf("tag %s: got (included=%v, present=%v), want included=%v", id, g, ok, inc)
}
}
})
}
}
backend/internal/db/postgres/pool_repo.go
-725
View File
@@ -1,725 +0,0 @@
package postgres
import (
"context"
"encoding/base64"
"encoding/json"
"errors"
"fmt"
"strings"
"time"
"github.com/google/uuid"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgxpool"
"tanabata/backend/internal/db"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
)
// ---------------------------------------------------------------------------
// Row structs
// ---------------------------------------------------------------------------
type poolRow struct {
ID uuid.UUID `db:"id"`
Name string `db:"name"`
Notes *string `db:"notes"`
Metadata []byte `db:"metadata"`
CreatorID int16 `db:"creator_id"`
CreatorName string `db:"creator_name"`
IsPublic bool `db:"is_public"`
FileCount int `db:"file_count"`
}
type poolRowWithTotal struct {
poolRow
Total int `db:"total"`
}
// poolFileRow is a flat struct combining all file columns plus pool position.
type poolFileRow struct {
ID uuid.UUID `db:"id"`
OriginalName *string `db:"original_name"`
MIMEType string `db:"mime_type"`
MIMEExtension string `db:"mime_extension"`
ContentDatetime time.Time `db:"content_datetime"`
Notes *string `db:"notes"`
Metadata json.RawMessage `db:"metadata"`
EXIF json.RawMessage `db:"exif"`
PHash *int64 `db:"phash"`
CreatorID int16 `db:"creator_id"`
CreatorName string `db:"creator_name"`
IsPublic bool `db:"is_public"`
IsDeleted bool `db:"is_deleted"`
Position int `db:"position"`
}
// ---------------------------------------------------------------------------
// Converters
// ---------------------------------------------------------------------------
func toPool(r poolRow) domain.Pool {
p := domain.Pool{
ID: r.ID,
Name: r.Name,
Notes: r.Notes,
CreatorID: r.CreatorID,
CreatorName: r.CreatorName,
IsPublic: r.IsPublic,
FileCount: r.FileCount,
CreatedAt: domain.UUIDCreatedAt(r.ID),
}
if len(r.Metadata) > 0 && string(r.Metadata) != "null" {
p.Metadata = json.RawMessage(r.Metadata)
}
return p
}
func toPoolFile(r poolFileRow) domain.PoolFile {
return domain.PoolFile{
File: domain.File{
ID: r.ID,
OriginalName: r.OriginalName,
MIMEType: r.MIMEType,
MIMEExtension: r.MIMEExtension,
ContentDatetime: r.ContentDatetime,
Notes: r.Notes,
Metadata: r.Metadata,
EXIF: r.EXIF,
PHash: r.PHash,
CreatorID: r.CreatorID,
CreatorName: r.CreatorName,
IsPublic: r.IsPublic,
IsDeleted: r.IsDeleted,
CreatedAt: domain.UUIDCreatedAt(r.ID),
},
Position: r.Position,
}
}
// ---------------------------------------------------------------------------
// Cursor
// ---------------------------------------------------------------------------
type poolFileCursor struct {
Position int `json:"p"`
FileID string `json:"id"`
}
func encodePoolCursor(c poolFileCursor) string {
b, _ := json.Marshal(c)
return base64.RawURLEncoding.EncodeToString(b)
}
func decodePoolCursor(s string) (poolFileCursor, error) {
b, err := base64.RawURLEncoding.DecodeString(s)
if err != nil {
return poolFileCursor{}, fmt.Errorf("cursor: invalid encoding")
}
var c poolFileCursor
if err := json.Unmarshal(b, &c); err != nil {
return poolFileCursor{}, fmt.Errorf("cursor: invalid format")
}
return c, nil
}
// ---------------------------------------------------------------------------
// Shared SQL
// ---------------------------------------------------------------------------
// poolCountSubquery computes per-pool file counts.
const poolCountSubquery = `(SELECT pool_id, COUNT(*) AS cnt FROM data.file_pool GROUP BY pool_id)`
const poolSelectFrom = `
SELECT p.id, p.name, p.notes, p.metadata,
p.creator_id, u.name AS creator_name, p.is_public,
COALESCE(fc.cnt, 0) AS file_count
FROM data.pools p
JOIN core.users u ON u.id = p.creator_id
LEFT JOIN ` + poolCountSubquery + ` fc ON fc.pool_id = p.id`
func poolSortColumn(s string) string {
if s == "name" {
return "p.name"
}
return "p.id" // "created"
}
// ---------------------------------------------------------------------------
// PoolRepo
// ---------------------------------------------------------------------------
// PoolRepo implements port.PoolRepo using PostgreSQL.
type PoolRepo struct {
pool *pgxpool.Pool
}
var _ port.PoolRepo = (*PoolRepo)(nil)
// NewPoolRepo creates a PoolRepo backed by pool.
func NewPoolRepo(pool *pgxpool.Pool) *PoolRepo {
return &PoolRepo{pool: pool}
}
// ---------------------------------------------------------------------------
// List
// ---------------------------------------------------------------------------
func (r *PoolRepo) List(ctx context.Context, params port.OffsetParams) (*domain.PoolOffsetPage, error) {
order := "ASC"
if strings.ToLower(params.Order) == "desc" {
order = "DESC"
}
sortCol := poolSortColumn(params.Sort)
args := []any{}
n := 1
var conditions []string
if params.Search != "" {
conditions = append(conditions, fmt.Sprintf("lower(p.name) LIKE lower($%d)", n))
args = append(args, "%"+params.Search+"%")
n++
}
// Restrict to pools the viewer may see (private-by-default), unless admin.
if !params.ViewerIsAdmin {
var aclCond string
aclCond, n, args = aclVisibilityCond("p", objTypePool, params.ViewerID, n, args)
conditions = append(conditions, aclCond)
}
where := ""
if len(conditions) > 0 {
where = "WHERE " + strings.Join(conditions, " AND ")
}
limit := params.Limit
if limit <= 0 {
limit = 50
}
offset := params.Offset
if offset < 0 {
offset = 0
}
query := fmt.Sprintf(`
SELECT p.id, p.name, p.notes, p.metadata,
p.creator_id, u.name AS creator_name, p.is_public,
COALESCE(fc.cnt, 0) AS file_count,
COUNT(*) OVER() AS total
FROM data.pools p
JOIN core.users u ON u.id = p.creator_id
LEFT JOIN %s fc ON fc.pool_id = p.id
%s
ORDER BY %s %s NULLS LAST, p.id ASC
LIMIT $%d OFFSET $%d`, poolCountSubquery, where, sortCol, order, n, n+1)
args = append(args, limit, offset)
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, args...)
if err != nil {
return nil, fmt.Errorf("PoolRepo.List query: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[poolRowWithTotal])
if err != nil {
return nil, fmt.Errorf("PoolRepo.List scan: %w", err)
}
items := make([]domain.Pool, len(collected))
total := 0
for i, row := range collected {
items[i] = toPool(row.poolRow)
total = row.Total
}
return &domain.PoolOffsetPage{
Items: items,
Total: total,
Offset: offset,
Limit: limit,
}, nil
}
// ---------------------------------------------------------------------------
// GetByID
// ---------------------------------------------------------------------------
func (r *PoolRepo) GetByID(ctx context.Context, id uuid.UUID) (*domain.Pool, error) {
query := poolSelectFrom + `
WHERE p.id = $1`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, id)
if err != nil {
return nil, fmt.Errorf("PoolRepo.GetByID: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[poolRow])
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
return nil, domain.ErrNotFound
}
return nil, fmt.Errorf("PoolRepo.GetByID scan: %w", err)
}
p := toPool(row)
return &p, nil
}
// RecordView appends a row to activity.pool_views. viewed_at defaults to
// statement_timestamp(), so each call records a distinct view in the history.
func (r *PoolRepo) RecordView(ctx context.Context, poolID uuid.UUID, userID int16) error {
const query = `INSERT INTO activity.pool_views (pool_id, user_id) VALUES ($1, $2)`
if _, err := connOrTx(ctx, r.pool).Exec(ctx, query, poolID, userID); err != nil {
return fmt.Errorf("PoolRepo.RecordView: %w", err)
}
return nil
}
// ---------------------------------------------------------------------------
// Create
// ---------------------------------------------------------------------------
func (r *PoolRepo) Create(ctx context.Context, p *domain.Pool) (*domain.Pool, error) {
const query = `
WITH ins AS (
INSERT INTO data.pools (name, notes, metadata, creator_id, is_public)
VALUES ($1, $2, $3, $4, $5)
RETURNING *
)
SELECT ins.id, ins.name, ins.notes, ins.metadata,
ins.creator_id, u.name AS creator_name, ins.is_public,
0 AS file_count
FROM ins
JOIN core.users u ON u.id = ins.creator_id`
var meta any
if len(p.Metadata) > 0 {
meta = p.Metadata
}
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, p.Name, p.Notes, meta, p.CreatorID, p.IsPublic)
if err != nil {
return nil, fmt.Errorf("PoolRepo.Create: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[poolRow])
if err != nil {
if isPgUniqueViolation(err) {
return nil, domain.ErrConflict
}
return nil, fmt.Errorf("PoolRepo.Create scan: %w", err)
}
created := toPool(row)
return &created, nil
}
// ---------------------------------------------------------------------------
// Update
// ---------------------------------------------------------------------------
func (r *PoolRepo) Update(ctx context.Context, id uuid.UUID, p *domain.Pool) (*domain.Pool, error) {
const query = `
WITH upd AS (
UPDATE data.pools SET
name = $2,
notes = $3,
metadata = COALESCE($4, metadata),
is_public = $5
WHERE id = $1
RETURNING *
)
SELECT upd.id, upd.name, upd.notes, upd.metadata,
upd.creator_id, u.name AS creator_name, upd.is_public,
COALESCE(fc.cnt, 0) AS file_count
FROM upd
JOIN core.users u ON u.id = upd.creator_id
LEFT JOIN (SELECT pool_id, COUNT(*) AS cnt FROM data.file_pool WHERE pool_id = $1 GROUP BY pool_id) fc
ON fc.pool_id = upd.id`
var meta any
if len(p.Metadata) > 0 {
meta = p.Metadata
}
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, id, p.Name, p.Notes, meta, p.IsPublic)
if err != nil {
return nil, fmt.Errorf("PoolRepo.Update: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[poolRow])
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
return nil, domain.ErrNotFound
}
if isPgUniqueViolation(err) {
return nil, domain.ErrConflict
}
return nil, fmt.Errorf("PoolRepo.Update scan: %w", err)
}
updated := toPool(row)
return &updated, nil
}
// ---------------------------------------------------------------------------
// Delete
// ---------------------------------------------------------------------------
func (r *PoolRepo) Delete(ctx context.Context, id uuid.UUID) error {
const query = `DELETE FROM data.pools WHERE id = $1`
q := connOrTx(ctx, r.pool)
ct, err := q.Exec(ctx, query, id)
if err != nil {
return fmt.Errorf("PoolRepo.Delete: %w", err)
}
if ct.RowsAffected() == 0 {
return domain.ErrNotFound
}
return nil
}
// ---------------------------------------------------------------------------
// ListFiles
// ---------------------------------------------------------------------------
// fileSelectForPool is the column list for pool file queries (without position).
const fileSelectForPool = `
f.id, f.original_name,
mt.name AS mime_type, mt.extension AS mime_extension,
f.content_datetime, f.notes, f.metadata, f.exif, f.phash,
f.creator_id, u.name AS creator_name,
f.is_public, f.is_deleted`
func (r *PoolRepo) ListFiles(ctx context.Context, poolID uuid.UUID, params port.PoolFileListParams) (*domain.PoolFilePage, error) {
limit := db.ClampLimit(params.Limit, 50, 200)
args := []any{poolID}
n := 2
var conds []string
conds = append(conds, "fp.pool_id = $1")
conds = append(conds, "f.is_deleted = false")
if params.Filter != "" {
filterSQL, nextN, filterArgs, err := ParseFilter(params.Filter, n)
if err != nil {
return nil, fmt.Errorf("%w: %v", domain.ErrValidation, err)
}
if filterSQL != "" {
conds = append(conds, filterSQL)
n = nextN
args = append(args, filterArgs...)
}
}
// Cursor condition.
var orderBy string
if params.Cursor != "" {
cur, err := decodePoolCursor(params.Cursor)
if err != nil {
return nil, fmt.Errorf("%w: %v", domain.ErrValidation, err)
}
fileID, err := uuid.Parse(cur.FileID)
if err != nil {
return nil, domain.ErrValidation
}
conds = append(conds, fmt.Sprintf(
"(fp.position > $%d OR (fp.position = $%d AND fp.file_id > $%d))",
n, n, n+1))
args = append(args, cur.Position, fileID)
n += 2
}
orderBy = "fp.position ASC, fp.file_id ASC"
where := "WHERE " + strings.Join(conds, " AND ")
args = append(args, limit+1)
sqlStr := fmt.Sprintf(`
SELECT %s, fp.position
FROM data.file_pool fp
JOIN data.files f ON f.id = fp.file_id
JOIN core.mime_types mt ON mt.id = f.mime_id
JOIN core.users u ON u.id = f.creator_id
%s
ORDER BY %s
LIMIT $%d`, fileSelectForPool, where, orderBy, n)
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, sqlStr, args...)
if err != nil {
return nil, fmt.Errorf("PoolRepo.ListFiles query: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[poolFileRow])
if err != nil {
return nil, fmt.Errorf("PoolRepo.ListFiles scan: %w", err)
}
hasMore := len(collected) > limit
if hasMore {
collected = collected[:limit]
}
items := make([]domain.PoolFile, len(collected))
for i, row := range collected {
items[i] = toPoolFile(row)
}
page := &domain.PoolFilePage{Items: items}
if hasMore && len(collected) > 0 {
last := collected[len(collected)-1]
cur := encodePoolCursor(poolFileCursor{
Position: last.Position,
FileID: last.ID.String(),
})
page.NextCursor = &cur
}
// Batch-load tags.
if len(items) > 0 {
fileIDs := make([]uuid.UUID, len(items))
for i, pf := range items {
fileIDs[i] = pf.File.ID
}
tagMap, err := r.loadPoolTagsBatch(ctx, fileIDs)
if err != nil {
return nil, err
}
for i, pf := range items {
page.Items[i].File.Tags = tagMap[pf.File.ID]
}
}
return page, nil
}
// loadPoolTagsBatch re-uses the same pattern as FileRepo.loadTagsBatch.
func (r *PoolRepo) loadPoolTagsBatch(ctx context.Context, fileIDs []uuid.UUID) (map[uuid.UUID][]domain.Tag, error) {
if len(fileIDs) == 0 {
return nil, nil
}
placeholders := make([]string, len(fileIDs))
args := make([]any, len(fileIDs))
for i, id := range fileIDs {
placeholders[i] = fmt.Sprintf("$%d", i+1)
args[i] = id
}
sqlStr := fmt.Sprintf(`
SELECT ft.file_id,
t.id, t.name, t.notes, t.color,
t.category_id,
c.name AS category_name,
c.color AS category_color,
t.metadata, t.creator_id, u.name AS creator_name, t.is_public
FROM data.file_tag ft
JOIN data.tags t ON t.id = ft.tag_id
JOIN core.users u ON u.id = t.creator_id
LEFT JOIN data.categories c ON c.id = t.category_id
WHERE ft.file_id IN (%s)
ORDER BY ft.file_id, t.name`, strings.Join(placeholders, ","))
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, sqlStr, args...)
if err != nil {
return nil, fmt.Errorf("PoolRepo.loadPoolTagsBatch: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[fileTagRow])
if err != nil {
return nil, fmt.Errorf("PoolRepo.loadPoolTagsBatch scan: %w", err)
}
result := make(map[uuid.UUID][]domain.Tag, len(fileIDs))
for _, fid := range fileIDs {
result[fid] = []domain.Tag{}
}
for _, row := range collected {
result[row.FileID] = append(result[row.FileID], toTagFromFileTag(row))
}
return result, nil
}
// ---------------------------------------------------------------------------
// AddFiles
// ---------------------------------------------------------------------------
// AddFiles inserts files into the pool. When position is nil, files are
// appended after the last existing file (MAX(position) + 1000 * i).
// When position is provided (0-indexed), files are inserted at that index
// and all pool positions are reassigned in one shot.
func (r *PoolRepo) AddFiles(ctx context.Context, poolID uuid.UUID, fileIDs []uuid.UUID, position *int) error {
if len(fileIDs) == 0 {
return nil
}
q := connOrTx(ctx, r.pool)
if position == nil {
// Append: get current max position, then bulk-insert.
var maxPos int
row := q.QueryRow(ctx, `SELECT COALESCE(MAX(position), 0) FROM data.file_pool WHERE pool_id = $1`, poolID)
if err := row.Scan(&maxPos); err != nil {
return fmt.Errorf("PoolRepo.AddFiles maxPos: %w", err)
}
const ins = `INSERT INTO data.file_pool (file_id, pool_id, position) VALUES ($1, $2, $3) ON CONFLICT DO NOTHING`
for i, fid := range fileIDs {
if _, err := q.Exec(ctx, ins, fid, poolID, maxPos+1000*(i+1)); err != nil {
return fmt.Errorf("PoolRepo.AddFiles insert: %w", err)
}
}
return nil
}
// Positional insert: rebuild the full ordered list and reassign.
return r.insertAtPosition(ctx, q, poolID, fileIDs, *position)
}
// insertAtPosition fetches the current ordered file list, splices in the new
// IDs at index pos (0-indexed, clamped), then does a full position reassign.
func (r *PoolRepo) insertAtPosition(ctx context.Context, q db.Querier, poolID uuid.UUID, newIDs []uuid.UUID, pos int) error {
// 1. Fetch current order.
rows, err := q.Query(ctx, `SELECT file_id FROM data.file_pool WHERE pool_id = $1 ORDER BY position ASC, file_id ASC`, poolID)
if err != nil {
return fmt.Errorf("PoolRepo.insertAtPosition fetch: %w", err)
}
var current []uuid.UUID
for rows.Next() {
var fid uuid.UUID
if err := rows.Scan(&fid); err != nil {
rows.Close()
return fmt.Errorf("PoolRepo.insertAtPosition scan: %w", err)
}
current = append(current, fid)
}
rows.Close()
if err := rows.Err(); err != nil {
return fmt.Errorf("PoolRepo.insertAtPosition rows: %w", err)
}
// 2. Build new ordered list, skipping already-present IDs from newIDs.
present := make(map[uuid.UUID]bool, len(current))
for _, fid := range current {
present[fid] = true
}
toAdd := make([]uuid.UUID, 0, len(newIDs))
for _, fid := range newIDs {
if !present[fid] {
toAdd = append(toAdd, fid)
}
}
if len(toAdd) == 0 {
return nil // all already present
}
if pos < 0 {
pos = 0
}
if pos > len(current) {
pos = len(current)
}
ordered := make([]uuid.UUID, 0, len(current)+len(toAdd))
ordered = append(ordered, current[:pos]...)
ordered = append(ordered, toAdd...)
ordered = append(ordered, current[pos:]...)
// 3. Full replace.
return r.reassignPositions(ctx, q, poolID, ordered)
}
// reassignPositions does a DELETE + bulk INSERT for the pool with positions
// 1000, 2000, 3000, ...
func (r *PoolRepo) reassignPositions(ctx context.Context, q db.Querier, poolID uuid.UUID, ordered []uuid.UUID) error {
if _, err := q.Exec(ctx, `DELETE FROM data.file_pool WHERE pool_id = $1`, poolID); err != nil {
return fmt.Errorf("PoolRepo.reassignPositions delete: %w", err)
}
if len(ordered) == 0 {
return nil
}
const ins = `INSERT INTO data.file_pool (file_id, pool_id, position) VALUES ($1, $2, $3)`
for i, fid := range ordered {
if _, err := q.Exec(ctx, ins, fid, poolID, 1000*(i+1)); err != nil {
return fmt.Errorf("PoolRepo.reassignPositions insert: %w", err)
}
}
return nil
}
// ---------------------------------------------------------------------------
// RemoveFiles
// ---------------------------------------------------------------------------
func (r *PoolRepo) RemoveFiles(ctx context.Context, poolID uuid.UUID, fileIDs []uuid.UUID) error {
if len(fileIDs) == 0 {
return nil
}
placeholders := make([]string, len(fileIDs))
args := make([]any, len(fileIDs)+1)
args[0] = poolID
for i, fid := range fileIDs {
placeholders[i] = fmt.Sprintf("$%d", i+2)
args[i+1] = fid
}
query := fmt.Sprintf(
`DELETE FROM data.file_pool WHERE pool_id = $1 AND file_id IN (%s)`,
strings.Join(placeholders, ","))
q := connOrTx(ctx, r.pool)
if _, err := q.Exec(ctx, query, args...); err != nil {
return fmt.Errorf("PoolRepo.RemoveFiles: %w", err)
}
return nil
}
// ---------------------------------------------------------------------------
// Reorder
// ---------------------------------------------------------------------------
// Reorder applies the requested order to the pool. Files actually in the pool
// are placed in the given order; any pool members the request omitted are kept
// and appended in their current order. This makes a partial request (e.g. a
// paginated client that only loaded the first pages) reorder the visible prefix
// without deleting the rest. Unknown IDs are ignored.
func (r *PoolRepo) Reorder(ctx context.Context, poolID uuid.UUID, fileIDs []uuid.UUID) error {
q := connOrTx(ctx, r.pool)
// Current membership, in position order.
rows, err := q.Query(ctx,
`SELECT file_id FROM data.file_pool WHERE pool_id = $1 ORDER BY position ASC, file_id ASC`, poolID)
if err != nil {
return fmt.Errorf("PoolRepo.Reorder fetch: %w", err)
}
var current []uuid.UUID
for rows.Next() {
var fid uuid.UUID
if err := rows.Scan(&fid); err != nil {
rows.Close()
return fmt.Errorf("PoolRepo.Reorder scan: %w", err)
}
current = append(current, fid)
}
rows.Close()
if err := rows.Err(); err != nil {
return fmt.Errorf("PoolRepo.Reorder rows: %w", err)
}
inPool := make(map[uuid.UUID]bool, len(current))
for _, fid := range current {
inPool[fid] = true
}
ordered := make([]uuid.UUID, 0, len(current))
placed := make(map[uuid.UUID]bool, len(current))
for _, fid := range fileIDs {
if inPool[fid] && !placed[fid] {
ordered = append(ordered, fid)
placed[fid] = true
}
}
// Preserve any members the request did not mention.
for _, fid := range current {
if !placed[fid] {
ordered = append(ordered, fid)
placed[fid] = true
}
}
return r.reassignPositions(ctx, q, poolID, ordered)
}
backend/internal/db/postgres/postgres.go
+2 -46
View File
@@ -11,30 +11,12 @@ import (
"tanabata/backend/internal/db"
)
// appName tags every connection as application_name, so the backend's sessions
// are identifiable in pg_stat_activity and server logs (and distinguishable from
// e.g. goose migrations or a psql shell).
const appName = "tanabata-backend"
// NewPool creates and validates a *pgxpool.Pool from the given connection URL.
// The pool is ready to use; the caller is responsible for closing it.
func NewPool(ctx context.Context, url string) (*pgxpool.Pool, error) {
cfg, err := pgxpool.ParseConfig(url)
pool, err := pgxpool.New(ctx, url)
if err != nil {
return nil, fmt.Errorf("pgxpool.ParseConfig: %w", err)
}
// Set application_name unless the operator already specified one in the DSN
// (or via PGAPPNAME), so an explicit override still wins.
if cfg.ConnConfig.RuntimeParams == nil {
cfg.ConnConfig.RuntimeParams = map[string]string{}
}
if cfg.ConnConfig.RuntimeParams["application_name"] == "" {
cfg.ConnConfig.RuntimeParams["application_name"] = appName
}
pool, err := pgxpool.NewWithConfig(ctx, cfg)
if err != nil {
return nil, fmt.Errorf("pgxpool.NewWithConfig: %w", err)
return nil, fmt.Errorf("pgxpool.New: %w", err)
}
if err := pool.Ping(ctx); err != nil {
pool.Close()
@@ -83,29 +65,3 @@ func connOrTx(ctx context.Context, pool *pgxpool.Pool) db.Querier {
}
return pool
}
// Object type IDs as seeded in core.object_types (007_seed_data.sql).
const (
objTypeFile int16 = 1
objTypeTag int16 = 2
objTypeCategory int16 = 3
objTypePool int16 = 4
)
// aclVisibilityCond returns a SQL boolean fragment that is true when the viewer
// may see the row at <alias>.id of the given object type under the
// private-by-default model: the row is public, the viewer created it, or the
// viewer holds an explicit can_view grant. objectTypeID is a trusted constant
// and is inlined; viewerID is bound as $n (referenced twice). Returns the
// fragment, the next free parameter index, and the extended args.
//
// Callers skip this entirely for admins (who bypass ACL).
func aclVisibilityCond(alias string, objectTypeID int16, viewerID int16, n int, args []any) (string, int, []any) {
cond := fmt.Sprintf(
"(%[1]s.is_public OR %[1]s.creator_id = $%[2]d OR EXISTS ("+
"SELECT 1 FROM acl.permissions p "+
"WHERE p.object_type_id = %[3]d AND p.object_id = %[1]s.id "+
"AND p.user_id = $%[2]d AND p.can_view))",
alias, n, objectTypeID)
return cond, n + 1, append(args, viewerID)
}
backend/internal/db/postgres/session_repo.go
-22
View File
@@ -74,28 +74,6 @@ func (r *SessionRepo) Create(ctx context.Context, s *domain.Session) (*domain.Se
return &created, nil
}
func (r *SessionRepo) GetByID(ctx context.Context, id int) (*domain.Session, error) {
const sql = `
SELECT id, token_hash, user_id, user_agent, started_at, expires_at, last_activity
FROM activity.sessions
WHERE id = $1 AND is_active = true`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, sql, id)
if err != nil {
return nil, fmt.Errorf("SessionRepo.GetByID: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[sessionRow])
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
return nil, domain.ErrNotFound
}
return nil, fmt.Errorf("SessionRepo.GetByID scan: %w", err)
}
s := toSession(row)
return &s, nil
}
func (r *SessionRepo) GetByTokenHash(ctx context.Context, hash string) (*domain.Session, error) {
const sql = `
SELECT id, token_hash, user_id, user_agent, started_at, expires_at, last_activity
backend/internal/db/postgres/tag_repo.go
-652
View File
@@ -1,652 +0,0 @@
package postgres
import (
"context"
"encoding/json"
"errors"
"fmt"
"strings"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgconn"
"github.com/jackc/pgx/v5/pgxpool"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
)
// ---------------------------------------------------------------------------
// Row structs — use pgx-scannable types
// ---------------------------------------------------------------------------
type tagRow struct {
ID uuid.UUID `db:"id"`
Name string `db:"name"`
Notes *string `db:"notes"`
Color *string `db:"color"`
CategoryID *uuid.UUID `db:"category_id"`
CategoryName *string `db:"category_name"`
CategoryColor *string `db:"category_color"`
Metadata []byte `db:"metadata"`
CreatorID int16 `db:"creator_id"`
CreatorName string `db:"creator_name"`
IsPublic bool `db:"is_public"`
}
type tagRowWithTotal struct {
tagRow
Total int `db:"total"`
}
type tagRuleRow struct {
WhenTagID uuid.UUID `db:"when_tag_id"`
ThenTagID uuid.UUID `db:"then_tag_id"`
ThenTagName string `db:"then_tag_name"`
IsActive bool `db:"is_active"`
}
// ---------------------------------------------------------------------------
// Converters
// ---------------------------------------------------------------------------
func toTag(r tagRow) domain.Tag {
t := domain.Tag{
ID: r.ID,
Name: r.Name,
Notes: r.Notes,
Color: r.Color,
CategoryID: r.CategoryID,
CategoryName: r.CategoryName,
CategoryColor: r.CategoryColor,
CreatorID: r.CreatorID,
CreatorName: r.CreatorName,
IsPublic: r.IsPublic,
CreatedAt: domain.UUIDCreatedAt(r.ID),
}
if len(r.Metadata) > 0 && string(r.Metadata) != "null" {
t.Metadata = json.RawMessage(r.Metadata)
}
return t
}
func toTagRule(r tagRuleRow) domain.TagRule {
return domain.TagRule{
WhenTagID: r.WhenTagID,
ThenTagID: r.ThenTagID,
ThenTagName: r.ThenTagName,
IsActive: r.IsActive,
}
}
// ---------------------------------------------------------------------------
// Shared SQL fragments
// ---------------------------------------------------------------------------
const tagSelectFrom = `
SELECT
t.id,
t.name,
t.notes,
t.color,
t.category_id,
c.name AS category_name,
c.color AS category_color,
t.metadata,
t.creator_id,
u.name AS creator_name,
t.is_public
FROM data.tags t
LEFT JOIN data.categories c ON c.id = t.category_id
JOIN core.users u ON u.id = t.creator_id`
func tagSortColumn(s string) string {
switch s {
case "name":
return "t.name"
case "color":
return "t.color"
case "category_name":
return "c.name"
default: // "created"
return "t.id"
}
}
// isPgUniqueViolation reports whether err is a PostgreSQL unique-constraint error.
func isPgUniqueViolation(err error) bool {
var pgErr *pgconn.PgError
return errors.As(err, &pgErr) && pgErr.Code == "23505"
}
// ---------------------------------------------------------------------------
// TagRepo — implements port.TagRepo
// ---------------------------------------------------------------------------
// TagRepo handles tag CRUD and filetag relations.
type TagRepo struct {
pool *pgxpool.Pool
}
var _ port.TagRepo = (*TagRepo)(nil)
// NewTagRepo creates a TagRepo backed by pool.
func NewTagRepo(pool *pgxpool.Pool) *TagRepo {
return &TagRepo{pool: pool}
}
// ---------------------------------------------------------------------------
// List / ListByCategory
// ---------------------------------------------------------------------------
func (r *TagRepo) List(ctx context.Context, params port.OffsetParams) (*domain.TagOffsetPage, error) {
return r.listTags(ctx, params, nil)
}
func (r *TagRepo) ListByCategory(ctx context.Context, categoryID uuid.UUID, params port.OffsetParams) (*domain.TagOffsetPage, error) {
return r.listTags(ctx, params, &categoryID)
}
func (r *TagRepo) listTags(ctx context.Context, params port.OffsetParams, categoryID *uuid.UUID) (*domain.TagOffsetPage, error) {
order := "ASC"
if strings.ToLower(params.Order) == "desc" {
order = "DESC"
}
sortCol := tagSortColumn(params.Sort)
// When sorting by category, break ties within a category by the tag's own
// name (same direction), so tags are grouped by category then alphabetical.
secondarySort := ""
if params.Sort == "category_name" {
secondarySort = fmt.Sprintf("t.name %s, ", order)
}
args := []any{}
n := 1
var conditions []string
if params.Search != "" {
conditions = append(conditions, fmt.Sprintf("lower(t.name) LIKE lower($%d)", n))
args = append(args, "%"+params.Search+"%")
n++
}
if categoryID != nil {
conditions = append(conditions, fmt.Sprintf("t.category_id = $%d", n))
args = append(args, *categoryID)
n++
}
// Restrict to tags the viewer may see (private-by-default), unless admin.
if !params.ViewerIsAdmin {
var aclCond string
aclCond, n, args = aclVisibilityCond("t", objTypeTag, params.ViewerID, n, args)
conditions = append(conditions, aclCond)
}
where := ""
if len(conditions) > 0 {
where = "WHERE " + strings.Join(conditions, " AND ")
}
limit := params.Limit
if limit <= 0 {
limit = 50
}
offset := params.Offset
if offset < 0 {
offset = 0
}
query := fmt.Sprintf(`
SELECT
t.id, t.name, t.notes, t.color,
t.category_id,
c.name AS category_name,
c.color AS category_color,
t.metadata, t.creator_id,
u.name AS creator_name,
t.is_public,
COUNT(*) OVER() AS total
FROM data.tags t
LEFT JOIN data.categories c ON c.id = t.category_id
JOIN core.users u ON u.id = t.creator_id
%s
ORDER BY %s %s NULLS LAST, %st.id ASC
LIMIT $%d OFFSET $%d`, where, sortCol, order, secondarySort, n, n+1)
args = append(args, limit, offset)
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, args...)
if err != nil {
return nil, fmt.Errorf("TagRepo.List query: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[tagRowWithTotal])
if err != nil {
return nil, fmt.Errorf("TagRepo.List scan: %w", err)
}
items := make([]domain.Tag, len(collected))
total := 0
for i, row := range collected {
items[i] = toTag(row.tagRow)
total = row.Total
}
return &domain.TagOffsetPage{
Items: items,
Total: total,
Offset: offset,
Limit: limit,
}, nil
}
// ---------------------------------------------------------------------------
// GetByID
// ---------------------------------------------------------------------------
func (r *TagRepo) GetByID(ctx context.Context, id uuid.UUID) (*domain.Tag, error) {
const query = tagSelectFrom + `
WHERE t.id = $1`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, id)
if err != nil {
return nil, fmt.Errorf("TagRepo.GetByID: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[tagRow])
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
return nil, domain.ErrNotFound
}
return nil, fmt.Errorf("TagRepo.GetByID scan: %w", err)
}
t := toTag(row)
return &t, nil
}
// ---------------------------------------------------------------------------
// Create
// ---------------------------------------------------------------------------
func (r *TagRepo) Create(ctx context.Context, t *domain.Tag) (*domain.Tag, error) {
const query = `
WITH ins AS (
INSERT INTO data.tags (name, notes, color, category_id, metadata, creator_id, is_public)
VALUES ($1, $2, NULLIF($3, ''), $4, $5, $6, $7)
RETURNING *
)
SELECT
ins.id, ins.name, ins.notes, ins.color,
ins.category_id,
c.name AS category_name,
c.color AS category_color,
ins.metadata, ins.creator_id,
u.name AS creator_name,
ins.is_public
FROM ins
LEFT JOIN data.categories c ON c.id = ins.category_id
JOIN core.users u ON u.id = ins.creator_id`
var meta any
if len(t.Metadata) > 0 {
meta = t.Metadata
}
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query,
t.Name, t.Notes, t.Color, t.CategoryID, meta, t.CreatorID, t.IsPublic)
if err != nil {
return nil, fmt.Errorf("TagRepo.Create: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[tagRow])
if err != nil {
if isPgUniqueViolation(err) {
return nil, domain.ErrConflict
}
return nil, fmt.Errorf("TagRepo.Create scan: %w", err)
}
created := toTag(row)
return &created, nil
}
// ---------------------------------------------------------------------------
// Update
// ---------------------------------------------------------------------------
// Update replaces all mutable fields. The caller must merge current values with
// the patch (read-then-write) before calling this.
func (r *TagRepo) Update(ctx context.Context, id uuid.UUID, t *domain.Tag) (*domain.Tag, error) {
const query = `
WITH upd AS (
UPDATE data.tags SET
name = $2,
notes = $3,
color = NULLIF($4, ''),
category_id = $5,
metadata = COALESCE($6, metadata),
is_public = $7
WHERE id = $1
RETURNING *
)
SELECT
upd.id, upd.name, upd.notes, upd.color,
upd.category_id,
c.name AS category_name,
c.color AS category_color,
upd.metadata, upd.creator_id,
u.name AS creator_name,
upd.is_public
FROM upd
LEFT JOIN data.categories c ON c.id = upd.category_id
JOIN core.users u ON u.id = upd.creator_id`
var meta any
if len(t.Metadata) > 0 {
meta = t.Metadata
}
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query,
id, t.Name, t.Notes, t.Color, t.CategoryID, meta, t.IsPublic)
if err != nil {
return nil, fmt.Errorf("TagRepo.Update: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[tagRow])
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
return nil, domain.ErrNotFound
}
if isPgUniqueViolation(err) {
return nil, domain.ErrConflict
}
return nil, fmt.Errorf("TagRepo.Update scan: %w", err)
}
updated := toTag(row)
return &updated, nil
}
// ---------------------------------------------------------------------------
// Delete
// ---------------------------------------------------------------------------
func (r *TagRepo) Delete(ctx context.Context, id uuid.UUID) error {
const query = `DELETE FROM data.tags WHERE id = $1`
q := connOrTx(ctx, r.pool)
ct, err := q.Exec(ctx, query, id)
if err != nil {
return fmt.Errorf("TagRepo.Delete: %w", err)
}
if ct.RowsAffected() == 0 {
return domain.ErrNotFound
}
return nil
}
// ---------------------------------------------------------------------------
// Filetag operations
// ---------------------------------------------------------------------------
func (r *TagRepo) ListByFile(ctx context.Context, fileID uuid.UUID) ([]domain.Tag, error) {
const query = tagSelectFrom + `
JOIN data.file_tag ft ON ft.tag_id = t.id
WHERE ft.file_id = $1
ORDER BY t.name`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, fileID)
if err != nil {
return nil, fmt.Errorf("TagRepo.ListByFile: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[tagRow])
if err != nil {
return nil, fmt.Errorf("TagRepo.ListByFile scan: %w", err)
}
tags := make([]domain.Tag, len(collected))
for i, row := range collected {
tags[i] = toTag(row)
}
return tags, nil
}
func (r *TagRepo) AddFileTag(ctx context.Context, fileID, tagID uuid.UUID) error {
const query = `
INSERT INTO data.file_tag (file_id, tag_id) VALUES ($1, $2)
ON CONFLICT DO NOTHING`
q := connOrTx(ctx, r.pool)
if _, err := q.Exec(ctx, query, fileID, tagID); err != nil {
return fmt.Errorf("TagRepo.AddFileTag: %w", err)
}
return nil
}
func (r *TagRepo) RemoveFileTag(ctx context.Context, fileID, tagID uuid.UUID) error {
const query = `DELETE FROM data.file_tag WHERE file_id = $1 AND tag_id = $2`
q := connOrTx(ctx, r.pool)
if _, err := q.Exec(ctx, query, fileID, tagID); err != nil {
return fmt.Errorf("TagRepo.RemoveFileTag: %w", err)
}
return nil
}
func (r *TagRepo) SetFileTags(ctx context.Context, fileID uuid.UUID, tagIDs []uuid.UUID) error {
q := connOrTx(ctx, r.pool)
if _, err := q.Exec(ctx,
`DELETE FROM data.file_tag WHERE file_id = $1`, fileID); err != nil {
return fmt.Errorf("TagRepo.SetFileTags delete: %w", err)
}
if len(tagIDs) == 0 {
return nil
}
placeholders := make([]string, len(tagIDs))
args := []any{fileID}
for i, tagID := range tagIDs {
placeholders[i] = fmt.Sprintf("($1, $%d)", i+2)
args = append(args, tagID)
}
ins := `INSERT INTO data.file_tag (file_id, tag_id) VALUES ` +
strings.Join(placeholders, ", ") + ` ON CONFLICT DO NOTHING`
if _, err := q.Exec(ctx, ins, args...); err != nil {
return fmt.Errorf("TagRepo.SetFileTags insert: %w", err)
}
return nil
}
func (r *TagRepo) CommonTagsForFiles(ctx context.Context, fileIDs []uuid.UUID) ([]domain.Tag, error) {
if len(fileIDs) == 0 {
return []domain.Tag{}, nil
}
return r.queryTagsByPresence(ctx, fileIDs, "=")
}
func (r *TagRepo) PartialTagsForFiles(ctx context.Context, fileIDs []uuid.UUID) ([]domain.Tag, error) {
if len(fileIDs) == 0 {
return []domain.Tag{}, nil
}
return r.queryTagsByPresence(ctx, fileIDs, "<")
}
func (r *TagRepo) queryTagsByPresence(ctx context.Context, fileIDs []uuid.UUID, op string) ([]domain.Tag, error) {
placeholders := make([]string, len(fileIDs))
args := make([]any, len(fileIDs)+1)
for i, id := range fileIDs {
placeholders[i] = fmt.Sprintf("$%d", i+1)
args[i] = id
}
args[len(fileIDs)] = len(fileIDs)
n := len(fileIDs) + 1
query := fmt.Sprintf(`
SELECT
t.id, t.name, t.notes, t.color,
t.category_id,
c.name AS category_name,
c.color AS category_color,
t.metadata, t.creator_id,
u.name AS creator_name,
t.is_public
FROM data.tags t
JOIN data.file_tag ft ON ft.tag_id = t.id
LEFT JOIN data.categories c ON c.id = t.category_id
JOIN core.users u ON u.id = t.creator_id
WHERE ft.file_id IN (%s)
GROUP BY t.id, c.id, u.id
HAVING COUNT(DISTINCT ft.file_id) %s $%d
ORDER BY t.name`,
strings.Join(placeholders, ", "), op, n)
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, args...)
if err != nil {
return nil, fmt.Errorf("TagRepo.queryTagsByPresence: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[tagRow])
if err != nil {
return nil, fmt.Errorf("TagRepo.queryTagsByPresence scan: %w", err)
}
tags := make([]domain.Tag, len(collected))
for i, row := range collected {
tags[i] = toTag(row)
}
return tags, nil
}
// ---------------------------------------------------------------------------
// TagRuleRepo — implements port.TagRuleRepo (separate type to avoid method collision)
// ---------------------------------------------------------------------------
// TagRuleRepo handles tag-rule CRUD.
type TagRuleRepo struct {
pool *pgxpool.Pool
}
var _ port.TagRuleRepo = (*TagRuleRepo)(nil)
// NewTagRuleRepo creates a TagRuleRepo backed by pool.
func NewTagRuleRepo(pool *pgxpool.Pool) *TagRuleRepo {
return &TagRuleRepo{pool: pool}
}
func (r *TagRuleRepo) ListByTag(ctx context.Context, tagID uuid.UUID) ([]domain.TagRule, error) {
const query = `
SELECT
tr.when_tag_id,
tr.then_tag_id,
t.name AS then_tag_name,
tr.is_active
FROM data.tag_rules tr
JOIN data.tags t ON t.id = tr.then_tag_id
WHERE tr.when_tag_id = $1
ORDER BY t.name`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, tagID)
if err != nil {
return nil, fmt.Errorf("TagRuleRepo.ListByTag: %w", err)
}
collected, err := pgx.CollectRows(rows, pgx.RowToStructByName[tagRuleRow])
if err != nil {
return nil, fmt.Errorf("TagRuleRepo.ListByTag scan: %w", err)
}
rules := make([]domain.TagRule, len(collected))
for i, row := range collected {
rules[i] = toTagRule(row)
}
return rules, nil
}
func (r *TagRuleRepo) Create(ctx context.Context, rule domain.TagRule) (*domain.TagRule, error) {
const query = `
WITH ins AS (
INSERT INTO data.tag_rules (when_tag_id, then_tag_id, is_active)
VALUES ($1, $2, $3)
RETURNING *
)
SELECT ins.when_tag_id, ins.then_tag_id, t.name AS then_tag_name, ins.is_active
FROM ins
JOIN data.tags t ON t.id = ins.then_tag_id`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, query, rule.WhenTagID, rule.ThenTagID, rule.IsActive)
if err != nil {
return nil, fmt.Errorf("TagRuleRepo.Create: %w", err)
}
row, err := pgx.CollectOneRow(rows, pgx.RowToStructByName[tagRuleRow])
if err != nil {
if isPgUniqueViolation(err) {
return nil, domain.ErrConflict
}
return nil, fmt.Errorf("TagRuleRepo.Create scan: %w", err)
}
result := toTagRule(row)
return &result, nil
}
func (r *TagRuleRepo) SetActive(ctx context.Context, whenTagID, thenTagID uuid.UUID, active, applyToExisting bool) error {
const updateQuery = `
UPDATE data.tag_rules SET is_active = $3
WHERE when_tag_id = $1 AND then_tag_id = $2`
q := connOrTx(ctx, r.pool)
ct, err := q.Exec(ctx, updateQuery, whenTagID, thenTagID, active)
if err != nil {
return fmt.Errorf("TagRuleRepo.SetActive: %w", err)
}
if ct.RowsAffected() == 0 {
return domain.ErrNotFound
}
if !active || !applyToExisting {
return nil
}
return r.ApplyToExisting(ctx, whenTagID, thenTagID)
}
// ApplyToExisting retroactively applies the full transitive expansion of
// thenTagID to all files that already carry whenTagID. The recursive CTE walks
// active rules starting from thenTagID (mirrors the Go expandTagSet BFS), so
// inactive downstream rules are not followed. Idempotent via ON CONFLICT.
func (r *TagRuleRepo) ApplyToExisting(ctx context.Context, whenTagID, thenTagID uuid.UUID) error {
const retroQuery = `
WITH RECURSIVE expansion(tag_id) AS (
SELECT $2::uuid
UNION
SELECT r.then_tag_id
FROM data.tag_rules r
JOIN expansion e ON r.when_tag_id = e.tag_id
WHERE r.is_active = true
)
INSERT INTO data.file_tag (file_id, tag_id)
SELECT ft.file_id, e.tag_id
FROM data.file_tag ft
CROSS JOIN expansion e
WHERE ft.tag_id = $1
ON CONFLICT DO NOTHING`
q := connOrTx(ctx, r.pool)
if _, err := q.Exec(ctx, retroQuery, whenTagID, thenTagID); err != nil {
return fmt.Errorf("TagRuleRepo.ApplyToExisting: %w", err)
}
return nil
}
func (r *TagRuleRepo) Delete(ctx context.Context, whenTagID, thenTagID uuid.UUID) error {
const query = `
DELETE FROM data.tag_rules
WHERE when_tag_id = $1 AND then_tag_id = $2`
q := connOrTx(ctx, r.pool)
ct, err := q.Exec(ctx, query, whenTagID, thenTagID)
if err != nil {
return fmt.Errorf("TagRuleRepo.Delete: %w", err)
}
if ct.RowsAffected() == 0 {
return domain.ErrNotFound
}
return nil
}
backend/internal/db/postgres/user_repo.go
+2 -2
View File
@@ -162,12 +162,12 @@ func (r *UserRepo) Create(ctx context.Context, u *domain.User) (*domain.User, er
func (r *UserRepo) Update(ctx context.Context, id int16, u *domain.User) (*domain.User, error) {
const sql = `
UPDATE core.users
SET name = $2, password = $3, is_admin = $4, can_create = $5, is_blocked = $6
SET name = $2, password = $3, is_admin = $4, can_create = $5
WHERE id = $1
RETURNING id, name, password, is_admin, can_create, is_blocked`
q := connOrTx(ctx, r.pool)
rows, err := q.Query(ctx, sql, id, u.Name, u.Password, u.IsAdmin, u.CanCreate, u.IsBlocked)
rows, err := q.Query(ctx, sql, id, u.Name, u.Password, u.IsAdmin, u.CanCreate)
if err != nil {
return nil, fmt.Errorf("UserRepo.Update: %w", err)
}
backend/internal/domain/duplicate.go
-18
View File
@@ -1,18 +0,0 @@
package domain
import "github.com/google/uuid"
// PHashEntry is a file's perceptual hash, the input to duplicate clustering.
type PHashEntry struct {
ID uuid.UUID
PHash int64
}
// DuplicatePair is an unordered pair of files whose perceptual hashes are within
// the configured Hamming threshold. FileA < FileB by UUID byte order (canonical),
// so a pair is represented exactly once.
type DuplicatePair struct {
FileA uuid.UUID
FileB uuid.UUID
Distance int
}
backend/internal/domain/file.go
-7
View File
@@ -29,7 +29,6 @@ type File struct {
CreatorName string // denormalized from core.users
IsPublic bool
IsDeleted bool
NeedsReview bool // tagging not yet marked done; cleared by an explicit review action
CreatedAt time.Time // extracted from UUID v7 via UUIDCreatedAt
Tags []Tag // loaded with the file
}
@@ -50,12 +49,6 @@ type FileListParams struct {
Filter string // filter DSL expression
Search string // substring match on original_name
Trash bool // if true, return only soft-deleted files
// Visibility — populated by the service from the request context. When
// ViewerIsAdmin is false the repository restricts results to files the
// viewer may see (public, owned, or explicitly granted).
ViewerID int16
ViewerIsAdmin bool
}
// FilePage is the result of a cursor-based file listing.
backend/internal/handler/acl_handler.go
-146
View File
@@ -1,146 +0,0 @@
package handler
import (
"net/http"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/service"
)
// objectTypeIDs maps the URL segment to the object_type PK in core.object_types.
// Row order matches 007_seed_data.sql: file=1, tag=2, category=3, pool=4.
var objectTypeIDs = map[string]int16{
"file": 1,
"tag": 2,
"category": 3,
"pool": 4,
}
// ACLHandler handles GET/PUT /acl/:object_type/:object_id.
type ACLHandler struct {
aclSvc *service.ACLService
}
// NewACLHandler creates an ACLHandler.
func NewACLHandler(aclSvc *service.ACLService) *ACLHandler {
return &ACLHandler{aclSvc: aclSvc}
}
// ---------------------------------------------------------------------------
// Response type
// ---------------------------------------------------------------------------
type permissionJSON struct {
UserID int16 `json:"user_id"`
UserName string `json:"user_name"`
CanView bool `json:"can_view"`
CanEdit bool `json:"can_edit"`
}
func toPermissionJSON(p domain.Permission) permissionJSON {
return permissionJSON{
UserID: p.UserID,
UserName: p.UserName,
CanView: p.CanView,
CanEdit: p.CanEdit,
}
}
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
func parseACLPath(c *gin.Context) (objectTypeID int16, objectID uuid.UUID, ok bool) {
typeStr := c.Param("object_type")
id, exists := objectTypeIDs[typeStr]
if !exists {
respondError(c, domain.ErrValidation)
return 0, uuid.UUID{}, false
}
objectID, err := uuid.Parse(c.Param("object_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return 0, uuid.UUID{}, false
}
return id, objectID, true
}
// ---------------------------------------------------------------------------
// GET /acl/:object_type/:object_id
// ---------------------------------------------------------------------------
func (h *ACLHandler) GetPermissions(c *gin.Context) {
objectTypeID, objectID, ok := parseACLPath(c)
if !ok {
return
}
userID, isAdmin, _ := domain.UserFromContext(c.Request.Context())
perms, err := h.aclSvc.GetPermissions(c.Request.Context(), userID, isAdmin, objectTypeID, objectID)
if err != nil {
respondError(c, err)
return
}
out := make([]permissionJSON, len(perms))
for i, p := range perms {
out[i] = toPermissionJSON(p)
}
respondJSON(c, http.StatusOK, out)
}
// ---------------------------------------------------------------------------
// PUT /acl/:object_type/:object_id
// ---------------------------------------------------------------------------
func (h *ACLHandler) SetPermissions(c *gin.Context) {
objectTypeID, objectID, ok := parseACLPath(c)
if !ok {
return
}
var body struct {
Permissions []struct {
UserID int16 `json:"user_id" binding:"required"`
CanView bool `json:"can_view"`
CanEdit bool `json:"can_edit"`
} `json:"permissions" binding:"required"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
perms := make([]domain.Permission, len(body.Permissions))
for i, p := range body.Permissions {
perms[i] = domain.Permission{
UserID: p.UserID,
CanView: p.CanView,
CanEdit: p.CanEdit,
}
}
userID, isAdmin, _ := domain.UserFromContext(c.Request.Context())
if err := h.aclSvc.SetPermissions(c.Request.Context(), userID, isAdmin, objectTypeID, objectID, perms); err != nil {
respondError(c, err)
return
}
// Re-read to return the stored permissions (with UserName denormalized).
stored, err := h.aclSvc.GetPermissions(c.Request.Context(), userID, isAdmin, objectTypeID, objectID)
if err != nil {
respondError(c, err)
return
}
out := make([]permissionJSON, len(stored))
for i, p := range stored {
out[i] = toPermissionJSON(p)
}
respondJSON(c, http.StatusOK, out)
}
backend/internal/handler/audit_handler.go
-120
View File
@@ -1,120 +0,0 @@
package handler
import (
"net/http"
"strconv"
"time"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/service"
)
// AuditHandler handles GET /audit.
type AuditHandler struct {
auditSvc *service.AuditService
}
// NewAuditHandler creates an AuditHandler.
func NewAuditHandler(auditSvc *service.AuditService) *AuditHandler {
return &AuditHandler{auditSvc: auditSvc}
}
// ---------------------------------------------------------------------------
// Response type
// ---------------------------------------------------------------------------
type auditEntryJSON struct {
ID int64 `json:"id"`
UserID int16 `json:"user_id"`
UserName string `json:"user_name"`
Action string `json:"action"`
ObjectType *string `json:"object_type"`
ObjectID *string `json:"object_id"`
PerformedAt string `json:"performed_at"`
}
func toAuditEntryJSON(e domain.AuditEntry) auditEntryJSON {
j := auditEntryJSON{
ID: e.ID,
UserID: e.UserID,
UserName: e.UserName,
Action: e.Action,
ObjectType: e.ObjectType,
PerformedAt: e.PerformedAt.UTC().Format(time.RFC3339),
}
if e.ObjectID != nil {
s := e.ObjectID.String()
j.ObjectID = &s
}
return j
}
// ---------------------------------------------------------------------------
// GET /audit (admin)
// ---------------------------------------------------------------------------
func (h *AuditHandler) List(c *gin.Context) {
if !requireAdmin(c) {
return
}
filter := domain.AuditFilter{}
if s := c.Query("limit"); s != "" {
if n, err := strconv.Atoi(s); err == nil {
filter.Limit = n
}
}
if s := c.Query("offset"); s != "" {
if n, err := strconv.Atoi(s); err == nil {
filter.Offset = n
}
}
if s := c.Query("user_id"); s != "" {
if n, err := strconv.ParseInt(s, 10, 16); err == nil {
id := int16(n)
filter.UserID = &id
}
}
if s := c.Query("action"); s != "" {
filter.Action = s
}
if s := c.Query("object_type"); s != "" {
filter.ObjectType = s
}
if s := c.Query("object_id"); s != "" {
if id, err := uuid.Parse(s); err == nil {
filter.ObjectID = &id
}
}
if s := c.Query("from"); s != "" {
if t, err := time.Parse(time.RFC3339, s); err == nil {
filter.From = &t
}
}
if s := c.Query("to"); s != "" {
if t, err := time.Parse(time.RFC3339, s); err == nil {
filter.To = &t
}
}
page, err := h.auditSvc.Query(c.Request.Context(), filter)
if err != nil {
respondError(c, err)
return
}
items := make([]auditEntryJSON, len(page.Items))
for i, e := range page.Items {
items[i] = toAuditEntryJSON(e)
}
respondJSON(c, http.StatusOK, gin.H{
"items": items,
"total": page.Total,
"offset": page.Offset,
"limit": page.Limit,
})
}
backend/internal/handler/category_handler.go
-235
View File
@@ -1,235 +0,0 @@
package handler
import (
"net/http"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/service"
)
// CategoryHandler handles all /categories endpoints.
type CategoryHandler struct {
categorySvc *service.CategoryService
}
// NewCategoryHandler creates a CategoryHandler.
func NewCategoryHandler(categorySvc *service.CategoryService) *CategoryHandler {
return &CategoryHandler{categorySvc: categorySvc}
}
// ---------------------------------------------------------------------------
// Response types
// ---------------------------------------------------------------------------
type categoryJSON struct {
ID string `json:"id"`
Name string `json:"name"`
Notes *string `json:"notes"`
Color *string `json:"color"`
CreatorID int16 `json:"creator_id"`
CreatorName string `json:"creator_name"`
IsPublic bool `json:"is_public"`
CreatedAt string `json:"created_at"`
}
func toCategoryJSON(c domain.Category) categoryJSON {
return categoryJSON{
ID: c.ID.String(),
Name: c.Name,
Notes: c.Notes,
Color: c.Color,
CreatorID: c.CreatorID,
CreatorName: c.CreatorName,
IsPublic: c.IsPublic,
CreatedAt: c.CreatedAt.UTC().Format("2006-01-02T15:04:05Z"),
}
}
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
func parseCategoryID(c *gin.Context) (uuid.UUID, bool) {
id, err := uuid.Parse(c.Param("category_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return uuid.UUID{}, false
}
return id, true
}
// ---------------------------------------------------------------------------
// GET /categories
// ---------------------------------------------------------------------------
func (h *CategoryHandler) List(c *gin.Context) {
params := parseOffsetParams(c, "created")
page, err := h.categorySvc.List(c.Request.Context(), params)
if err != nil {
respondError(c, err)
return
}
items := make([]categoryJSON, len(page.Items))
for i, cat := range page.Items {
items[i] = toCategoryJSON(cat)
}
respondJSON(c, http.StatusOK, gin.H{
"items": items,
"total": page.Total,
"offset": page.Offset,
"limit": page.Limit,
})
}
// ---------------------------------------------------------------------------
// POST /categories
// ---------------------------------------------------------------------------
func (h *CategoryHandler) Create(c *gin.Context) {
var body struct {
Name string `json:"name" binding:"required"`
Notes *string `json:"notes"`
Color *string `json:"color"`
IsPublic *bool `json:"is_public"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
created, err := h.categorySvc.Create(c.Request.Context(), service.CategoryParams{
Name: body.Name,
Notes: body.Notes,
Color: body.Color,
IsPublic: body.IsPublic,
})
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusCreated, toCategoryJSON(*created))
}
// ---------------------------------------------------------------------------
// GET /categories/:category_id
// ---------------------------------------------------------------------------
func (h *CategoryHandler) Get(c *gin.Context) {
id, ok := parseCategoryID(c)
if !ok {
return
}
cat, err := h.categorySvc.Get(c.Request.Context(), id)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toCategoryJSON(*cat))
}
// ---------------------------------------------------------------------------
// PATCH /categories/:category_id
// ---------------------------------------------------------------------------
func (h *CategoryHandler) Update(c *gin.Context) {
id, ok := parseCategoryID(c)
if !ok {
return
}
// Use a raw map to detect explicitly-null fields.
var raw map[string]any
if err := c.ShouldBindJSON(&raw); err != nil {
respondError(c, domain.ErrValidation)
return
}
params := service.CategoryParams{}
if v, ok := raw["name"]; ok {
if s, ok := v.(string); ok {
params.Name = s
}
}
if _, ok := raw["notes"]; ok {
if raw["notes"] == nil {
empty := ""
params.Notes = &empty
} else if s, ok := raw["notes"].(string); ok {
params.Notes = &s
}
}
if _, ok := raw["color"]; ok {
if raw["color"] == nil {
empty := ""
params.Color = &empty
} else if s, ok := raw["color"].(string); ok {
params.Color = &s
}
}
if v, ok := raw["is_public"]; ok {
if b, ok := v.(bool); ok {
params.IsPublic = &b
}
}
updated, err := h.categorySvc.Update(c.Request.Context(), id, params)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toCategoryJSON(*updated))
}
// ---------------------------------------------------------------------------
// DELETE /categories/:category_id
// ---------------------------------------------------------------------------
func (h *CategoryHandler) Delete(c *gin.Context) {
id, ok := parseCategoryID(c)
if !ok {
return
}
if err := h.categorySvc.Delete(c.Request.Context(), id); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// GET /categories/:category_id/tags
// ---------------------------------------------------------------------------
func (h *CategoryHandler) ListTags(c *gin.Context) {
id, ok := parseCategoryID(c)
if !ok {
return
}
params := parseOffsetParams(c, "created")
page, err := h.categorySvc.ListTags(c.Request.Context(), id, params)
if err != nil {
respondError(c, err)
return
}
items := make([]tagJSON, len(page.Items))
for i, t := range page.Items {
items[i] = toTagJSON(t)
}
respondJSON(c, http.StatusOK, gin.H{
"items": items,
"total": page.Total,
"offset": page.Offset,
"limit": page.Limit,
})
}
backend/internal/handler/duplicate_handler.go
-122
View File
@@ -1,122 +0,0 @@
package handler
import (
"net/http"
"strconv"
"github.com/gin-gonic/gin"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/service"
)
// DuplicateHandler handles the /files/duplicates endpoints.
type DuplicateHandler struct {
dupSvc *service.DuplicateService
}
// NewDuplicateHandler creates a DuplicateHandler.
func NewDuplicateHandler(dupSvc *service.DuplicateService) *DuplicateHandler {
return &DuplicateHandler{dupSvc: dupSvc}
}
// List handles GET /files/duplicates — an offset-paginated list of duplicate
// clusters, each a group of files within the perceptual-hash threshold.
func (h *DuplicateHandler) List(c *gin.Context) {
limit, offset := 20, 0
if n, err := strconv.Atoi(c.Query("limit")); err == nil {
limit = n
}
if n, err := strconv.Atoi(c.Query("offset")); err == nil {
offset = n
}
if limit < 1 {
limit = 1
}
if limit > 50 {
limit = 50
}
if offset < 0 {
offset = 0
}
clusters, total, err := h.dupSvc.Clusters(c.Request.Context(), limit, offset)
if err != nil {
respondError(c, err)
return
}
items := make([]gin.H, len(clusters))
for i, files := range clusters {
fs := make([]fileJSON, len(files))
for j, f := range files {
fs[j] = toFileJSON(f)
}
items[i] = gin.H{"files": fs}
}
respondJSON(c, http.StatusOK, gin.H{
"items": items,
"total": total,
"limit": limit,
"offset": offset,
})
}
// Dismiss handles POST /files/duplicates/dismiss — mark a pair "not a duplicate".
func (h *DuplicateHandler) Dismiss(c *gin.Context) {
var body struct {
FileIDA string `json:"file_id_a" binding:"required"`
FileIDB string `json:"file_id_b" binding:"required"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
ids, err := parseUUIDs([]string{body.FileIDA, body.FileIDB})
if err != nil {
respondError(c, domain.ErrValidation)
return
}
if err := h.dupSvc.Dismiss(c.Request.Context(), ids[0], ids[1]); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// Resolve handles POST /files/duplicates/resolve — merge a duplicate pair,
// keeping one file and folding the chosen fields in from the other. Returns the
// updated survivor. delete_discarded defaults to true.
func (h *DuplicateHandler) Resolve(c *gin.Context) {
var body struct {
Keep string `json:"keep" binding:"required"`
Discard string `json:"discard" binding:"required"`
Fields service.MergeFields `json:"fields"`
DeleteDiscarded *bool `json:"delete_discarded"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
ids, err := parseUUIDs([]string{body.Keep, body.Discard})
if err != nil {
respondError(c, domain.ErrValidation)
return
}
del := true
if body.DeleteDiscarded != nil {
del = *body.DeleteDiscarded
}
f, err := h.dupSvc.Resolve(c.Request.Context(), service.MergeSpec{
Keep: ids[0],
Discard: ids[1],
Fields: body.Fields,
DeleteDiscarded: del,
})
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toFileJSON(*f))
}
backend/internal/handler/file_handler.go
+131 -171
View File
@@ -4,7 +4,6 @@ import (
"encoding/json"
"fmt"
"io"
"mime/multipart"
"net/http"
"strconv"
"strings"
@@ -21,35 +20,11 @@ import (
// FileHandler handles all /files endpoints.
type FileHandler struct {
fileSvc *service.FileService
tagSvc *service.TagService
authSvc *service.AuthService
maxUploadBytes int64
}
// NewFileHandler creates a FileHandler. maxUploadBytes caps the size of an
// uploaded or replacement file. authSvc mints content tokens for media URLs.
func NewFileHandler(fileSvc *service.FileService, tagSvc *service.TagService, authSvc *service.AuthService, maxUploadBytes int64) *FileHandler {
return &FileHandler{fileSvc: fileSvc, tagSvc: tagSvc, authSvc: authSvc, maxUploadBytes: maxUploadBytes}
}
// formFileLimited reads the "file" multipart field while bounding how many bytes
// are read from the request body, then rejects files larger than the configured
// cap. The body limit guards against a dishonest Content-Length; the Size check
// gives a clear rejection for an honestly-declared oversized file.
func (h *FileHandler) formFileLimited(c *gin.Context) (*multipart.FileHeader, bool) {
// Allow a little slack above the file cap for multipart framing overhead.
c.Request.Body = http.MaxBytesReader(c.Writer, c.Request.Body, h.maxUploadBytes+(1<<20))
fh, err := c.FormFile("file")
if err != nil {
respondError(c, domain.ErrValidation)
return nil, false
}
if fh.Size > h.maxUploadBytes {
respondError(c, domain.ErrValidation)
return nil, false
}
return fh, true
// NewFileHandler creates a FileHandler.
func NewFileHandler(fileSvc *service.FileService) *FileHandler {
return &FileHandler{fileSvc: fileSvc}
}
// ---------------------------------------------------------------------------
@@ -84,7 +59,6 @@ type fileJSON struct {
CreatorName string `json:"creator_name"`
IsPublic bool `json:"is_public"`
IsDeleted bool `json:"is_deleted"`
NeedsReview bool `json:"needs_review"`
CreatedAt string `json:"created_at"`
Tags []tagJSON `json:"tags"`
}
@@ -132,7 +106,6 @@ func toFileJSON(f domain.File) fileJSON {
CreatorName: f.CreatorName,
IsPublic: f.IsPublic,
IsDeleted: f.IsDeleted,
NeedsReview: f.NeedsReview,
CreatedAt: f.CreatedAt.Format(time.RFC3339),
Tags: tags,
}
@@ -212,8 +185,9 @@ func (h *FileHandler) List(c *gin.Context) {
// ---------------------------------------------------------------------------
func (h *FileHandler) Upload(c *gin.Context) {
fh, ok := h.formFileLimited(c)
if !ok {
fh, err := c.FormFile("file")
if err != nil {
respondError(c, domain.ErrValidation)
return
}
@@ -303,25 +277,6 @@ func (h *FileHandler) GetMeta(c *gin.Context) {
respondJSON(c, http.StatusOK, toFileJSON(*f))
}
// ---------------------------------------------------------------------------
// POST /files/:id/views
// ---------------------------------------------------------------------------
// RecordView logs that the current user viewed the file (activity.file_views).
func (h *FileHandler) RecordView(c *gin.Context) {
id, ok := parseFileID(c)
if !ok {
return
}
if err := h.fileSvc.RecordView(c.Request.Context(), id); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// PATCH /files/:id
// ---------------------------------------------------------------------------
@@ -386,38 +341,6 @@ func (h *FileHandler) SoftDelete(c *gin.Context) {
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// POST /files/:id/content-token
// ---------------------------------------------------------------------------
// CreateContentToken mints a short-lived, single-file capability token the
// client can put in a content URL's access_token query parameter to open or
// stream the original by link (e.g. a long video in a new tab) without the URL
// dying when the 15-minute access token expires. It first enforces view
// permission via fileSvc.Get, so a token is only issued for a file the caller
// may actually read.
func (h *FileHandler) CreateContentToken(c *gin.Context) {
id, ok := parseFileID(c)
if !ok {
return
}
// Authorize (and confirm existence) the same way content serving does.
if _, err := h.fileSvc.Get(c.Request.Context(), id); err != nil {
respondError(c, err)
return
}
userID, isAdmin, _ := domain.UserFromContext(c.Request.Context())
token, expiresIn, err := h.authSvc.GenerateContentToken(id.String(), userID, isAdmin)
if err != nil {
respondError(c, err)
return
}
c.JSON(http.StatusOK, gin.H{"token": token, "expires_in": expiresIn})
}
// ---------------------------------------------------------------------------
// GET /files/:id/content
// ---------------------------------------------------------------------------
@@ -436,26 +359,9 @@ func (h *FileHandler) GetContent(c *gin.Context) {
defer res.Body.Close()
c.Header("Content-Type", res.MIMEType)
c.Header("Cache-Control", "private, max-age=3600")
// Default to attachment (download); ?inline=1 serves it for in-tab viewing.
disposition := "attachment"
if c.Query("inline") == "1" {
disposition = "inline"
}
name := ""
if res.OriginalName != nil {
name = *res.OriginalName
c.Header("Content-Disposition",
fmt.Sprintf("%s; filename=%q", disposition, name))
}
// Serve with byte-range support when the body is seekable (it is for the
// disk store): http.ServeContent advertises Accept-Ranges and answers Range
// requests with 206 Partial Content, which is what lets the browser scrub and
// seek within audio/video. Fall back to a plain stream otherwise.
if seeker, ok := res.Body.(io.ReadSeeker); ok {
http.ServeContent(c.Writer, c.Request, name, time.Time{}, seeker)
return
fmt.Sprintf("attachment; filename=%q", *res.OriginalName))
}
c.Status(http.StatusOK)
io.Copy(c.Writer, res.Body) //nolint:errcheck
@@ -471,8 +377,9 @@ func (h *FileHandler) ReplaceContent(c *gin.Context) {
return
}
fh, ok := h.formFileLimited(c)
if !ok {
fh, err := c.FormFile("file")
if err != nil {
respondError(c, domain.ErrValidation)
return
}
@@ -528,7 +435,6 @@ func (h *FileHandler) GetThumbnail(c *gin.Context) {
defer rc.Close()
c.Header("Content-Type", "image/jpeg")
c.Header("Cache-Control", "private, max-age=3600")
c.Status(http.StatusOK)
io.Copy(c.Writer, rc) //nolint:errcheck
}
@@ -551,7 +457,6 @@ func (h *FileHandler) GetPreview(c *gin.Context) {
defer rc.Close()
c.Header("Content-Type", "image/jpeg")
c.Header("Cache-Control", "private, max-age=3600")
c.Status(http.StatusOK)
io.Copy(c.Writer, rc) //nolint:errcheck
}
@@ -593,6 +498,117 @@ func (h *FileHandler) PermanentDelete(c *gin.Context) {
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// GET /files/:id/tags
// ---------------------------------------------------------------------------
func (h *FileHandler) ListTags(c *gin.Context) {
id, ok := parseFileID(c)
if !ok {
return
}
tags, err := h.fileSvc.ListFileTags(c.Request.Context(), id)
if err != nil {
respondError(c, err)
return
}
items := make([]tagJSON, len(tags))
for i, t := range tags {
items[i] = toTagJSON(t)
}
respondJSON(c, http.StatusOK, items)
}
// ---------------------------------------------------------------------------
// PUT /files/:id/tags (replace all)
// ---------------------------------------------------------------------------
func (h *FileHandler) SetTags(c *gin.Context) {
id, ok := parseFileID(c)
if !ok {
return
}
var body struct {
TagIDs []string `json:"tag_ids" binding:"required"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
tagIDs, err := parseUUIDs(body.TagIDs)
if err != nil {
respondError(c, domain.ErrValidation)
return
}
tags, err := h.fileSvc.SetFileTags(c.Request.Context(), id, tagIDs)
if err != nil {
respondError(c, err)
return
}
items := make([]tagJSON, len(tags))
for i, t := range tags {
items[i] = toTagJSON(t)
}
respondJSON(c, http.StatusOK, items)
}
// ---------------------------------------------------------------------------
// PUT /files/:id/tags/:tag_id
// ---------------------------------------------------------------------------
func (h *FileHandler) AddTag(c *gin.Context) {
fileID, ok := parseFileID(c)
if !ok {
return
}
tagID, err := uuid.Parse(c.Param("tag_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
tags, err := h.fileSvc.AddTag(c.Request.Context(), fileID, tagID)
if err != nil {
respondError(c, err)
return
}
items := make([]tagJSON, len(tags))
for i, t := range tags {
items[i] = toTagJSON(t)
}
respondJSON(c, http.StatusOK, items)
}
// ---------------------------------------------------------------------------
// DELETE /files/:id/tags/:tag_id
// ---------------------------------------------------------------------------
func (h *FileHandler) RemoveTag(c *gin.Context) {
fileID, ok := parseFileID(c)
if !ok {
return
}
tagID, err := uuid.Parse(c.Param("tag_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
if err := h.fileSvc.RemoveTag(c.Request.Context(), fileID, tagID); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// POST /files/bulk/tags
// ---------------------------------------------------------------------------
@@ -623,7 +639,7 @@ func (h *FileHandler) BulkSetTags(c *gin.Context) {
return
}
applied, err := h.tagSvc.BulkSetTags(c.Request.Context(), fileIDs, body.Action, tagIDs)
applied, err := h.fileSvc.BulkSetTags(c.Request.Context(), fileIDs, body.Action, tagIDs)
if err != nil {
respondError(c, err)
return
@@ -663,33 +679,6 @@ func (h *FileHandler) BulkDelete(c *gin.Context) {
c.Status(http.StatusNoContent)
}
// BulkReview sets the review status on one or more files. A single-file toggle
// is just a one-element file_ids array. Files the caller cannot edit are
// silently skipped (handled in the service).
func (h *FileHandler) BulkReview(c *gin.Context) {
var body struct {
FileIDs []string `json:"file_ids" binding:"required"`
NeedsReview *bool `json:"needs_review" binding:"required"`
}
if err := c.ShouldBindJSON(&body); err != nil || body.NeedsReview == nil {
respondError(c, domain.ErrValidation)
return
}
fileIDs, err := parseUUIDs(body.FileIDs)
if err != nil {
respondError(c, domain.ErrValidation)
return
}
if err := h.fileSvc.SetNeedsReview(c.Request.Context(), fileIDs, *body.NeedsReview); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// POST /files/bulk/common-tags
// ---------------------------------------------------------------------------
@@ -709,16 +698,16 @@ func (h *FileHandler) CommonTags(c *gin.Context) {
return
}
common, partial, err := h.tagSvc.CommonTags(c.Request.Context(), fileIDs)
common, partial, err := h.fileSvc.CommonTags(c.Request.Context(), fileIDs)
if err != nil {
respondError(c, err)
return
}
toStrs := func(tags []domain.Tag) []string {
s := make([]string, len(tags))
for i, t := range tags {
s[i] = t.ID.String()
toStrs := func(ids []uuid.UUID) []string {
s := make([]string, len(ids))
for i, id := range ids {
s[i] = id.String()
}
return s
}
@@ -734,48 +723,19 @@ func (h *FileHandler) CommonTags(c *gin.Context) {
// ---------------------------------------------------------------------------
func (h *FileHandler) Import(c *gin.Context) {
// Server-side directory import reads arbitrary paths on the host; restrict
// it to administrators.
if !requireAdmin(c) {
return
}
var body struct {
Path string `json:"path"`
}
// Body is optional; ignore bind errors.
_ = c.ShouldBindJSON(&body)
// Stream progress as newline-delimited JSON so the client can render a live
// progress bar and per-file status. Headers are deferred until the first
// event, so a validation error (bad path, import disabled) raised before any
// file is touched can still be returned as a normal JSON error response.
flusher, canFlush := c.Writer.(http.Flusher)
started := false
enc := json.NewEncoder(c.Writer)
emit := func(ev service.ImportEvent) {
if !started {
c.Header("Content-Type", "application/x-ndjson")
c.Header("Cache-Control", "no-cache")
c.Header("X-Accel-Buffering", "no") // don't let a proxy buffer the stream
c.Writer.WriteHeader(http.StatusOK)
started = true
}
_ = enc.Encode(ev) // appends a newline
if canFlush {
flusher.Flush()
}
}
if _, err := h.fileSvc.Import(c.Request.Context(), body.Path, emit); err != nil {
if !started {
result, err := h.fileSvc.Import(c.Request.Context(), body.Path)
if err != nil {
respondError(c, err)
return
}
// Headers already sent; surface the failure as a terminal stream event.
emit(service.ImportEvent{Type: "error", Reason: err.Error()})
}
respondJSON(c, http.StatusOK, result)
}
// ---------------------------------------------------------------------------
backend/internal/handler/middleware.go
+4 -68
View File
@@ -5,7 +5,6 @@ import (
"strings"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/service"
@@ -25,8 +24,8 @@ func NewAuthMiddleware(authSvc *service.AuthService) *AuthMiddleware {
// On success it calls c.Next(); on failure it aborts with 401 JSON.
func (m *AuthMiddleware) Handle() gin.HandlerFunc {
return func(c *gin.Context) {
token := bearerToken(c)
if token == "" {
raw := c.GetHeader("Authorization")
if !strings.HasPrefix(raw, "Bearer ") {
c.JSON(http.StatusUnauthorized, errorBody{
Code: domain.ErrUnauthorized.Code(),
Message: "authorization header missing or malformed",
@@ -34,8 +33,9 @@ func (m *AuthMiddleware) Handle() gin.HandlerFunc {
c.Abort()
return
}
token := strings.TrimPrefix(raw, "Bearer ")
claims, err := m.authSvc.ValidateAccessToken(c.Request.Context(), token)
claims, err := m.authSvc.ParseAccessToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, errorBody{
Code: domain.ErrUnauthorized.Code(),
@@ -50,67 +50,3 @@ func (m *AuthMiddleware) Handle() gin.HandlerFunc {
c.Next()
}
}
// HandleContent authenticates a file-content GET, accepting either a normal
// access token or a content token scoped (by its fid claim) to the :id in the
// path. The content token is what keeps a long media stream playing after the
// short access token would have expired. View permission is still enforced in
// the handler against the resolved user, so a content token only widens *when*
// a file may be read by URL, never *which* files.
func (m *AuthMiddleware) HandleContent() gin.HandlerFunc {
return func(c *gin.Context) {
token := bearerToken(c)
if token == "" {
contentUnauthorized(c)
return
}
// A regular access token grants access to everything as usual.
if claims, err := m.authSvc.ValidateAccessToken(c.Request.Context(), token); err == nil {
ctx := domain.WithUser(c.Request.Context(), claims.UserID, claims.IsAdmin, claims.SessionID)
c.Request = c.Request.WithContext(ctx)
c.Next()
return
}
// Otherwise accept a content token minted for exactly this file. Normalise
// the path id to canonical form so it matches the minted fid claim.
id, err := uuid.Parse(c.Param("id"))
if err != nil {
contentUnauthorized(c)
return
}
claims, err := m.authSvc.ValidateContentToken(token, id.String())
if err != nil {
contentUnauthorized(c)
return
}
// A content token carries no session (sid 0); it is session-independent.
ctx := domain.WithUser(c.Request.Context(), claims.UserID, claims.IsAdmin, claims.SessionID)
c.Request = c.Request.WithContext(ctx)
c.Next()
}
}
func contentUnauthorized(c *gin.Context) {
c.JSON(http.StatusUnauthorized, errorBody{
Code: domain.ErrUnauthorized.Code(),
Message: "invalid or expired token",
})
c.Abort()
}
// bearerToken extracts the access token from the Authorization header. As a
// fallback it accepts an ?access_token= query parameter, but only for GET
// requests — this lets the browser open media (e.g. /files/{id}/content) via a
// plain link/new tab, where it can't send the header, without allowing a crafted
// link to drive a state-changing request.
func bearerToken(c *gin.Context) string {
if raw := c.GetHeader("Authorization"); strings.HasPrefix(raw, "Bearer ") {
return strings.TrimPrefix(raw, "Bearer ")
}
if c.Request.Method == http.MethodGet {
return c.Query("access_token")
}
return ""
}
backend/internal/handler/pool_handler.go
-375
View File
@@ -1,375 +0,0 @@
package handler
import (
"net/http"
"strconv"
"time"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
"tanabata/backend/internal/service"
)
// PoolHandler handles all /pools endpoints.
type PoolHandler struct {
poolSvc *service.PoolService
}
// NewPoolHandler creates a PoolHandler.
func NewPoolHandler(poolSvc *service.PoolService) *PoolHandler {
return &PoolHandler{poolSvc: poolSvc}
}
// ---------------------------------------------------------------------------
// Response types
// ---------------------------------------------------------------------------
type poolJSON struct {
ID string `json:"id"`
Name string `json:"name"`
Notes *string `json:"notes"`
CreatorID int16 `json:"creator_id"`
CreatorName string `json:"creator_name"`
IsPublic bool `json:"is_public"`
FileCount int `json:"file_count"`
CreatedAt string `json:"created_at"`
}
type poolFileJSON struct {
fileJSON
Position int `json:"position"`
}
func toPoolJSON(p domain.Pool) poolJSON {
return poolJSON{
ID: p.ID.String(),
Name: p.Name,
Notes: p.Notes,
CreatorID: p.CreatorID,
CreatorName: p.CreatorName,
IsPublic: p.IsPublic,
FileCount: p.FileCount,
CreatedAt: p.CreatedAt.UTC().Format(time.RFC3339),
}
}
func toPoolFileJSON(pf domain.PoolFile) poolFileJSON {
return poolFileJSON{
fileJSON: toFileJSON(pf.File),
Position: pf.Position,
}
}
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
func parsePoolID(c *gin.Context) (uuid.UUID, bool) {
id, err := uuid.Parse(c.Param("pool_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return uuid.UUID{}, false
}
return id, true
}
func parsePoolFileParams(c *gin.Context) port.PoolFileListParams {
limit := 50
if s := c.Query("limit"); s != "" {
if n, err := strconv.Atoi(s); err == nil && n > 0 && n <= 200 {
limit = n
}
}
return port.PoolFileListParams{
Cursor: c.Query("cursor"),
Limit: limit,
Filter: c.Query("filter"),
}
}
// ---------------------------------------------------------------------------
// GET /pools
// ---------------------------------------------------------------------------
func (h *PoolHandler) List(c *gin.Context) {
params := parseOffsetParams(c, "created")
page, err := h.poolSvc.List(c.Request.Context(), params)
if err != nil {
respondError(c, err)
return
}
items := make([]poolJSON, len(page.Items))
for i, p := range page.Items {
items[i] = toPoolJSON(p)
}
respondJSON(c, http.StatusOK, gin.H{
"items": items,
"total": page.Total,
"offset": page.Offset,
"limit": page.Limit,
})
}
// ---------------------------------------------------------------------------
// POST /pools
// ---------------------------------------------------------------------------
func (h *PoolHandler) Create(c *gin.Context) {
var body struct {
Name string `json:"name" binding:"required"`
Notes *string `json:"notes"`
IsPublic *bool `json:"is_public"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
created, err := h.poolSvc.Create(c.Request.Context(), service.PoolParams{
Name: body.Name,
Notes: body.Notes,
IsPublic: body.IsPublic,
})
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusCreated, toPoolJSON(*created))
}
// ---------------------------------------------------------------------------
// GET /pools/:pool_id
// ---------------------------------------------------------------------------
func (h *PoolHandler) Get(c *gin.Context) {
id, ok := parsePoolID(c)
if !ok {
return
}
p, err := h.poolSvc.Get(c.Request.Context(), id)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toPoolJSON(*p))
}
// ---------------------------------------------------------------------------
// POST /pools/:pool_id/views
// ---------------------------------------------------------------------------
// RecordView logs that the current user viewed the pool (activity.pool_views).
func (h *PoolHandler) RecordView(c *gin.Context) {
id, ok := parsePoolID(c)
if !ok {
return
}
if err := h.poolSvc.RecordView(c.Request.Context(), id); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// PATCH /pools/:pool_id
// ---------------------------------------------------------------------------
func (h *PoolHandler) Update(c *gin.Context) {
id, ok := parsePoolID(c)
if !ok {
return
}
var raw map[string]any
if err := c.ShouldBindJSON(&raw); err != nil {
respondError(c, domain.ErrValidation)
return
}
params := service.PoolParams{}
if v, ok := raw["name"]; ok {
if s, ok := v.(string); ok {
params.Name = s
}
}
if _, ok := raw["notes"]; ok {
if raw["notes"] == nil {
empty := ""
params.Notes = &empty
} else if s, ok := raw["notes"].(string); ok {
params.Notes = &s
}
}
if v, ok := raw["is_public"]; ok {
if b, ok := v.(bool); ok {
params.IsPublic = &b
}
}
updated, err := h.poolSvc.Update(c.Request.Context(), id, params)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toPoolJSON(*updated))
}
// ---------------------------------------------------------------------------
// DELETE /pools/:pool_id
// ---------------------------------------------------------------------------
func (h *PoolHandler) Delete(c *gin.Context) {
id, ok := parsePoolID(c)
if !ok {
return
}
if err := h.poolSvc.Delete(c.Request.Context(), id); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// GET /pools/:pool_id/files
// ---------------------------------------------------------------------------
func (h *PoolHandler) ListFiles(c *gin.Context) {
poolID, ok := parsePoolID(c)
if !ok {
return
}
params := parsePoolFileParams(c)
page, err := h.poolSvc.ListFiles(c.Request.Context(), poolID, params)
if err != nil {
respondError(c, err)
return
}
items := make([]poolFileJSON, len(page.Items))
for i, pf := range page.Items {
items[i] = toPoolFileJSON(pf)
}
respondJSON(c, http.StatusOK, gin.H{
"items": items,
"next_cursor": page.NextCursor,
})
}
// ---------------------------------------------------------------------------
// POST /pools/:pool_id/files
// ---------------------------------------------------------------------------
func (h *PoolHandler) AddFiles(c *gin.Context) {
poolID, ok := parsePoolID(c)
if !ok {
return
}
var body struct {
FileIDs []string `json:"file_ids" binding:"required"`
Position *int `json:"position"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
fileIDs := make([]uuid.UUID, 0, len(body.FileIDs))
for _, s := range body.FileIDs {
id, err := uuid.Parse(s)
if err != nil {
respondError(c, domain.ErrValidation)
return
}
fileIDs = append(fileIDs, id)
}
if err := h.poolSvc.AddFiles(c.Request.Context(), poolID, fileIDs, body.Position); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusCreated)
}
// ---------------------------------------------------------------------------
// POST /pools/:pool_id/files/remove
// ---------------------------------------------------------------------------
func (h *PoolHandler) RemoveFiles(c *gin.Context) {
poolID, ok := parsePoolID(c)
if !ok {
return
}
var body struct {
FileIDs []string `json:"file_ids" binding:"required"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
fileIDs := make([]uuid.UUID, 0, len(body.FileIDs))
for _, s := range body.FileIDs {
id, err := uuid.Parse(s)
if err != nil {
respondError(c, domain.ErrValidation)
return
}
fileIDs = append(fileIDs, id)
}
if err := h.poolSvc.RemoveFiles(c.Request.Context(), poolID, fileIDs); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// PUT /pools/:pool_id/files/reorder
// ---------------------------------------------------------------------------
func (h *PoolHandler) Reorder(c *gin.Context) {
poolID, ok := parsePoolID(c)
if !ok {
return
}
var body struct {
FileIDs []string `json:"file_ids" binding:"required"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
fileIDs := make([]uuid.UUID, 0, len(body.FileIDs))
for _, s := range body.FileIDs {
id, err := uuid.Parse(s)
if err != nil {
respondError(c, domain.ErrValidation)
return
}
fileIDs = append(fileIDs, id)
}
if err := h.poolSvc.Reorder(c.Request.Context(), poolID, fileIDs); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
backend/internal/handler/ratelimit.go
-77
View File
@@ -1,77 +0,0 @@
package handler
import (
"net/http"
"sync"
"time"
"github.com/gin-gonic/gin"
)
// rateLimiter is a process-local, fixed-window per-key request limiter used to
// throttle unauthenticated endpoints (login, refresh) against brute force. It
// is best-effort: counts live in memory and reset on restart.
type rateLimiter struct {
mu sync.Mutex
counts map[string]*rateWindow
limit int
window time.Duration
}
type rateWindow struct {
count int
reset time.Time
}
// newRateLimiter allows up to limit requests per key within each window.
func newRateLimiter(limit int, window time.Duration) *rateLimiter {
return &rateLimiter{
counts: make(map[string]*rateWindow),
limit: limit,
window: window,
}
}
// allow records a request for key and reports whether it is within the limit.
func (rl *rateLimiter) allow(key string) bool {
now := time.Now()
rl.mu.Lock()
defer rl.mu.Unlock()
// Opportunistically prune expired entries so the map cannot grow without
// bound under a flood of distinct client IPs.
if len(rl.counts) > 10000 {
for k, w := range rl.counts {
if now.After(w.reset) {
delete(rl.counts, k)
}
}
}
w, ok := rl.counts[key]
if !ok || now.After(w.reset) {
rl.counts[key] = &rateWindow{count: 1, reset: now.Add(rl.window)}
return true
}
if w.count >= rl.limit {
return false
}
w.count++
return true
}
// Middleware throttles requests by client IP, returning 429 when over the limit.
func (rl *rateLimiter) Middleware() gin.HandlerFunc {
return func(c *gin.Context) {
if !rl.allow(c.ClientIP()) {
c.JSON(http.StatusTooManyRequests, errorBody{
Code: "rate_limited",
Message: "too many requests, please try again later",
})
c.Abort()
return
}
c.Next()
}
}
backend/internal/handler/router.go
+13 -167
View File
@@ -1,52 +1,15 @@
package handler
import (
"fmt"
"net/http"
"time"
"github.com/gin-gonic/gin"
)
// securityHeaders sets conservative response headers on every response: prevent
// MIME sniffing of served file content, forbid framing, and suppress the
// Referer header on outbound navigations.
func securityHeaders() gin.HandlerFunc {
return func(c *gin.Context) {
h := c.Writer.Header()
h.Set("X-Content-Type-Options", "nosniff")
h.Set("X-Frame-Options", "DENY")
h.Set("Referrer-Policy", "no-referrer")
c.Next()
}
}
// NewRouter builds and returns a configured Gin engine.
func NewRouter(
auth *AuthMiddleware,
authHandler *AuthHandler,
fileHandler *FileHandler,
duplicateHandler *DuplicateHandler,
tagHandler *TagHandler,
categoryHandler *CategoryHandler,
poolHandler *PoolHandler,
userHandler *UserHandler,
aclHandler *ACLHandler,
auditHandler *AuditHandler,
staticDir string,
trustedProxies []string,
) (*gin.Engine, error) {
func NewRouter(auth *AuthMiddleware, authHandler *AuthHandler, fileHandler *FileHandler) *gin.Engine {
r := gin.New()
r.Use(gin.Logger(), gin.Recovery(), securityHeaders())
// Behind a reverse proxy the client's real IP arrives in X-Forwarded-For.
// Trust only the proxy hop(s) so c.ClientIP() — used by the auth rate
// limiter — reflects the real client and can't be spoofed by a forged
// header from a direct caller. An empty list trusts no proxy (ClientIP is
// the immediate peer).
if err := r.SetTrustedProxies(trustedProxies); err != nil {
return nil, fmt.Errorf("configure trusted proxies: %w", err)
}
r.Use(gin.Logger(), gin.Recovery())
// Health check — no auth required.
r.GET("/health", func(c *gin.Context) {
@@ -55,15 +18,11 @@ func NewRouter(
v1 := r.Group("/api/v1")
// -------------------------------------------------------------------------
// Auth
// -------------------------------------------------------------------------
// Auth endpoints — login and refresh are public; others require a valid token.
authGroup := v1.Group("/auth")
{
// Throttle credential endpoints per client IP to slow brute force.
authLimiter := newRateLimiter(10, time.Minute).Middleware()
authGroup.POST("/login", authLimiter, authHandler.Login)
authGroup.POST("/refresh", authLimiter, authHandler.Refresh)
authGroup.POST("/login", authHandler.Login)
authGroup.POST("/refresh", authHandler.Refresh)
protected := authGroup.Group("", auth.Handle())
{
@@ -73,22 +32,15 @@ func NewRouter(
}
}
// -------------------------------------------------------------------------
// Files (all require auth)
// -------------------------------------------------------------------------
// File endpoints — all require authentication.
files := v1.Group("/files", auth.Handle())
{
files.GET("", fileHandler.List)
files.POST("", fileHandler.Upload)
// Bulk + import + duplicates routes registered before /:id to prevent
// param collision (e.g. "duplicates" being captured as :id).
files.GET("/duplicates", duplicateHandler.List)
files.POST("/duplicates/dismiss", duplicateHandler.Dismiss)
files.POST("/duplicates/resolve", duplicateHandler.Resolve)
// Bulk routes must be registered before /:id to avoid ambiguity.
files.POST("/bulk/tags", fileHandler.BulkSetTags)
files.POST("/bulk/delete", fileHandler.BulkDelete)
files.POST("/bulk/review", fileHandler.BulkReview)
files.POST("/bulk/common-tags", fileHandler.CommonTags)
files.POST("/import", fileHandler.Import)
@@ -97,124 +49,18 @@ func NewRouter(
files.PATCH("/:id", fileHandler.UpdateMeta)
files.DELETE("/:id", fileHandler.SoftDelete)
files.GET("/:id/content", fileHandler.GetContent)
files.PUT("/:id/content", fileHandler.ReplaceContent)
// Mints a content token (strict auth) for the GET /:id/content route below.
files.POST("/:id/content-token", fileHandler.CreateContentToken)
files.GET("/:id/thumbnail", fileHandler.GetThumbnail)
files.GET("/:id/preview", fileHandler.GetPreview)
files.POST("/:id/views", fileHandler.RecordView)
files.POST("/:id/restore", fileHandler.Restore)
files.DELETE("/:id/permanent", fileHandler.PermanentDelete)
// Filetag relations — served by TagHandler for auto-rule support.
files.GET("/:id/tags", tagHandler.FileListTags)
files.PUT("/:id/tags", tagHandler.FileSetTags)
files.PUT("/:id/tags/:tag_id", tagHandler.FileAddTag)
files.DELETE("/:id/tags/:tag_id", tagHandler.FileRemoveTag)
files.GET("/:id/tags", fileHandler.ListTags)
files.PUT("/:id/tags", fileHandler.SetTags)
files.PUT("/:id/tags/:tag_id", fileHandler.AddTag)
files.DELETE("/:id/tags/:tag_id", fileHandler.RemoveTag)
}
// Serving an original is the one read that can outlive a 15-minute access
// token — a long video streams via repeated Range requests over many minutes.
// So this route alone also accepts a file-scoped content token (see
// HandleContent), letting the media URL stay valid for the whole playback.
media := v1.Group("/files", auth.HandleContent())
{
media.GET("/:id/content", fileHandler.GetContent)
}
// -------------------------------------------------------------------------
// Tags (all require auth)
// -------------------------------------------------------------------------
tags := v1.Group("/tags", auth.Handle())
{
tags.GET("", tagHandler.List)
tags.POST("", tagHandler.Create)
tags.GET("/:tag_id", tagHandler.Get)
tags.PATCH("/:tag_id", tagHandler.Update)
tags.DELETE("/:tag_id", tagHandler.Delete)
tags.GET("/:tag_id/files", tagHandler.ListFiles)
tags.GET("/:tag_id/rules", tagHandler.ListRules)
tags.POST("/:tag_id/rules", tagHandler.CreateRule)
tags.PATCH("/:tag_id/rules/:then_tag_id", tagHandler.PatchRule)
tags.DELETE("/:tag_id/rules/:then_tag_id", tagHandler.DeleteRule)
}
// -------------------------------------------------------------------------
// Categories (all require auth)
// -------------------------------------------------------------------------
categories := v1.Group("/categories", auth.Handle())
{
categories.GET("", categoryHandler.List)
categories.POST("", categoryHandler.Create)
categories.GET("/:category_id", categoryHandler.Get)
categories.PATCH("/:category_id", categoryHandler.Update)
categories.DELETE("/:category_id", categoryHandler.Delete)
categories.GET("/:category_id/tags", categoryHandler.ListTags)
}
// -------------------------------------------------------------------------
// Pools (all require auth)
// -------------------------------------------------------------------------
pools := v1.Group("/pools", auth.Handle())
{
pools.GET("", poolHandler.List)
pools.POST("", poolHandler.Create)
pools.GET("/:pool_id", poolHandler.Get)
pools.PATCH("/:pool_id", poolHandler.Update)
pools.DELETE("/:pool_id", poolHandler.Delete)
pools.POST("/:pool_id/views", poolHandler.RecordView)
// Sub-routes registered before /:pool_id/files to avoid param conflicts.
pools.POST("/:pool_id/files/remove", poolHandler.RemoveFiles)
pools.PUT("/:pool_id/files/reorder", poolHandler.Reorder)
pools.GET("/:pool_id/files", poolHandler.ListFiles)
pools.POST("/:pool_id/files", poolHandler.AddFiles)
}
// -------------------------------------------------------------------------
// Users (auth required; admin checks enforced in handler)
// -------------------------------------------------------------------------
users := v1.Group("/users", auth.Handle())
{
// /users/me must be registered before /:user_id to avoid param capture.
users.GET("/me", userHandler.GetMe)
users.PATCH("/me", userHandler.UpdateMe)
users.GET("", userHandler.List)
users.POST("", userHandler.Create)
users.GET("/:user_id", userHandler.Get)
users.PATCH("/:user_id", userHandler.UpdateAdmin)
users.DELETE("/:user_id", userHandler.Delete)
}
// -------------------------------------------------------------------------
// ACL (auth required)
// -------------------------------------------------------------------------
acl := v1.Group("/acl", auth.Handle())
{
acl.GET("/:object_type/:object_id", aclHandler.GetPermissions)
acl.PUT("/:object_type/:object_id", aclHandler.SetPermissions)
}
// -------------------------------------------------------------------------
// Audit (auth required; admin check enforced in handler)
// -------------------------------------------------------------------------
v1.GET("/audit", auth.Handle(), auditHandler.List)
// Serve the built single-page app on the same port as the API. When
// staticDir is empty (local development) the Vite dev server serves the UI
// instead, so the API runs standalone and unknown routes 404 normally.
if staticDir != "" {
r.NoRoute(spaHandler(staticDir))
}
return r, nil
return r
}
backend/internal/handler/router_test.go
-23
View File
@@ -1,23 +0,0 @@
package handler
import "testing"
// TestNewRouterRegisters builds the router with typed-nil dependencies to assert
// route registration itself succeeds. Gin panics on a route conflict (e.g. a
// duplicated method+path or an inconsistent wildcard name) during registration,
// before any handler runs — so this catches such mistakes without a database.
// Handlers are never invoked here; method values on nil pointers are fine.
func TestNewRouterRegisters(t *testing.T) {
r, err := NewRouter(
(*AuthMiddleware)(nil), (*AuthHandler)(nil),
(*FileHandler)(nil), (*DuplicateHandler)(nil), (*TagHandler)(nil), (*CategoryHandler)(nil), (*PoolHandler)(nil),
(*UserHandler)(nil), (*ACLHandler)(nil), (*AuditHandler)(nil),
"", nil,
)
if err != nil {
t.Fatalf("NewRouter: %v", err)
}
if r == nil {
t.Fatal("NewRouter returned nil engine")
}
}
backend/internal/handler/static.go
-74
View File
@@ -1,74 +0,0 @@
package handler
import (
"mime"
"net/http"
"os"
"path"
"path/filepath"
"strings"
"github.com/gin-gonic/gin"
)
func init() {
// Go's mime table doesn't know .webmanifest; register it so the PWA manifest
// is served as JSON and isn't rejected by the X-Content-Type-Options header.
_ = mime.AddExtensionType(".webmanifest", "application/manifest+json")
}
// spaHandler serves the built single-page app from dir. It is wired as the
// router's NoRoute handler, so it only sees requests that matched no API route.
//
// A request whose path maps to a real file on disk is served directly (with
// cache headers tuned to SvelteKit's adapter-static output). Anything else
// falls back to index.html so the client-side router can resolve deep links
// like /pools/123. Unknown /api/ paths return a JSON 404 instead of the HTML
// shell, keeping API error responses machine-readable.
func spaHandler(dir string) gin.HandlerFunc {
indexPath := filepath.Join(dir, "index.html")
return func(c *gin.Context) {
reqPath := c.Request.URL.Path
if strings.HasPrefix(reqPath, "/api/") {
c.JSON(http.StatusNotFound, errorBody{
Code: "not_found",
Message: "resource not found",
})
return
}
// Resolve the request to a path inside dir. Cleaning an absolute path
// collapses any "../" segments before the join, so the result can never
// escape dir — this is the traversal guard.
clean := path.Clean("/" + reqPath)
target := filepath.Join(dir, filepath.FromSlash(clean))
if info, err := os.Stat(target); err == nil && !info.IsDir() {
c.Header("Cache-Control", cacheControl(clean))
c.File(target)
return
}
// SPA fallback: serve the shell, never cached so a new deploy is picked
// up immediately on the next navigation.
c.Header("Cache-Control", "no-cache")
c.File(indexPath)
}
}
// cacheControl returns the Cache-Control value for a served static asset.
// SvelteKit emits content-hashed files under /_app/immutable — those are safe
// to cache forever. The service worker must never be cached, or clients pin to
// a stale shell. Everything else gets a short, revalidated TTL.
func cacheControl(p string) string {
switch {
case strings.HasPrefix(p, "/_app/immutable/"):
return "public, max-age=31536000, immutable"
case p == "/service-worker.js":
return "no-cache"
default:
return "public, max-age=3600"
}
}
backend/internal/handler/tag_handler.go
-552
View File
@@ -1,552 +0,0 @@
package handler
import (
"net/http"
"strconv"
"github.com/gin-gonic/gin"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
"tanabata/backend/internal/service"
)
// TagHandler handles all /tags endpoints.
type TagHandler struct {
tagSvc *service.TagService
fileSvc *service.FileService
}
// NewTagHandler creates a TagHandler.
func NewTagHandler(tagSvc *service.TagService, fileSvc *service.FileService) *TagHandler {
return &TagHandler{tagSvc: tagSvc, fileSvc: fileSvc}
}
// ---------------------------------------------------------------------------
// Response types
// ---------------------------------------------------------------------------
type tagRuleJSON struct {
WhenTagID string `json:"when_tag_id"`
ThenTagID string `json:"then_tag_id"`
ThenTagName string `json:"then_tag_name"`
IsActive bool `json:"is_active"`
}
func toTagRuleJSON(r domain.TagRule) tagRuleJSON {
return tagRuleJSON{
WhenTagID: r.WhenTagID.String(),
ThenTagID: r.ThenTagID.String(),
ThenTagName: r.ThenTagName,
IsActive: r.IsActive,
}
}
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
func parseTagID(c *gin.Context) (uuid.UUID, bool) {
id, err := uuid.Parse(c.Param("tag_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return uuid.UUID{}, false
}
return id, true
}
func parseOffsetParams(c *gin.Context, defaultSort string) port.OffsetParams {
limit := 50
if s := c.Query("limit"); s != "" {
if n, err := strconv.Atoi(s); err == nil && n > 0 && n <= 200 {
limit = n
}
}
offset := 0
if s := c.Query("offset"); s != "" {
if n, err := strconv.Atoi(s); err == nil && n >= 0 {
offset = n
}
}
sort := c.DefaultQuery("sort", defaultSort)
order := c.DefaultQuery("order", "desc")
search := c.Query("search")
return port.OffsetParams{Sort: sort, Order: order, Search: search, Limit: limit, Offset: offset}
}
// ---------------------------------------------------------------------------
// GET /tags
// ---------------------------------------------------------------------------
func (h *TagHandler) List(c *gin.Context) {
params := parseOffsetParams(c, "created")
page, err := h.tagSvc.List(c.Request.Context(), params)
if err != nil {
respondError(c, err)
return
}
items := make([]tagJSON, len(page.Items))
for i, t := range page.Items {
items[i] = toTagJSON(t)
}
respondJSON(c, http.StatusOK, gin.H{
"items": items,
"total": page.Total,
"offset": page.Offset,
"limit": page.Limit,
})
}
// ---------------------------------------------------------------------------
// POST /tags
// ---------------------------------------------------------------------------
func (h *TagHandler) Create(c *gin.Context) {
var body struct {
Name string `json:"name" binding:"required"`
Notes *string `json:"notes"`
Color *string `json:"color"`
CategoryID *string `json:"category_id"`
IsPublic *bool `json:"is_public"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
params := service.TagParams{
Name: body.Name,
Notes: body.Notes,
Color: body.Color,
IsPublic: body.IsPublic,
}
if body.CategoryID != nil {
id, err := uuid.Parse(*body.CategoryID)
if err != nil {
respondError(c, domain.ErrValidation)
return
}
params.CategoryID = &id
}
t, err := h.tagSvc.Create(c.Request.Context(), params)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusCreated, toTagJSON(*t))
}
// ---------------------------------------------------------------------------
// GET /tags/:tag_id
// ---------------------------------------------------------------------------
func (h *TagHandler) Get(c *gin.Context) {
id, ok := parseTagID(c)
if !ok {
return
}
t, err := h.tagSvc.Get(c.Request.Context(), id)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toTagJSON(*t))
}
// ---------------------------------------------------------------------------
// PATCH /tags/:tag_id
// ---------------------------------------------------------------------------
func (h *TagHandler) Update(c *gin.Context) {
id, ok := parseTagID(c)
if !ok {
return
}
// Use a raw map to distinguish "field absent" from "field = null".
var raw map[string]any
if err := c.ShouldBindJSON(&raw); err != nil {
respondError(c, domain.ErrValidation)
return
}
params := service.TagParams{}
if v, ok := raw["name"]; ok {
if s, ok := v.(string); ok {
params.Name = s
}
}
if _, ok := raw["notes"]; ok {
if raw["notes"] == nil {
params.Notes = ptr("")
} else if s, ok := raw["notes"].(string); ok {
params.Notes = &s
}
}
if _, ok := raw["color"]; ok {
if raw["color"] == nil {
nilStr := ""
params.Color = &nilStr
} else if s, ok := raw["color"].(string); ok {
params.Color = &s
}
}
if _, ok := raw["category_id"]; ok {
if raw["category_id"] == nil {
nilID := uuid.Nil
params.CategoryID = &nilID // signals "unassign"
} else if s, ok := raw["category_id"].(string); ok {
cid, err := uuid.Parse(s)
if err != nil {
respondError(c, domain.ErrValidation)
return
}
params.CategoryID = &cid
}
}
if v, ok := raw["is_public"]; ok {
if b, ok := v.(bool); ok {
params.IsPublic = &b
}
}
t, err := h.tagSvc.Update(c.Request.Context(), id, params)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toTagJSON(*t))
}
// ---------------------------------------------------------------------------
// DELETE /tags/:tag_id
// ---------------------------------------------------------------------------
func (h *TagHandler) Delete(c *gin.Context) {
id, ok := parseTagID(c)
if !ok {
return
}
if err := h.tagSvc.Delete(c.Request.Context(), id); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// GET /tags/:tag_id/files
// ---------------------------------------------------------------------------
func (h *TagHandler) ListFiles(c *gin.Context) {
id, ok := parseTagID(c)
if !ok {
return
}
limit := 50
if s := c.Query("limit"); s != "" {
if n, err := strconv.Atoi(s); err == nil && n > 0 && n <= 200 {
limit = n
}
}
// Delegate to file service with a tag filter.
page, err := h.fileSvc.List(c.Request.Context(), domain.FileListParams{
Cursor: c.Query("cursor"),
Direction: "forward",
Limit: limit,
Sort: "created",
Order: "desc",
Filter: "{t=" + id.String() + "}",
})
if err != nil {
respondError(c, err)
return
}
items := make([]fileJSON, len(page.Items))
for i, f := range page.Items {
items[i] = toFileJSON(f)
}
respondJSON(c, http.StatusOK, gin.H{
"items": items,
"next_cursor": page.NextCursor,
"prev_cursor": page.PrevCursor,
})
}
// ---------------------------------------------------------------------------
// GET /tags/:tag_id/rules
// ---------------------------------------------------------------------------
func (h *TagHandler) ListRules(c *gin.Context) {
id, ok := parseTagID(c)
if !ok {
return
}
rules, err := h.tagSvc.ListRules(c.Request.Context(), id)
if err != nil {
respondError(c, err)
return
}
items := make([]tagRuleJSON, len(rules))
for i, r := range rules {
items[i] = toTagRuleJSON(r)
}
respondJSON(c, http.StatusOK, items)
}
// ---------------------------------------------------------------------------
// POST /tags/:tag_id/rules
// ---------------------------------------------------------------------------
func (h *TagHandler) CreateRule(c *gin.Context) {
whenTagID, ok := parseTagID(c)
if !ok {
return
}
var body struct {
ThenTagID string `json:"then_tag_id" binding:"required"`
IsActive *bool `json:"is_active"`
ApplyToExisting *bool `json:"apply_to_existing"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
thenTagID, err := uuid.Parse(body.ThenTagID)
if err != nil {
respondError(c, domain.ErrValidation)
return
}
isActive := true
if body.IsActive != nil {
isActive = *body.IsActive
}
applyToExisting := true
if body.ApplyToExisting != nil {
applyToExisting = *body.ApplyToExisting
}
rule, err := h.tagSvc.CreateRule(c.Request.Context(), whenTagID, thenTagID, isActive, applyToExisting)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusCreated, toTagRuleJSON(*rule))
}
// ---------------------------------------------------------------------------
// PATCH /tags/:tag_id/rules/:then_tag_id
// ---------------------------------------------------------------------------
func (h *TagHandler) PatchRule(c *gin.Context) {
whenTagID, ok := parseTagID(c)
if !ok {
return
}
thenTagID, err := uuid.Parse(c.Param("then_tag_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
var body struct {
IsActive *bool `json:"is_active"`
ApplyToExisting *bool `json:"apply_to_existing"`
}
if err := c.ShouldBindJSON(&body); err != nil || body.IsActive == nil {
respondError(c, domain.ErrValidation)
return
}
applyToExisting := false
if body.ApplyToExisting != nil {
applyToExisting = *body.ApplyToExisting
}
rule, err := h.tagSvc.SetRuleActive(c.Request.Context(), whenTagID, thenTagID, *body.IsActive, applyToExisting)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toTagRuleJSON(*rule))
}
// ---------------------------------------------------------------------------
// DELETE /tags/:tag_id/rules/:then_tag_id
// ---------------------------------------------------------------------------
func (h *TagHandler) DeleteRule(c *gin.Context) {
whenTagID, ok := parseTagID(c)
if !ok {
return
}
thenTagID, err := uuid.Parse(c.Param("then_tag_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
if err := h.tagSvc.DeleteRule(c.Request.Context(), whenTagID, thenTagID); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// File-tag endpoints wired through TagService
// (called from file routes, shared handler logic lives here)
// ---------------------------------------------------------------------------
// FileListTags handles GET /files/:id/tags.
func (h *TagHandler) FileListTags(c *gin.Context) {
fileID, err := uuid.Parse(c.Param("id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
if err := h.fileSvc.AuthorizeView(c.Request.Context(), fileID); err != nil {
respondError(c, err)
return
}
tags, err := h.tagSvc.ListFileTags(c.Request.Context(), fileID)
if err != nil {
respondError(c, err)
return
}
items := make([]tagJSON, len(tags))
for i, t := range tags {
items[i] = toTagJSON(t)
}
respondJSON(c, http.StatusOK, items)
}
// FileSetTags handles PUT /files/:id/tags.
func (h *TagHandler) FileSetTags(c *gin.Context) {
fileID, err := uuid.Parse(c.Param("id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
var body struct {
TagIDs []string `json:"tag_ids" binding:"required"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
tagIDs, err := parseUUIDs(body.TagIDs)
if err != nil {
respondError(c, domain.ErrValidation)
return
}
if err := h.fileSvc.AuthorizeEdit(c.Request.Context(), fileID); err != nil {
respondError(c, err)
return
}
tags, err := h.tagSvc.SetFileTags(c.Request.Context(), fileID, tagIDs)
if err != nil {
respondError(c, err)
return
}
items := make([]tagJSON, len(tags))
for i, t := range tags {
items[i] = toTagJSON(t)
}
respondJSON(c, http.StatusOK, items)
}
// FileAddTag handles PUT /files/:id/tags/:tag_id.
func (h *TagHandler) FileAddTag(c *gin.Context) {
fileID, err := uuid.Parse(c.Param("id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
tagID, err := uuid.Parse(c.Param("tag_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
if err := h.fileSvc.AuthorizeEdit(c.Request.Context(), fileID); err != nil {
respondError(c, err)
return
}
tags, err := h.tagSvc.AddFileTag(c.Request.Context(), fileID, tagID)
if err != nil {
respondError(c, err)
return
}
items := make([]tagJSON, len(tags))
for i, t := range tags {
items[i] = toTagJSON(t)
}
respondJSON(c, http.StatusOK, items)
}
// FileRemoveTag handles DELETE /files/:id/tags/:tag_id.
func (h *TagHandler) FileRemoveTag(c *gin.Context) {
fileID, err := uuid.Parse(c.Param("id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
tagID, err := uuid.Parse(c.Param("tag_id"))
if err != nil {
respondError(c, domain.ErrValidation)
return
}
if err := h.fileSvc.AuthorizeEdit(c.Request.Context(), fileID); err != nil {
respondError(c, err)
return
}
if err := h.tagSvc.RemoveFileTag(c.Request.Context(), fileID, tagID); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
func ptr(s string) *string { return &s }
backend/internal/handler/user_handler.go
-258
View File
@@ -1,258 +0,0 @@
package handler
import (
"net/http"
"strconv"
"github.com/gin-gonic/gin"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
"tanabata/backend/internal/service"
)
// UserHandler handles all /users endpoints.
type UserHandler struct {
userSvc *service.UserService
}
// NewUserHandler creates a UserHandler.
func NewUserHandler(userSvc *service.UserService) *UserHandler {
return &UserHandler{userSvc: userSvc}
}
// ---------------------------------------------------------------------------
// Response types
// ---------------------------------------------------------------------------
type userJSON struct {
ID int16 `json:"id"`
Name string `json:"name"`
IsAdmin bool `json:"is_admin"`
CanCreate bool `json:"can_create"`
IsBlocked bool `json:"is_blocked"`
}
func toUserJSON(u domain.User) userJSON {
return userJSON{
ID: u.ID,
Name: u.Name,
IsAdmin: u.IsAdmin,
CanCreate: u.CanCreate,
IsBlocked: u.IsBlocked,
}
}
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
func requireAdmin(c *gin.Context) bool {
_, isAdmin, _ := domain.UserFromContext(c.Request.Context())
if !isAdmin {
respondError(c, domain.ErrForbidden)
return false
}
return true
}
func parseUserID(c *gin.Context) (int16, bool) {
n, err := strconv.ParseInt(c.Param("user_id"), 10, 16)
if err != nil {
respondError(c, domain.ErrValidation)
return 0, false
}
return int16(n), true
}
// ---------------------------------------------------------------------------
// GET /users/me
// ---------------------------------------------------------------------------
func (h *UserHandler) GetMe(c *gin.Context) {
u, err := h.userSvc.GetMe(c.Request.Context())
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toUserJSON(*u))
}
// ---------------------------------------------------------------------------
// PATCH /users/me
// ---------------------------------------------------------------------------
func (h *UserHandler) UpdateMe(c *gin.Context) {
var body struct {
Name string `json:"name"`
Password *string `json:"password"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
updated, err := h.userSvc.UpdateMe(c.Request.Context(), service.UpdateMeParams{
Name: body.Name,
Password: body.Password,
})
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toUserJSON(*updated))
}
// ---------------------------------------------------------------------------
// GET /users (admin)
// ---------------------------------------------------------------------------
func (h *UserHandler) List(c *gin.Context) {
if !requireAdmin(c) {
return
}
params := port.OffsetParams{
Sort: c.DefaultQuery("sort", "id"),
Order: c.DefaultQuery("order", "asc"),
}
if s := c.Query("limit"); s != "" {
if n, err := strconv.Atoi(s); err == nil {
params.Limit = n
}
}
if s := c.Query("offset"); s != "" {
if n, err := strconv.Atoi(s); err == nil {
params.Offset = n
}
}
page, err := h.userSvc.List(c.Request.Context(), params)
if err != nil {
respondError(c, err)
return
}
items := make([]userJSON, len(page.Items))
for i, u := range page.Items {
items[i] = toUserJSON(u)
}
respondJSON(c, http.StatusOK, gin.H{
"items": items,
"total": page.Total,
"offset": page.Offset,
"limit": page.Limit,
})
}
// ---------------------------------------------------------------------------
// POST /users (admin)
// ---------------------------------------------------------------------------
func (h *UserHandler) Create(c *gin.Context) {
if !requireAdmin(c) {
return
}
var body struct {
Name string `json:"name" binding:"required"`
Password string `json:"password" binding:"required"`
IsAdmin bool `json:"is_admin"`
CanCreate bool `json:"can_create"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
created, err := h.userSvc.Create(c.Request.Context(), service.CreateUserParams{
Name: body.Name,
Password: body.Password,
IsAdmin: body.IsAdmin,
CanCreate: body.CanCreate,
})
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusCreated, toUserJSON(*created))
}
// ---------------------------------------------------------------------------
// GET /users/:user_id (admin)
// ---------------------------------------------------------------------------
func (h *UserHandler) Get(c *gin.Context) {
if !requireAdmin(c) {
return
}
id, ok := parseUserID(c)
if !ok {
return
}
u, err := h.userSvc.Get(c.Request.Context(), id)
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toUserJSON(*u))
}
// ---------------------------------------------------------------------------
// PATCH /users/:user_id (admin)
// ---------------------------------------------------------------------------
func (h *UserHandler) UpdateAdmin(c *gin.Context) {
if !requireAdmin(c) {
return
}
id, ok := parseUserID(c)
if !ok {
return
}
var body struct {
IsAdmin *bool `json:"is_admin"`
CanCreate *bool `json:"can_create"`
IsBlocked *bool `json:"is_blocked"`
}
if err := c.ShouldBindJSON(&body); err != nil {
respondError(c, domain.ErrValidation)
return
}
updated, err := h.userSvc.UpdateAdmin(c.Request.Context(), id, service.UpdateAdminParams{
IsAdmin: body.IsAdmin,
CanCreate: body.CanCreate,
IsBlocked: body.IsBlocked,
})
if err != nil {
respondError(c, err)
return
}
respondJSON(c, http.StatusOK, toUserJSON(*updated))
}
// ---------------------------------------------------------------------------
// DELETE /users/:user_id (admin)
// ---------------------------------------------------------------------------
func (h *UserHandler) Delete(c *gin.Context) {
if !requireAdmin(c) {
return
}
id, ok := parseUserID(c)
if !ok {
return
}
if err := h.userSvc.Delete(c.Request.Context(), id); err != nil {
respondError(c, err)
return
}
c.Status(http.StatusNoContent)
}
backend/internal/imagehash/imagehash.go
-70
View File
@@ -1,70 +0,0 @@
// Package imagehash computes a 64-bit perceptual hash (dHash) of an image and
// compares two hashes by Hamming distance. It is used for near-duplicate
// detection: visually similar images (re-encoded, resized, recompressed) produce
// hashes a small distance apart, while unrelated images are far apart.
//
// dHash is chosen for its robustness and simplicity: the image is reduced to a
// 9×8 grayscale and each pixel is compared to its right-hand neighbour, yielding
// 64 gradient-direction bits. It tolerates scaling and brightness/contrast
// changes well, which is exactly what re-encoded duplicates exhibit.
package imagehash
import (
"bytes"
"image"
_ "image/gif" // register GIF decoder
_ "image/jpeg" // register JPEG decoder
_ "image/png" // register PNG decoder
"math/bits"
"github.com/disintegration/imaging"
_ "golang.org/x/image/webp" // register WebP decoder
)
// hashWidth/hashHeight define the reduced grayscale used for dHash. The extra
// column (width = height+1) provides the right-hand neighbour for the 64
// horizontal comparisons that make up the hash.
const (
hashHeight = 8
hashWidth = hashHeight + 1
)
// FromImage reduces img to a 9×8 grayscale and returns its 64-bit dHash. The
// uint64 of gradient bits is returned as int64 (a plain bit reinterpretation) so
// it fits PostgreSQL's bigint; equality and Distance are bitwise, so the signed
// interpretation never matters.
func FromImage(img image.Image) int64 {
small := imaging.Grayscale(imaging.Resize(img, hashWidth, hashHeight, imaging.Lanczos))
var hash uint64
bit := 0
for y := 0; y < hashHeight; y++ {
for x := 0; x < hashHeight; x++ {
// After Grayscale, R == G == B, so the red channel is the luminance.
left := small.Pix[small.PixOffset(x, y)]
right := small.Pix[small.PixOffset(x+1, y)]
if left < right {
hash |= 1 << uint(63-bit)
}
bit++
}
}
return int64(hash)
}
// FromBytes decodes data (JPEG/PNG/GIF/WebP) and returns its dHash. ok is false
// when the bytes are not a decodable image, so callers can simply skip hashing
// (e.g. leave phash NULL) rather than fail.
func FromBytes(data []byte) (hash int64, ok bool) {
img, _, err := image.Decode(bytes.NewReader(data))
if err != nil {
return 0, false
}
return FromImage(img), true
}
// Distance returns the Hamming distance (064) between two hashes: the number of
// differing bits. 0 means identical; small values mean near-duplicate.
func Distance(a, b int64) int {
return bits.OnesCount64(uint64(a) ^ uint64(b))
}
backend/internal/imagehash/imagehash_test.go
-99
View File
@@ -1,99 +0,0 @@
package imagehash
import (
"bytes"
"image"
"image/color"
"image/jpeg"
"image/png"
"math"
"testing"
)
// radial renders a smooth grayscale image whose brightness falls off with
// distance from (cx, cy). Smooth gradients are the realistic case for perceptual
// hashing and survive JPEG re-encoding well, so they make stable test fixtures.
func radial(w, h int, cx, cy float64) image.Image {
img := image.NewRGBA(image.Rect(0, 0, w, h))
maxD := math.Hypot(float64(w), float64(h))
for y := 0; y < h; y++ {
for x := 0; x < w; x++ {
d := math.Hypot(float64(x)-cx, float64(y)-cy)
v := uint8(255 * (1 - d/maxD))
img.Set(x, y, color.RGBA{v, v, v, 255})
}
}
return img
}
func encodePNG(t *testing.T, img image.Image) []byte {
t.Helper()
var buf bytes.Buffer
if err := png.Encode(&buf, img); err != nil {
t.Fatalf("png encode: %v", err)
}
return buf.Bytes()
}
func encodeJPEG(t *testing.T, img image.Image, quality int) []byte {
t.Helper()
var buf bytes.Buffer
if err := jpeg.Encode(&buf, img, &jpeg.Options{Quality: quality}); err != nil {
t.Fatalf("jpeg encode: %v", err)
}
return buf.Bytes()
}
// The same image re-encoded as PNG (lossless) and JPEG (lossy) must hash to a
// small Hamming distance — that is the whole point of a perceptual hash.
func TestFromBytes_SameImageAcrossEncodings(t *testing.T) {
img := radial(64, 64, 32, 32)
pngHash, ok := FromBytes(encodePNG(t, img))
if !ok {
t.Fatal("FromBytes(PNG): ok=false")
}
jpgHash, ok := FromBytes(encodeJPEG(t, img, 90))
if !ok {
t.Fatal("FromBytes(JPEG): ok=false")
}
if d := Distance(pngHash, jpgHash); d > 8 {
t.Errorf("same image, different encodings: distance = %d, want <= 8", d)
}
}
// Visually different images must be far apart, and clearly farther than the same
// image across encodings.
func TestDistance_DifferentImagesAreFarApart(t *testing.T) {
a := FromImage(radial(64, 64, 32, 32)) // centred
b := FromImage(radial(64, 64, 0, 0)) // corner
same, _ := FromBytes(encodeJPEG(t, radial(64, 64, 32, 32), 90))
d := Distance(a, b)
if d < 12 {
t.Errorf("different images: distance = %d, want >= 12", d)
}
if d <= Distance(a, same) {
t.Errorf("different images (%d) not farther than re-encoded same image (%d)", d, Distance(a, same))
}
}
func TestDistance_SymmetricAndZeroForEqual(t *testing.T) {
a := FromImage(radial(64, 64, 20, 40))
b := FromImage(radial(64, 64, 40, 20))
if Distance(a, a) != 0 {
t.Errorf("Distance(a, a) = %d, want 0", Distance(a, a))
}
if Distance(a, b) != Distance(b, a) {
t.Errorf("Distance not symmetric: %d vs %d", Distance(a, b), Distance(b, a))
}
}
func TestFromBytes_RejectsNonImage(t *testing.T) {
if _, ok := FromBytes([]byte("definitely not an image")); ok {
t.Error("FromBytes on garbage: ok=true, want false")
}
}
backend/internal/integration/server_test.go
-1753
View File
File diff suppressed because it is too large Load Diff
backend/internal/port/repository.go
+2 -69
View File
@@ -22,13 +22,6 @@ type OffsetParams struct {
Search string
Offset int
Limit int
// Visibility — populated by the service from the request context. When
// ViewerIsAdmin is false the repository restricts results to rows the viewer
// may see (public, owned, or explicitly granted). Ignored by user listing,
// which is admin-only.
ViewerID int16
ViewerIsAdmin bool
}
// PoolFileListParams holds parameters for listing files inside a pool.
@@ -48,19 +41,6 @@ type FileRepo interface {
Create(ctx context.Context, f *domain.File) (*domain.File, error)
// Update applies partial metadata changes and returns the updated record.
Update(ctx context.Context, id uuid.UUID, f *domain.File) (*domain.File, error)
// SetNeedsReview sets the review status on the given (non-trashed) files.
SetNeedsReview(ctx context.Context, ids []uuid.UUID, value bool) error
// SetPHash sets (or clears, when nil) the perceptual hash of a file.
SetPHash(ctx context.Context, id uuid.UUID, phash *int64) error
// ListMissingPHash returns live image/video files that have no perceptual
// hash yet (the dedup backfill work list).
ListMissingPHash(ctx context.Context) ([]domain.File, error)
// ListAllPHashes returns the id and perceptual hash of every live, hashed
// file (the global input to the dedup rescan; not ACL-filtered).
ListAllPHashes(ctx context.Context) ([]domain.PHashEntry, error)
// CopyPoolMemberships adds targetID to every pool sourceID belongs to,
// skipping pools target is already in (used by the duplicate merge).
CopyPoolMemberships(ctx context.Context, targetID, sourceID uuid.UUID) error
// SoftDelete moves a file to trash (sets is_deleted = true).
SoftDelete(ctx context.Context, id uuid.UUID) error
// Restore moves a file out of trash (sets is_deleted = false).
@@ -72,28 +52,6 @@ type FileRepo interface {
ListTags(ctx context.Context, fileID uuid.UUID) ([]domain.Tag, error)
// SetTags replaces all tags on a file (full replace semantics).
SetTags(ctx context.Context, fileID uuid.UUID, tagIDs []uuid.UUID) error
// RecordView appends a view-history row (activity.file_views) for the user.
RecordView(ctx context.Context, fileID uuid.UUID, userID int16) error
// RecordTagUses logs the tags referenced in a filter DSL to
// activity.tag_uses, flagging each included or excluded. Best-effort
// analytics — callers may ignore the error.
RecordTagUses(ctx context.Context, userID int16, filterDSL string) error
}
// DuplicatePairRepo persists the precomputed near-duplicate candidate pairs.
type DuplicatePairRepo interface {
// ReplaceAll atomically replaces the whole pairs table (used by the rescan).
ReplaceAll(ctx context.Context, pairs []domain.DuplicatePair) error
// ListVisible returns pairs whose both files are live, not dismissed, and
// (for non-admins) visible to the viewer.
ListVisible(ctx context.Context, viewerID int16, isAdmin bool) ([]domain.DuplicatePair, error)
}
// DismissalRepo persists "not a duplicate" decisions.
type DismissalRepo interface {
// Add records a pair as dismissed (canonical order, idempotent).
Add(ctx context.Context, a, b uuid.UUID, userID int16) error
}
// TagRepo is the persistence interface for tags.
@@ -105,19 +63,6 @@ type TagRepo interface {
Create(ctx context.Context, t *domain.Tag) (*domain.Tag, error)
Update(ctx context.Context, id uuid.UUID, t *domain.Tag) (*domain.Tag, error)
Delete(ctx context.Context, id uuid.UUID) error
// ListByFile returns all tags assigned to a specific file, ordered by name.
ListByFile(ctx context.Context, fileID uuid.UUID) ([]domain.Tag, error)
// AddFileTag inserts a single file→tag relation. No-op if already present.
AddFileTag(ctx context.Context, fileID, tagID uuid.UUID) error
// RemoveFileTag deletes a single file→tag relation.
RemoveFileTag(ctx context.Context, fileID, tagID uuid.UUID) error
// SetFileTags replaces all tags on a file (full replace semantics).
SetFileTags(ctx context.Context, fileID uuid.UUID, tagIDs []uuid.UUID) error
// CommonTagsForFiles returns tags present on every one of the given files.
CommonTagsForFiles(ctx context.Context, fileIDs []uuid.UUID) ([]domain.Tag, error)
// PartialTagsForFiles returns tags present on some but not all of the given files.
PartialTagsForFiles(ctx context.Context, fileIDs []uuid.UUID) ([]domain.Tag, error)
}
// TagRuleRepo is the persistence interface for auto-tag rules.
@@ -125,14 +70,8 @@ type TagRuleRepo interface {
// ListByTag returns all rules where WhenTagID == tagID.
ListByTag(ctx context.Context, tagID uuid.UUID) ([]domain.TagRule, error)
Create(ctx context.Context, r domain.TagRule) (*domain.TagRule, error)
// SetActive toggles a rule's is_active flag. When active and applyToExisting
// are both true, the full transitive expansion of thenTagID is retroactively
// applied to all files that already carry whenTagID.
SetActive(ctx context.Context, whenTagID, thenTagID uuid.UUID, active, applyToExisting bool) error
// ApplyToExisting retroactively applies the full transitive expansion of
// thenTagID (following active rules) to every file that already carries
// whenTagID. Used when a rule is created or activated with apply_to_existing.
ApplyToExisting(ctx context.Context, whenTagID, thenTagID uuid.UUID) error
// SetActive toggles a rule's is_active flag.
SetActive(ctx context.Context, whenTagID, thenTagID uuid.UUID, active bool) error
Delete(ctx context.Context, whenTagID, thenTagID uuid.UUID) error
}
@@ -161,9 +100,6 @@ type PoolRepo interface {
RemoveFiles(ctx context.Context, poolID uuid.UUID, fileIDs []uuid.UUID) error
// Reorder sets the full ordered sequence of file IDs in the pool.
Reorder(ctx context.Context, poolID uuid.UUID, fileIDs []uuid.UUID) error
// RecordView appends a view-history row (activity.pool_views) for the user.
RecordView(ctx context.Context, poolID uuid.UUID, userID int16) error
}
// UserRepo is the persistence interface for users.
@@ -181,9 +117,6 @@ type UserRepo interface {
type SessionRepo interface {
// ListByUser returns all active sessions for a user.
ListByUser(ctx context.Context, userID int16) (*domain.SessionList, error)
// GetByID returns an active session by its ID, or ErrNotFound if it does not
// exist or has been deactivated.
GetByID(ctx context.Context, id int) (*domain.Session, error)
// GetByTokenHash looks up a session by the hashed refresh token.
GetByTokenHash(ctx context.Context, hash string) (*domain.Session, error)
Create(ctx context.Context, s *domain.Session) (*domain.Session, error)
backend/internal/port/storage.go
-4
View File
@@ -21,10 +21,6 @@ type FileStorage interface {
// Delete removes the file content from storage.
Delete(ctx context.Context, id uuid.UUID) error
// InvalidateCache removes any cached thumbnail/preview for the file so they
// are regenerated from the current content on next request.
InvalidateCache(ctx context.Context, id uuid.UUID) error
// Thumbnail opens the pre-generated thumbnail (JPEG). Returns ErrNotFound
// if the thumbnail has not been generated yet.
Thumbnail(ctx context.Context, id uuid.UUID) (io.ReadCloser, error)
backend/internal/service/acl_service.go
+5 -100
View File
@@ -13,31 +13,10 @@ import (
// ACLService handles access control checks and permission management.
type ACLService struct {
aclRepo port.ACLRepo
files port.FileRepo
tags port.TagRepo
categories port.CategoryRepo
pools port.PoolRepo
tx port.Transactor
}
// NewACLService creates an ACLService. The object repositories are used to
// resolve an object's owner when authorizing permission management.
func NewACLService(
aclRepo port.ACLRepo,
files port.FileRepo,
tags port.TagRepo,
categories port.CategoryRepo,
pools port.PoolRepo,
tx port.Transactor,
) *ACLService {
return &ACLService{
aclRepo: aclRepo,
files: files,
tags: tags,
categories: categories,
pools: pools,
tx: tx,
}
func NewACLService(aclRepo port.ACLRepo) *ACLService {
return &ACLService{aclRepo: aclRepo}
}
// CanView returns true if the user may view the object.
@@ -91,86 +70,12 @@ func (s *ACLService) CanEdit(
return perm.CanEdit, nil
}
// GetPermissions returns all explicit ACL entries for an object. Only the
// object's owner or an admin may inspect its permission list.
func (s *ACLService) GetPermissions(
ctx context.Context,
userID int16, isAdmin bool,
objectTypeID int16, objectID uuid.UUID,
) ([]domain.Permission, error) {
if err := s.authorizeManage(ctx, userID, isAdmin, objectTypeID, objectID); err != nil {
return nil, err
}
// GetPermissions returns all explicit ACL entries for an object.
func (s *ACLService) GetPermissions(ctx context.Context, objectTypeID int16, objectID uuid.UUID) ([]domain.Permission, error) {
return s.aclRepo.List(ctx, objectTypeID, objectID)
}
// SetPermissions replaces all ACL entries for an object (full replace semantics).
// Only the object's owner or an admin may change its permissions. The replace is
// performed atomically inside a single transaction.
func (s *ACLService) SetPermissions(
ctx context.Context,
userID int16, isAdmin bool,
objectTypeID int16, objectID uuid.UUID,
perms []domain.Permission,
) error {
if err := s.authorizeManage(ctx, userID, isAdmin, objectTypeID, objectID); err != nil {
return err
}
return s.tx.WithTx(ctx, func(ctx context.Context) error {
func (s *ACLService) SetPermissions(ctx context.Context, objectTypeID int16, objectID uuid.UUID, perms []domain.Permission) error {
return s.aclRepo.Set(ctx, objectTypeID, objectID, perms)
})
}
// authorizeManage returns nil if the user may manage the object's ACL
// (admin or owner), ErrForbidden otherwise, or a propagated lookup error
// (including ErrNotFound when the object does not exist).
func (s *ACLService) authorizeManage(
ctx context.Context,
userID int16, isAdmin bool,
objectTypeID int16, objectID uuid.UUID,
) error {
if isAdmin {
return nil
}
owner, err := s.objectOwner(ctx, objectTypeID, objectID)
if err != nil {
return err
}
if owner != userID {
return domain.ErrForbidden
}
return nil
}
// objectOwner resolves the creator ID of the object identified by
// (objectTypeID, objectID). Returns ErrNotFound if the object does not exist.
func (s *ACLService) objectOwner(ctx context.Context, objectTypeID int16, objectID uuid.UUID) (int16, error) {
switch objectTypeID {
case fileObjectTypeID:
obj, err := s.files.GetByID(ctx, objectID)
if err != nil {
return 0, err
}
return obj.CreatorID, nil
case tagObjectTypeID:
obj, err := s.tags.GetByID(ctx, objectID)
if err != nil {
return 0, err
}
return obj.CreatorID, nil
case categoryObjectTypeID:
obj, err := s.categories.GetByID(ctx, objectID)
if err != nil {
return 0, err
}
return obj.CreatorID, nil
case poolObjectTypeID:
obj, err := s.pools.GetByID(ctx, objectID)
if err != nil {
return 0, err
}
return obj.CreatorID, nil
default:
return 0, domain.ErrValidation
}
}
backend/internal/service/auth_service.go
+59 -134
View File
@@ -2,7 +2,6 @@ package service
import (
"context"
"crypto/rand"
"crypto/sha256"
"encoding/hex"
"fmt"
@@ -15,32 +14,12 @@ import (
"tanabata/backend/internal/port"
)
// Token types distinguish short-lived access tokens from long-lived refresh
// tokens so the two cannot be substituted for one another.
const (
tokenTypeAccess = "access"
tokenTypeRefresh = "refresh"
// tokenTypeContent is a file-scoped capability for reading one file's
// content by URL (originals / media streaming). It is not tied to a session,
// so it outlives the short access TTL and refresh rotation — letting a long
// video keep playing past access-token expiry.
tokenTypeContent = "content"
)
// dummyPasswordHash is a valid bcrypt hash used to equalise the cost of a login
// attempt against a non-existent user, preventing username enumeration via
// response timing. It is the hash of a random string no one knows.
const dummyPasswordHash = "$2a$10$N9qo8uLOickgx2ZMRZoMyeIjZAgcfl7p92ldGxad68LJZdL17lhWy"
// Claims is the JWT payload for both access and refresh tokens.
type Claims struct {
jwt.RegisteredClaims
UserID int16 `json:"uid"`
IsAdmin bool `json:"adm"`
SessionID int `json:"sid"`
TokenType string `json:"typ"`
// FileID scopes a content token to a single file; empty on access/refresh.
FileID string `json:"fid,omitempty"`
}
// TokenPair holds an issued access/refresh token pair with the access TTL.
@@ -57,7 +36,6 @@ type AuthService struct {
secret []byte
accessTTL time.Duration
refreshTTL time.Duration
contentTTL time.Duration
}
// NewAuthService creates an AuthService.
@@ -67,7 +45,6 @@ func NewAuthService(
jwtSecret string,
accessTTL time.Duration,
refreshTTL time.Duration,
contentTTL time.Duration,
) *AuthService {
return &AuthService{
users: users,
@@ -75,7 +52,6 @@ func NewAuthService(
secret: []byte(jwtSecret),
accessTTL: accessTTL,
refreshTTL: refreshTTL,
contentTTL: contentTTL,
}
}
@@ -83,16 +59,8 @@ func NewAuthService(
func (s *AuthService) Login(ctx context.Context, name, password, userAgent string) (*TokenPair, error) {
user, err := s.users.GetByName(ctx, name)
if err != nil {
// Compare against a dummy hash so a missing user costs the same as a
// wrong password, and return ErrUnauthorized either way to avoid
// username enumeration.
_ = bcrypt.CompareHashAndPassword([]byte(dummyPasswordHash), []byte(password))
return nil, domain.ErrUnauthorized
}
// Verify the password before disclosing anything about account state, so a
// caller cannot distinguish "blocked" from "wrong password".
if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
// Return ErrUnauthorized regardless of whether the user exists,
// to avoid username enumeration.
return nil, domain.ErrUnauthorized
}
@@ -100,7 +68,48 @@ func (s *AuthService) Login(ctx context.Context, name, password, userAgent strin
return nil, domain.ErrForbidden
}
return s.issuePair(ctx, user, userAgent)
if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)); err != nil {
return nil, domain.ErrUnauthorized
}
var expiresAt *time.Time
if s.refreshTTL > 0 {
t := time.Now().Add(s.refreshTTL)
expiresAt = &t
}
// Issue the refresh token first so we can store its hash.
refreshToken, err := s.issueToken(user.ID, user.IsAdmin, 0, s.refreshTTL)
if err != nil {
return nil, fmt.Errorf("issue refresh token: %w", err)
}
session, err := s.sessions.Create(ctx, &domain.Session{
TokenHash: hashToken(refreshToken),
UserID: user.ID,
UserAgent: userAgent,
ExpiresAt: expiresAt,
})
if err != nil {
return nil, fmt.Errorf("create session: %w", err)
}
accessToken, err := s.issueToken(user.ID, user.IsAdmin, session.ID, s.accessTTL)
if err != nil {
return nil, fmt.Errorf("issue access token: %w", err)
}
// Re-issue the refresh token with the real session ID now that we have it.
refreshToken, err = s.issueToken(user.ID, user.IsAdmin, session.ID, s.refreshTTL)
if err != nil {
return nil, fmt.Errorf("issue refresh token: %w", err)
}
return &TokenPair{
AccessToken: accessToken,
RefreshToken: refreshToken,
ExpiresIn: int(s.accessTTL.Seconds()),
}, nil
}
// Logout deactivates the session identified by sessionID.
@@ -115,7 +124,7 @@ func (s *AuthService) Logout(ctx context.Context, sessionID int) error {
// the old session.
func (s *AuthService) Refresh(ctx context.Context, refreshToken, userAgent string) (*TokenPair, error) {
claims, err := s.parseToken(refreshToken)
if err != nil || claims.TokenType != tokenTypeRefresh {
if err != nil {
return nil, domain.ErrUnauthorized
}
@@ -143,30 +152,19 @@ func (s *AuthService) Refresh(ctx context.Context, refreshToken, userAgent strin
return nil, domain.ErrForbidden
}
return s.issuePair(ctx, user, userAgent)
}
// issuePair creates a session and the access/refresh token pair for user.
//
// The refresh token is issued first and its hash is stored as the session's
// identity; the refresh token is located on /refresh purely by that hash, so it
// carries no session ID. The access token then embeds the real session ID so it
// can be revoked on logout. Because the stored hash is the hash of the token
// actually returned, /refresh works (unlike the previous re-issue approach).
func (s *AuthService) issuePair(ctx context.Context, user *domain.User, userAgent string) (*TokenPair, error) {
var expiresAt *time.Time
if s.refreshTTL > 0 {
t := time.Now().Add(s.refreshTTL)
expiresAt = &t
}
refreshToken, err := s.issueToken(user.ID, user.IsAdmin, 0, s.refreshTTL, tokenTypeRefresh)
newRefresh, err := s.issueToken(user.ID, user.IsAdmin, 0, s.refreshTTL)
if err != nil {
return nil, fmt.Errorf("issue refresh token: %w", err)
}
session, err := s.sessions.Create(ctx, &domain.Session{
TokenHash: hashToken(refreshToken),
newSession, err := s.sessions.Create(ctx, &domain.Session{
TokenHash: hashToken(newRefresh),
UserID: user.ID,
UserAgent: userAgent,
ExpiresAt: expiresAt,
@@ -175,14 +173,19 @@ func (s *AuthService) issuePair(ctx context.Context, user *domain.User, userAgen
return nil, fmt.Errorf("create session: %w", err)
}
accessToken, err := s.issueToken(user.ID, user.IsAdmin, session.ID, s.accessTTL, tokenTypeAccess)
accessToken, err := s.issueToken(user.ID, user.IsAdmin, newSession.ID, s.accessTTL)
if err != nil {
return nil, fmt.Errorf("issue access token: %w", err)
}
newRefresh, err = s.issueToken(user.ID, user.IsAdmin, newSession.ID, s.refreshTTL)
if err != nil {
return nil, fmt.Errorf("issue refresh token: %w", err)
}
return &TokenPair{
AccessToken: accessToken,
RefreshToken: refreshToken,
RefreshToken: newRefresh,
ExpiresIn: int(s.accessTTL.Seconds()),
}, nil
}
@@ -224,96 +227,27 @@ func (s *AuthService) TerminateSession(ctx context.Context, callerID int16, isAd
return nil
}
// ValidateAccessToken parses and validates an access token, returning its
// claims. A refresh token is rejected (wrong type), and the token's session
// must still be active — so logout, session termination, an admin block, or a
// refresh rotation revoke any outstanding access tokens immediately rather than
// only at expiry.
func (s *AuthService) ValidateAccessToken(ctx context.Context, tokenStr string) (*Claims, error) {
// ParseAccessToken parses and validates an access token, returning its claims.
func (s *AuthService) ParseAccessToken(tokenStr string) (*Claims, error) {
claims, err := s.parseToken(tokenStr)
if err != nil {
return nil, domain.ErrUnauthorized
}
if claims.TokenType != tokenTypeAccess {
return nil, domain.ErrUnauthorized
}
if _, err := s.sessions.GetByID(ctx, claims.SessionID); err != nil {
return nil, domain.ErrUnauthorized
}
return claims, nil
}
// GenerateContentToken issues a file-scoped capability token authorizing reads of
// one file's content (originals / media streaming) by URL. Unlike the access
// token it carries no session and is not validated against one, so it survives
// refresh rotation and outlives the short access TTL — which is what lets a long
// video keep playing. It is a bearer credential for that single file until
// ContentTokenTTL elapses. Returns the signed token and its lifetime in seconds.
func (s *AuthService) GenerateContentToken(fileID string, userID int16, isAdmin bool) (string, int, error) {
jti, err := randomJTI()
if err != nil {
return "", 0, err
}
// issueToken signs a JWT with the given parameters.
func (s *AuthService) issueToken(userID int16, isAdmin bool, sessionID int, ttl time.Duration) (string, error) {
now := time.Now()
claims := Claims{
RegisteredClaims: jwt.RegisteredClaims{
ID: jti,
IssuedAt: jwt.NewNumericDate(now),
ExpiresAt: jwt.NewNumericDate(now.Add(s.contentTTL)),
},
UserID: userID,
IsAdmin: isAdmin,
TokenType: tokenTypeContent,
FileID: fileID,
}
signed, err := s.signClaims(claims)
if err != nil {
return "", 0, err
}
return signed, int(s.contentTTL.Seconds()), nil
}
// ValidateContentToken parses a content token and checks it authorizes fileID.
// It verifies the signature and expiry (via parseToken), the content token type,
// and that the embedded file ID matches the requested file — so a token minted
// for one file cannot read another. It is intentionally session-independent (no
// session lookup), which is what lets it outlive access-token/session rotation.
// Per-file view permission is still enforced downstream against the token's user.
func (s *AuthService) ValidateContentToken(tokenStr, fileID string) (*Claims, error) {
claims, err := s.parseToken(tokenStr)
if err != nil {
return nil, domain.ErrUnauthorized
}
if claims.TokenType != tokenTypeContent || claims.FileID != fileID {
return nil, domain.ErrUnauthorized
}
return claims, nil
}
// issueToken signs a JWT with the given parameters. A random JWT ID guarantees
// uniqueness even for tokens minted within the same second.
func (s *AuthService) issueToken(userID int16, isAdmin bool, sessionID int, ttl time.Duration, tokenType string) (string, error) {
jti, err := randomJTI()
if err != nil {
return "", err
}
now := time.Now()
claims := Claims{
RegisteredClaims: jwt.RegisteredClaims{
ID: jti,
IssuedAt: jwt.NewNumericDate(now),
ExpiresAt: jwt.NewNumericDate(now.Add(ttl)),
},
UserID: userID,
IsAdmin: isAdmin,
SessionID: sessionID,
TokenType: tokenType,
}
return s.signClaims(claims)
}
// signClaims signs claims into an HS256 JWT with the service secret.
func (s *AuthService) signClaims(claims Claims) (string, error) {
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
signed, err := token.SignedString(s.secret)
if err != nil {
@@ -346,12 +280,3 @@ func hashToken(token string) string {
sum := sha256.Sum256([]byte(token))
return hex.EncodeToString(sum[:])
}
// randomJTI returns a 128-bit random hex string for use as a JWT ID.
func randomJTI() (string, error) {
b := make([]byte, 16)
if _, err := rand.Read(b); err != nil {
return "", fmt.Errorf("generate jti: %w", err)
}
return hex.EncodeToString(b), nil
}
backend/internal/service/auth_service_test.go
-80
View File
@@ -1,80 +0,0 @@
package service
import (
"testing"
"time"
)
// newContentTokenService builds an AuthService for content-token tests. The
// content-token methods never touch the user/session repos, so nil is fine.
func newContentTokenService(contentTTL time.Duration) *AuthService {
return NewAuthService(nil, nil, "test-secret", 15*time.Minute, 720*time.Hour, contentTTL)
}
func TestContentTokenRoundTrip(t *testing.T) {
s := newContentTokenService(time.Hour)
const fid = "11111111-1111-1111-1111-111111111111"
tok, expiresIn, err := s.GenerateContentToken(fid, 7, true)
if err != nil {
t.Fatalf("GenerateContentToken: %v", err)
}
if expiresIn != int(time.Hour.Seconds()) {
t.Fatalf("expires_in = %d, want %d", expiresIn, int(time.Hour.Seconds()))
}
claims, err := s.ValidateContentToken(tok, fid)
if err != nil {
t.Fatalf("ValidateContentToken: %v", err)
}
if claims.UserID != 7 || !claims.IsAdmin {
t.Fatalf("claims user mismatch: uid=%d adm=%v", claims.UserID, claims.IsAdmin)
}
if claims.FileID != fid || claims.TokenType != tokenTypeContent {
t.Fatalf("claims scope mismatch: fid=%q typ=%q", claims.FileID, claims.TokenType)
}
}
func TestContentTokenRejectsOtherFile(t *testing.T) {
s := newContentTokenService(time.Hour)
tok, _, err := s.GenerateContentToken("11111111-1111-1111-1111-111111111111", 7, false)
if err != nil {
t.Fatal(err)
}
// A token minted for one file must not authorize another.
if _, err := s.ValidateContentToken(tok, "22222222-2222-2222-2222-222222222222"); err == nil {
t.Fatal("expected rejection for a different file id")
}
}
func TestContentTokenRejectsAccessToken(t *testing.T) {
s := newContentTokenService(time.Hour)
// An ordinary access token must not pass as a content token (wrong type).
access, err := s.issueToken(7, false, 1, 15*time.Minute, tokenTypeAccess)
if err != nil {
t.Fatal(err)
}
if _, err := s.ValidateContentToken(access, ""); err == nil {
t.Fatal("expected rejection of an access token as a content token")
}
}
func TestContentTokenRejectsExpired(t *testing.T) {
// Negative TTL → the token is already expired when minted.
s := newContentTokenService(-time.Minute)
const fid = "11111111-1111-1111-1111-111111111111"
tok, _, err := s.GenerateContentToken(fid, 7, false)
if err != nil {
t.Fatal(err)
}
if _, err := s.ValidateContentToken(tok, fid); err == nil {
t.Fatal("expected rejection of an expired content token")
}
}
func TestContentTokenRejectsGarbage(t *testing.T) {
s := newContentTokenService(time.Hour)
if _, err := s.ValidateContentToken("not-a-jwt", "11111111-1111-1111-1111-111111111111"); err == nil {
t.Fatal("expected rejection of a malformed token")
}
}
backend/internal/service/category_service.go
-179
View File
@@ -1,179 +0,0 @@
package service
import (
"context"
"encoding/json"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
)
const categoryObjectType = "category"
const categoryObjectTypeID int16 = 3 // third row in 007_seed_data.sql object_types
// CategoryParams holds the fields for creating or patching a category.
type CategoryParams struct {
Name string
Notes *string
Color *string // nil = no change; pointer to empty string = clear
Metadata json.RawMessage
IsPublic *bool
}
// CategoryService handles category CRUD with ACL enforcement and audit logging.
type CategoryService struct {
categories port.CategoryRepo
tags port.TagRepo
acl *ACLService
audit *AuditService
}
// NewCategoryService creates a CategoryService.
func NewCategoryService(
categories port.CategoryRepo,
tags port.TagRepo,
acl *ACLService,
audit *AuditService,
) *CategoryService {
return &CategoryService{
categories: categories,
tags: tags,
acl: acl,
audit: audit,
}
}
// ---------------------------------------------------------------------------
// CRUD
// ---------------------------------------------------------------------------
// List returns a paginated list of categories the caller may see.
func (s *CategoryService) List(ctx context.Context, params port.OffsetParams) (*domain.CategoryOffsetPage, error) {
params.ViewerID, params.ViewerIsAdmin, _ = domain.UserFromContext(ctx)
return s.categories.List(ctx, params)
}
// Get returns a category by ID, enforcing view ACL.
func (s *CategoryService) Get(ctx context.Context, id uuid.UUID) (*domain.Category, error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
c, err := s.categories.GetByID(ctx, id)
if err != nil {
return nil, err
}
ok, err := s.acl.CanView(ctx, userID, isAdmin, c.CreatorID, c.IsPublic, categoryObjectTypeID, id)
if err != nil {
return nil, err
}
if !ok {
return nil, domain.ErrForbidden
}
return c, nil
}
// Create inserts a new category record.
func (s *CategoryService) Create(ctx context.Context, p CategoryParams) (*domain.Category, error) {
userID, _, _ := domain.UserFromContext(ctx)
c := &domain.Category{
Name: p.Name,
Notes: p.Notes,
Color: p.Color,
Metadata: p.Metadata,
CreatorID: userID,
}
if p.IsPublic != nil {
c.IsPublic = *p.IsPublic
}
created, err := s.categories.Create(ctx, c)
if err != nil {
return nil, err
}
objType := categoryObjectType
_ = s.audit.Log(ctx, "category_create", &objType, &created.ID, nil)
return created, nil
}
// Update applies a partial patch to a category.
func (s *CategoryService) Update(ctx context.Context, id uuid.UUID, p CategoryParams) (*domain.Category, error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
current, err := s.categories.GetByID(ctx, id)
if err != nil {
return nil, err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, current.CreatorID, categoryObjectTypeID, id)
if err != nil {
return nil, err
}
if !ok {
return nil, domain.ErrForbidden
}
patch := *current
if p.Name != "" {
patch.Name = p.Name
}
if p.Notes != nil {
patch.Notes = p.Notes
}
if p.Color != nil {
patch.Color = p.Color
}
if len(p.Metadata) > 0 {
patch.Metadata = p.Metadata
}
if p.IsPublic != nil {
patch.IsPublic = *p.IsPublic
}
updated, err := s.categories.Update(ctx, id, &patch)
if err != nil {
return nil, err
}
objType := categoryObjectType
_ = s.audit.Log(ctx, "category_edit", &objType, &id, nil)
return updated, nil
}
// Delete removes a category by ID, enforcing edit ACL.
func (s *CategoryService) Delete(ctx context.Context, id uuid.UUID) error {
userID, isAdmin, _ := domain.UserFromContext(ctx)
c, err := s.categories.GetByID(ctx, id)
if err != nil {
return err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, c.CreatorID, categoryObjectTypeID, id)
if err != nil {
return err
}
if !ok {
return domain.ErrForbidden
}
if err := s.categories.Delete(ctx, id); err != nil {
return err
}
objType := categoryObjectType
_ = s.audit.Log(ctx, "category_delete", &objType, &id, nil)
return nil
}
// ---------------------------------------------------------------------------
// Tags in category
// ---------------------------------------------------------------------------
// ListTags returns a paginated list of tags in this category that the caller
// may see.
func (s *CategoryService) ListTags(ctx context.Context, categoryID uuid.UUID, params port.OffsetParams) (*domain.TagOffsetPage, error) {
params.ViewerID, params.ViewerIsAdmin, _ = domain.UserFromContext(ctx)
return s.tags.ListByCategory(ctx, categoryID, params)
}
backend/internal/service/duplicate_index.go
-148
View File
@@ -1,148 +0,0 @@
package service
import (
"bytes"
"math/bits"
"sort"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
)
// hamming returns the number of differing bits between two perceptual hashes.
func hamming(a, b uint64) int { return bits.OnesCount64(a ^ b) }
// bkNode is a node in a BK-tree over Hamming distance. Files that share the exact
// same hash are collected in ids (a distance-0 collision), so identical images
// don't degenerate the tree into a chain.
type bkNode struct {
hash uint64
ids []uuid.UUID
children map[int]*bkNode
}
// bkTree indexes perceptual hashes for sublinear radius queries. Building one and
// querying every element with a small radius is far cheaper than the O(N²) all-
// pairs comparison at 100k+ files.
type bkTree struct{ root *bkNode }
func (t *bkTree) insert(hash uint64, id uuid.UUID) {
if t.root == nil {
t.root = &bkNode{hash: hash, ids: []uuid.UUID{id}, children: map[int]*bkNode{}}
return
}
node := t.root
for {
d := hamming(hash, node.hash)
if d == 0 {
node.ids = append(node.ids, id)
return
}
child, ok := node.children[d]
if !ok {
node.children[d] = &bkNode{hash: hash, ids: []uuid.UUID{id}, children: map[int]*bkNode{}}
return
}
node = child
}
}
// query visits every node whose hash is within radius of target. The triangle
// inequality bounds which children can hold a match to [d-radius, d+radius].
func (t *bkTree) query(target uint64, radius int, visit func(node *bkNode, dist int)) {
if t.root == nil {
return
}
stack := []*bkNode{t.root}
for len(stack) > 0 {
node := stack[len(stack)-1]
stack = stack[:len(stack)-1]
d := hamming(target, node.hash)
if d <= radius {
visit(node, d)
}
lo, hi := d-radius, d+radius
for cd, child := range node.children {
if cd >= lo && cd <= hi {
stack = append(stack, child)
}
}
}
}
// buildPairs returns every unordered pair of files whose hashes are within
// threshold, each emitted exactly once with FileA < FileB (UUID byte order).
// onProgress, if set, is called periodically with (processed, total).
func buildPairs(entries []domain.PHashEntry, threshold int, onProgress func(done, total int)) []domain.DuplicatePair {
tree := &bkTree{}
for _, e := range entries {
tree.insert(uint64(e.PHash), e.ID)
}
var pairs []domain.DuplicatePair
total := len(entries)
for i := range entries {
e := entries[i]
tree.query(uint64(e.PHash), threshold, func(node *bkNode, dist int) {
for _, other := range node.ids {
// Emit each pair once, from the smaller id, which also skips self.
if bytes.Compare(e.ID[:], other[:]) < 0 {
pairs = append(pairs, domain.DuplicatePair{FileA: e.ID, FileB: other, Distance: dist})
}
}
})
if onProgress != nil && (i+1)%1000 == 0 {
onProgress(i+1, total)
}
}
if onProgress != nil {
onProgress(total, total)
}
return pairs
}
// clusterPairs groups pairs into connected components (transitive closure) via
// union-find. Every returned cluster has at least two files; clusters and the ids
// within them are sorted by UUID for stable pagination.
func clusterPairs(pairs []domain.DuplicatePair) [][]uuid.UUID {
parent := map[uuid.UUID]uuid.UUID{}
var find func(uuid.UUID) uuid.UUID
find = func(x uuid.UUID) uuid.UUID {
p, ok := parent[x]
if !ok {
parent[x] = x
return x
}
if p != x {
parent[x] = find(p)
}
return parent[x]
}
union := func(a, b uuid.UUID) {
ra, rb := find(a), find(b)
if ra != rb {
parent[ra] = rb
}
}
for _, p := range pairs {
union(p.FileA, p.FileB)
}
groups := map[uuid.UUID][]uuid.UUID{}
for node := range parent {
root := find(node)
groups[root] = append(groups[root], node)
}
clusters := make([][]uuid.UUID, 0, len(groups))
for _, ids := range groups {
sort.Slice(ids, func(i, j int) bool { return bytes.Compare(ids[i][:], ids[j][:]) < 0 })
clusters = append(clusters, ids)
}
sort.Slice(clusters, func(i, j int) bool {
return bytes.Compare(clusters[i][0][:], clusters[j][0][:]) < 0
})
return clusters
}
backend/internal/service/duplicate_service.go
-361
View File
@@ -1,361 +0,0 @@
package service
import (
"context"
"encoding/json"
"errors"
"time"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
)
// Merge field source values.
const (
mergeKeep = "keep"
mergeDiscard = "discard"
mergeBoth = "both"
mergeMerge = "merge"
)
// MergeFields chooses, per field, which file supplies the survivor's value when
// resolving a duplicate. Scalars accept "keep"/"discard"; metadata also accepts
// "merge" (shallow object merge, survivor wins on key conflicts); relations
// (tags, pools) accept "keep"/"both" (union) — there is deliberately no option
// to drop the survivor's own tags/pools. An empty value defaults to "keep".
type MergeFields struct {
OriginalName string `json:"original_name"`
Notes string `json:"notes"`
ContentDatetime string `json:"content_datetime"`
IsPublic string `json:"is_public"`
Metadata string `json:"metadata"`
Tags string `json:"tags"`
Pools string `json:"pools"`
}
// MergeSpec is the input to a duplicate resolution: keep one file, fold chosen
// fields in from the other, and (usually) trash the other.
type MergeSpec struct {
Keep uuid.UUID
Discard uuid.UUID
Fields MergeFields
DeleteDiscarded bool
}
// normalize fills empty choices with "keep" and rejects unknown values.
func (m *MergeSpec) normalize() error {
scalar := func(v *string) error {
if *v == "" {
*v = mergeKeep
}
if *v != mergeKeep && *v != mergeDiscard {
return domain.ErrValidation
}
return nil
}
relation := func(v *string) error {
if *v == "" {
*v = mergeKeep
}
if *v != mergeKeep && *v != mergeBoth {
return domain.ErrValidation
}
return nil
}
f := &m.Fields
if err := scalar(&f.OriginalName); err != nil {
return err
}
if err := scalar(&f.Notes); err != nil {
return err
}
if err := scalar(&f.ContentDatetime); err != nil {
return err
}
if err := scalar(&f.IsPublic); err != nil {
return err
}
if f.Metadata == "" {
f.Metadata = mergeKeep
}
if f.Metadata != mergeKeep && f.Metadata != mergeDiscard && f.Metadata != mergeMerge {
return domain.ErrValidation
}
if err := relation(&f.Tags); err != nil {
return err
}
if err := relation(&f.Pools); err != nil {
return err
}
return nil
}
// DuplicateService finds near-duplicate clusters and resolves them.
type DuplicateService struct {
files port.FileRepo
pairs port.DuplicatePairRepo
dismissals port.DismissalRepo
acl *ACLService
audit *AuditService
tx port.Transactor
threshold int
}
// NewDuplicateService creates a DuplicateService. threshold is the maximum
// Hamming distance for two files to be treated as duplicate candidates.
func NewDuplicateService(
files port.FileRepo,
pairs port.DuplicatePairRepo,
dismissals port.DismissalRepo,
acl *ACLService,
audit *AuditService,
tx port.Transactor,
threshold int,
) *DuplicateService {
return &DuplicateService{
files: files,
pairs: pairs,
dismissals: dismissals,
acl: acl,
audit: audit,
tx: tx,
threshold: threshold,
}
}
// Clusters returns a page of duplicate clusters visible to the caller. Pairs are
// read from the precomputed table (no all-pairs scan here) and grouped into
// connected components; pagination is over whole clusters.
func (s *DuplicateService) Clusters(ctx context.Context, limit, offset int) (clusters [][]domain.File, total int, err error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
pairs, err := s.pairs.ListVisible(ctx, userID, isAdmin)
if err != nil {
return nil, 0, err
}
groups := clusterPairs(pairs)
total = len(groups)
if offset < 0 {
offset = 0
}
if offset >= len(groups) {
return [][]domain.File{}, total, nil
}
end := offset + limit
if end > len(groups) || limit <= 0 {
end = len(groups)
}
out := make([][]domain.File, 0, end-offset)
for _, ids := range groups[offset:end] {
files := make([]domain.File, 0, len(ids))
for _, id := range ids {
f, err := s.files.GetByID(ctx, id)
if err != nil {
// A file deleted between the pair read and now just drops out.
if errors.Is(err, domain.ErrNotFound) {
continue
}
return nil, 0, err
}
files = append(files, *f)
}
if len(files) >= 2 {
out = append(out, files)
}
}
return out, total, nil
}
// Rescan recomputes the entire duplicate_pairs table from the current set of
// perceptual hashes. It is the only thing that populates the table, so the
// duplicates view reflects state as of the last rescan. Called by the dedup CLI.
func (s *DuplicateService) Rescan(ctx context.Context, onProgress func(done, total int)) error {
entries, err := s.files.ListAllPHashes(ctx)
if err != nil {
return err
}
pairs := buildPairs(entries, s.threshold, onProgress)
return s.pairs.ReplaceAll(ctx, pairs)
}
// Dismiss records two files as "not a duplicate" so the pair stops surfacing.
// The caller must be able to view both files.
func (s *DuplicateService) Dismiss(ctx context.Context, a, b uuid.UUID) error {
if a == b {
return domain.ErrValidation
}
userID, isAdmin, _ := domain.UserFromContext(ctx)
for _, id := range []uuid.UUID{a, b} {
f, err := s.files.GetByID(ctx, id)
if err != nil {
return err
}
ok, err := s.acl.CanView(ctx, userID, isAdmin, f.CreatorID, f.IsPublic, fileObjectTypeID, id)
if err != nil {
return err
}
if !ok {
return domain.ErrForbidden
}
}
if err := s.dismissals.Add(ctx, a, b, userID); err != nil {
return err
}
objType := fileObjectType
_ = s.audit.Log(ctx, "duplicate_dismiss", &objType, &a, map[string]any{"other": b.String()})
return nil
}
// Resolve merges a duplicate pair: the survivor (keep) takes the chosen fields
// from the other (discard), and the other is trashed when DeleteDiscarded is set.
// The caller must be able to edit both files. Returns the updated survivor.
func (s *DuplicateService) Resolve(ctx context.Context, spec MergeSpec) (*domain.File, error) {
if spec.Keep == spec.Discard {
return nil, domain.ErrValidation
}
if err := spec.normalize(); err != nil {
return nil, err
}
keep, err := s.files.GetByID(ctx, spec.Keep)
if err != nil {
return nil, err
}
discard, err := s.files.GetByID(ctx, spec.Discard)
if err != nil {
return nil, err
}
userID, isAdmin, _ := domain.UserFromContext(ctx)
for _, f := range []*domain.File{keep, discard} {
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, f.CreatorID, fileObjectTypeID, f.ID)
if err != nil {
return nil, err
}
if !ok {
return nil, domain.ErrForbidden
}
}
// FileRepo.Update rewrites all editable scalar columns, so build the complete
// resolved set (each field from keep or discard) rather than a sparse patch.
patch := &domain.File{
OriginalName: pickPtr(spec.Fields.OriginalName, keep.OriginalName, discard.OriginalName),
Notes: pickPtr(spec.Fields.Notes, keep.Notes, discard.Notes),
ContentDatetime: pickTime(spec.Fields.ContentDatetime, keep.ContentDatetime, discard.ContentDatetime),
IsPublic: pickBool(spec.Fields.IsPublic, keep.IsPublic, discard.IsPublic),
Metadata: pickMetadata(spec.Fields.Metadata, keep.Metadata, discard.Metadata),
}
var result *domain.File
txErr := s.tx.WithTx(ctx, func(ctx context.Context) error {
updated, err := s.files.Update(ctx, keep.ID, patch)
if err != nil {
return err
}
if spec.Fields.Tags == mergeBoth {
if err := s.files.SetTags(ctx, keep.ID, unionTagIDs(keep.Tags, discard.Tags)); err != nil {
return err
}
tags, err := s.files.ListTags(ctx, keep.ID)
if err != nil {
return err
}
updated.Tags = tags
}
if spec.Fields.Pools == mergeBoth {
if err := s.files.CopyPoolMemberships(ctx, keep.ID, discard.ID); err != nil {
return err
}
}
if spec.DeleteDiscarded {
if err := s.files.SoftDelete(ctx, discard.ID); err != nil {
return err
}
}
result = updated
return nil
})
if txErr != nil {
return nil, txErr
}
objType := fileObjectType
_ = s.audit.Log(ctx, "file_merge", &objType, &keep.ID, map[string]any{
"discard": spec.Discard.String(),
"fields": spec.Fields,
"deleted_discarded": spec.DeleteDiscarded,
})
return result, nil
}
// --- field pickers ---------------------------------------------------------
func pickPtr(choice string, keep, discard *string) *string {
if choice == mergeDiscard {
return discard
}
return keep
}
func pickBool(choice string, keep, discard bool) bool {
if choice == mergeDiscard {
return discard
}
return keep
}
func pickTime(choice string, keep, discard time.Time) time.Time {
if choice == mergeDiscard {
return discard
}
return keep
}
func unionTagIDs(a, b []domain.Tag) []uuid.UUID {
seen := make(map[uuid.UUID]bool, len(a)+len(b))
ids := make([]uuid.UUID, 0, len(a)+len(b))
for _, t := range append(append([]domain.Tag{}, a...), b...) {
if !seen[t.ID] {
seen[t.ID] = true
ids = append(ids, t.ID)
}
}
return ids
}
// pickMetadata returns keep's metadata, discard's, or a shallow merge in which
// the survivor's keys win on conflict.
func pickMetadata(choice string, keep, discard json.RawMessage) json.RawMessage {
switch choice {
case mergeDiscard:
return discard
case mergeMerge:
km := map[string]json.RawMessage{}
dm := map[string]json.RawMessage{}
_ = json.Unmarshal(keep, &km)
_ = json.Unmarshal(discard, &dm)
out := make(map[string]json.RawMessage, len(km)+len(dm))
for k, v := range dm {
out[k] = v
}
for k, v := range km { // survivor wins
out[k] = v
}
if len(out) == 0 {
return keep
}
b, err := json.Marshal(out)
if err != nil {
return keep
}
return b
default:
return keep
}
}
backend/internal/service/duplicate_test.go
-152
View File
@@ -1,152 +0,0 @@
package service
import (
"bytes"
"encoding/json"
"errors"
"fmt"
"sort"
"testing"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
)
// id builds a deterministic UUID whose byte order matches n, so tests can reason
// about the canonical (FileA < FileB) ordering buildPairs produces.
func id(n int) uuid.UUID {
return uuid.MustParse(fmt.Sprintf("00000000-0000-0000-0000-%012d", n))
}
func entry(n int, hash uint64) domain.PHashEntry {
return domain.PHashEntry{ID: id(n), PHash: int64(hash)}
}
// pairKey canonicalises a pair for set comparison regardless of emission order.
func pairKey(p domain.DuplicatePair) string {
a, b := p.FileA, p.FileB
if bytes.Compare(a[:], b[:]) > 0 {
a, b = b, a
}
return fmt.Sprintf("%s|%s|%d", a, b, p.Distance)
}
func TestBuildPairs_ThresholdAndCanonicalOrder(t *testing.T) {
entries := []domain.PHashEntry{
entry(1, 0x0000000000000000),
entry(2, 0x0000000000000001), // distance 1 from #1
entry(3, 0x00000000000000FF), // distance 8 from #1, 7 from #2
entry(4, 0xFFFFFFFFFFFFFFFF), // distance 64 from #1
}
// Tight threshold: only the distance-1 pair qualifies.
got := buildPairs(entries, 2, nil)
if len(got) != 1 {
t.Fatalf("threshold 2: got %d pairs, want 1: %+v", len(got), got)
}
if got[0].FileA != id(1) || got[0].FileB != id(2) || got[0].Distance != 1 {
t.Errorf("threshold 2: unexpected pair %+v", got[0])
}
// Canonical order always FileA < FileB.
if bytes.Compare(got[0].FileA[:], got[0].FileB[:]) >= 0 {
t.Error("pair not in canonical FileA < FileB order")
}
// Looser threshold pulls in #3's pairs but never #4.
got8 := buildPairs(entries, 8, nil)
want := map[string]bool{
pairKey(domain.DuplicatePair{FileA: id(1), FileB: id(2), Distance: 1}): true,
pairKey(domain.DuplicatePair{FileA: id(1), FileB: id(3), Distance: 8}): true,
pairKey(domain.DuplicatePair{FileA: id(2), FileB: id(3), Distance: 7}): true,
}
if len(got8) != len(want) {
t.Fatalf("threshold 8: got %d pairs, want %d: %+v", len(got8), len(want), got8)
}
for _, p := range got8 {
if !want[pairKey(p)] {
t.Errorf("threshold 8: unexpected pair %+v", p)
}
}
}
func TestBuildPairs_IdenticalHashesPairAtDistanceZero(t *testing.T) {
entries := []domain.PHashEntry{
entry(1, 0xABCDABCDABCDABCD),
entry(2, 0xABCDABCDABCDABCD),
}
got := buildPairs(entries, 0, nil)
if len(got) != 1 || got[0].Distance != 0 || got[0].FileA != id(1) || got[0].FileB != id(2) {
t.Fatalf("identical hashes: got %+v, want one distance-0 pair (1,2)", got)
}
}
func TestClusterPairs_ConnectedComponents(t *testing.T) {
pairs := []domain.DuplicatePair{
{FileA: id(1), FileB: id(2)},
{FileA: id(2), FileB: id(3)}, // transitively joins 1-2-3
{FileA: id(5), FileB: id(6)},
}
clusters := clusterPairs(pairs)
if len(clusters) != 2 {
t.Fatalf("got %d clusters, want 2: %+v", len(clusters), clusters)
}
// Sorted by smallest id: {1,2,3} then {5,6}.
if len(clusters[0]) != 3 || clusters[0][0] != id(1) || clusters[0][2] != id(3) {
t.Errorf("cluster 0 = %v, want [1 2 3]", clusters[0])
}
if len(clusters[1]) != 2 || clusters[1][0] != id(5) {
t.Errorf("cluster 1 = %v, want [5 6]", clusters[1])
}
// Each cluster's ids are sorted.
for _, c := range clusters {
if !sort.SliceIsSorted(c, func(i, j int) bool { return bytes.Compare(c[i][:], c[j][:]) < 0 }) {
t.Errorf("cluster not sorted: %v", c)
}
}
}
func TestPickMetadata_Merge(t *testing.T) {
keep := json.RawMessage(`{"a":1,"b":2}`)
discard := json.RawMessage(`{"b":9,"c":3}`)
out := pickMetadata(mergeMerge, keep, discard)
var m map[string]int
if err := json.Unmarshal(out, &m); err != nil {
t.Fatalf("merge result not valid JSON: %v (%s)", err, out)
}
want := map[string]int{"a": 1, "b": 2, "c": 3} // survivor wins on "b"
if fmt.Sprint(m) != fmt.Sprint(want) {
t.Errorf("merge = %v, want %v", m, want)
}
if string(pickMetadata(mergeKeep, keep, discard)) != string(keep) {
t.Error("keep choice should return survivor metadata unchanged")
}
if string(pickMetadata(mergeDiscard, keep, discard)) != string(discard) {
t.Error("discard choice should return the other file's metadata")
}
}
func TestMergeSpec_Normalize(t *testing.T) {
// Empty fields default to "keep".
spec := MergeSpec{Keep: id(1), Discard: id(2)}
if err := spec.normalize(); err != nil {
t.Fatalf("normalize empty: %v", err)
}
if spec.Fields.OriginalName != mergeKeep || spec.Fields.Tags != mergeKeep || spec.Fields.Metadata != mergeKeep {
t.Errorf("empty fields not defaulted to keep: %+v", spec.Fields)
}
// "both" is invalid for a scalar field.
bad := MergeSpec{Keep: id(1), Discard: id(2), Fields: MergeFields{Notes: mergeBoth}}
if err := bad.normalize(); !errors.Is(err, domain.ErrValidation) {
t.Errorf("scalar=both: got %v, want ErrValidation", err)
}
// "discard" is invalid for a relation field.
badRel := MergeSpec{Keep: id(1), Discard: id(2), Fields: MergeFields{Tags: mergeDiscard}}
if err := badRel.normalize(); !errors.Is(err, domain.ErrValidation) {
t.Errorf("relation=discard: got %v, want ErrValidation", err)
}
}
backend/internal/service/file_service.go
+229 -267
View File
@@ -8,15 +8,13 @@ import (
"io"
"os"
"path/filepath"
"sort"
"strings"
"time"
"github.com/gabriel-vasile/mimetype"
"github.com/google/uuid"
"github.com/rwcarlsen/goexif/exif"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/imagehash"
"tanabata/backend/internal/port"
)
@@ -34,10 +32,6 @@ type UploadParams struct {
Notes *string
Metadata json.RawMessage
ContentDatetime *time.Time
// ContentDatetimeFallback is used for content_datetime only when neither an
// explicit ContentDatetime nor an EXIF date is available (e.g. the source
// file's mtime on a server-side import).
ContentDatetimeFallback *time.Time
IsPublic bool
TagIDs []uuid.UUID
}
@@ -72,24 +66,6 @@ type ImportResult struct {
Errors []ImportFileError `json:"errors"`
}
// ImportEvent is one progress message streamed during an import, letting the UI
// show a live progress bar and a per-file status list. Type is the discriminator:
//
// "start" — total is the number of entries about to be processed.
// "file" — one entry finished: index (1-based), filename, status, optional reason.
// "done" — final tallies (imported/skipped/errors).
type ImportEvent struct {
Type string `json:"type"`
Total int `json:"total,omitempty"`
Index int `json:"index,omitempty"`
Filename string `json:"filename,omitempty"`
Status string `json:"status,omitempty"` // "imported" | "skipped" | "error"
Reason string `json:"reason,omitempty"`
Imported int `json:"imported,omitempty"`
Skipped int `json:"skipped,omitempty"`
Errors int `json:"errors,omitempty"`
}
// FileService handles business logic for file records.
type FileService struct {
files port.FileRepo
@@ -97,7 +73,6 @@ type FileService struct {
storage port.FileStorage
acl *ACLService
audit *AuditService
tags *TagService
tx port.Transactor
importPath string // default server-side import directory
}
@@ -109,7 +84,6 @@ func NewFileService(
storage port.FileStorage,
acl *ACLService,
audit *AuditService,
tags *TagService,
tx port.Transactor,
importPath string,
) *FileService {
@@ -119,7 +93,6 @@ func NewFileService(
storage: storage,
acl: acl,
audit: audit,
tags: tags,
tx: tx,
importPath: importPath,
}
@@ -131,7 +104,7 @@ func NewFileService(
// Upload validates the MIME type, saves the file to storage, creates the DB
// record, and applies any initial tags — all within a single transaction.
// If ContentDatetime is nil and the metadata carries a capture date, it is used.
// If ContentDatetime is nil and EXIF DateTimeOriginal is present, it is used.
func (s *FileService) Upload(ctx context.Context, p UploadParams) (*domain.File, error) {
userID, _, _ := domain.UserFromContext(ctx)
@@ -148,32 +121,15 @@ func (s *FileService) Upload(ctx context.Context, p UploadParams) (*domain.File,
}
data := buf.Bytes()
// Extract rich metadata (best-effort; covers images, video and audio).
var origName string
if p.OriginalName != nil {
origName = *p.OriginalName
}
exifData, exifDatetime := extractMetadata(data, origName, p.ContentDatetimeFallback)
// Extract EXIF metadata (best-effort; non-image files will error silently).
exifData, exifDatetime := extractEXIFWithDatetime(data)
// Compute a perceptual hash for images so duplicate detection can later match
// near-identical files. Best-effort: a decode failure just leaves phash unset
// (the dedup CLI backfills it). Video is hashed by that CLI, not inline, to keep
// ffmpeg off the upload path.
var phash *int64
if strings.HasPrefix(mime.Name, "image/") {
if h, ok := imagehash.FromBytes(data); ok {
phash = &h
}
}
// Resolve content datetime: explicit > metadata date > fallback (e.g. import mtime) > zero.
// Resolve content datetime: explicit > EXIF > zero value.
var contentDatetime time.Time
if p.ContentDatetime != nil {
contentDatetime = *p.ContentDatetime
} else if exifDatetime != nil {
contentDatetime = *exifDatetime
} else if p.ContentDatetimeFallback != nil {
contentDatetime = *p.ContentDatetimeFallback
}
// Assign UUID v7 so CreatedAt can be derived from it later.
@@ -199,7 +155,6 @@ func (s *FileService) Upload(ctx context.Context, p UploadParams) (*domain.File,
Notes: p.Notes,
Metadata: p.Metadata,
EXIF: exifData,
PHash: phash,
CreatorID: userID,
IsPublic: p.IsPublic,
}
@@ -211,7 +166,10 @@ func (s *FileService) Upload(ctx context.Context, p UploadParams) (*domain.File,
}
if len(p.TagIDs) > 0 {
tags, err := s.tags.SetFileTags(ctx, created.ID, p.TagIDs)
if err := s.files.SetTags(ctx, created.ID, p.TagIDs); err != nil {
return err
}
tags, err := s.files.ListTags(ctx, created.ID)
if err != nil {
return err
}
@@ -249,26 +207,6 @@ func (s *FileService) Get(ctx context.Context, id uuid.UUID) (*domain.File, erro
return f, nil
}
// RecordView appends a view-history entry for the current user, enforcing view
// ACL (you can only record a view of a file you may see).
func (s *FileService) RecordView(ctx context.Context, id uuid.UUID) error {
userID, isAdmin, _ := domain.UserFromContext(ctx)
f, err := s.files.GetByID(ctx, id)
if err != nil {
return err
}
ok, err := s.acl.CanView(ctx, userID, isAdmin, f.CreatorID, f.IsPublic, fileObjectTypeID, id)
if err != nil {
return err
}
if !ok {
return domain.ErrForbidden
}
return s.files.RecordView(ctx, id, userID)
}
// Update applies metadata changes to a file, enforcing edit ACL.
func (s *FileService) Update(ctx context.Context, id uuid.UUID, p UpdateParams) (*domain.File, error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
@@ -311,7 +249,10 @@ func (s *FileService) Update(ctx context.Context, id uuid.UUID, p UpdateParams)
return updateErr
}
if p.TagIDs != nil {
tags, err := s.tags.SetFileTags(ctx, id, *p.TagIDs)
if err := s.files.SetTags(ctx, id, *p.TagIDs); err != nil {
return err
}
tags, err := s.files.ListTags(ctx, id)
if err != nil {
return err
}
@@ -406,7 +347,6 @@ func (s *FileService) PermanentDelete(ctx context.Context, id uuid.UUID) error {
return err
}
_ = s.storage.Delete(ctx, id)
_ = s.storage.InvalidateCache(ctx, id)
objType := fileObjectType
_ = s.audit.Log(ctx, "file_permanent_delete", &objType, &id, nil)
@@ -440,17 +380,11 @@ func (s *FileService) Replace(ctx context.Context, id uuid.UUID, p UploadParams)
return nil, fmt.Errorf("FileService.Replace: read body: %w", err)
}
data := buf.Bytes()
var origName string
if p.OriginalName != nil {
origName = *p.OriginalName
}
exifData, _ := extractMetadata(data, origName, nil)
exifData, _ := extractEXIFWithDatetime(data)
if _, err := s.storage.Save(ctx, id, bytes.NewReader(data)); err != nil {
return nil, fmt.Errorf("FileService.Replace: save to storage: %w", err)
}
// Drop stale thumbnail/preview so they regenerate from the new content.
_ = s.storage.InvalidateCache(ctx, id)
patch := &domain.File{
MIMEType: mime.Name,
@@ -466,67 +400,14 @@ func (s *FileService) Replace(ctx context.Context, id uuid.UUID, p UploadParams)
return nil, err
}
// Recompute the perceptual hash from the new content: images inline, anything
// else cleared to NULL so the old content's hash never lingers (the dedup CLI
// recomputes video). Best-effort, like on upload — phash is recomputable.
var phash *int64
if strings.HasPrefix(mime.Name, "image/") {
if h, ok := imagehash.FromBytes(data); ok {
phash = &h
}
}
_ = s.files.SetPHash(ctx, id, phash)
updated.PHash = phash
objType := fileObjectType
_ = s.audit.Log(ctx, "file_replace", &objType, &id, nil)
return updated, nil
}
// List delegates to FileRepo with the given params, restricting results to
// files the caller may see (unless they are an admin).
// List delegates to FileRepo with the given params.
func (s *FileService) List(ctx context.Context, params domain.FileListParams) (*domain.FilePage, error) {
params.ViewerID, params.ViewerIsAdmin, _ = domain.UserFromContext(ctx)
page, err := s.files.List(ctx, params)
if err != nil {
return nil, err
}
// Log tag usage when a filter is first applied — not on pagination (cursor)
// or an anchored return, so a single browse counts once. Best-effort
// analytics; a failed write never breaks the listing.
if params.Filter != "" && params.Cursor == "" && params.Anchor == nil && params.ViewerID != 0 {
_ = s.files.RecordTagUses(ctx, params.ViewerID, params.Filter)
}
return page, nil
}
// AuthorizeView ensures the caller may view the file. Returns ErrNotFound if the
// file does not exist or ErrForbidden if the caller lacks view access.
func (s *FileService) AuthorizeView(ctx context.Context, id uuid.UUID) error {
_, err := s.Get(ctx, id)
return err
}
// AuthorizeEdit ensures the caller may edit the file. Returns ErrNotFound if the
// file does not exist or ErrForbidden if the caller lacks edit access.
func (s *FileService) AuthorizeEdit(ctx context.Context, id uuid.UUID) error {
userID, isAdmin, _ := domain.UserFromContext(ctx)
f, err := s.files.GetByID(ctx, id)
if err != nil {
return err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, f.CreatorID, fileObjectTypeID, id)
if err != nil {
return err
}
if !ok {
return domain.ErrForbidden
}
return nil
return s.files.List(ctx, params)
}
// ---------------------------------------------------------------------------
@@ -566,6 +447,120 @@ func (s *FileService) GetPreview(ctx context.Context, id uuid.UUID) (io.ReadClos
return s.storage.Preview(ctx, id)
}
// ---------------------------------------------------------------------------
// Tag operations
// ---------------------------------------------------------------------------
// ListFileTags returns the tags on a file, enforcing view ACL.
func (s *FileService) ListFileTags(ctx context.Context, fileID uuid.UUID) ([]domain.Tag, error) {
if _, err := s.Get(ctx, fileID); err != nil {
return nil, err
}
return s.files.ListTags(ctx, fileID)
}
// SetFileTags replaces all tags on a file (full replace semantics), enforcing edit ACL.
func (s *FileService) SetFileTags(ctx context.Context, fileID uuid.UUID, tagIDs []uuid.UUID) ([]domain.Tag, error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
f, err := s.files.GetByID(ctx, fileID)
if err != nil {
return nil, err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, f.CreatorID, fileObjectTypeID, fileID)
if err != nil {
return nil, err
}
if !ok {
return nil, domain.ErrForbidden
}
if err := s.files.SetTags(ctx, fileID, tagIDs); err != nil {
return nil, err
}
objType := fileObjectType
_ = s.audit.Log(ctx, "file_tag_add", &objType, &fileID, nil)
return s.files.ListTags(ctx, fileID)
}
// AddTag adds a single tag to a file, enforcing edit ACL.
func (s *FileService) AddTag(ctx context.Context, fileID, tagID uuid.UUID) ([]domain.Tag, error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
f, err := s.files.GetByID(ctx, fileID)
if err != nil {
return nil, err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, f.CreatorID, fileObjectTypeID, fileID)
if err != nil {
return nil, err
}
if !ok {
return nil, domain.ErrForbidden
}
current, err := s.files.ListTags(ctx, fileID)
if err != nil {
return nil, err
}
// Only add if not already present.
for _, t := range current {
if t.ID == tagID {
return current, nil
}
}
ids := make([]uuid.UUID, 0, len(current)+1)
for _, t := range current {
ids = append(ids, t.ID)
}
ids = append(ids, tagID)
if err := s.files.SetTags(ctx, fileID, ids); err != nil {
return nil, err
}
objType := fileObjectType
_ = s.audit.Log(ctx, "file_tag_add", &objType, &fileID, map[string]any{"tag_id": tagID})
return s.files.ListTags(ctx, fileID)
}
// RemoveTag removes a single tag from a file, enforcing edit ACL.
func (s *FileService) RemoveTag(ctx context.Context, fileID, tagID uuid.UUID) error {
userID, isAdmin, _ := domain.UserFromContext(ctx)
f, err := s.files.GetByID(ctx, fileID)
if err != nil {
return err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, f.CreatorID, fileObjectTypeID, fileID)
if err != nil {
return err
}
if !ok {
return domain.ErrForbidden
}
current, err := s.files.ListTags(ctx, fileID)
if err != nil {
return err
}
ids := make([]uuid.UUID, 0, len(current))
for _, t := range current {
if t.ID != tagID {
ids = append(ids, t.ID)
}
}
if err := s.files.SetTags(ctx, fileID, ids); err != nil {
return err
}
objType := fileObjectType
_ = s.audit.Log(ctx, "file_tag_remove", &objType, &fileID, map[string]any{"tag_id": tagID})
return nil
}
// ---------------------------------------------------------------------------
// Bulk operations
// ---------------------------------------------------------------------------
@@ -574,6 +569,7 @@ func (s *FileService) GetPreview(ctx context.Context, id uuid.UUID) (io.ReadClos
func (s *FileService) BulkDelete(ctx context.Context, fileIDs []uuid.UUID) error {
for _, id := range fileIDs {
if err := s.Delete(ctx, id); err != nil {
// Skip files not found or forbidden; surface real errors.
if err == domain.ErrNotFound || err == domain.ErrForbidden {
continue
}
@@ -583,45 +579,76 @@ func (s *FileService) BulkDelete(ctx context.Context, fileIDs []uuid.UUID) error
return nil
}
// SetNeedsReview sets the review status ("needs tagging" vs marked done) on the
// given files. Each file is checked against edit ACL; files the caller cannot
// edit, or that do not exist, are skipped (same forgiving semantics as
// BulkDelete). Authorized files are updated in a single statement and each is
// audit-logged. Works for one file (single-element slice) or many.
func (s *FileService) SetNeedsReview(ctx context.Context, ids []uuid.UUID, value bool) error {
userID, isAdmin, _ := domain.UserFromContext(ctx)
authorized := make([]uuid.UUID, 0, len(ids))
for _, id := range ids {
f, err := s.files.GetByID(ctx, id)
if err != nil {
if err == domain.ErrNotFound {
// BulkSetTags adds or removes the given tags on multiple files.
// For "add": tags are appended to each file's existing set.
// For "remove": tags are removed from each file's existing set.
// Returns the tag IDs that were applied (the input tagIDs, for add).
func (s *FileService) BulkSetTags(ctx context.Context, fileIDs []uuid.UUID, action string, tagIDs []uuid.UUID) ([]uuid.UUID, error) {
for _, fileID := range fileIDs {
switch action {
case "add":
for _, tagID := range tagIDs {
if _, err := s.AddTag(ctx, fileID, tagID); err != nil {
if err == domain.ErrNotFound || err == domain.ErrForbidden {
continue
}
return err
return nil, err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, f.CreatorID, fileObjectTypeID, id)
}
case "remove":
for _, tagID := range tagIDs {
if err := s.RemoveTag(ctx, fileID, tagID); err != nil {
if err == domain.ErrNotFound || err == domain.ErrForbidden {
continue
}
return nil, err
}
}
default:
return nil, domain.ErrValidation
}
}
if action == "add" {
return tagIDs, nil
}
return []uuid.UUID{}, nil
}
// CommonTags loads the tag sets for all given files and splits them into:
// - common: tag IDs present on every file
// - partial: tag IDs present on some but not all files
func (s *FileService) CommonTags(ctx context.Context, fileIDs []uuid.UUID) (common, partial []uuid.UUID, err error) {
if len(fileIDs) == 0 {
return nil, nil, nil
}
// Count how many files each tag appears on.
counts := map[uuid.UUID]int{}
for _, fid := range fileIDs {
tags, err := s.files.ListTags(ctx, fid)
if err != nil {
return err
return nil, nil, err
}
if ok {
authorized = append(authorized, id)
for _, t := range tags {
counts[t.ID]++
}
}
if len(authorized) == 0 {
return nil
n := len(fileIDs)
for id, cnt := range counts {
if cnt == n {
common = append(common, id)
} else {
partial = append(partial, id)
}
if err := s.files.SetNeedsReview(ctx, authorized, value); err != nil {
return err
}
objType := fileObjectType
details := map[string]any{"needs_review": value}
for i := range authorized {
_ = s.audit.Log(ctx, "file_review", &objType, &authorized[i], details)
if common == nil {
common = []uuid.UUID{}
}
return nil
if partial == nil {
partial = []uuid.UUID{}
}
return common, partial, nil
}
// ---------------------------------------------------------------------------
@@ -630,142 +657,81 @@ func (s *FileService) SetNeedsReview(ctx context.Context, ids []uuid.UUID, value
// Import scans a server-side directory and uploads all supported files.
// If path is empty, the configured default import path is used.
//
// onProgress, when non-nil, receives a "start" event, one "file" event per
// directory entry as it is processed, and a final "done" event — letting a
// caller stream live progress. It is always called from this goroutine (never
// concurrently). The aggregate result is also returned for non-streaming callers.
func (s *FileService) Import(ctx context.Context, path string, onProgress func(ImportEvent)) (*ImportResult, error) {
if s.importPath == "" {
func (s *FileService) Import(ctx context.Context, path string) (*ImportResult, error) {
dir := path
if dir == "" {
dir = s.importPath
}
if dir == "" {
return nil, domain.ErrValidation
}
dir := s.importPath
if path != "" {
// Confine caller-supplied paths to the configured import directory so a
// directory-traversal value cannot read arbitrary host files.
confined, err := confineToBase(s.importPath, path)
if err != nil {
return nil, err
}
dir = confined
}
entries, err := os.ReadDir(dir)
if err != nil {
return nil, fmt.Errorf("FileService.Import: read dir %q: %w", dir, err)
}
// Import oldest-first: process entries in ascending mtime order so the
// resulting records' creation order matches the files' chronological order.
// mtimes are cached once (re-stat'ing per comparison would be wasteful) and
// reused below as the content_datetime fallback. Entries whose info can't be
// read get a zero time (sort first); they surface their error in the loop.
modTimes := make(map[string]time.Time, len(entries))
for _, e := range entries {
if info, infoErr := e.Info(); infoErr == nil {
modTimes[e.Name()] = info.ModTime()
}
}
// SliceStable preserves ReadDir's name order as a deterministic tiebreak for
// entries sharing an mtime.
sort.SliceStable(entries, func(a, b int) bool {
return modTimes[entries[a].Name()].Before(modTimes[entries[b].Name()])
})
emit := func(ev ImportEvent) {
if onProgress != nil {
onProgress(ev)
}
}
result := &ImportResult{Errors: []ImportFileError{}}
total := len(entries)
emit(ImportEvent{Type: "start", Total: total})
for i, entry := range entries {
name := entry.Name()
file := func(status, reason string) {
emit(ImportEvent{
Type: "file", Index: i + 1, Total: total,
Filename: name, Status: status, Reason: reason,
})
}
fail := func(reason string) {
result.Errors = append(result.Errors, ImportFileError{Filename: name, Reason: reason})
file("error", reason)
}
for _, entry := range entries {
if entry.IsDir() {
result.Skipped++
file("skipped", "directory")
continue
}
fullPath := filepath.Join(dir, name)
fullPath := filepath.Join(dir, entry.Name())
mt, err := mimetype.DetectFile(fullPath)
if err != nil {
fail(fmt.Sprintf("MIME detection failed: %s", err))
result.Errors = append(result.Errors, ImportFileError{
Filename: entry.Name(),
Reason: fmt.Sprintf("MIME detection failed: %s", err),
})
continue
}
mimeStr := mt.String()
// Strip parameters (e.g. "text/plain; charset=utf-8" → "text/plain").
if j := strings.IndexByte(mimeStr, ';'); j >= 0 {
mimeStr = mimeStr[:j]
if idx := len(mimeStr); idx > 0 {
for i, c := range mimeStr {
if c == ';' {
mimeStr = mimeStr[:i]
break
}
}
}
if _, err := s.mimes.GetByName(ctx, mimeStr); err != nil {
result.Skipped++
file("skipped", "unsupported type: "+mimeStr)
continue
}
f, err := os.Open(fullPath)
if err != nil {
fail(fmt.Sprintf("open failed: %s", err))
result.Errors = append(result.Errors, ImportFileError{
Filename: entry.Name(),
Reason: fmt.Sprintf("open failed: %s", err),
})
continue
}
// Preserve the file's mtime as a content_datetime fallback (used only when
// the file has no EXIF date) — once the source is removed below it's the
// only date left for non-photo files. Reuses the mtime cached for sorting.
var mtime *time.Time
if t, ok := modTimes[name]; ok {
mtime = &t
}
name := entry.Name()
_, uploadErr := s.Upload(ctx, UploadParams{
Reader: f,
MIMEType: mimeStr,
OriginalName: &name,
ContentDatetimeFallback: mtime,
})
f.Close()
if uploadErr != nil {
fail(uploadErr.Error())
result.Errors = append(result.Errors, ImportFileError{
Filename: entry.Name(),
Reason: uploadErr.Error(),
})
continue
}
result.Imported++
// Remove the source on success so the import folder drains and re-running
// doesn't duplicate. The file is already safely copied into storage; a
// removal failure is reported but doesn't undo the import.
if rmErr := os.Remove(fullPath); rmErr != nil {
reason := fmt.Sprintf("imported, but failed to remove source: %s", rmErr)
result.Errors = append(result.Errors, ImportFileError{Filename: name, Reason: reason})
file("imported", reason) // imported, with a warning
continue
}
file("imported", "")
}
emit(ImportEvent{
Type: "done", Total: total,
Imported: result.Imported, Skipped: result.Skipped, Errors: len(result.Errors),
})
return result, nil
}
@@ -774,24 +740,20 @@ func (s *FileService) Import(ctx context.Context, path string, onProgress func(I
// Internal helpers
// ---------------------------------------------------------------------------
// confineToBase resolves target and verifies it does not escape base (after
// cleaning and resolving "..") so a caller cannot read files outside the
// configured import directory. Returns the cleaned absolute path on success.
func confineToBase(base, target string) (string, error) {
absBase, err := filepath.Abs(base)
// extractEXIFWithDatetime parses EXIF from raw bytes, returning both the JSON
// representation and the DateTimeOriginal (if present). Both may be nil.
func extractEXIFWithDatetime(data []byte) (json.RawMessage, *time.Time) {
x, err := exif.Decode(bytes.NewReader(data))
if err != nil {
return "", domain.ErrValidation
return nil, nil
}
absTarget, err := filepath.Abs(target)
b, err := x.MarshalJSON()
if err != nil {
return "", domain.ErrValidation
return nil, nil
}
rel, err := filepath.Rel(absBase, absTarget)
if err != nil {
return "", domain.ErrValidation
var dt *time.Time
if t, err := x.DateTime(); err == nil {
dt = &t
}
if rel == ".." || strings.HasPrefix(rel, ".."+string(os.PathSeparator)) {
return "", domain.ErrForbidden
}
return absTarget, nil
return json.RawMessage(b), dt
}
backend/internal/service/metadata.go
-183
View File
@@ -1,183 +0,0 @@
package service
import (
"bytes"
"context"
"encoding/json"
"os"
"os/exec"
"path/filepath"
"strings"
"time"
"github.com/rwcarlsen/goexif/exif"
)
// exiftoolPath is resolved once at startup. When exiftool isn't installed we
// skip the subprocess and fall back to the pure-Go EXIF reader, so the server
// still runs (with thinner metadata) on hosts without it.
var exiftoolPath, _ = exec.LookPath("exiftool")
// metadataTimeout bounds a single exiftool invocation so a pathological file
// can't wedge an upload.
const metadataTimeout = 30 * time.Second
// metaTempFileKeys are exiftool fields that describe the temporary file we feed
// it rather than the content. Dropping them avoids leaking internal paths and
// recording the temp file's permissions/inode timestamps.
var metaTempFileKeys = []string{
"SourceFile",
"Directory",
"FileAccessDate",
"FileInodeChangeDate",
"FilePermissions",
}
// metaDateKeys are the metadata fields, in priority order, holding the moment
// the content was actually captured/created — photos first, then video atoms.
var metaDateKeys = []string{
"DateTimeOriginal",
"CreateDate",
"MediaCreateDate",
"TrackCreateDate",
"ModifyDate",
}
// extractMetadata returns rich metadata as JSON plus the best content datetime
// it can find. It prefers exiftool, which understands video, audio and every
// image format and emits machine-readable numeric values (the basis for later
// analytics); when exiftool is unavailable it falls back to the pure-Go EXIF
// reader, which only handles JPEG/TIFF.
//
// originalName supplies the extension exiftool uses for format detection and the
// FileName reported back. mtime, when set (e.g. a server-side import), is stamped
// onto the temp file so FileModifyDate reflects the real source.
func extractMetadata(data []byte, originalName string, mtime *time.Time) (json.RawMessage, *time.Time) {
if exiftoolPath != "" {
if raw, dt, ok := exiftoolExtract(data, originalName, mtime); ok {
return raw, dt
}
}
return extractEXIFWithDatetime(data)
}
// exiftoolExtract stages the bytes in a temp file and shells out to exiftool.
// It returns ok=false on any failure so the caller can fall back.
func exiftoolExtract(data []byte, originalName string, mtime *time.Time) (json.RawMessage, *time.Time, bool) {
// exiftool reads a real file far more reliably than a pipe (it seeks freely,
// e.g. to a trailing MP4 moov atom), so stage the bytes in a temp file whose
// extension matches the original for accurate format detection.
tmp, err := os.CreateTemp("", "tfm-meta-*"+filepath.Ext(originalName))
if err != nil {
return nil, nil, false
}
tmpName := tmp.Name()
defer os.Remove(tmpName)
if _, err := tmp.Write(data); err != nil {
tmp.Close()
return nil, nil, false
}
if err := tmp.Close(); err != nil {
return nil, nil, false
}
if mtime != nil {
_ = os.Chtimes(tmpName, *mtime, *mtime)
}
ctx, cancel := context.WithTimeout(context.Background(), metadataTimeout)
defer cancel()
// -n forces raw numeric/machine values for every tag (no "3.53 Mbps" strings)
// so the metadata is analytics-ready. -all extracts every tag. largefilesupport
// handles multi-GB videos. Output is a one-element JSON array.
out, err := exec.CommandContext(ctx, exiftoolPath,
"-n", "-all", "-json", "-api", "largefilesupport=1", tmpName,
).Output()
if err != nil {
return nil, nil, false
}
var arr []map[string]json.RawMessage
if err := json.Unmarshal(out, &arr); err != nil || len(arr) == 0 {
return nil, nil, false
}
m := arr[0]
dt := pickMetaDatetime(m)
// Strip temp-file artifacts and substitute the real name.
for _, k := range metaTempFileKeys {
delete(m, k)
}
if mtime == nil {
// Without a real source mtime this is just the temp file's write time.
delete(m, "FileModifyDate")
}
if originalName != "" {
if nb, err := json.Marshal(originalName); err == nil {
m["FileName"] = nb
}
} else {
delete(m, "FileName")
}
raw, err := json.Marshal(m)
if err != nil {
return nil, nil, false
}
return raw, dt, true
}
// pickMetaDatetime returns the first parseable content date among metaDateKeys.
func pickMetaDatetime(m map[string]json.RawMessage) *time.Time {
for _, key := range metaDateKeys {
raw, ok := m[key]
if !ok {
continue
}
var s string
if err := json.Unmarshal(raw, &s); err != nil {
continue
}
if t, ok := parseExifDate(s); ok {
return &t
}
}
return nil
}
// parseExifDate parses exiftool's "YYYY:MM:DD HH:MM:SS" timestamps, with or
// without a trailing timezone offset. Zeroed placeholders ("0000:00:00 ...")
// fail to parse and are skipped by the caller.
func parseExifDate(s string) (time.Time, bool) {
s = strings.TrimSpace(s)
for _, layout := range []string{
"2006:01:02 15:04:05-07:00",
"2006:01:02 15:04:05Z07:00",
"2006:01:02 15:04:05",
} {
if t, err := time.Parse(layout, s); err == nil {
return t, true
}
}
return time.Time{}, false
}
// extractEXIFWithDatetime is the pure-Go fallback used when exiftool is absent.
// It parses EXIF from raw bytes (JPEG/TIFF only), returning both the JSON
// representation and the DateTimeOriginal (if present). Both may be nil.
func extractEXIFWithDatetime(data []byte) (json.RawMessage, *time.Time) {
x, err := exif.Decode(bytes.NewReader(data))
if err != nil {
return nil, nil
}
b, err := x.MarshalJSON()
if err != nil {
return nil, nil
}
var dt *time.Time
if t, err := x.DateTime(); err == nil {
dt = &t
}
return json.RawMessage(b), dt
}
backend/internal/service/metadata_test.go
-110
View File
@@ -1,110 +0,0 @@
package service
import (
"bytes"
"encoding/json"
"image"
"image/color"
"image/png"
"testing"
"time"
)
func TestParseExifDate(t *testing.T) {
cases := []struct {
in string
ok bool
want time.Time
}{
{"2026:03:24 16:57:58", true, time.Date(2026, 3, 24, 16, 57, 58, 0, time.UTC)},
{"2026:05:08 23:07:55+03:00", true, time.Date(2026, 5, 8, 23, 7, 55, 0, time.FixedZone("", 3*3600))},
{" 2026:01:02 03:04:05 ", true, time.Date(2026, 1, 2, 3, 4, 5, 0, time.UTC)},
{"0000:00:00 00:00:00", false, time.Time{}},
{"not a date", false, time.Time{}},
{"", false, time.Time{}},
}
for _, c := range cases {
got, ok := parseExifDate(c.in)
if ok != c.ok {
t.Errorf("parseExifDate(%q) ok=%v, want %v", c.in, ok, c.ok)
continue
}
if ok && !got.Equal(c.want) {
t.Errorf("parseExifDate(%q) = %v, want %v", c.in, got, c.want)
}
}
}
// tinyPNG returns a valid 2x3 PNG with no embedded EXIF/date.
func tinyPNG(t *testing.T) []byte {
t.Helper()
img := image.NewRGBA(image.Rect(0, 0, 2, 3))
img.Set(0, 0, color.RGBA{R: 10, G: 20, B: 30, A: 255})
var buf bytes.Buffer
if err := png.Encode(&buf, img); err != nil {
t.Fatalf("encode png: %v", err)
}
return buf.Bytes()
}
func TestExtractMetadataExiftool(t *testing.T) {
if exiftoolPath == "" {
t.Skip("exiftool not installed; metadata extraction falls back to goexif")
}
raw, dt := extractMetadata(tinyPNG(t), "snapshot.png", nil)
if raw == nil {
t.Fatal("expected non-nil metadata JSON")
}
if dt != nil {
t.Errorf("a PNG without a capture date should yield no content datetime, got %v", dt)
}
var m map[string]json.RawMessage
if err := json.Unmarshal(raw, &m); err != nil {
t.Fatalf("metadata is not valid JSON: %v", err)
}
// exiftool understood the format (goexif never would for PNG).
if v := jsonString(t, m, "FileType"); v != "PNG" {
t.Errorf("FileType = %q, want PNG", v)
}
// Dimensions are numeric, not human-readable strings.
for _, key := range []string{"ImageWidth", "ImageHeight"} {
raw, ok := m[key]
if !ok {
t.Errorf("missing %s", key)
continue
}
var n float64
if err := json.Unmarshal(raw, &n); err != nil {
t.Errorf("%s is not numeric: %s", key, raw)
}
}
// FileName is the original, not the temp file; temp-file artifacts are gone.
if v := jsonString(t, m, "FileName"); v != "snapshot.png" {
t.Errorf("FileName = %q, want snapshot.png", v)
}
for _, leaked := range []string{"SourceFile", "Directory", "FilePermissions", "FileModifyDate"} {
if _, ok := m[leaked]; ok {
t.Errorf("temp-file field %q should have been stripped", leaked)
}
}
}
func jsonString(t *testing.T, m map[string]json.RawMessage, key string) string {
t.Helper()
raw, ok := m[key]
if !ok {
t.Errorf("missing key %q", key)
return ""
}
var s string
if err := json.Unmarshal(raw, &s); err != nil {
t.Errorf("key %q is not a string: %s", key, raw)
return ""
}
return s
}
backend/internal/service/pool_service.go
-256
View File
@@ -1,256 +0,0 @@
package service
import (
"context"
"encoding/json"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
)
const poolObjectType = "pool"
const poolObjectTypeID int16 = 4 // fourth row in 007_seed_data.sql object_types
// PoolParams holds the fields for creating or patching a pool.
type PoolParams struct {
Name string
Notes *string
Metadata json.RawMessage
IsPublic *bool
}
// PoolService handles pool CRUD and poolfile management with ACL + audit.
type PoolService struct {
pools port.PoolRepo
acl *ACLService
audit *AuditService
}
// NewPoolService creates a PoolService.
func NewPoolService(
pools port.PoolRepo,
acl *ACLService,
audit *AuditService,
) *PoolService {
return &PoolService{pools: pools, acl: acl, audit: audit}
}
// ---------------------------------------------------------------------------
// CRUD
// ---------------------------------------------------------------------------
// List returns a paginated list of pools the caller may see.
func (s *PoolService) List(ctx context.Context, params port.OffsetParams) (*domain.PoolOffsetPage, error) {
params.ViewerID, params.ViewerIsAdmin, _ = domain.UserFromContext(ctx)
return s.pools.List(ctx, params)
}
// Get returns a pool by ID, enforcing view ACL.
func (s *PoolService) Get(ctx context.Context, id uuid.UUID) (*domain.Pool, error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
p, err := s.pools.GetByID(ctx, id)
if err != nil {
return nil, err
}
ok, err := s.acl.CanView(ctx, userID, isAdmin, p.CreatorID, p.IsPublic, poolObjectTypeID, id)
if err != nil {
return nil, err
}
if !ok {
return nil, domain.ErrForbidden
}
return p, nil
}
// authorizeView returns nil if the caller may view the pool, else ErrForbidden
// (or ErrNotFound if the pool does not exist).
func (s *PoolService) authorizeView(ctx context.Context, poolID uuid.UUID) error {
userID, isAdmin, _ := domain.UserFromContext(ctx)
p, err := s.pools.GetByID(ctx, poolID)
if err != nil {
return err
}
ok, err := s.acl.CanView(ctx, userID, isAdmin, p.CreatorID, p.IsPublic, poolObjectTypeID, poolID)
if err != nil {
return err
}
if !ok {
return domain.ErrForbidden
}
return nil
}
// RecordView appends a view-history entry for the current user, enforcing view
// ACL (you can only record a view of a pool you may see).
func (s *PoolService) RecordView(ctx context.Context, id uuid.UUID) error {
userID, _, _ := domain.UserFromContext(ctx)
if err := s.authorizeView(ctx, id); err != nil {
return err
}
return s.pools.RecordView(ctx, id, userID)
}
// authorizeEdit returns nil if the caller may edit the pool, else ErrForbidden
// (or ErrNotFound if the pool does not exist).
func (s *PoolService) authorizeEdit(ctx context.Context, poolID uuid.UUID) error {
userID, isAdmin, _ := domain.UserFromContext(ctx)
p, err := s.pools.GetByID(ctx, poolID)
if err != nil {
return err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, p.CreatorID, poolObjectTypeID, poolID)
if err != nil {
return err
}
if !ok {
return domain.ErrForbidden
}
return nil
}
// Create inserts a new pool.
func (s *PoolService) Create(ctx context.Context, p PoolParams) (*domain.Pool, error) {
userID, _, _ := domain.UserFromContext(ctx)
pool := &domain.Pool{
Name: p.Name,
Notes: p.Notes,
Metadata: p.Metadata,
CreatorID: userID,
}
if p.IsPublic != nil {
pool.IsPublic = *p.IsPublic
}
created, err := s.pools.Create(ctx, pool)
if err != nil {
return nil, err
}
objType := poolObjectType
_ = s.audit.Log(ctx, "pool_create", &objType, &created.ID, nil)
return created, nil
}
// Update applies a partial patch to a pool.
func (s *PoolService) Update(ctx context.Context, id uuid.UUID, p PoolParams) (*domain.Pool, error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
current, err := s.pools.GetByID(ctx, id)
if err != nil {
return nil, err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, current.CreatorID, poolObjectTypeID, id)
if err != nil {
return nil, err
}
if !ok {
return nil, domain.ErrForbidden
}
patch := *current
if p.Name != "" {
patch.Name = p.Name
}
if p.Notes != nil {
patch.Notes = p.Notes
}
if len(p.Metadata) > 0 {
patch.Metadata = p.Metadata
}
if p.IsPublic != nil {
patch.IsPublic = *p.IsPublic
}
updated, err := s.pools.Update(ctx, id, &patch)
if err != nil {
return nil, err
}
objType := poolObjectType
_ = s.audit.Log(ctx, "pool_edit", &objType, &id, nil)
return updated, nil
}
// Delete removes a pool by ID, enforcing edit ACL.
func (s *PoolService) Delete(ctx context.Context, id uuid.UUID) error {
userID, isAdmin, _ := domain.UserFromContext(ctx)
pool, err := s.pools.GetByID(ctx, id)
if err != nil {
return err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, pool.CreatorID, poolObjectTypeID, id)
if err != nil {
return err
}
if !ok {
return domain.ErrForbidden
}
if err := s.pools.Delete(ctx, id); err != nil {
return err
}
objType := poolObjectType
_ = s.audit.Log(ctx, "pool_delete", &objType, &id, nil)
return nil
}
// ---------------------------------------------------------------------------
// Poolfile operations
// ---------------------------------------------------------------------------
// ListFiles returns cursor-paginated files within a pool ordered by position,
// enforcing view ACL on the pool.
func (s *PoolService) ListFiles(ctx context.Context, poolID uuid.UUID, params port.PoolFileListParams) (*domain.PoolFilePage, error) {
if err := s.authorizeView(ctx, poolID); err != nil {
return nil, err
}
return s.pools.ListFiles(ctx, poolID, params)
}
// AddFiles adds files to a pool at the given position (nil = append), enforcing
// edit ACL on the pool.
func (s *PoolService) AddFiles(ctx context.Context, poolID uuid.UUID, fileIDs []uuid.UUID, position *int) error {
if err := s.authorizeEdit(ctx, poolID); err != nil {
return err
}
if err := s.pools.AddFiles(ctx, poolID, fileIDs, position); err != nil {
return err
}
objType := poolObjectType
_ = s.audit.Log(ctx, "file_pool_add", &objType, &poolID, map[string]any{"count": len(fileIDs)})
return nil
}
// RemoveFiles removes files from a pool, enforcing edit ACL on the pool.
func (s *PoolService) RemoveFiles(ctx context.Context, poolID uuid.UUID, fileIDs []uuid.UUID) error {
if err := s.authorizeEdit(ctx, poolID); err != nil {
return err
}
if err := s.pools.RemoveFiles(ctx, poolID, fileIDs); err != nil {
return err
}
objType := poolObjectType
_ = s.audit.Log(ctx, "file_pool_remove", &objType, &poolID, map[string]any{"count": len(fileIDs)})
return nil
}
// Reorder sets the ordered sequence of file IDs within a pool, enforcing edit
// ACL on the pool.
func (s *PoolService) Reorder(ctx context.Context, poolID uuid.UUID, fileIDs []uuid.UUID) error {
if err := s.authorizeEdit(ctx, poolID); err != nil {
return err
}
if err := s.pools.Reorder(ctx, poolID, fileIDs); err != nil {
return err
}
objType := poolObjectType
_ = s.audit.Log(ctx, "file_pool_reorder", &objType, &poolID, map[string]any{"count": len(fileIDs)})
return nil
}
backend/internal/service/tag_service.go
-441
View File
@@ -1,441 +0,0 @@
package service
import (
"context"
"encoding/json"
"github.com/google/uuid"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
)
const tagObjectType = "tag"
const tagObjectTypeID int16 = 2 // second row in 007_seed_data.sql object_types
// TagParams holds the fields for creating or patching a tag.
type TagParams struct {
Name string
Notes *string
Color *string // nil = no change; pointer to empty string = clear
CategoryID *uuid.UUID // nil = no change; Nil UUID = unassign
Metadata json.RawMessage
IsPublic *bool
}
// TagService handles tag CRUD, tag-rule management, and filetag operations
// including automatic recursive rule application.
type TagService struct {
tags port.TagRepo
rules port.TagRuleRepo
acl *ACLService
audit *AuditService
tx port.Transactor
}
// NewTagService creates a TagService.
func NewTagService(
tags port.TagRepo,
rules port.TagRuleRepo,
acl *ACLService,
audit *AuditService,
tx port.Transactor,
) *TagService {
return &TagService{
tags: tags,
rules: rules,
acl: acl,
audit: audit,
tx: tx,
}
}
// ---------------------------------------------------------------------------
// Tag CRUD
// ---------------------------------------------------------------------------
// List returns a paginated, optionally filtered list of tags the caller may see.
func (s *TagService) List(ctx context.Context, params port.OffsetParams) (*domain.TagOffsetPage, error) {
params.ViewerID, params.ViewerIsAdmin, _ = domain.UserFromContext(ctx)
return s.tags.List(ctx, params)
}
// Get returns a tag by ID, enforcing view ACL.
func (s *TagService) Get(ctx context.Context, id uuid.UUID) (*domain.Tag, error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
t, err := s.tags.GetByID(ctx, id)
if err != nil {
return nil, err
}
ok, err := s.acl.CanView(ctx, userID, isAdmin, t.CreatorID, t.IsPublic, tagObjectTypeID, id)
if err != nil {
return nil, err
}
if !ok {
return nil, domain.ErrForbidden
}
return t, nil
}
// Create inserts a new tag record.
func (s *TagService) Create(ctx context.Context, p TagParams) (*domain.Tag, error) {
userID, _, _ := domain.UserFromContext(ctx)
t := &domain.Tag{
Name: p.Name,
Notes: p.Notes,
Color: p.Color,
CategoryID: p.CategoryID,
Metadata: p.Metadata,
CreatorID: userID,
}
if p.IsPublic != nil {
t.IsPublic = *p.IsPublic
}
created, err := s.tags.Create(ctx, t)
if err != nil {
return nil, err
}
objType := tagObjectType
_ = s.audit.Log(ctx, "tag_create", &objType, &created.ID, nil)
return created, nil
}
// Update applies a partial patch to a tag.
// The service reads the current tag first so the caller only needs to supply
// the fields that should change.
func (s *TagService) Update(ctx context.Context, id uuid.UUID, p TagParams) (*domain.Tag, error) {
userID, isAdmin, _ := domain.UserFromContext(ctx)
current, err := s.tags.GetByID(ctx, id)
if err != nil {
return nil, err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, current.CreatorID, tagObjectTypeID, id)
if err != nil {
return nil, err
}
if !ok {
return nil, domain.ErrForbidden
}
// Merge patch into current.
patch := *current // copy
if p.Name != "" {
patch.Name = p.Name
}
if p.Notes != nil {
patch.Notes = p.Notes
}
if p.Color != nil {
patch.Color = p.Color
}
if p.CategoryID != nil {
if *p.CategoryID == uuid.Nil {
patch.CategoryID = nil // explicit unassign
} else {
patch.CategoryID = p.CategoryID
}
}
if len(p.Metadata) > 0 {
patch.Metadata = p.Metadata
}
if p.IsPublic != nil {
patch.IsPublic = *p.IsPublic
}
updated, err := s.tags.Update(ctx, id, &patch)
if err != nil {
return nil, err
}
objType := tagObjectType
_ = s.audit.Log(ctx, "tag_edit", &objType, &id, nil)
return updated, nil
}
// Delete removes a tag by ID, enforcing edit ACL.
func (s *TagService) Delete(ctx context.Context, id uuid.UUID) error {
userID, isAdmin, _ := domain.UserFromContext(ctx)
t, err := s.tags.GetByID(ctx, id)
if err != nil {
return err
}
ok, err := s.acl.CanEdit(ctx, userID, isAdmin, t.CreatorID, tagObjectTypeID, id)
if err != nil {
return err
}
if !ok {
return domain.ErrForbidden
}
if err := s.tags.Delete(ctx, id); err != nil {
return err
}
objType := tagObjectType
_ = s.audit.Log(ctx, "tag_delete", &objType, &id, nil)
return nil
}
// ---------------------------------------------------------------------------
// Tag rules
// ---------------------------------------------------------------------------
// ListRules returns all rules for a tag (when this tag is applied, these follow).
func (s *TagService) ListRules(ctx context.Context, tagID uuid.UUID) ([]domain.TagRule, error) {
return s.rules.ListByTag(ctx, tagID)
}
// CreateRule adds a tag rule. When the rule is active and applyToExisting is
// true, the full transitive expansion of thenTagID is retroactively applied to
// every file already carrying whenTagID — same semantics as activating an
// existing rule via SetRuleActive. The insert and retroactive apply run in one
// transaction so a file is never left half-tagged.
func (s *TagService) CreateRule(ctx context.Context, whenTagID, thenTagID uuid.UUID, isActive, applyToExisting bool) (*domain.TagRule, error) {
var created *domain.TagRule
err := s.tx.WithTx(ctx, func(ctx context.Context) error {
rule, err := s.rules.Create(ctx, domain.TagRule{
WhenTagID: whenTagID,
ThenTagID: thenTagID,
IsActive: isActive,
})
if err != nil {
return err
}
created = rule
if isActive && applyToExisting {
return s.rules.ApplyToExisting(ctx, whenTagID, thenTagID)
}
return nil
})
if err != nil {
return nil, err
}
return created, nil
}
// SetRuleActive toggles a rule's is_active flag and returns the updated rule.
// When active and applyToExisting are both true, the full transitive expansion
// of thenTagID is retroactively applied to files already carrying whenTagID.
func (s *TagService) SetRuleActive(ctx context.Context, whenTagID, thenTagID uuid.UUID, active, applyToExisting bool) (*domain.TagRule, error) {
if err := s.rules.SetActive(ctx, whenTagID, thenTagID, active, applyToExisting); err != nil {
return nil, err
}
rules, err := s.rules.ListByTag(ctx, whenTagID)
if err != nil {
return nil, err
}
for _, r := range rules {
if r.ThenTagID == thenTagID {
return &r, nil
}
}
return nil, domain.ErrNotFound
}
// DeleteRule removes a tag rule.
func (s *TagService) DeleteRule(ctx context.Context, whenTagID, thenTagID uuid.UUID) error {
return s.rules.Delete(ctx, whenTagID, thenTagID)
}
// ---------------------------------------------------------------------------
// Filetag operations (with auto-rule expansion)
// ---------------------------------------------------------------------------
// ListFileTags returns the tags on a file.
func (s *TagService) ListFileTags(ctx context.Context, fileID uuid.UUID) ([]domain.Tag, error) {
return s.tags.ListByFile(ctx, fileID)
}
// SetFileTags replaces all tags on a file, then applies active rules for all
// newly set tags (BFS expansion). Returns the full resulting tag set.
func (s *TagService) SetFileTags(ctx context.Context, fileID uuid.UUID, tagIDs []uuid.UUID) ([]domain.Tag, error) {
expanded, err := s.expandTagSet(ctx, tagIDs)
if err != nil {
return nil, err
}
if err := s.tags.SetFileTags(ctx, fileID, expanded); err != nil {
return nil, err
}
objType := fileObjectType
_ = s.audit.Log(ctx, "file_tag_add", &objType, &fileID, nil)
return s.tags.ListByFile(ctx, fileID)
}
// AddFileTag adds a single tag to a file, then recursively applies active rules.
// Returns the full resulting tag set.
func (s *TagService) AddFileTag(ctx context.Context, fileID, tagID uuid.UUID) ([]domain.Tag, error) {
// Compute the full set including rule-expansion from tagID.
extra, err := s.expandTagSet(ctx, []uuid.UUID{tagID})
if err != nil {
return nil, err
}
// Fetch current tags so we don't lose them.
current, err := s.tags.ListByFile(ctx, fileID)
if err != nil {
return nil, err
}
// Union: existing + expanded new tags.
seen := make(map[uuid.UUID]bool, len(current)+len(extra))
for _, t := range current {
seen[t.ID] = true
}
merged := make([]uuid.UUID, len(current))
for i, t := range current {
merged[i] = t.ID
}
for _, id := range extra {
if !seen[id] {
seen[id] = true
merged = append(merged, id)
}
}
if err := s.tags.SetFileTags(ctx, fileID, merged); err != nil {
return nil, err
}
objType := fileObjectType
_ = s.audit.Log(ctx, "file_tag_add", &objType, &fileID, map[string]any{"tag_id": tagID})
return s.tags.ListByFile(ctx, fileID)
}
// RemoveFileTag removes a single tag from a file.
func (s *TagService) RemoveFileTag(ctx context.Context, fileID, tagID uuid.UUID) error {
if err := s.tags.RemoveFileTag(ctx, fileID, tagID); err != nil {
return err
}
objType := fileObjectType
_ = s.audit.Log(ctx, "file_tag_remove", &objType, &fileID, map[string]any{"tag_id": tagID})
return nil
}
// BulkSetTags adds or removes tags on multiple files (with rule expansion for add).
// Returns the tagIDs that were applied (the expanded input set for add; empty for remove).
func (s *TagService) BulkSetTags(ctx context.Context, fileIDs []uuid.UUID, action string, tagIDs []uuid.UUID) ([]uuid.UUID, error) {
if action != "add" && action != "remove" {
return nil, domain.ErrValidation
}
// Pre-expand tag set once; all files get the same expansion.
var expanded []uuid.UUID
if action == "add" {
var err error
expanded, err = s.expandTagSet(ctx, tagIDs)
if err != nil {
return nil, err
}
}
for _, fileID := range fileIDs {
switch action {
case "add":
current, err := s.tags.ListByFile(ctx, fileID)
if err != nil {
if err == domain.ErrNotFound {
continue
}
return nil, err
}
seen := make(map[uuid.UUID]bool, len(current))
merged := make([]uuid.UUID, len(current))
for i, t := range current {
seen[t.ID] = true
merged[i] = t.ID
}
for _, id := range expanded {
if !seen[id] {
seen[id] = true
merged = append(merged, id)
}
}
if err := s.tags.SetFileTags(ctx, fileID, merged); err != nil {
return nil, err
}
case "remove":
current, err := s.tags.ListByFile(ctx, fileID)
if err != nil {
if err == domain.ErrNotFound {
continue
}
return nil, err
}
remove := make(map[uuid.UUID]bool, len(tagIDs))
for _, id := range tagIDs {
remove[id] = true
}
kept := make([]uuid.UUID, 0, len(current))
for _, t := range current {
if !remove[t.ID] {
kept = append(kept, t.ID)
}
}
if err := s.tags.SetFileTags(ctx, fileID, kept); err != nil {
return nil, err
}
}
}
if action == "add" {
return expanded, nil
}
return []uuid.UUID{}, nil
}
// CommonTags returns tags present on ALL given files and tags present on SOME.
func (s *TagService) CommonTags(ctx context.Context, fileIDs []uuid.UUID) (common, partial []domain.Tag, err error) {
common, err = s.tags.CommonTagsForFiles(ctx, fileIDs)
if err != nil {
return nil, nil, err
}
partial, err = s.tags.PartialTagsForFiles(ctx, fileIDs)
if err != nil {
return nil, nil, err
}
return common, partial, nil
}
// ---------------------------------------------------------------------------
// Internal helpers
// ---------------------------------------------------------------------------
// expandTagSet runs a BFS from the given seed tags, following active tag rules,
// and returns the full set of tag IDs that should be applied (seeds + auto-applied).
func (s *TagService) expandTagSet(ctx context.Context, seeds []uuid.UUID) ([]uuid.UUID, error) {
visited := make(map[uuid.UUID]bool, len(seeds))
queue := make([]uuid.UUID, 0, len(seeds))
for _, id := range seeds {
if !visited[id] {
visited[id] = true
queue = append(queue, id)
}
}
for i := 0; i < len(queue); i++ {
tagID := queue[i]
rules, err := s.rules.ListByTag(ctx, tagID)
if err != nil {
return nil, err
}
for _, r := range rules {
if r.IsActive && !visited[r.ThenTagID] {
visited[r.ThenTagID] = true
queue = append(queue, r.ThenTagID)
}
}
}
return queue, nil
}
backend/internal/service/user_service.go
-192
View File
@@ -1,192 +0,0 @@
package service
import (
"context"
"errors"
"fmt"
"golang.org/x/crypto/bcrypt"
"tanabata/backend/internal/domain"
"tanabata/backend/internal/port"
)
// UserService handles user CRUD and profile management.
type UserService struct {
users port.UserRepo
sessions port.SessionRepo
audit *AuditService
}
// NewUserService creates a UserService.
func NewUserService(users port.UserRepo, sessions port.SessionRepo, audit *AuditService) *UserService {
return &UserService{users: users, sessions: sessions, audit: audit}
}
// EnsureAdmin creates the initial administrator account if it does not already
// exist. It is idempotent and never overwrites an existing user's password, so
// an operator who has changed the admin password keeps it across restarts.
func (s *UserService) EnsureAdmin(ctx context.Context, username, password string) error {
if username == "" || password == "" {
return fmt.Errorf("EnsureAdmin: username and password must be set")
}
if _, err := s.users.GetByName(ctx, username); err == nil {
return nil // already exists
} else if !errors.Is(err, domain.ErrNotFound) {
return fmt.Errorf("EnsureAdmin: lookup: %w", err)
}
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil {
return fmt.Errorf("EnsureAdmin: hash: %w", err)
}
_, err = s.users.Create(ctx, &domain.User{
Name: username,
Password: string(hash),
IsAdmin: true,
CanCreate: true,
})
if err != nil {
return fmt.Errorf("EnsureAdmin: create: %w", err)
}
return nil
}
// ---------------------------------------------------------------------------
// Self-service
// ---------------------------------------------------------------------------
// GetMe returns the profile of the currently authenticated user.
func (s *UserService) GetMe(ctx context.Context) (*domain.User, error) {
userID, _, _ := domain.UserFromContext(ctx)
return s.users.GetByID(ctx, userID)
}
// UpdateMeParams holds fields a user may change on their own profile.
type UpdateMeParams struct {
Name string // empty = no change
Password *string // nil = no change
}
// UpdateMe allows a user to change their own name and/or password.
func (s *UserService) UpdateMe(ctx context.Context, p UpdateMeParams) (*domain.User, error) {
userID, _, _ := domain.UserFromContext(ctx)
current, err := s.users.GetByID(ctx, userID)
if err != nil {
return nil, err
}
patch := *current
if p.Name != "" {
patch.Name = p.Name
}
if p.Password != nil {
hash, err := bcrypt.GenerateFromPassword([]byte(*p.Password), bcrypt.DefaultCost)
if err != nil {
return nil, fmt.Errorf("UserService.UpdateMe hash: %w", err)
}
patch.Password = string(hash)
}
return s.users.Update(ctx, userID, &patch)
}
// ---------------------------------------------------------------------------
// Admin CRUD
// ---------------------------------------------------------------------------
// List returns a paginated list of users (admin only — caller must enforce).
func (s *UserService) List(ctx context.Context, params port.OffsetParams) (*domain.UserPage, error) {
return s.users.List(ctx, params)
}
// Get returns a user by ID (admin only).
func (s *UserService) Get(ctx context.Context, id int16) (*domain.User, error) {
return s.users.GetByID(ctx, id)
}
// CreateParams holds fields for creating a new user.
type CreateUserParams struct {
Name string
Password string
IsAdmin bool
CanCreate bool
}
// Create inserts a new user with a bcrypt-hashed password (admin only).
func (s *UserService) Create(ctx context.Context, p CreateUserParams) (*domain.User, error) {
hash, err := bcrypt.GenerateFromPassword([]byte(p.Password), bcrypt.DefaultCost)
if err != nil {
return nil, fmt.Errorf("UserService.Create hash: %w", err)
}
u := &domain.User{
Name: p.Name,
Password: string(hash),
IsAdmin: p.IsAdmin,
CanCreate: p.CanCreate,
}
created, err := s.users.Create(ctx, u)
if err != nil {
return nil, err
}
_ = s.audit.Log(ctx, "user_create", nil, nil, map[string]any{"target_user_id": created.ID})
return created, nil
}
// UpdateAdminParams holds fields an admin may change on any user.
type UpdateAdminParams struct {
IsAdmin *bool
CanCreate *bool
IsBlocked *bool
}
// UpdateAdmin applies an admin-level patch to a user.
func (s *UserService) UpdateAdmin(ctx context.Context, id int16, p UpdateAdminParams) (*domain.User, error) {
current, err := s.users.GetByID(ctx, id)
if err != nil {
return nil, err
}
patch := *current
if p.IsAdmin != nil {
patch.IsAdmin = *p.IsAdmin
}
if p.CanCreate != nil {
patch.CanCreate = *p.CanCreate
}
if p.IsBlocked != nil {
patch.IsBlocked = *p.IsBlocked
}
updated, err := s.users.Update(ctx, id, &patch)
if err != nil {
return nil, err
}
// Log block/unblock specifically, and revoke all sessions on block so the
// user's outstanding access tokens stop working immediately.
if p.IsBlocked != nil {
action := "user_unblock"
if *p.IsBlocked {
action = "user_block"
if err := s.sessions.DeleteByUserID(ctx, id); err != nil {
return nil, fmt.Errorf("UserService.UpdateAdmin revoke sessions: %w", err)
}
}
_ = s.audit.Log(ctx, action, nil, nil, map[string]any{"target_user_id": id})
}
return updated, nil
}
// Delete removes a user by ID (admin only).
func (s *UserService) Delete(ctx context.Context, id int16) error {
if err := s.users.Delete(ctx, id); err != nil {
return err
}
_ = s.audit.Log(ctx, "user_delete", nil, nil, map[string]any{"target_user_id": id})
return nil
}
backend/internal/storage/disk.go
+27 -225
View File
@@ -5,20 +5,16 @@ import (
"bytes"
"context"
"fmt"
_ "golang.org/x/image/webp" // register WebP decoder
"image"
"image/color"
_ "image/gif" // register GIF decoder
"image/jpeg"
_ "image/gif" // register GIF decoder
_ "image/png" // register PNG decoder
_ "golang.org/x/image/webp" // register WebP decoder
"io"
"os"
"os/exec"
"path/filepath"
"runtime"
"strconv"
"strings"
"time"
"github.com/disintegration/imaging"
"github.com/google/uuid"
@@ -41,36 +37,20 @@ type DiskStorage struct {
thumbHeight int
previewWidth int
previewHeight int
maxPixels int
// genSem bounds concurrent thumbnail/preview generation. Each resize already
// fans out across every core (imaging uses GOMAXPROCS), and large sources cost
// hundreds of MB to decode, so unbounded parallelism on a burst of big images
// pegs the CPU and can exhaust RAM. A buffered channel caps how many run at once.
genSem chan struct{}
}
var _ port.FileStorage = (*DiskStorage)(nil)
// NewDiskStorage creates a DiskStorage and ensures both directories exist.
//
// maxPixels caps the source pixel count we will decode in-process (0 → a sane
// default). concurrency bounds simultaneous generation (≤0 → half the CPUs).
func NewDiskStorage(
filesPath, thumbsPath string,
thumbW, thumbH, prevW, prevH int,
maxPixels, concurrency int,
) (*DiskStorage, error) {
for _, p := range []string{filesPath, thumbsPath} {
if err := os.MkdirAll(p, 0o755); err != nil {
return nil, fmt.Errorf("storage: create directory %q: %w", p, err)
}
}
if maxPixels <= 0 {
maxPixels = defaultMaxDecodePixels
}
if concurrency <= 0 {
concurrency = max(1, runtime.GOMAXPROCS(0)/2)
}
return &DiskStorage{
filesPath: filesPath,
thumbsPath: thumbsPath,
@@ -78,8 +58,6 @@ func NewDiskStorage(
thumbHeight: thumbH,
previewWidth: prevW,
previewHeight: prevH,
maxPixels: maxPixels,
genSem: make(chan struct{}, concurrency),
}, nil
}
@@ -130,66 +108,32 @@ func (s *DiskStorage) Delete(_ context.Context, id uuid.UUID) error {
return nil
}
// InvalidateCache removes the cached thumbnail and preview for id, if present,
// so they are regenerated from the current file content on the next request.
func (s *DiskStorage) InvalidateCache(_ context.Context, id uuid.UUID) error {
for _, p := range []string{s.thumbCachePath(id), s.previewCachePath(id)} {
if err := os.Remove(p); err != nil && !os.IsNotExist(err) {
return fmt.Errorf("storage.InvalidateCache remove %q: %w", p, err)
}
}
return nil
}
// Thumbnail returns a JPEG scaled to fit within the configured max width×height,
// preserving the original aspect ratio (never upscaled, never cropped); the grid
// cell letterboxes it as needed. Generated on first call and cached. Video files
// are thumbnailed via ffmpeg; other non-image files get a placeholder.
// Thumbnail returns a JPEG that fits within the configured max width×height
// (never upscaled, never cropped). Generated on first call and cached.
// Video files are thumbnailed via ffmpeg; other non-image files get a placeholder.
func (s *DiskStorage) Thumbnail(ctx context.Context, id uuid.UUID) (io.ReadCloser, error) {
return s.serveGenerated(ctx, id, s.thumbCachePath(id), s.thumbWidth, s.thumbHeight)
}
// Preview returns a JPEG scaled to fit within the configured max width×height,
// preserving the original aspect ratio (never upscaled, never cropped) so the
// viewer shows the whole image. Generated on first call and cached. Video files
// are thumbnailed via ffmpeg; other non-image files get a placeholder.
// Preview returns a JPEG that fits within the configured max width×height
// (never upscaled, never cropped). Generated on first call and cached.
// Video files are thumbnailed via ffmpeg; other non-image files get a placeholder.
func (s *DiskStorage) Preview(ctx context.Context, id uuid.UUID) (io.ReadCloser, error) {
return s.serveGenerated(ctx, id, s.previewCachePath(id), s.previewWidth, s.previewHeight)
}
// VideoFrameMiddle decodes a representative frame from the middle of a video
// (duration/2). The midpoint avoids the shared intros, title cards and black
// lead-in frames that make a fixed early offset collide across unrelated clips,
// so it is the right source for the video's perceptual (duplicate-detection)
// hash. The file must already exist in storage; ffmpeg/ffprobe must be installed.
// This is not part of port.FileStorage — only the dedup CLI needs it, with a
// concrete *DiskStorage — so the interface stays lean and ffmpeg stays out of the
// upload path.
func (s *DiskStorage) VideoFrameMiddle(ctx context.Context, id uuid.UUID) (image.Image, error) {
srcPath := s.originalPath(id)
if _, err := os.Stat(srcPath); err != nil {
if os.IsNotExist(err) {
return nil, domain.ErrNotFound
}
return nil, fmt.Errorf("storage: stat %q: %w", srcPath, err)
}
return extractVideoFrameMiddle(ctx, srcPath)
}
// ---------------------------------------------------------------------------
// Internal helpers
// ---------------------------------------------------------------------------
// serveGenerated is the shared implementation for Thumbnail and Preview. Both
// fit the source within maxW×maxH preserving the aspect ratio (no crop, no
// upscale); they differ only in the configured dimensions.
// serveGenerated is the shared implementation for Thumbnail and Preview.
// imaging.Thumbnail fits the source within maxW×maxH without upscaling or cropping.
//
// Resolution order:
// 1. Return cached JPEG if present.
// 2. vipsthumbnail (shrink-on-load; the primary still-image path).
// 3. Pure-Go decode + imaging.Fit (fallback when vips is absent).
// 4. Extract a frame with ffmpeg (video files).
// 5. Solid-colour placeholder (archives, unrecognised formats, etc.).
// 2. Decode as still image (JPEG/PNG/GIF via imaging).
// 3. Extract a frame with ffmpeg (video files).
// 4. Solid-colour placeholder (archives, unrecognised formats, etc.).
func (s *DiskStorage) serveGenerated(ctx context.Context, id uuid.UUID, cachePath string, maxW, maxH int) (io.ReadCloser, error) {
// Fast path: cache hit.
if f, err := os.Open(cachePath); err == nil {
@@ -205,40 +149,14 @@ func (s *DiskStorage) serveGenerated(ctx context.Context, id uuid.UUID, cachePat
return nil, fmt.Errorf("storage: stat %q: %w", srcPath, err)
}
// Bound concurrent generation so a burst of large images can't peg every core
// or exhaust RAM. Queue here (respecting cancellation) rather than starting
// the heavy decode immediately.
select {
case s.genSem <- struct{}{}:
defer func() { <-s.genSem }()
case <-ctx.Done():
return nil, ctx.Err()
}
// Another request may have generated this while we waited on the semaphore.
if f, err := os.Open(cachePath); err == nil {
return f, nil
}
// Primary path: vipsthumbnail. It shrinks on load (e.g. JPEG DCT scaling), so
// even a 200+ Mpx photo is thumbnailed in a fraction of the memory and CPU of a
// full in-process decode, writing the final JPEG straight to the cache. Falls
// through when vips is absent or can't read the source (e.g. a video).
if vipsThumbnailPath != "" {
if rc, err := s.vipsThumbnail(ctx, srcPath, cachePath, maxW, maxH); err == nil {
return rc, nil
}
}
// Fallback pipeline (pure Go):
// 1. Still-image decode (JPEG/PNG/GIF), rejecting oversized rasters.
// 2. Video frame extraction via ffmpeg.
// 3. Solid-colour placeholder.
// 1. Try still-image decode (JPEG/PNG/GIF).
// 2. Try video frame extraction via ffmpeg.
// 3. Fall back to placeholder.
var img image.Image
if decoded, err := decodeImageLimited(srcPath, s.maxPixels); err == nil {
img = imaging.Fit(decoded, maxW, maxH, imaging.Lanczos)
} else if frame, err := extractVideoFrameMiddle(ctx, srcPath); err == nil {
img = imaging.Fit(frame, maxW, maxH, imaging.Lanczos)
if decoded, err := imaging.Open(srcPath, imaging.AutoOrientation(true)); err == nil {
img = imaging.Thumbnail(decoded, maxW, maxH, imaging.Lanczos)
} else if frame, err := extractVideoFrame(ctx, srcPath); err == nil {
img = imaging.Thumbnail(frame, maxW, maxH, imaging.Lanczos)
} else {
img = placeholder(maxW, maxH)
}
@@ -288,108 +206,15 @@ func writeCache(cachePath string, img image.Image) (io.ReadCloser, error) {
return f, nil
}
// defaultMaxDecodePixels is the fallback cap when none is configured. It bounds
// the cost of a decompression bomb (a tiny file that expands to an enormous
// raster) and the per-image memory; ~300 Mpx covers e.g. a 13000×17000 photo.
const defaultMaxDecodePixels = 300_000_000
// decodeImageLimited decodes the image at path after first inspecting its header
// dimensions via image.DecodeConfig (which does not allocate the raster), and
// refuses images whose pixel count exceeds maxPixels.
func decodeImageLimited(path string, maxPixels int) (image.Image, error) {
f, err := os.Open(path)
if err != nil {
return nil, err
}
defer f.Close()
cfg, _, err := image.DecodeConfig(f)
if err != nil {
return nil, err
}
if int64(cfg.Width)*int64(cfg.Height) > int64(maxPixels) {
return nil, fmt.Errorf("image too large to decode: %dx%d", cfg.Width, cfg.Height)
}
if _, err := f.Seek(0, io.SeekStart); err != nil {
return nil, err
}
return imaging.Decode(f, imaging.AutoOrientation(true))
}
// vipsThumbnailPath is the resolved path to the vipsthumbnail CLI, or "" when it
// isn't installed — in which case generation falls back to the pure-Go pipeline.
var vipsThumbnailPath, _ = exec.LookPath("vipsthumbnail")
// vipsThumbnail generates a JPEG thumbnail with the vipsthumbnail CLI, writing it
// straight to cachePath via an atomic temp→rename. vips decodes large images at a
// reduced scale (shrink-on-load), so this costs a fraction of the memory and CPU
// of a full in-process decode. The result is fit within maxW×maxH and never
// upscaled (the ">" size modifier). Returns an error for inputs vips can't read
// (e.g. videos) so the caller can fall back.
func (s *DiskStorage) vipsThumbnail(ctx context.Context, srcPath, cachePath string, maxW, maxH int) (io.ReadCloser, error) {
ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
defer cancel()
tmp, err := os.CreateTemp(filepath.Dir(cachePath), ".vips-*.jpg")
if err != nil {
return nil, fmt.Errorf("storage: create temp file: %w", err)
}
tmpName := tmp.Name()
_ = tmp.Close()
cmd := exec.CommandContext(ctx, vipsThumbnailPath,
srcPath,
"--size", fmt.Sprintf("%dx%d>", maxW, maxH),
"--output", tmpName+"[Q=85]",
)
cmd.Stderr = io.Discard
if err := cmd.Run(); err != nil {
os.Remove(tmpName)
return nil, fmt.Errorf("vipsthumbnail: %w", err)
}
if fi, err := os.Stat(tmpName); err != nil || fi.Size() == 0 {
os.Remove(tmpName)
return nil, fmt.Errorf("vipsthumbnail: no output produced")
}
if err := os.Rename(tmpName, cachePath); err != nil {
os.Remove(tmpName)
return nil, fmt.Errorf("storage: rename cache file: %w", err)
}
f, err := os.Open(cachePath)
if err != nil {
return nil, fmt.Errorf("storage: open cache file: %w", err)
}
return f, nil
}
// extractVideoFrameMiddle extracts a single frame from the middle of the video
// (duration/2), falling back to a 1s offset when the duration can't be probed.
// The midpoint dodges shared intros, title cards and black lead-in frames, and
// matches the frame used for the perceptual hash so a video's thumbnail/preview
// shows the same representative frame dedup compared. See extractVideoFrameAt for
// the mechanics.
func extractVideoFrameMiddle(ctx context.Context, srcPath string) (image.Image, error) {
at := 1.0
if d, err := videoDurationSeconds(ctx, srcPath); err == nil && d > 0 {
at = d / 2
}
return extractVideoFrameAt(ctx, srcPath, at)
}
// extractVideoFrameAt uses ffmpeg to extract a single frame at atSec seconds into
// the video, piped out as PNG. The fast input seek (-ss before -i) is keyframe-
// accurate and cheap; if atSec is past the end the seek is silently ignored and
// the first available frame is returned instead. Returns an error if ffmpeg is
// not installed or produces no output. The run is bounded by a timeout so a
// malformed file cannot hang the caller indefinitely.
func extractVideoFrameAt(ctx context.Context, srcPath string, atSec float64) (image.Image, error) {
ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
defer cancel()
// extractVideoFrame uses ffmpeg to extract a single frame from a video file.
// It seeks 1 second in (keyframe-accurate fast seek) and pipes the frame out
// as PNG. If the video is shorter than 1 s the seek is silently ignored by
// ffmpeg and the first available frame is returned instead.
// Returns an error if ffmpeg is not installed or produces no output.
func extractVideoFrame(ctx context.Context, srcPath string) (image.Image, error) {
var out bytes.Buffer
cmd := exec.CommandContext(ctx, "ffmpeg",
"-ss", strconv.FormatFloat(atSec, 'f', 3, 64), // fast input seek; ignored gracefully past end
"-ss", "1", // fast input seek; ignored gracefully on short files
"-i", srcPath,
"-vframes", "1",
"-f", "image2",
@@ -405,29 +230,6 @@ func extractVideoFrameAt(ctx context.Context, srcPath string, atSec float64) (im
return imaging.Decode(&out)
}
// videoDurationSeconds returns the container duration in seconds via ffprobe.
// Used to seek to the middle of a clip for perceptual hashing and thumbnails.
func videoDurationSeconds(ctx context.Context, srcPath string) (float64, error) {
ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
defer cancel()
cmd := exec.CommandContext(ctx, "ffprobe",
"-v", "error",
"-show_entries", "format=duration",
"-of", "default=noprint_wrappers=1:nokey=1",
srcPath,
)
out, err := cmd.Output()
if err != nil {
return 0, fmt.Errorf("ffprobe duration: %w", err)
}
d, err := strconv.ParseFloat(strings.TrimSpace(string(out)), 64)
if err != nil {
return 0, fmt.Errorf("ffprobe duration parse %q: %w", out, err)
}
return d, nil
}
// ---------------------------------------------------------------------------
// Path helpers
// ---------------------------------------------------------------------------
backend/internal/storage/disk_test.go
-181
View File
@@ -1,181 +0,0 @@
package storage
import (
"bytes"
"context"
"image"
"image/color"
"image/png"
"io"
"os"
"path/filepath"
"testing"
"github.com/disintegration/imaging"
"github.com/google/uuid"
)
// writeTestImage writes a w×h PNG filled with a distinct (non-placeholder)
// colour so a generated thumbnail can be told apart from the grey placeholder.
func writeTestImage(t *testing.T, path string, w, h int) {
t.Helper()
img := image.NewNRGBA(image.Rect(0, 0, w, h))
for y := 0; y < h; y++ {
for x := 0; x < w; x++ {
img.Set(x, y, color.NRGBA{R: 0xC0, G: 0x10, B: 0x20, A: 0xFF})
}
}
f, err := os.Create(path)
if err != nil {
t.Fatal(err)
}
defer f.Close()
if err := png.Encode(f, img); err != nil {
t.Fatal(err)
}
}
func TestDecodeImageLimited(t *testing.T) {
dir := t.TempDir()
p := filepath.Join(dir, "img.png")
writeTestImage(t, p, 100, 80) // 8000 px
if _, err := decodeImageLimited(p, 4000); err == nil {
t.Fatal("expected rejection for an image over the pixel cap")
}
img, err := decodeImageLimited(p, 100000)
if err != nil {
t.Fatalf("expected decode within the cap, got %v", err)
}
if b := img.Bounds(); b.Dx() != 100 || b.Dy() != 80 {
t.Fatalf("unexpected decoded size %v", b.Size())
}
}
// TestThumbnailGeneratesAndCaches exercises the full generation path (semaphore
// acquire → decode → fit → encode → cache) and the cache fast path on re-request.
func TestThumbnailGeneratesAndCaches(t *testing.T) {
files := t.TempDir()
thumbs := t.TempDir()
id := uuid.New()
writeTestImage(t, filepath.Join(files, id.String()), 100, 80)
s, err := NewDiskStorage(files, thumbs, 160, 160, 1920, 1080, 0, 1)
if err != nil {
t.Fatal(err)
}
rc, err := s.Thumbnail(context.Background(), id)
if err != nil {
t.Fatalf("Thumbnail: %v", err)
}
data, _ := io.ReadAll(rc)
rc.Close()
out, err := imaging.Decode(bytes.NewReader(data))
if err != nil {
t.Fatalf("decode thumbnail: %v", err)
}
// The source fits within 160×160, so it is not upscaled.
if b := out.Bounds(); b.Dx() != 100 || b.Dy() != 80 {
t.Fatalf("unexpected thumbnail size %v", b.Size())
}
// Centre pixel should be the source's red, not the grey placeholder.
r, g, b, _ := out.At(50, 40).RGBA()
if !(r>>8 > g>>8+40 && r>>8 > b>>8+40) {
t.Fatalf("thumbnail is not the source image (got r=%d g=%d b=%d) — fell back to placeholder?", r>>8, g>>8, b>>8)
}
// The cache file must now exist, and a second request must serve it.
if _, err := os.Stat(s.thumbCachePath(id)); err != nil {
t.Fatalf("cache file not written: %v", err)
}
rc2, err := s.Thumbnail(context.Background(), id)
if err != nil {
t.Fatalf("Thumbnail (cached): %v", err)
}
rc2.Close()
}
// TestThumbnailFallbackWithoutVips forces the pure-Go pipeline (as if vips were
// not installed) and verifies generation still produces the source image.
func TestThumbnailFallbackWithoutVips(t *testing.T) {
orig := vipsThumbnailPath
vipsThumbnailPath = ""
t.Cleanup(func() { vipsThumbnailPath = orig })
files := t.TempDir()
thumbs := t.TempDir()
id := uuid.New()
writeTestImage(t, filepath.Join(files, id.String()), 100, 80)
s, err := NewDiskStorage(files, thumbs, 160, 160, 1920, 1080, 0, 1)
if err != nil {
t.Fatal(err)
}
rc, err := s.Thumbnail(context.Background(), id)
if err != nil {
t.Fatalf("Thumbnail: %v", err)
}
data, _ := io.ReadAll(rc)
rc.Close()
out, err := imaging.Decode(bytes.NewReader(data))
if err != nil {
t.Fatalf("decode thumbnail: %v", err)
}
if b := out.Bounds(); b.Dx() != 100 || b.Dy() != 80 {
t.Fatalf("unexpected thumbnail size %v", b.Size())
}
r, g, b, _ := out.At(50, 40).RGBA()
if !(r>>8 > g>>8+40 && r>>8 > b>>8+40) {
t.Fatalf("fallback produced a placeholder, not the source (r=%d g=%d b=%d)", r>>8, g>>8, b>>8)
}
}
// TestPreviewGeneratesAndCaches verifies Preview runs through the same pipeline
// with the preview dimensions and its own cache file (not the thumbnail's).
func TestPreviewGeneratesAndCaches(t *testing.T) {
files := t.TempDir()
thumbs := t.TempDir()
id := uuid.New()
// Larger than the thumbnail box but within the preview box, so the preview
// keeps full resolution where a thumbnail would shrink it.
writeTestImage(t, filepath.Join(files, id.String()), 400, 300)
s, err := NewDiskStorage(files, thumbs, 160, 160, 1920, 1080, 0, 1)
if err != nil {
t.Fatal(err)
}
rc, err := s.Preview(context.Background(), id)
if err != nil {
t.Fatalf("Preview: %v", err)
}
data, _ := io.ReadAll(rc)
rc.Close()
out, err := imaging.Decode(bytes.NewReader(data))
if err != nil {
t.Fatalf("decode preview: %v", err)
}
// 400×300 fits within 1920×1080, so the preview is not downscaled.
if b := out.Bounds(); b.Dx() != 400 || b.Dy() != 300 {
t.Fatalf("unexpected preview size %v", b.Size())
}
r, g, b, _ := out.At(200, 150).RGBA()
if !(r>>8 > g>>8+40 && r>>8 > b>>8+40) {
t.Fatalf("preview is not the source image (r=%d g=%d b=%d)", r>>8, g>>8, b>>8)
}
// The preview cache must be written, and the thumbnail cache must not — they
// are separate files served by the same code with different dimensions.
if _, err := os.Stat(s.previewCachePath(id)); err != nil {
t.Fatalf("preview cache not written: %v", err)
}
if _, err := os.Stat(s.thumbCachePath(id)); err == nil {
t.Fatal("thumbnail cache should not exist after a preview-only request")
}
}
backend/migrations/003_data_tables.sql
+2 -32
View File
@@ -50,13 +50,12 @@ CREATE TABLE data.files (
content_datetime timestamptz NOT NULL DEFAULT clock_timestamp(), -- content datetime (e.g. photo taken)
notes text,
metadata jsonb, -- user-editable key-value data
exif jsonb, -- EXIF data extracted at upload (immutable)
exif jsonb NOT NULL DEFAULT '{}'::jsonb, -- EXIF data extracted at upload (immutable)
phash bigint, -- perceptual hash for duplicate detection (future)
creator_id smallint NOT NULL REFERENCES core.users(id)
ON UPDATE CASCADE ON DELETE RESTRICT,
is_public boolean NOT NULL DEFAULT false,
is_deleted boolean NOT NULL DEFAULT false, -- soft delete (trash)
needs_review boolean NOT NULL DEFAULT true -- tagging not yet marked done; cleared explicitly
is_deleted boolean NOT NULL DEFAULT false -- soft delete (trash)
);
CREATE TABLE data.file_tag (
@@ -92,31 +91,6 @@ CREATE TABLE data.file_pool (
PRIMARY KEY (file_id, pool_id)
);
-- Precomputed near-duplicate candidates (phash Hamming distance <= threshold),
-- (re)built in full by the dedup rescan. Stored once per unordered pair with a
-- canonical file_a < file_b ordering so a pair is never duplicated as (a,b)/(b,a).
CREATE TABLE data.duplicate_pairs (
file_a uuid NOT NULL REFERENCES data.files(id) ON UPDATE CASCADE ON DELETE CASCADE,
file_b uuid NOT NULL REFERENCES data.files(id) ON UPDATE CASCADE ON DELETE CASCADE,
distance smallint NOT NULL,
CONSTRAINT chk__duplicate_pairs__order CHECK (file_a < file_b),
PRIMARY KEY (file_a, file_b)
);
-- "Not a duplicate" decisions: a global overlay that hides a candidate pair from
-- the duplicates view. Survives rescans (the pair may be re-found but stays
-- hidden). Same canonical file_a < file_b ordering as data.duplicate_pairs.
CREATE TABLE data.duplicate_dismissals (
file_a uuid NOT NULL REFERENCES data.files(id) ON UPDATE CASCADE ON DELETE CASCADE,
file_b uuid NOT NULL REFERENCES data.files(id) ON UPDATE CASCADE ON DELETE CASCADE,
dismissed_by smallint NOT NULL REFERENCES core.users(id) ON UPDATE CASCADE ON DELETE RESTRICT,
dismissed_at timestamptz NOT NULL DEFAULT clock_timestamp(),
CONSTRAINT chk__duplicate_dismissals__order CHECK (file_a < file_b),
PRIMARY KEY (file_a, file_b)
);
COMMENT ON TABLE data.categories IS 'Logical grouping of tags';
COMMENT ON TABLE data.tags IS 'File labels/tags';
COMMENT ON TABLE data.tag_rules IS 'Auto-tagging rules: when when_tag is assigned, then_tag follows';
@@ -124,8 +98,6 @@ COMMENT ON TABLE data.files IS 'Managed files; actual content stored on di
COMMENT ON TABLE data.file_tag IS 'Many-to-many: files <-> tags';
COMMENT ON TABLE data.pools IS 'Ordered collections of files';
COMMENT ON TABLE data.file_pool IS 'Many-to-many: files <-> pools, with ordering';
COMMENT ON TABLE data.duplicate_pairs IS 'Precomputed near-duplicate candidate pairs (perceptual-hash distance)';
COMMENT ON TABLE data.duplicate_dismissals IS 'Pairs marked "not a duplicate"; hidden from the duplicates view';
COMMENT ON COLUMN data.files.original_name IS 'Original filename at upload time';
COMMENT ON COLUMN data.files.content_datetime IS 'Content datetime (e.g. when photo was taken); falls back to EXIF DateTimeOriginal';
@@ -137,8 +109,6 @@ COMMENT ON COLUMN data.file_pool.position IS 'Manual ordering within pool; u
-- +goose Down
DROP TABLE IF EXISTS data.duplicate_dismissals;
DROP TABLE IF EXISTS data.duplicate_pairs;
DROP TABLE IF EXISTS data.file_pool;
DROP TABLE IF EXISTS data.pools;
DROP TABLE IF EXISTS data.file_tag;
backend/migrations/006_indexes.sql
-10
View File
@@ -20,18 +20,11 @@ CREATE INDEX idx__files__creator_id ON data.files USING hash (creator_id)
CREATE INDEX idx__files__content_datetime ON data.files USING btree (content_datetime DESC NULLS LAST);
CREATE INDEX idx__files__is_deleted ON data.files USING btree (is_deleted) WHERE is_deleted = true;
CREATE INDEX idx__files__phash ON data.files USING btree (phash) WHERE phash IS NOT NULL;
CREATE INDEX idx__files__needs_review ON data.files USING btree (id) WHERE needs_review = true;
-- data.file_tag
CREATE INDEX idx__file_tag__tag_id ON data.file_tag USING hash (tag_id);
CREATE INDEX idx__file_tag__file_id ON data.file_tag USING hash (file_id);
-- data.duplicate_pairs / data.duplicate_dismissals
-- The composite primary keys cover lookups on file_a; these add the file_b side
-- (used by the ON DELETE CASCADE and by the visibility join on the second file).
CREATE INDEX idx__duplicate_pairs__file_b ON data.duplicate_pairs USING hash (file_b);
CREATE INDEX idx__duplicate_dismissals__file_b ON data.duplicate_dismissals USING hash (file_b);
-- data.pools
CREATE INDEX idx__pools__creator_id ON data.pools USING hash (creator_id);
@@ -76,14 +69,11 @@ DROP INDEX IF EXISTS activity.idx__sessions__token_hash;
DROP INDEX IF EXISTS activity.idx__sessions__user_id;
DROP INDEX IF EXISTS acl.idx__acl__user;
DROP INDEX IF EXISTS acl.idx__acl__object;
DROP INDEX IF EXISTS data.idx__duplicate_dismissals__file_b;
DROP INDEX IF EXISTS data.idx__duplicate_pairs__file_b;
DROP INDEX IF EXISTS data.idx__file_pool__file_id;
DROP INDEX IF EXISTS data.idx__file_pool__pool_id;
DROP INDEX IF EXISTS data.idx__pools__creator_id;
DROP INDEX IF EXISTS data.idx__file_tag__file_id;
DROP INDEX IF EXISTS data.idx__file_tag__tag_id;
DROP INDEX IF EXISTS data.idx__files__needs_review;
DROP INDEX IF EXISTS data.idx__files__phash;
DROP INDEX IF EXISTS data.idx__files__is_deleted;
DROP INDEX IF EXISTS data.idx__files__content_datetime;
backend/migrations/007_seed_data.sql
+5 -6
View File
@@ -20,8 +20,7 @@ INSERT INTO activity.action_types (name) VALUES
('user_login'), ('user_logout'),
-- Files
('file_create'), ('file_edit'), ('file_delete'), ('file_restore'),
('file_permanent_delete'), ('file_replace'), ('file_review'),
('file_merge'), ('duplicate_dismiss'),
('file_permanent_delete'), ('file_replace'),
-- Tags
('tag_create'), ('tag_edit'), ('tag_delete'),
-- Categories
@@ -30,7 +29,7 @@ INSERT INTO activity.action_types (name) VALUES
('pool_create'), ('pool_edit'), ('pool_delete'),
-- Relations
('file_tag_add'), ('file_tag_remove'),
('file_pool_add'), ('file_pool_remove'), ('file_pool_reorder'),
('file_pool_add'), ('file_pool_remove'),
-- ACL
('acl_change'),
-- Admin
@@ -39,12 +38,12 @@ INSERT INTO activity.action_types (name) VALUES
-- Sessions
('session_terminate');
-- The initial administrator is created at application startup from the
-- ADMIN_USERNAME / ADMIN_PASSWORD environment variables (see UserService.
-- EnsureAdmin), so no default credentials are seeded here.
INSERT INTO core.users (name, password, is_admin, can_create) VALUES
('admin', '$2a$10$zk.VTFjRRxbkTE7cKfc7KOWeZfByk1VEkbkgZMJggI1fFf.yDEHZy', true, true);
-- +goose Down
DELETE FROM core.users WHERE name = 'admin';
DELETE FROM activity.action_types;
DELETE FROM core.object_types;
DELETE FROM core.mime_types;
docker-compose.yml
-170
View File
@@ -1,170 +0,0 @@
# =============================================================================
# Tanabata File Manager — Docker Compose
#
# Quick start:
# cp .env.example .env # then edit the secrets
# docker compose up -d --build
#
# Database — two supported modes, selected in .env:
#
# 1. Bundled Postgres container (default).
# COMPOSE_PROFILES=with-db
# DATABASE_URL=postgres://tanabata:password@db:5432/tanabata?sslmode=disable
#
# 2. Postgres already running on the host.
# COMPOSE_PROFILES= # empty → the db container is not started
# DATABASE_URL=postgres://tanabata:password@host.docker.internal:5432/tanabata?sslmode=disable
#
# Requires Docker Compose v2.20+ (for depends_on.required).
# =============================================================================
services:
app:
build:
context: .
dockerfile: Dockerfile
container_name: tfm
restart: unless-stopped
# All application config (secrets, DATABASE_URL, tunables) comes from .env.
env_file: .env
# Pin STATIC_DIR to the path baked into the image. .env intentionally leaves
# it unset; pinning here guarantees in-container SPA serving can't be
# disabled by an empty value leaking in through env_file.
environment:
STATIC_DIR: /app/static
# Published on loopback only: a reverse proxy on the host (e.g. nginx) fronts
# the app and proxies to 127.0.0.1:${APP_PORT}. Binding to 127.0.0.1 keeps the
# app off the LAN/WAN — a plain "PORT:42776" would publish on 0.0.0.0 and, since
# Docker's DNAT rules sit ahead of the host firewall, bypass ufw/firewalld. The
# container always listens on 42776 (Dockerfile default); APP_PORT only changes
# the host-published port. Drop the 127.0.0.1 prefix if exposing it directly.
ports:
- "127.0.0.1:${APP_PORT:-42776}:42776"
# Two-tier networking. `web` is the app's public-facing bridge (reached via the
# published loopback port above; it also provides egress, e.g. to a host
# Postgres via host.docker.internal). `backend` is the private tier the app
# uses to reach the bundled DB. The DB sits only on `backend`, so nothing on
# the host-facing side can reach it.
networks:
- web
- backend
# Wait for the bundled DB when the with-db profile is active. When using a
# host Postgres the db service is disabled, and required:false keeps this
# dependency from erroring or auto-starting it.
depends_on:
db:
condition: service_healthy
required: false
# Lets DATABASE_URL reach a Postgres on the host via host.docker.internal
# (needed on Linux; harmless elsewhere).
extra_hosts:
- "host.docker.internal:host-gateway"
# Run as this uid:gid. Relevant when the mounts below are bind-mounted to
# host folders: set PUID/PGID (in .env) to the owner of those folders so the
# container can write to them. Defaults to the image's tanabata user
# (42776), which owns the named volumes.
user: "${PUID:-42776}:${PGID:-42776}"
# Storage for originals, the thumbnail cache, and the import drop folder.
# Each source defaults to a named volume but can be pointed at a specific
# host folder via FILES_DIR / THUMBS_DIR / IMPORT_DIR in .env (a path turns
# the mount into a host bind mount; a bare name stays a named volume).
volumes:
- "${FILES_DIR:-app_files}:/data/files"
- "${THUMBS_DIR:-app_thumbs}:/data/thumbs"
- "${IMPORT_DIR:-app_import}:/data/import"
db:
image: postgres:14-alpine
restart: unless-stopped
# Only started when COMPOSE_PROFILES includes "with-db". Disable it to point
# the app at a Postgres running on the host instead.
profiles: ["with-db"]
# Private back-end tier only — never on `web`, never published.
networks:
- backend
environment:
POSTGRES_DB: ${POSTGRES_DB:-tanabata}
POSTGRES_USER: ${POSTGRES_USER:-tanabata}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password}
# Defaults to a named volume; set DB_DIR in .env to a host folder to bind
# mount it instead. Postgres fixes the folder's ownership itself, so DB_DIR
# needs no PUID/PGID.
volumes:
- "${DB_DIR:-db_data}:/var/lib/postgresql/data"
# Uncomment to reach the DB from the host (e.g. with psql) for debugging.
# ports:
# - "5432:5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER:-tanabata} -d ${POSTGRES_DB:-tanabata}"]
interval: 5s
timeout: 5s
retries: 10
# One-shot maintenance task for duplicate detection: computes missing
# perceptual hashes (images + video) and rebuilds the duplicate-pairs table.
# It is NOT a daemon — the "tools" profile keeps it out of `docker compose up`;
# run it on demand, and it exits when done:
#
# docker compose run --rm dedup # hashes, then rebuild pairs
# docker compose run --rm dedup -pairs # only rebuild pairs (after uploads)
# docker compose run --rm dedup -hashes # only backfill hashes
#
# Reuses the app image, .env, volumes and networks; only the entrypoint differs
# (/app/dedup instead of the server). Connects to the same DB the app uses, so
# the app's DB (bundled or host) must be reachable when it runs.
dedup:
build:
context: .
dockerfile: Dockerfile
profiles: ["tools"]
env_file: .env
networks:
- web
- backend
depends_on:
db:
condition: service_healthy
required: false
extra_hosts:
- "host.docker.internal:host-gateway"
user: "${PUID:-42776}:${PGID:-42776}"
volumes:
- "${FILES_DIR:-app_files}:/data/files"
- "${THUMBS_DIR:-app_thumbs}:/data/thumbs"
entrypoint: ["/app/dedup"]
restart: "no"
networks:
# Public-facing bridge for this app. The explicit bridge name (instead of
# Docker's random br-<hash>) makes it identifiable on the host for tcpdump and
# firewall rules.
web:
driver_opts:
com.docker.network.bridge.name: dk-tanabata
# Private back-end tier (app ↔ DB). internal:true drops the gateway so the DB
# has no route off-host. Note: Linux caps interface names at 15 chars, and
# dk-tanabata-bnd is exactly 15 — a longer app name would need a shorter suffix.
backend:
internal: true
driver_opts:
com.docker.network.bridge.name: dk-tanabata-bnd
volumes:
app_files:
app_thumbs:
app_import:
db_data:
docs/DEPLOY.md
-182
View File
@@ -1,182 +0,0 @@
# Deployment (Gitea Actions → host)
Tanabata is deployed by a [Gitea Actions](https://docs.gitea.com/usage/actions/overview)
workflow ([`.gitea/workflows/deploy.yml`](../.gitea/workflows/deploy.yml)) that
runs on the **production host itself**. On every push to `master` it updates the
git clone in `/opt/tanabata` and runs `docker compose up -d --build` there, so the
image is built from the freshly-pushed code and the stack is restarted.
```
push master ──> Gitea (container) ──> act_runner (host, "host" label)
│ git fetch + reset --hard (in /opt/tanabata)
└ docker compose up -d --build
```
The Gitea server runs in a container, but the **runner runs directly on the host**
(shell executor) so it can use the host's git, the host Docker daemon, and the
clone in `/opt/tanabata`. Nothing needs a registry — the host builds the image
locally. The workflow uses only shell steps, so the host needs just **git** and
**docker** (no node, no rsync).
## What is a runner?
Gitea (like GitHub) only *coordinates* CI: it stores the workflow, queues jobs,
and shows logs. It does **not** execute anything itself. A **runner** is a
separate agent program that polls Gitea for queued jobs, runs the steps on a
machine you control, and reports results back.
Gitea's official runner is **act_runner** (a single Go binary; it uses the
`act` engine to interpret workflow YAML). One act_runner process can serve many
repos. Each runner advertises one or more **labels**, and a job's `runs-on:`
picks a runner by label. A label also decides *how* a job runs — the **executor**:
- **docker executor** — each job runs in a fresh container from an image (e.g.
`node:20-bookworm`). Isolated and reproducible; the usual default. Label form
at registration: `ubuntu:docker://node:20-bookworm`.
- **host / shell executor** — the job runs directly on the host as the runner's
user, using host-installed tools. Label form: `host:host`. This is what we use,
because the deploy needs the host's Docker daemon and `/opt/tanabata`.
So `runs-on: host` in the workflow ⇒ "run this job on a runner that registered a
`host` label" ⇒ our shell executor on the prod box.
## One-time setup
### 1. Enable Actions in Gitea
Gitea 1.21+ has Actions on by default. Otherwise add to `app.ini` and restart:
```ini
[actions]
ENABLED = true
```
### 2. A runner user on the host
Pick (or create) the Linux user the runner runs as. It must be able to use Docker
and own the deploy dir — so the workflow needs no `sudo`:
```bash
sudo useradd -r -m -d /home/gitea-runner gitea-runner # or reuse an existing user
sudo usermod -aG docker gitea-runner # host Docker access
```
The host needs `git` and a Docker engine with the Compose plugin:
```bash
sudo apt install -y git docker.io docker-compose-plugin # Debian/Ubuntu
```
### 3. Clone the repo to /opt/tanabata once
The workflow only does `git fetch` + `reset --hard`, so the clone (and its auth)
is established here, once. Use a **read-only deploy key** so the host never holds
write credentials:
```bash
# As the runner user, create a key and add the PUBLIC half to the repo in Gitea:
# Repo → Settings → Deploy Keys → Add (read-only)
sudo -u gitea-runner ssh-keygen -t ed25519 -f /home/gitea-runner/.ssh/tanabata_deploy -N ''
# Clone with that key (SSH URL of your Gitea repo):
sudo -u gitea-runner GIT_SSH_COMMAND='ssh -i /home/gitea-runner/.ssh/tanabata_deploy' \
git clone git@gitea.example.com:you/tanabata.git /opt/tanabata
sudo chown -R gitea-runner:gitea-runner /opt/tanabata
```
> HTTPS works too — clone with a URL that carries a read-only token. SSH deploy
> keys are the cleaner, per-repo, read-only option.
After cloning, recurring `git fetch` reuses the remote + key stored in
`/opt/tanabata/.git/config`, so the runner itself needs no standing credentials.
### 4. Register and run act_runner on the host
Get a registration token in Gitea. **Where you create it sets the runner's
scope** (and `--name` is only a display label, unrelated to scope):
- **Repository** (Tanabata repo → Settings → Actions → Runners) → serves only
this repo. **Use this.**
- Organization → all repos in the org; Site (admin) → all repos on the instance.
> Security: this runner is a host/shell executor with access to the Docker
> socket — effectively root on the host. Register it at the **repository** level
> so only Tanabata's workflows can run on your prod server; a site-wide runner
> would let any repo's workflow execute arbitrary commands here.
Then, as the runner user:
```bash
# Download act_runner: https://gitea.com/gitea/act_runner/releases
act_runner register --no-interactive \
--instance https://gitea.example.com \
--token <REGISTRATION_TOKEN> \
--name prod-host \
--labels host:host # <-- maps `runs-on: host` to the shell executor
# Run it (use a systemd unit in production so it survives reboots):
act_runner daemon
```
`--labels host:host` is what makes jobs run **on the host** instead of in a
container. The instance URL must be reachable from the host (Gitea's published
port / domain — not the in-container address). Registration writes a `.runner`
file (the runner's credentials) in the working directory.
Minimal systemd unit (`/etc/systemd/system/act_runner.service`):
```ini
[Unit]
Description=Gitea act_runner
After=docker.service
Requires=docker.service
[Service]
User=gitea-runner
WorkingDirectory=/home/gitea-runner
ExecStart=/usr/local/bin/act_runner daemon
Restart=always
[Install]
WantedBy=multi-user.target
```
```bash
sudo systemctl enable --now act_runner
```
### 5. Create /opt/tanabata/.env (secrets)
The workflow **never** writes `.env` — it lives on the host and holds the real
secrets and the chosen DB mode. `.env` is git-ignored, so `git reset --hard`
leaves it untouched. Create it once:
```bash
cd /opt/tanabata
sudo -u gitea-runner cp .env.example .env
sudo -u gitea-runner $EDITOR .env # set JWT_SECRET, ADMIN_PASSWORD, DATABASE_URL, etc.
```
See [`.env.example`](../.env.example) for every variable. For the bundled
Postgres keep `COMPOSE_PROFILES=with-db`; to use a Postgres already on the host,
set it empty and point `DATABASE_URL` at `host.docker.internal`.
> Data lives in named Docker volumes by default (or the `*_DIR` host paths you
> set in `.env`, e.g. `/var/lib/tanabata/...`) — **not** in `/opt/tanabata`. So
> `git reset --hard` on the code dir never touches your data.
## Deploying
Push to `master` (or hit **Run workflow** on the Actions tab). Watch progress
under the repo's **Actions** tab. The first build pulls the Node/Go base images
and takes a few minutes; later builds reuse the host's layer cache.
## Notes / alternatives
- **Docker-executor runner instead of host.** If you'd rather the runner itself
run in a container, register with a Docker label and bind-mount
`/var/run/docker.sock` and `/opt/tanabata` into the job (act_runner
`config.yaml``container.valid_volumes`), then change `runs-on` accordingly.
The host executor above is simpler for host deploys.
- **Zero-downtime** isn't attempted: `compose up` recreates changed containers.
For a single-node setup the brief restart is usually fine.
docs/FRONTEND_STRUCTURE.md
+2 -41
View File
@@ -10,46 +10,6 @@
- **Font**: Epilogue (variable weight)
- **Package manager**: npm
## SPA mode — why SvelteKit without the server
This frontend runs as a **pure client-side SPA**: `adapter-static` with
`fallback: 'index.html'` and `ssr = false` globally (see
`src/routes/+layout.ts`). There is no Node server in production — the build is
static assets, and the only backend is the Go API. SvelteKit is used here
purely as an SPA framework: file-based routing, the client router, and build
tooling.
**SvelteKit features we *do* use:**
- File-based routing with nested layouts (`admin/` has its own guard) and
dynamic segments (`[id]`).
- The client router: `goto`, the `page` store/state, `afterNavigate`,
`navigating`.
- **Shallow routing** — `pushState`/`replaceState` + `page.state`. The
Immich-style file viewer in `files/` and `pools/[id]/` opens as an overlay
over the still-mounted list via shallow routing, so the browser back button
dismisses it without reloading the grid. This is the single biggest reason we
stay on SvelteKit rather than a plain router.
- `load` functions, used *only* as client-side route guards (auth redirect,
admin redirect, `/``/files`).
- `$lib` alias, generated `./$types`, Vite/HMR integration.
**SvelteKit features we deliberately do *not* use** (the "server half"):
- SSR / hydration.
- `+page.server.ts`, `+server.ts` endpoints, form actions — all data goes
through the Go API via the `$lib/api` client.
- `hooks.*`, prerendering, server-only modules — no `hooks.server.ts` /
`hooks.client.ts` files exist.
**Decision: stay on SvelteKit, do not migrate to a bare Svelte + router SPA.**
The project already *is* an SPA, so there is no runtime gain from switching
(adapter-static tree-shakes the unused server bits; the client-runtime size
difference is negligible). A migration would mean re-implementing nested
layouts, guards, dynamic params, and — most painfully — shallow routing /
history-state overlays by hand, for zero benefit. New contributors should not
expect SSR, endpoints, or hooks to do anything here; that is intentional.
## Monorepo Layout
```
@@ -89,7 +49,8 @@ frontend/
├── src/
│ ├── app.html # Shell HTML (PWA meta, font preload)
│ ├── app.css # Tailwind directives + CSS custom properties
│ # (no hooks.* — see "SPA mode" above)
├── hooks.server.ts # Server hooks (not used in SPA mode)
│ ├── hooks.client.ts # Client hooks (global error handling)
│ │
│ ├── lib/ # Shared code ($lib/ alias)
│ │ │
docs/GO_PROJECT_STRUCTURE.md
+1 -1
View File
@@ -297,7 +297,7 @@ stored as hash in `activity.sessions.token_hash`.
```env
# Server
LISTEN_ADDR=:42776
LISTEN_ADDR=:8080
JWT_SECRET=<random-32-bytes>
JWT_ACCESS_TTL=15m
JWT_REFRESH_TTL=720h
docs/reference/schema.sql
-2286
View File
File diff suppressed because it is too large Load Diff
frontend/.prettierignore
-11
View File
@@ -1,11 +0,0 @@
# Build output and dependencies
.svelte-kit
build
node_modules
package-lock.json
# Generated from openapi.yaml — formatting would be overwritten on regen
src/lib/api/schema.ts
# Static assets (fonts, icons, manifest, robots)
static
frontend/.prettierrc
-15
View File
@@ -1,15 +0,0 @@
{
"useTabs": true,
"singleQuote": true,
"trailingComma": "none",
"printWidth": 100,
"plugins": ["prettier-plugin-svelte"],
"overrides": [
{
"files": "*.svelte",
"options": {
"parser": "svelte"
}
}
]
}
frontend/package-lock.json
Generated
-50
View File
@@ -13,10 +13,7 @@
"@sveltejs/kit": "^2.50.2",
"@sveltejs/vite-plugin-svelte": "^6.2.4",
"@tailwindcss/vite": "^4.2.2",
"@types/node": "^25.5.2",
"openapi-typescript": "^7.13.0",
"prettier": "^3.8.4",
"prettier-plugin-svelte": "^4.1.0",
"svelte": "^5.54.0",
"svelte-check": "^4.4.2",
"tailwindcss": "^4.2.2",
@@ -1348,16 +1345,6 @@
"dev": true,
"license": "MIT"
},
"node_modules/@types/node": {
"version": "25.5.2",
"resolved": "https://registry.npmjs.org/@types/node/-/node-25.5.2.tgz",
"integrity": "sha512-tO4ZIRKNC+MDWV4qKVZe3Ql/woTnmHDr5JD8UI5hn2pwBrHEwOEMZK7WlNb5RKB6EoJ02gwmQS9OrjuFnZYdpg==",
"dev": true,
"license": "MIT",
"dependencies": {
"undici-types": "~7.18.0"
}
},
"node_modules/@types/trusted-types": {
"version": "2.0.7",
"resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz",
@@ -2212,36 +2199,6 @@
"node": "^10 || ^12 || >=14"
}
},
"node_modules/prettier": {
"version": "3.8.4",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-3.8.4.tgz",
"integrity": "sha512-N2MylSdi48+5N/6S5j+maeHbUSIzzZ5uOcX5Hm4QpV8Dkb1HFjfAKTKX6yNPJQD9AhcT3ifHNB66tWTTJDi11Q==",
"dev": true,
"license": "MIT",
"bin": {
"prettier": "bin/prettier.cjs"
},
"engines": {
"node": ">=14"
},
"funding": {
"url": "https://github.com/prettier/prettier?sponsor=1"
}
},
"node_modules/prettier-plugin-svelte": {
"version": "4.1.0",
"resolved": "https://registry.npmjs.org/prettier-plugin-svelte/-/prettier-plugin-svelte-4.1.0.tgz",
"integrity": "sha512-YZkhA2Q9oOerFFG9tq+2f98WYT7Z2JgrybJrAyrB78jpsH9i/DdgplXemehuFPgsldetFNCcR/yCcYlDjPy94Q==",
"dev": true,
"license": "MIT",
"engines": {
"node": ">=20"
},
"peerDependencies": {
"prettier": "^3.0.0",
"svelte": "^5.0.0"
}
},
"node_modules/readdirp": {
"version": "4.1.2",
"resolved": "https://registry.npmjs.org/readdirp/-/readdirp-4.1.2.tgz",
@@ -2496,13 +2453,6 @@
"node": ">=14.17"
}
},
"node_modules/undici-types": {
"version": "7.18.2",
"resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.18.2.tgz",
"integrity": "sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==",
"dev": true,
"license": "MIT"
},
"node_modules/uri-js-replace": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/uri-js-replace/-/uri-js-replace-1.0.1.tgz",
frontend/package.json
+1 -6
View File
@@ -10,9 +10,7 @@
"preview": "vite preview",
"prepare": "svelte-kit sync || echo ''",
"check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
"format": "prettier --write .",
"format:check": "prettier --check ."
"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch"
},
"devDependencies": {
"@sveltejs/adapter-auto": "^7.0.0",
@@ -20,10 +18,7 @@
"@sveltejs/kit": "^2.50.2",
"@sveltejs/vite-plugin-svelte": "^6.2.4",
"@tailwindcss/vite": "^4.2.2",
"@types/node": "^25.5.2",
"openapi-typescript": "^7.13.0",
"prettier": "^3.8.4",
"prettier-plugin-svelte": "^4.1.0",
"svelte": "^5.54.0",
"svelte-check": "^4.4.2",
"tailwindcss": "^4.2.2",
frontend/src/app.css
+14 -22
View File
@@ -1,38 +1,30 @@
@import 'tailwindcss';
@theme {
--color-bg-primary: #312f45;
--color-bg-primary: #312F45;
--color-bg-secondary: #181721;
--color-bg-elevated: #111118;
--color-accent: #9592b5;
--color-accent-hover: #7d7aa4;
--color-accent: #9592B5;
--color-accent-hover: #7D7AA4;
--color-text-primary: #f0f0f0;
--color-text-muted: #9999ad;
--color-danger: #db6060;
--color-info: #4dc7ed;
--color-warning: #f5e872;
--color-success: #5fb87a;
--color-text-muted: #9999AD;
--color-danger: #DB6060;
--color-info: #4DC7ED;
--color-warning: #F5E872;
--color-tag-default: #444455;
--color-nav-bg: rgba(0, 0, 0, 0.45);
--color-nav-active: rgba(52, 50, 73, 0.72);
--font-sans: 'Epilogue', sans-serif;
}
:root[data-theme='light'] {
/* Muted, faintly lavender-tinted surfaces not a glaring near-white, the same
way the dark theme's background isn't pure black. Page sits on the dimmest
surface; sheets are brighter to pop, chips a touch darker for definition. */
--color-bg-primary: #e4e2ec;
--color-bg-secondary: #f2f1f6;
--color-bg-elevated: #d8d6e2;
--color-accent: #6b68a0;
--color-accent-hover: #5a578f;
:root[data-theme="light"] {
--color-bg-primary: #f5f5f5;
--color-bg-secondary: #ffffff;
--color-bg-elevated: #e8e8ec;
--color-accent: #6B68A0;
--color-accent-hover: #5A578F;
--color-text-primary: #111118;
--color-text-muted: #555566;
--color-tag-default: #cbcad9;
--color-nav-bg: rgba(228, 226, 236, 0.85);
--color-nav-active: rgba(90, 87, 143, 0.22);
--color-tag-default: #ccccdd;
}
@font-face {
frontend/src/app.d.ts
Vendored
+1 -5
View File
@@ -5,11 +5,7 @@ declare global {
// interface Error {}
// interface Locals {}
// interface PageData {}
interface PageState {
/** Set via shallow routing when the file viewer is open as an overlay
* on top of the files list. */
fileId?: string;
}
// interface PageState {}
// interface Platform {}
}
}
frontend/src/app.html
+1 -29
View File
@@ -3,35 +3,7 @@
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="theme-color" content="#312F45" />
<meta name="mobile-web-app-capable" content="yes" />
<meta name="apple-mobile-web-app-capable" content="yes" />
<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" />
<meta name="apple-mobile-web-app-title" content="Tanabata" />
<meta name="msapplication-TileColor" content="#312F45" />
<meta name="msapplication-TileImage" content="/images/ms-icon-144x144.png" />
<meta name="msapplication-config" content="/browserconfig.xml" />
<link rel="manifest" href="/manifest.webmanifest" />
<link rel="icon" type="image/x-icon" href="/favicon.ico" />
<link rel="icon" type="image/png" sizes="96x96" href="/images/favicon-96x96.png" />
<link rel="icon" type="image/png" sizes="32x32" href="/images/favicon-32x32.png" />
<link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16.png" />
<link rel="apple-touch-icon" sizes="57x57" href="/images/apple-icon-57x57.png" />
<link rel="apple-touch-icon" sizes="60x60" href="/images/apple-icon-60x60.png" />
<link rel="apple-touch-icon" sizes="72x72" href="/images/apple-icon-72x72.png" />
<link rel="apple-touch-icon" sizes="76x76" href="/images/apple-icon-76x76.png" />
<link rel="apple-touch-icon" sizes="114x114" href="/images/apple-icon-114x114.png" />
<link rel="apple-touch-icon" sizes="120x120" href="/images/apple-icon-120x120.png" />
<link rel="apple-touch-icon" sizes="144x144" href="/images/apple-icon-144x144.png" />
<link rel="apple-touch-icon" sizes="152x152" href="/images/apple-icon-152x152.png" />
<link rel="apple-touch-icon" sizes="180x180" href="/images/apple-icon-180x180.png" />
<link
rel="preload"
href="/fonts/Epilogue-VariableFont_wght.ttf"
as="font"
type="font/ttf"
crossorigin="anonymous"
/>
<link rel="preload" href="/fonts/Epilogue-VariableFont_wght.ttf" as="font" type="font/ttf" crossorigin="anonymous" />
%sveltekit.head%
</head>
<body data-sveltekit-preload-data="hover">
frontend/src/lib/api/auth.ts
-45
View File
@@ -1,45 +0,0 @@
import { get } from 'svelte/store';
import { authStore } from '$lib/stores/auth';
import { api } from './client';
import type { TokenPair, SessionList } from './types';
export async function login(name: string, password: string): Promise<void> {
const tokens = await api.post<TokenPair>('/auth/login', { name, password });
authStore.update((s) => ({
...s,
accessToken: tokens.access_token ?? null,
refreshToken: tokens.refresh_token ?? null
}));
}
export async function logout(): Promise<void> {
try {
await api.post('/auth/logout');
} finally {
authStore.set({ accessToken: null, refreshToken: null, user: null });
}
}
export async function refresh(): Promise<void> {
const { refreshToken } = get(authStore);
if (!refreshToken) throw new Error('No refresh token');
const tokens = await api.post<TokenPair>('/auth/refresh', { refresh_token: refreshToken });
authStore.update((s) => ({
...s,
accessToken: tokens.access_token ?? null,
refreshToken: tokens.refresh_token ?? null
}));
}
export function listSessions(params?: { offset?: number; limit?: number }): Promise<SessionList> {
const entries = Object.entries(params ?? {})
.filter(([, v]) => v !== undefined)
.map(([k, v]) => [k, String(v)]);
const qs = entries.length ? '?' + new URLSearchParams(entries).toString() : '';
return api.get<SessionList>(`/auth/sessions${qs}`);
}
export function terminateSession(sessionId: number): Promise<void> {
return api.delete<void>(`/auth/sessions/${sessionId}`);
}
frontend/src/lib/api/categories.ts
-28
View File
@@ -1,28 +0,0 @@
import { get } from 'svelte/store';
import { api } from '$lib/api/client';
import type { Category, CategoryOffsetPage } from '$lib/api/types';
import { categorySorting } from '$lib/stores/sorting';
// The /categories endpoint caps limit at 200 per request. Category dropdowns
// show the whole list, so page through to get them all — otherwise categories
// past the first 200 are missing from the picker.
const PAGE = 200;
/**
* Fetches every category, paging past the server's per-request cap. Ordered by
* the sort the user picked on the categories page (categorySorting).
*/
export async function fetchAllCategories(): Promise<Category[]> {
const { sort, order } = get(categorySorting);
const all: Category[] = [];
for (let offset = 0; ; offset += PAGE) {
const page = await api.get<CategoryOffsetPage>(
`/categories?limit=${PAGE}&offset=${offset}&sort=${sort}&order=${order}`
);
const items = page.items ?? [];
all.push(...items);
const total = page.total ?? all.length;
if (items.length < PAGE || all.length >= total) break;
}
return all;
}
frontend/src/lib/api/client.ts
-250
View File
@@ -1,250 +0,0 @@
import { get } from 'svelte/store';
import { goto } from '$app/navigation';
import { browser } from '$app/environment';
import { authStore } from '$lib/stores/auth';
import { clearSection, type SectionKey } from '$lib/stores/sectionCache';
const BASE = '/api/v1';
// The tags/categories/pools lists are edited on their own detail/new pages, so a
// cached list snapshot goes stale after a write there. Drop the matching
// section's snapshot on any successful mutation so the list refetches on return.
// (Files isn't included — its grid keeps itself consistent via optimistic
// updates, and over-invalidating would needlessly lose the scroll position.)
function invalidateSectionCache(path: string, method: string): void {
if (method === 'GET') return;
const sections: SectionKey[] = ['tags', 'categories', 'pools'];
for (const s of sections) {
if (path === `/${s}` || path.startsWith(`/${s}/`) || path.startsWith(`/${s}?`)) {
clearSection(s);
return;
}
}
}
/** Clear the session and bounce to the login screen. Called when the refresh
* token is missing or rejected, so an expired session doesn't strand the user
* on a page that only shows errors. */
function endSession(): void {
authStore.set({ accessToken: null, refreshToken: null, user: null });
if (browser) void goto('/login');
}
export class ApiError extends Error {
constructor(
public readonly status: number,
public readonly code: string,
message: string,
public readonly details?: Array<{ field?: string; message?: string }>
) {
super(message);
this.name = 'ApiError';
}
}
// Deduplicates concurrent 401 refresh attempts into a single in-flight request.
let refreshPromise: Promise<void> | null = null;
async function refreshTokens(): Promise<void> {
const attempted = get(authStore).refreshToken;
if (!attempted) {
endSession();
throw new ApiError(401, 'unauthorized', 'Session expired');
}
const res = await fetch(`${BASE}/auth/refresh`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ refresh_token: attempted })
});
if (!res.ok) {
// Refresh tokens rotate, so another tab may have already refreshed and
// rotated ours out. If a newer token has since synced in from that tab (via
// the auth store's storage listener), adopt it and let the caller retry
// rather than ending a session that's actually still alive.
if (get(authStore).refreshToken !== attempted) return;
endSession();
throw new ApiError(401, 'unauthorized', 'Session expired');
}
const data = await res.json();
authStore.update((s) => ({
...s,
accessToken: data.access_token ?? null,
refreshToken: data.refresh_token ?? null
}));
}
function buildHeaders(init: RequestInit | undefined, accessToken: string | null): HeadersInit {
const isFormData = init?.body instanceof FormData;
const base: Record<string, string> = isFormData ? {} : { 'Content-Type': 'application/json' };
if (accessToken) base['Authorization'] = `Bearer ${accessToken}`;
return { ...base, ...(init?.headers as Record<string, string> | undefined) };
}
async function request<T>(path: string, init?: RequestInit): Promise<T> {
let res = await fetch(BASE + path, {
...init,
headers: buildHeaders(init, get(authStore).accessToken)
});
if (res.status === 401) {
if (!refreshPromise) {
refreshPromise = refreshTokens().finally(() => {
refreshPromise = null;
});
}
try {
await refreshPromise;
} catch {
throw new ApiError(401, 'unauthorized', 'Session expired');
}
res = await fetch(BASE + path, {
...init,
headers: buildHeaders(init, get(authStore).accessToken)
});
}
if (!res.ok) {
let body: {
code?: string;
message?: string;
details?: Array<{ field?: string; message?: string }>;
} = {};
try {
body = await res.json();
} catch {
// ignore parse failure
}
throw new ApiError(
res.status,
body.code ?? 'error',
body.message ?? res.statusText,
body.details
);
}
invalidateSectionCache(path, (init?.method ?? 'GET').toUpperCase());
// A success doesn't guarantee a JSON body: 204 never has one, and some 200/201
// responses (e.g. POST /pools/:id/files) complete with an empty body. Parsing
// those as JSON throws, so read the text first and only parse when present —
// otherwise an empty 201 would surface as a spurious "failed" error.
if (res.status === 204) return undefined as T;
const text = await res.text();
return (text ? JSON.parse(text) : undefined) as T;
}
/** Upload with XHR so we can track progress via onProgress(0100). */
export function uploadWithProgress<T>(
path: string,
formData: FormData,
onProgress: (pct: number) => void
): Promise<T> {
return new Promise((resolve, reject) => {
const token = get(authStore).accessToken;
const xhr = new XMLHttpRequest();
xhr.open('POST', BASE + path);
if (token) xhr.setRequestHeader('Authorization', `Bearer ${token}`);
xhr.upload.onprogress = (e) => {
if (e.lengthComputable) onProgress(Math.round((e.loaded / e.total) * 100));
};
xhr.onload = () => {
if (xhr.status >= 200 && xhr.status < 300) {
try {
resolve(JSON.parse(xhr.responseText) as T);
} catch {
resolve(undefined as T);
}
} else {
let body: { code?: string; message?: string } = {};
try {
body = JSON.parse(xhr.responseText);
} catch {
/* ignore */
}
reject(new ApiError(xhr.status, body.code ?? 'error', body.message ?? xhr.statusText));
}
};
xhr.onerror = () => reject(new ApiError(0, 'network_error', 'Network error'));
xhr.send(formData);
});
}
/** POST that consumes a streamed newline-delimited JSON (NDJSON) response,
* invoking onEvent once per parsed line. Used by the server-side import so the
* UI can render live per-file progress. Reuses the bearer token and a single
* 401 refresh+retry, but (unlike request()) keeps the body as a stream. */
export async function postStream(
path: string,
body: unknown,
onEvent: (ev: Record<string, unknown>) => void
): Promise<void> {
const init: RequestInit = { method: 'POST', body: JSON.stringify(body) };
const send = () =>
fetch(BASE + path, { ...init, headers: buildHeaders(init, get(authStore).accessToken) });
let res = await send();
if (res.status === 401) {
if (!refreshPromise) {
refreshPromise = refreshTokens().finally(() => {
refreshPromise = null;
});
}
try {
await refreshPromise;
} catch {
throw new ApiError(401, 'unauthorized', 'Session expired');
}
res = await send();
}
if (!res.ok || !res.body) {
let b: { code?: string; message?: string } = {};
try {
b = await res.json();
} catch {
// ignore parse failure
}
throw new ApiError(res.status, b.code ?? 'error', b.message ?? res.statusText);
}
const reader = res.body.getReader();
const decoder = new TextDecoder();
let buf = '';
const flushLine = (line: string) => {
const trimmed = line.trim();
if (trimmed) onEvent(JSON.parse(trimmed));
};
for (;;) {
const { done, value } = await reader.read();
if (done) break;
buf += decoder.decode(value, { stream: true });
let nl: number;
while ((nl = buf.indexOf('\n')) >= 0) {
flushLine(buf.slice(0, nl));
buf = buf.slice(nl + 1);
}
}
buf += decoder.decode();
flushLine(buf);
}
export const api = {
get: <T>(path: string) => request<T>(path),
post: <T>(path: string, body?: unknown) =>
request<T>(path, { method: 'POST', body: JSON.stringify(body) }),
patch: <T>(path: string, body?: unknown) =>
request<T>(path, { method: 'PATCH', body: JSON.stringify(body) }),
put: <T>(path: string, body?: unknown) =>
request<T>(path, { method: 'PUT', body: JSON.stringify(body) }),
delete: <T>(path: string) => request<T>(path, { method: 'DELETE' }),
upload: <T>(path: string, formData: FormData) =>
request<T>(path, { method: 'POST', body: formData })
};
frontend/src/lib/api/duplicates.ts
-52
View File
@@ -1,52 +0,0 @@
import { api } from '$lib/api/client';
import type { File } from '$lib/api/types';
/** A group of mutually similar files. */
export interface DuplicateCluster {
files: File[];
}
export interface DuplicateClusterPage {
items: DuplicateCluster[];
total: number;
offset: number;
limit: number;
}
/** Per-field source for a merge. Scalars choose keep/discard; relations
* (tags, pools) choose keep/both; metadata can also be shallow-merged. */
export type ScalarChoice = 'keep' | 'discard';
export type RelationChoice = 'keep' | 'both';
export type MetadataChoice = 'keep' | 'discard' | 'merge';
export interface MergeFields {
original_name?: ScalarChoice;
notes?: ScalarChoice;
content_datetime?: ScalarChoice;
is_public?: ScalarChoice;
metadata?: MetadataChoice;
tags?: RelationChoice;
pools?: RelationChoice;
}
export interface ResolveRequest {
keep: string;
discard: string;
fields?: MergeFields;
delete_discarded?: boolean;
}
/** Fetch a page of duplicate clusters (server reads a precomputed table). */
export function getDuplicates(limit = 20, offset = 0): Promise<DuplicateClusterPage> {
return api.get<DuplicateClusterPage>(`/files/duplicates?limit=${limit}&offset=${offset}`);
}
/** Mark two files as "not a duplicate" so the pair stops surfacing. */
export function dismissDuplicate(a: string, b: string): Promise<void> {
return api.post<void>('/files/duplicates/dismiss', { file_id_a: a, file_id_b: b });
}
/** Merge a duplicate pair, returning the updated survivor. */
export function resolveDuplicate(req: ResolveRequest): Promise<File> {
return api.post<File>('/files/duplicates/resolve', req);
}
frontend/src/lib/api/tags.ts
-64
View File
@@ -1,64 +0,0 @@
import { get } from 'svelte/store';
import { api } from '$lib/api/client';
import type { Tag, TagOffsetPage } from '$lib/api/types';
import { tagSorting, type SortState, type TagSortField } from '$lib/stores/sorting';
// The /tags endpoint caps limit at 200 per request. Pickers and the filter bar
// filter the tag list client-side, so they need the *whole* list — otherwise
// tags past the first 200 are invisible and unsearchable. Page through until we
// have them all.
const PAGE = 200;
/**
* Fetches every tag, paging past the server's per-request cap. Ordered by the
* sort the user picked on the tags page (tagSorting), so the pickers and filter
* bar show tags in the same order as that page.
*/
export async function fetchAllTags(): Promise<Tag[]> {
const { sort, order } = get(tagSorting);
const all: Tag[] = [];
for (let offset = 0; ; offset += PAGE) {
const page = await api.get<TagOffsetPage>(
`/tags?limit=${PAGE}&offset=${offset}&sort=${sort}&order=${order}`
);
const items = page.items ?? [];
all.push(...items);
const total = page.total ?? all.length;
if (items.length < PAGE || all.length >= total) break;
}
return all;
}
// Field a tag is keyed on for a given sort choice. created_at is an ISO string,
// so lexical comparison matches chronological order.
function tagSortKey(t: Tag, field: TagSortField): string {
switch (field) {
case 'name':
return t.name ?? '';
case 'color':
return t.color ?? '';
case 'category_name':
return t.category_name ?? '';
case 'created':
return t.created_at ?? '';
default:
return '';
}
}
/**
* Returns a copy of `tags` sorted by the given tag sort state — used to order a
* file's already-assigned tags the same way as the tags page and the pickers'
* available list (which the server sorts). Client-side so it reacts instantly
* when the user changes the sort.
*/
export function sortTags(tags: Tag[], { sort, order }: SortState<TagSortField>): Tag[] {
const dir = order === 'asc' ? 1 : -1;
return [...tags].sort((a, b) => {
const primary = dir * tagSortKey(a, sort).localeCompare(tagSortKey(b, sort));
if (primary !== 0 || sort !== 'category_name') return primary;
// Same category: break the tie by the tag's own name (same direction), so
// tags are grouped by category then alphabetical — matching the server.
return dir * (a.name ?? '').localeCompare(b.name ?? '');
});
}
frontend/src/lib/api/types.ts
-1
View File
@@ -7,7 +7,6 @@ export type Pool = components['schemas']['Pool'];
export type PoolFile = components['schemas']['PoolFile'];
export type User = components['schemas']['User'];
export type Session = components['schemas']['Session'];
export type TokenPair = components['schemas']['TokenPair'];
export type Permission = components['schemas']['Permission'];
export type AuditEntry = components['schemas']['AuditLogEntry'];
export type TagRule = components['schemas']['TagRule'];
frontend/src/lib/components/common/ConfirmDialog.svelte
-123
View File
@@ -1,123 +0,0 @@
<script lang="ts">
interface Props {
message: string;
confirmLabel?: string;
danger?: boolean;
onConfirm: () => void;
onCancel: () => void;
}
let { message, confirmLabel = 'Confirm', danger = false, onConfirm, onCancel }: Props = $props();
let dialog = $state<HTMLDialogElement | undefined>();
$effect(() => {
dialog?.showModal();
return () => dialog?.close();
});
function handleKeydown(e: KeyboardEvent) {
if (e.key === 'Escape') onCancel();
}
function handleBackdropClick(e: MouseEvent) {
if (e.target === dialog) onCancel();
}
</script>
<!-- svelte-ignore a11y_no_noninteractive_element_interactions -->
<dialog
bind:this={dialog}
onkeydown={handleKeydown}
onclick={handleBackdropClick}
aria-modal="true"
>
<div class="body">
<p class="message">{message}</p>
<div class="actions">
<button class="btn cancel" onclick={onCancel}>Cancel</button>
<button class="btn confirm" class:danger onclick={onConfirm}>{confirmLabel}</button>
</div>
</div>
</dialog>
<style>
dialog {
padding: 0;
border: none;
border-radius: 12px;
background-color: var(--color-bg-secondary);
color: var(--color-text-primary);
box-shadow: 0 8px 32px rgba(0, 0, 0, 0.6);
max-width: min(340px, calc(100vw - 32px));
width: 100%;
position: fixed;
top: 50%;
left: 50%;
transform: translate(-50%, -50%);
margin: 0;
}
dialog::backdrop {
background-color: rgba(0, 0, 0, 0.55);
backdrop-filter: blur(2px);
}
.body {
padding: 20px 20px 16px;
display: flex;
flex-direction: column;
gap: 18px;
}
.message {
margin: 0;
font-size: 0.9rem;
line-height: 1.5;
color: var(--color-text-primary);
}
.actions {
display: flex;
gap: 8px;
justify-content: flex-end;
}
.btn {
height: 36px;
padding: 0 16px;
border-radius: 8px;
font-size: 0.875rem;
font-weight: 600;
font-family: inherit;
cursor: pointer;
}
.btn.cancel {
border: 1px solid color-mix(in srgb, var(--color-accent) 35%, transparent);
background: none;
color: var(--color-text-primary);
}
.btn.cancel:hover {
background-color: color-mix(in srgb, var(--color-accent) 12%, transparent);
}
.btn.confirm {
border: none;
background-color: var(--color-accent);
color: var(--color-bg-primary);
}
.btn.confirm:hover {
background-color: var(--color-accent-hover);
}
.btn.confirm.danger {
background-color: var(--color-danger);
}
.btn.confirm.danger:hover {
background-color: color-mix(in srgb, var(--color-danger) 80%, #fff);
}
</style>
frontend/src/lib/components/common/InfiniteScroll.svelte
-105
View File
@@ -1,105 +0,0 @@
<script lang="ts">
interface Props {
loading?: boolean;
hasMore?: boolean;
onLoadMore: () => void;
/** Which edge to watch: 'bottom' loads on scroll down, 'top' on scroll up. */
edge?: 'top' | 'bottom';
}
let { loading = false, hasMore = true, onLoadMore, edge = 'bottom' }: Props = $props();
// Lookahead distance past the viewport edge at which we start loading.
const MARGIN = 300;
let sentinel = $state<HTMLDivElement | undefined>();
// True while the sentinel is within MARGIN px of the watched viewport edge.
// Measuring the sentinel's viewport rect (rather than a scroll container's
// scrollHeight/clientHeight) makes this correct whether the page scrolls on
// <main> or on the window, and loads only enough to reach past the viewport.
function nearViewport(): boolean {
if (!sentinel) return false;
const rect = sentinel.getBoundingClientRect();
return edge === 'bottom' ? rect.top <= window.innerHeight + MARGIN : rect.bottom >= -MARGIN;
}
function maybeLoad() {
if (loading || !hasMore || !sentinel) return;
if (nearViewport()) onLoadMore();
}
// Load on scroll. We watch the actual scroll position rather than relying on an
// IntersectionObserver, which fires only on enter/leave transitions: a scroll
// that *ends* with the sentinel already in range (e.g. scrolling straight to the
// bottom) produces no new observer callback, so nothing loads until the user
// scrolls back up and down to force a fresh transition. Re-checking the sentinel
// on every scroll is what reliably keeps the list growing.
//
// `capture: true` is required because scroll events don't bubble — capturing lets
// a single window listener catch scrolls from any nested scroll container (here
// the grid's <main>) as well as the document itself. rAF-throttled so it stays
// cheap (one getBoundingClientRect per frame at most).
$effect(() => {
let scheduled = false;
const onScroll = () => {
if (scheduled) return;
scheduled = true;
requestAnimationFrame(() => {
scheduled = false;
maybeLoad();
});
};
window.addEventListener('scroll', onScroll, { passive: true, capture: true });
window.addEventListener('resize', onScroll, { passive: true });
return () => {
window.removeEventListener('scroll', onScroll, { capture: true });
window.removeEventListener('resize', onScroll);
};
});
// Re-check after mount and after each load settles (loading → false): if the
// freshly added content still didn't push the sentinel past the viewport, load
// again. This fills short pages and covers the sentinel already being in range on
// first render, without waiting for a scroll.
$effect(() => {
if (!loading) maybeLoad();
});
</script>
<div bind:this={sentinel} class="sentinel" aria-hidden="true"></div>
{#if loading}
<div class="loading-row">
<span class="spinner" role="status" aria-label="Loading"></span>
</div>
{/if}
<style>
.sentinel {
height: 1px;
}
.loading-row {
display: flex;
justify-content: center;
align-items: center;
padding: 24px 0;
}
.spinner {
display: block;
width: 32px;
height: 32px;
border: 3px solid color-mix(in srgb, var(--color-accent) 25%, transparent);
border-top-color: var(--color-accent);
border-radius: 50%;
animation: spin 0.7s linear infinite;
}
@keyframes spin {
to {
transform: rotate(360deg);
}
}
</style>
frontend/src/lib/components/file/BulkTagEditor.svelte
-436
View File
@@ -1,436 +0,0 @@
<script lang="ts">
import { api } from '$lib/api/client';
import type { Tag } from '$lib/api/types';
import { fetchAllTags } from '$lib/api/tags';
interface Props {
fileIds: string[];
onDone: () => void;
}
let { fileIds, onDone }: Props = $props();
// Tags present on ALL selected files
let commonIds = $state(new Set<string>());
// Tags present on SOME but not all selected files
let partialIds = $state(new Set<string>());
// All available tags from /tags
let allTags = $state<Tag[]>([]);
let search = $state('');
let busy = $state(false);
let loading = $state(true);
let error = $state('');
$effect(() => {
load();
});
async function load() {
loading = true;
error = '';
try {
const [tagsRes, commonRes] = await Promise.all([
fetchAllTags(),
api.post<{ common_tag_ids: string[]; partial_tag_ids: string[] }>(
'/files/bulk/common-tags',
{ file_ids: fileIds }
)
]);
allTags = tagsRes;
commonIds = new Set(commonRes.common_tag_ids ?? []);
partialIds = new Set(commonRes.partial_tag_ids ?? []);
} catch {
error = 'Failed to load tags';
} finally {
loading = false;
}
}
// Assigned = common + partial (shown in assigned section)
let assignedIds = $derived(new Set([...commonIds, ...partialIds]));
let assignedTags = $derived(
allTags.filter(
(t) =>
assignedIds.has(t.id ?? '') &&
(!search.trim() || t.name?.toLowerCase().includes(search.toLowerCase()))
)
);
let availableTags = $derived(
allTags.filter(
(t) =>
!assignedIds.has(t.id ?? '') &&
(!search.trim() || t.name?.toLowerCase().includes(search.toLowerCase()))
)
);
function tagStyle(tag: Tag) {
const color = tag.color ?? tag.category_color;
return color ? `background-color: #${color}` : '';
}
// Refetch which tags are common/partial across the selection. Run after any
// bulk change so rule-applied tags (and partial→common shifts) show up — the
// server applies auto-tag rules, so we can't infer the result locally.
async function refreshCommon() {
const res = await api.post<{ common_tag_ids: string[]; partial_tag_ids: string[] }>(
'/files/bulk/common-tags',
{ file_ids: fileIds }
);
commonIds = new Set(res.common_tag_ids ?? []);
partialIds = new Set(res.partial_tag_ids ?? []);
}
async function add(tagId: string) {
if (busy) return;
busy = true;
try {
await api.post('/files/bulk/tags', { file_ids: fileIds, action: 'add', tag_ids: [tagId] });
await refreshCommon();
} finally {
busy = false;
}
}
// Clicking a partial tag promotes it to common (adds to all files that don't have it)
async function promotePartial(tagId: string) {
if (busy) return;
busy = true;
try {
await api.post('/files/bulk/tags', { file_ids: fileIds, action: 'add', tag_ids: [tagId] });
await refreshCommon();
} finally {
busy = false;
}
}
async function remove(tagId: string) {
if (busy) return;
busy = true;
try {
await api.post('/files/bulk/tags', { file_ids: fileIds, action: 'remove', tag_ids: [tagId] });
await refreshCommon();
} finally {
busy = false;
}
}
// ---- Keyboard navigation (from the search input) ----
// ↓/↑ highlight a suggestion, Enter adds it (focus stays); with the input empty
// ←/→ walk the assigned tags and Del removes the focused one from all files.
let highlightIdx = $state(0);
let assignedFocusIdx = $state(-1);
$effect(() => {
if (highlightIdx > availableTags.length - 1) {
highlightIdx = Math.max(0, availableTags.length - 1);
}
});
function onSearchKeydown(e: KeyboardEvent) {
if (e.key === 'ArrowDown') {
e.preventDefault();
assignedFocusIdx = -1;
if (availableTags.length) highlightIdx = Math.min(highlightIdx + 1, availableTags.length - 1);
} else if (e.key === 'ArrowUp') {
e.preventDefault();
assignedFocusIdx = -1;
highlightIdx = Math.max(highlightIdx - 1, 0);
} else if (e.key === 'Enter') {
const tag = availableTags[highlightIdx];
if (tag?.id) {
e.preventDefault();
void add(tag.id);
}
} else if (e.key === 'ArrowRight' && search === '') {
e.preventDefault();
const n = assignedTags.length;
if (n) assignedFocusIdx = assignedFocusIdx < 0 ? 0 : Math.min(assignedFocusIdx + 1, n - 1);
} else if (e.key === 'ArrowLeft' && search === '') {
e.preventDefault();
const n = assignedTags.length;
if (n) assignedFocusIdx = assignedFocusIdx < 0 ? n - 1 : Math.max(assignedFocusIdx - 1, 0);
} else if (e.key === 'Delete' && assignedFocusIdx >= 0) {
const tag = assignedTags[assignedFocusIdx];
if (tag?.id) {
e.preventDefault();
void remove(tag.id);
assignedFocusIdx = Math.min(assignedFocusIdx, assignedTags.length - 2);
}
} else if (e.key === 'Escape') {
// Staged exit: a non-empty filter clears first; once empty, Escape
// releases focus. Stop propagation so neither step reaches the page's
// window handler — only the *next* Escape (with focus already gone) does,
// and that one closes the popup.
e.preventDefault();
e.stopPropagation();
if (search) {
search = '';
assignedFocusIdx = -1;
} else {
assignedFocusIdx = -1;
(e.currentTarget as HTMLInputElement).blur();
}
}
}
</script>
<div class="editor" class:busy>
{#if loading}
<p class="status">Loading…</p>
{:else if error}
<p class="status err">{error}</p>
{:else}
<!-- Assigned tags -->
{#if assignedTags.length > 0}
<div class="section-label">
Assigned
<span class="hint">— partial tags shown with dashed border, click to apply to all</span>
</div>
<div class="tag-row">
{#each assignedTags as tag, i (tag.id)}
{@const isPartial = partialIds.has(tag.id ?? '')}
<div class="tag-wrap">
<button
class="tag assigned"
class:partial={isPartial}
class:kbfocus={assignedFocusIdx === i}
style={tagStyle(tag)}
onclick={() => (isPartial ? promotePartial(tag.id!) : remove(tag.id!))}
title={isPartial
? 'Partial — click to add to all files'
: 'Click to remove from all files'}
>
{tag.name}
{#if isPartial}
<span class="partial-icon" aria-label="partial">~</span>
{:else}
<span class="remove" aria-label="remove">×</span>
{/if}
</button>
</div>
{/each}
</div>
{/if}
<!-- Search -->
<div class="search-wrap">
<input
class="search"
type="search"
placeholder="Search tags…"
bind:value={search}
onkeydown={onSearchKeydown}
autocomplete="off"
/>
{#if search}
<button class="search-clear" onclick={() => (search = '')} aria-label="Clear search">
<svg width="14" height="14" viewBox="0 0 14 14" fill="none" aria-hidden="true">
<path
d="M2 2l10 10M12 2L2 12"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
/>
</svg>
</button>
{/if}
</div>
<!-- Available tags -->
{#if availableTags.length > 0}
<div class="section-label">Add tag</div>
<div class="tag-row available-row">
{#each availableTags as tag, i (tag.id)}
<button
class="tag available"
class:hl={highlightIdx === i}
style={tagStyle(tag)}
onclick={() => add(tag.id!)}
title="Add to all selected files"
>
{tag.name}
</button>
{/each}
</div>
{:else if search.trim() && availableTags.length === 0 && assignedTags.length === 0}
<p class="empty">No matching tags</p>
{/if}
{/if}
</div>
<style>
.editor {
display: flex;
flex-direction: column;
gap: 8px;
}
.editor.busy {
opacity: 0.6;
pointer-events: none;
}
.status {
font-size: 0.85rem;
color: var(--color-text-muted);
margin: 0;
padding: 8px 0;
}
.status.err {
color: var(--color-danger);
}
.section-label {
font-size: 0.75rem;
color: var(--color-text-muted);
font-weight: 600;
text-transform: uppercase;
letter-spacing: 0.05em;
}
.hint {
font-weight: 400;
text-transform: none;
letter-spacing: 0;
font-size: 0.72rem;
}
.tag-row {
display: flex;
flex-wrap: wrap;
gap: 5px;
}
.available-row {
max-height: 140px;
overflow-y: auto;
}
.tag-wrap {
display: contents;
}
.tag {
display: inline-flex;
align-items: center;
gap: 4px;
height: 26px;
padding: 0 9px;
border-radius: 5px;
font-size: 0.8rem;
font-family: inherit;
cursor: pointer;
border: 2px solid transparent;
background-color: var(--color-tag-default);
color: rgba(255, 255, 255, 0.9);
user-select: none;
}
/* Common tag — solid, slightly faded ×, full opacity */
.tag.assigned {
opacity: 0.95;
}
.tag.assigned:hover {
filter: brightness(1.15);
}
/* Partial tag — dashed border, reduced opacity */
.tag.assigned.partial {
opacity: 0.65;
border-style: dashed;
border-color: rgba(255, 255, 255, 0.55);
}
.tag.assigned.partial:hover {
opacity: 1;
filter: brightness(1.1);
}
.remove {
font-size: 1rem;
line-height: 1;
opacity: 0.7;
}
.partial-icon {
font-size: 0.9rem;
line-height: 1;
opacity: 0.85;
}
.tag.available {
opacity: 0.7;
}
.tag.available:hover {
opacity: 1;
filter: brightness(1.1);
}
.tag.available.hl {
opacity: 1;
outline: 2px solid var(--color-accent);
outline-offset: 1px;
}
.tag.assigned.kbfocus {
outline: 2px solid var(--color-danger);
outline-offset: 1px;
}
.search-wrap {
position: relative;
display: flex;
align-items: center;
}
.search {
width: 100%;
box-sizing: border-box;
height: 32px;
padding: 0 10px;
border-radius: 6px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-primary);
color: var(--color-text-primary);
font-size: 0.85rem;
font-family: inherit;
outline: none;
}
.search:focus {
border-color: var(--color-accent);
}
.search-clear {
position: absolute;
right: 6px;
display: flex;
align-items: center;
justify-content: center;
width: 20px;
height: 20px;
border-radius: 50%;
border: none;
background: none;
color: var(--color-text-muted);
cursor: pointer;
padding: 0;
}
.search-clear:hover {
color: var(--color-text-primary);
background-color: color-mix(in srgb, var(--color-accent) 20%, transparent);
}
.empty {
font-size: 0.8rem;
color: var(--color-text-muted);
margin: 0;
}
</style>
frontend/src/lib/components/file/DuplicateMergeDialog.svelte
-402
View File
@@ -1,402 +0,0 @@
<script lang="ts">
import type { File } from '$lib/api/types';
import {
resolveDuplicate,
type MergeFields,
type MetadataChoice,
type RelationChoice,
type ScalarChoice
} from '$lib/api/duplicates';
import Thumb from '$lib/components/file/Thumb.svelte';
interface Props {
/** The two files to merge; `keep` is the default survivor (swappable here). */
keep: File;
discard: File;
/** Called with the updated survivor after a successful merge. */
onResolved: (survivor: File) => void;
onClose: () => void;
}
let { keep, discard, onResolved, onClose }: Props = $props();
// Which file survives is swappable; derive the two sides from a single flag so
// the choice stays in sync with the props.
let swapped = $state(false);
let a = $derived<File>(swapped ? discard : keep);
let b = $derived<File>(swapped ? keep : discard);
// Per-field source, all defaulting to the survivor ("keep").
let original_name = $state<ScalarChoice>('keep');
let notes = $state<ScalarChoice>('keep');
let content_datetime = $state<ScalarChoice>('keep');
let is_public = $state<ScalarChoice>('keep');
let metadata = $state<MetadataChoice>('keep');
let tags = $state<RelationChoice>('keep');
let pools = $state<RelationChoice>('keep');
let deleteDiscarded = $state(true);
let busy = $state(false);
let error = $state('');
function swap() {
swapped = !swapped;
}
function fmtDate(s?: string | null): string {
if (!s) return '—';
const d = new Date(s);
return isNaN(d.getTime()) ? s : d.toLocaleString();
}
function metaCount(m: unknown): number {
return m && typeof m === 'object' ? Object.keys(m as object).length : 0;
}
async function submit() {
if (busy) return;
busy = true;
error = '';
const fields: MergeFields = {
original_name,
notes,
content_datetime,
is_public,
metadata,
tags,
pools
};
try {
const survivor = await resolveDuplicate({
keep: a.id,
discard: b.id,
fields,
delete_discarded: deleteDiscarded
});
onResolved(survivor);
onClose();
} catch {
error = 'Failed to merge';
busy = false;
}
}
</script>
<!-- svelte-ignore a11y_click_events_have_key_events a11y_no_static_element_interactions -->
<div class="backdrop" role="presentation" onclick={onClose}></div>
<div class="sheet" class:busy role="dialog" aria-label="Merge duplicates">
<div class="head">
<span class="title">Merge duplicates</span>
<button class="x" onclick={onClose} aria-label="Close">
<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true">
<path d="M3 3l10 10M13 3L3 13" stroke="currentColor" stroke-width="1.8" stroke-linecap="round" />
</svg>
</button>
</div>
<div class="body">
<!-- Survivor / other headers -->
<div class="files">
<div class="file">
<Thumb id={a.id} size={80} alt={a.original_name ?? ''} />
<span class="badge keep">Keep</span>
<span class="fname" title={a.original_name ?? ''}>{a.original_name ?? '—'}</span>
</div>
<button class="swap" onclick={swap} title="Swap which file is kept" aria-label="Swap">
<svg width="18" height="18" viewBox="0 0 18 18" fill="none" aria-hidden="true">
<path
d="M5 4h8l-2.5-2.5M13 14H5l2.5 2.5"
stroke="currentColor"
stroke-width="1.6"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
</button>
<div class="file">
<Thumb id={b.id} size={80} alt={b.original_name ?? ''} />
<span class="badge other">Other</span>
<span class="fname" title={b.original_name ?? ''}>{b.original_name ?? '—'}</span>
</div>
</div>
<!-- Scalar fields: keep vs discard -->
{#snippet scalarRow(label: string, value: ScalarChoice, set: (v: ScalarChoice) => void, keepVal: string, otherVal: string)}
<div class="row">
<span class="label">{label}</span>
<div class="seg">
<button class:on={value === 'keep'} onclick={() => set('keep')} title={keepVal}>
{keepVal || '—'}
</button>
<button class:on={value === 'discard'} onclick={() => set('discard')} title={otherVal}>
{otherVal || '—'}
</button>
</div>
</div>
{/snippet}
{@render scalarRow(
'Name',
original_name,
(v) => (original_name = v),
a.original_name ?? '',
b.original_name ?? ''
)}
{@render scalarRow('Notes', notes, (v) => (notes = v), a.notes ?? '', b.notes ?? '')}
{@render scalarRow(
'Date',
content_datetime,
(v) => (content_datetime = v),
fmtDate(a.content_datetime),
fmtDate(b.content_datetime)
)}
{@render scalarRow(
'Visibility',
is_public,
(v) => (is_public = v),
a.is_public ? 'Public' : 'Private',
b.is_public ? 'Public' : 'Private'
)}
<!-- Metadata: keep / other / merge -->
<div class="row">
<span class="label">Metadata</span>
<div class="seg">
<button class:on={metadata === 'keep'} onclick={() => (metadata = 'keep')}>
Keep ({metaCount(a.metadata)})
</button>
<button class:on={metadata === 'discard'} onclick={() => (metadata = 'discard')}>
Other ({metaCount(b.metadata)})
</button>
<button class:on={metadata === 'merge'} onclick={() => (metadata = 'merge')}>Merge</button>
</div>
</div>
<!-- Relations: keep vs union both -->
<div class="row">
<span class="label">Tags</span>
<div class="seg">
<button class:on={tags === 'keep'} onclick={() => (tags = 'keep')}>
Keep ({a.tags?.length ?? 0})
</button>
<button class:on={tags === 'both'} onclick={() => (tags = 'both')}>Union both</button>
</div>
</div>
<div class="row">
<span class="label">Pools</span>
<div class="seg">
<button class:on={pools === 'keep'} onclick={() => (pools = 'keep')}>Keep</button>
<button class:on={pools === 'both'} onclick={() => (pools = 'both')}>Union both</button>
</div>
</div>
<label class="del">
<input type="checkbox" bind:checked={deleteDiscarded} />
Move the “Other” file to trash after merging
</label>
{#if error}<p class="error">{error}</p>{/if}
</div>
<div class="foot">
<button class="btn ghost" onclick={onClose}>Cancel</button>
<button class="btn primary" onclick={submit} disabled={busy}>Merge</button>
</div>
</div>
<style>
.backdrop {
position: fixed;
inset: 0;
z-index: 120;
background: rgba(0, 0, 0, 0.5);
}
.sheet {
position: fixed;
left: 0;
right: 0;
bottom: 0;
z-index: 121;
background-color: var(--color-bg-secondary);
border-radius: 14px 14px 0 0;
padding-bottom: env(safe-area-inset-bottom, 0px);
max-height: 88dvh;
display: flex;
flex-direction: column;
animation: slide-up 0.18s ease-out;
}
.sheet.busy {
opacity: 0.6;
pointer-events: none;
}
@keyframes slide-up {
from {
transform: translateY(20px);
opacity: 0;
}
to {
transform: translateY(0);
opacity: 1;
}
}
.head {
display: flex;
align-items: center;
padding: 14px 16px 10px;
gap: 8px;
}
.title {
flex: 1;
font-size: 0.95rem;
font-weight: 600;
}
.x {
background: none;
border: none;
cursor: pointer;
color: var(--color-text-muted);
padding: 4px;
display: flex;
}
.x:hover {
color: var(--color-text-primary);
}
.body {
overflow-y: auto;
padding: 0 14px 8px;
}
.files {
display: flex;
align-items: center;
justify-content: center;
gap: 12px;
margin-bottom: 12px;
}
.file {
display: flex;
flex-direction: column;
align-items: center;
gap: 4px;
min-width: 0;
max-width: 40%;
}
.badge {
font-size: 0.7rem;
font-weight: 600;
padding: 1px 7px;
border-radius: 6px;
}
.badge.keep {
background-color: color-mix(in srgb, var(--color-accent) 30%, transparent);
color: var(--color-accent);
}
.badge.other {
background-color: var(--color-bg-elevated);
color: var(--color-text-muted);
}
.fname {
font-size: 0.78rem;
color: var(--color-text-muted);
max-width: 100%;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
}
.swap {
background-color: var(--color-bg-elevated);
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
color: var(--color-text-muted);
border-radius: 8px;
width: 32px;
height: 32px;
display: flex;
align-items: center;
justify-content: center;
cursor: pointer;
flex-shrink: 0;
}
.swap:hover {
color: var(--color-accent);
border-color: var(--color-accent);
}
.row {
display: flex;
align-items: center;
gap: 10px;
padding: 7px 0;
border-top: 1px solid color-mix(in srgb, var(--color-accent) 12%, transparent);
}
.label {
font-size: 0.82rem;
color: var(--color-text-muted);
width: 74px;
flex-shrink: 0;
}
.seg {
display: flex;
flex: 1;
gap: 4px;
min-width: 0;
}
.seg button {
flex: 1;
min-width: 0;
padding: 6px 8px;
border-radius: 7px;
border: 1px solid color-mix(in srgb, var(--color-accent) 25%, transparent);
background-color: var(--color-bg-elevated);
color: var(--color-text-muted);
font-size: 0.8rem;
font-family: inherit;
cursor: pointer;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
}
.seg button.on {
background-color: color-mix(in srgb, var(--color-accent) 22%, var(--color-bg-elevated));
color: var(--color-accent);
border-color: var(--color-accent);
}
.del {
display: flex;
align-items: center;
gap: 8px;
font-size: 0.82rem;
color: var(--color-text-muted);
padding: 12px 0 4px;
}
.error {
color: var(--color-danger);
font-size: 0.85rem;
text-align: center;
}
.foot {
display: flex;
gap: 8px;
padding: 10px 14px calc(10px + env(safe-area-inset-bottom, 0px));
border-top: 1px solid color-mix(in srgb, var(--color-accent) 15%, transparent);
}
.btn {
flex: 1;
height: 38px;
border-radius: 8px;
border: 1px solid transparent;
font-size: 0.9rem;
font-family: inherit;
cursor: pointer;
}
.btn.ghost {
background-color: var(--color-bg-elevated);
border-color: color-mix(in srgb, var(--color-accent) 25%, transparent);
color: var(--color-text-muted);
}
.btn.primary {
background-color: var(--color-accent);
color: var(--color-bg-primary);
font-weight: 600;
}
.btn.primary:disabled {
opacity: 0.6;
cursor: default;
}
</style>
frontend/src/lib/components/file/FileCard.svelte
-263
View File
@@ -1,263 +0,0 @@
<script lang="ts">
import { get } from 'svelte/store';
import { authStore } from '$lib/stores/auth';
import type { File } from '$lib/api/types';
const LONG_PRESS_MS = 400;
const DRAG_THRESHOLD = 8; // px — cancel long-press if pointer moves more than this
interface Props {
file: File;
index: number;
selected?: boolean;
selectionMode?: boolean;
/** Roving keyboard-focus ring (shown only during keyboard navigation). */
focused?: boolean;
onTap?: (e: MouseEvent) => void;
/** Called when long-press fires; receives the pointerType of the gesture. */
onLongPress?: (pointerType: string) => void;
}
let {
file,
index,
selected = false,
selectionMode = false,
focused = false,
onTap,
onLongPress
}: Props = $props();
let imgSrc = $state<string | null>(null);
let failed = $state(false);
$effect(() => {
const token = get(authStore).accessToken;
let objectUrl: string | null = null;
let cancelled = false;
fetch(`/api/v1/files/${file.id}/thumbnail`, {
headers: token ? { Authorization: `Bearer ${token}` } : {}
})
.then((res) => (res.ok ? res.blob() : null))
.then((blob) => {
if (cancelled || !blob) {
if (!cancelled) failed = true;
return;
}
objectUrl = URL.createObjectURL(blob);
imgSrc = objectUrl;
})
.catch(() => {
if (!cancelled) failed = true;
});
return () => {
cancelled = true;
if (objectUrl) URL.revokeObjectURL(objectUrl);
};
});
// --- Long press + drag detection ---
let pressTimer: ReturnType<typeof setTimeout> | null = null;
let didLongPress = false;
let pressStartX = 0;
let pressStartY = 0;
let currentPointerType = '';
function onPointerDown(e: PointerEvent) {
if (e.button !== 0 && e.pointerType === 'mouse') return;
didLongPress = false;
pressStartX = e.clientX;
pressStartY = e.clientY;
currentPointerType = e.pointerType;
pressTimer = setTimeout(() => {
didLongPress = true;
onLongPress?.(currentPointerType);
}, LONG_PRESS_MS);
}
function onPointerMoveInternal(e: PointerEvent) {
// Cancel long-press if pointer has moved significantly (user is scrolling)
if (pressTimer !== null) {
const dx = e.clientX - pressStartX;
const dy = e.clientY - pressStartY;
if (Math.hypot(dx, dy) > DRAG_THRESHOLD) {
clearTimeout(pressTimer);
pressTimer = null;
}
}
}
function cancelPress() {
if (pressTimer !== null) {
clearTimeout(pressTimer);
pressTimer = null;
}
}
function onClick(e: MouseEvent) {
if (didLongPress) {
didLongPress = false;
return;
}
cancelPress();
onTap?.(e);
}
</script>
<!-- svelte-ignore a11y_click_events_have_key_events a11y_no_static_element_interactions -->
<div
class="card"
class:loaded={!!imgSrc}
class:selected
class:focused
data-file-index={index}
onpointerdown={onPointerDown}
onpointermove={onPointerMoveInternal}
onpointerup={() => {
cancelPress();
didLongPress = false;
}}
onpointerleave={cancelPress}
oncontextmenu={(e) => e.preventDefault()}
onclick={onClick}
title={file.original_name ?? undefined}
>
{#if imgSrc}
<img src={imgSrc} alt={file.original_name ?? ''} class="thumb" draggable="false" />
{:else if failed}
<div class="placeholder failed" aria-label="Failed to load"></div>
{:else}
<div class="placeholder loading" aria-label="Loading"></div>
{/if}
<div class="overlay"></div>
{#if file.needs_review}
<div class="review-dot" title="Needs review" aria-label="Needs review"></div>
{/if}
{#if selected}
<div class="check" aria-hidden="true">
<svg width="18" height="18" viewBox="0 0 18 18" fill="none">
<circle cx="9" cy="9" r="8.5" fill="rgba(0,0,0,0.55)" stroke="white" stroke-width="1" />
<path
d="M5 9l3 3 5-5"
stroke="white"
stroke-width="1.8"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
</div>
{:else if selectionMode}
<div class="check" aria-hidden="true">
<svg width="18" height="18" viewBox="0 0 18 18" fill="none">
<circle
cx="9"
cy="9"
r="8.5"
fill="rgba(0,0,0,0.35)"
stroke="rgba(255,255,255,0.5)"
stroke-width="1"
/>
</svg>
</div>
{/if}
</div>
<style>
.card {
position: relative;
width: 160px;
height: 160px;
max-width: calc(33vw - 7px);
max-height: calc(33vw - 7px);
overflow: hidden;
cursor: pointer;
background-color: var(--color-bg-elevated);
flex-shrink: 0;
user-select: none;
-webkit-user-select: none;
/* Keyboard scrollIntoView leaves room for the sticky header above and the
fixed bottom navbar below, so the focused card never hides under them. */
scroll-margin-top: 52px;
scroll-margin-bottom: calc(72px + env(safe-area-inset-bottom, 0px));
}
.thumb {
width: 100%;
height: 100%;
object-fit: contain;
object-position: center;
display: block;
}
.placeholder {
width: 100%;
height: 100%;
}
.placeholder.loading {
background: linear-gradient(
90deg,
var(--color-bg-elevated) 25%,
color-mix(in srgb, var(--color-accent) 12%, var(--color-bg-elevated)) 50%,
var(--color-bg-elevated) 75%
);
background-size: 200% 100%;
animation: shimmer 1.4s infinite;
}
.placeholder.failed {
background-color: color-mix(in srgb, var(--color-danger) 15%, var(--color-bg-elevated));
}
.overlay {
position: absolute;
inset: 0;
background-color: rgba(0, 0, 0, 0.1);
transition: background-color 0.15s;
}
.card:hover .overlay {
background-color: rgba(0, 0, 0, 0.3);
}
.card.selected .overlay {
background-color: color-mix(in srgb, var(--color-accent) 35%, transparent);
}
.card.focused {
outline: 3px solid var(--color-accent);
outline-offset: -3px;
z-index: 1;
}
.check {
position: absolute;
top: 6px;
right: 6px;
pointer-events: none;
}
/* "Needs review" marker — top-left so it never overlaps the selection check. */
.review-dot {
position: absolute;
top: 6px;
left: 6px;
width: 9px;
height: 9px;
border-radius: 50%;
background-color: var(--color-warning);
box-shadow: 0 0 0 1.5px rgba(0, 0, 0, 0.45);
pointer-events: none;
}
@keyframes shimmer {
0% {
background-position: 200% 0;
}
100% {
background-position: -200% 0;
}
}
</style>
frontend/src/lib/components/file/FileUpload.svelte
-376
View File
@@ -1,376 +0,0 @@
<script lang="ts">
import { uploadWithProgress, ApiError } from '$lib/api/client';
import type { File as ApiFile } from '$lib/api/types';
import type { Snippet } from 'svelte';
interface Props {
onUploaded: (file: ApiFile) => void;
children: Snippet;
}
let { onUploaded, children }: Props = $props();
// ---- Upload queue ----
type UploadStatus = 'uploading' | 'done' | 'error';
interface QueueItem {
id: string;
name: string;
progress: number;
status: UploadStatus;
error?: string;
}
let queue = $state<QueueItem[]>([]);
let fileInput = $state<HTMLInputElement | undefined>();
let allSettled = $derived(queue.length > 0 && queue.every((i) => i.status !== 'uploading'));
// ---- File input ----
export function open() {
fileInput?.click();
}
function onInputChange(e: Event) {
const files = (e.currentTarget as HTMLInputElement).files;
if (files?.length) {
void enqueue(Array.from(files));
// Reset so the same file can be re-selected
(e.currentTarget as HTMLInputElement).value = '';
}
}
// ---- Upload logic ----
function uid() {
return `${Date.now()}-${Math.random().toString(36).slice(2, 9)}`;
}
async function enqueue(files: globalThis.File[]) {
const items: QueueItem[] = files.map((f) => ({
id: uid(),
name: f.name,
progress: 0,
status: 'uploading'
}));
queue = [...queue, ...items];
await Promise.all(files.map((file, i) => uploadOne(file, items[i].id)));
}
async function uploadOne(file: globalThis.File, itemId: string) {
const fd = new FormData();
fd.append('file', file);
try {
const result = await uploadWithProgress<ApiFile>('/files', fd, (pct) =>
updateItem(itemId, { progress: pct })
);
updateItem(itemId, { status: 'done', progress: 100 });
onUploaded(result);
} catch (e) {
const msg =
e instanceof ApiError
? e.status === 415
? `Unsupported file type`
: e.message
: 'Upload failed';
updateItem(itemId, { status: 'error', error: msg });
}
}
function updateItem(id: string, patch: Partial<QueueItem>) {
queue = queue.map((item) => (item.id === id ? { ...item, ...patch } : item));
}
function clearQueue() {
queue = [];
}
// ---- Drag and drop ----
let dragCounter = $state(0);
let dragOver = $derived(dragCounter > 0);
function onDragEnter(e: DragEvent) {
if (!e.dataTransfer?.types.includes('Files')) return;
e.preventDefault();
dragCounter++;
}
function onDragLeave() {
dragCounter = Math.max(0, dragCounter - 1);
}
function onDragOver(e: DragEvent) {
if (!e.dataTransfer?.types.includes('Files')) return;
e.preventDefault();
e.dataTransfer.dropEffect = 'copy';
}
function onDrop(e: DragEvent) {
e.preventDefault();
dragCounter = 0;
const files = Array.from(e.dataTransfer?.files ?? []);
if (files.length) void enqueue(files);
}
</script>
<!-- Hidden file input -->
<input
bind:this={fileInput}
type="file"
multiple
accept="image/*,video/*"
style="display:none"
onchange={onInputChange}
/>
<!-- Drop zone wrapper -->
<!-- svelte-ignore a11y_no_static_element_interactions -->
<div
class="drop-zone"
class:drag-over={dragOver}
ondragenter={onDragEnter}
ondragleave={onDragLeave}
ondragover={onDragOver}
ondrop={onDrop}
>
{@render children()}
{#if dragOver}
<div class="drop-overlay" aria-hidden="true">
<div class="drop-label">
<svg width="36" height="36" viewBox="0 0 36 36" fill="none" aria-hidden="true">
<path
d="M18 4v20M10 14l8-10 8 10"
stroke="currentColor"
stroke-width="2.5"
stroke-linecap="round"
stroke-linejoin="round"
/>
<path d="M6 28h24" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" />
</svg>
Drop files to upload
</div>
</div>
{/if}
</div>
<!-- Upload progress panel -->
{#if queue.length > 0}
<div class="upload-panel" role="status">
<div class="panel-header">
<span class="panel-title">
{#if allSettled}
Uploads complete
{:else}
Uploading {queue.filter((i) => i.status === 'uploading').length} file(s)…
{/if}
</span>
{#if allSettled}
<button class="clear-btn" onclick={clearQueue}>Dismiss</button>
{/if}
</div>
<ul class="upload-list">
{#each queue as item (item.id)}
<li
class="upload-item"
class:done={item.status === 'done'}
class:error={item.status === 'error'}
>
<span class="item-name" title={item.name}>{item.name}</span>
<div class="item-right">
{#if item.status === 'uploading'}
<div class="progress-track">
<div class="progress-fill" style="width: {item.progress}%"></div>
</div>
<span class="pct">{item.progress}%</span>
{:else if item.status === 'done'}
<svg
class="icon-ok"
width="16"
height="16"
viewBox="0 0 16 16"
fill="none"
aria-label="Done"
>
<path
d="M3 8l4 4 6-6"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
{:else}
<span class="err-msg" title={item.error}>{item.error}</span>
{/if}
</div>
</li>
{/each}
</ul>
</div>
{/if}
<style>
/* ---- Drop zone ---- */
.drop-zone {
position: relative;
flex: 1;
display: flex;
flex-direction: column;
min-height: 0;
}
.drop-overlay {
position: absolute;
inset: 0;
z-index: 50;
background-color: color-mix(in srgb, var(--color-accent) 18%, rgba(0, 0, 0, 0.7));
display: flex;
align-items: center;
justify-content: center;
border: 2px dashed var(--color-accent);
border-radius: 4px;
pointer-events: none;
}
.drop-label {
display: flex;
flex-direction: column;
align-items: center;
gap: 10px;
color: #fff;
font-size: 1.1rem;
font-weight: 600;
}
/* ---- Upload panel ---- */
.upload-panel {
position: fixed;
left: 10px;
right: 10px;
bottom: 65px;
z-index: 110;
background-color: var(--color-bg-secondary);
border-radius: 10px;
box-shadow: 0 0 16px rgba(0, 0, 0, 0.6);
padding: 10px 12px;
animation: slide-up 0.18s ease-out;
max-height: 50vh;
overflow-y: auto;
}
@keyframes slide-up {
from {
transform: translateY(10px);
opacity: 0;
}
to {
transform: translateY(0);
opacity: 1;
}
}
.panel-header {
display: flex;
align-items: center;
justify-content: space-between;
margin-bottom: 8px;
}
.panel-title {
font-size: 0.85rem;
font-weight: 600;
color: var(--color-text-muted);
}
.clear-btn {
background: none;
border: none;
color: var(--color-accent);
font-size: 0.82rem;
font-family: inherit;
cursor: pointer;
padding: 2px 6px;
}
.clear-btn:hover {
text-decoration: underline;
}
.upload-list {
list-style: none;
margin: 0;
padding: 0;
display: flex;
flex-direction: column;
gap: 6px;
}
.upload-item {
display: flex;
align-items: center;
gap: 8px;
min-height: 28px;
}
.item-name {
flex: 1;
font-size: 0.82rem;
color: var(--color-text-primary);
overflow: hidden;
text-overflow: ellipsis;
white-space: nowrap;
}
.upload-item.done .item-name {
color: var(--color-text-muted);
}
.upload-item.error .item-name {
color: var(--color-text-muted);
}
.item-right {
display: flex;
align-items: center;
gap: 6px;
flex-shrink: 0;
}
.progress-track {
width: 80px;
height: 4px;
background-color: color-mix(in srgb, var(--color-accent) 20%, var(--color-bg-elevated));
border-radius: 2px;
overflow: hidden;
}
.progress-fill {
height: 100%;
background-color: var(--color-accent);
border-radius: 2px;
transition: width 0.1s linear;
}
.pct {
font-size: 0.75rem;
color: var(--color-text-muted);
min-width: 30px;
text-align: right;
}
.icon-ok {
color: var(--color-accent);
}
.err-msg {
font-size: 0.75rem;
color: var(--color-danger);
max-width: 140px;
overflow: hidden;
text-overflow: ellipsis;
white-space: nowrap;
}
</style>
frontend/src/lib/components/file/FileViewer.svelte
-873
View File
@@ -1,873 +0,0 @@
<script lang="ts">
import { get } from 'svelte/store';
import { untrack, onDestroy } from 'svelte';
import { api, ApiError } from '$lib/api/client';
import { authStore } from '$lib/stores/auth';
import TagPicker from '$lib/components/file/TagPicker.svelte';
import PoolPicker from '$lib/components/file/PoolPicker.svelte';
import type { File, Tag } from '$lib/api/types';
interface Props {
/** File currently shown. Changing it (paging) reloads in place. */
fileId: string;
/** Neighbour ids resolved by the parent; null hides the arrow. */
prevId?: string | null;
nextId?: string | null;
/** Page to a neighbour. */
onNavigate: (id: string) => void;
/** Close the viewer. */
onClose: () => void;
/** Notify the parent when this file's review status is toggled here. */
onReviewChange?: (id: string, needsReview: boolean) => void;
}
let { fileId, prevId = null, nextId = null, onNavigate, onClose, onReviewChange }: Props =
$props();
let file = $state<File | null>(null);
let fileTags = $state<Tag[]>([]);
let previewSrc = $state<string | null>(null);
// Capability token for the original-content URL, minted per file (see
// fetchContentToken). Outlives the 15-minute access token so a long video
// opened in a new tab keeps streaming.
let contentToken = $state<string | null>(null);
let loading = $state(true);
let saving = $state(false);
let error = $state('');
let poolPickerOpen = $state(false);
// Tags are loaded lazily — the Tags section sits below a full-viewport
// preview, so fetching them on open just hammers the DB for data the user
// usually never scrolls to. We fetch only once the section comes into view.
let tagsVisible = $state(false);
let tagsLoading = $state(false);
let tagsLoadedFor = $state<string | null>(null);
let tagsLoaded = $derived(tagsLoadedFor === fileId);
// Editable fields (initialised on load)
let notes = $state('');
let contentDatetime = $state('');
let isPublic = $state(false);
let dirty = $state(false);
let exifEntries = $derived(
file?.exif ? Object.entries(file.exif as Record<string, unknown>) : []
);
// ---- Load (re-runs whenever the file changes, i.e. paging) ----
$effect(() => {
if (!fileId) return;
const id = fileId; // snapshot — don't re-run if other state changes
// Revoke old blob URL without tracking previewSrc as a dependency.
untrack(() => {
if (previewSrc) URL.revokeObjectURL(previewSrc);
previewSrc = null;
});
void loadFile(id);
});
onDestroy(() => {
if (previewSrc) URL.revokeObjectURL(previewSrc);
});
async function loadFile(id: string) {
loading = true;
error = '';
// Drop the previous file's tags; they reload lazily when scrolled to.
fileTags = [];
// Invalidate the previous file's content token before re-minting.
contentToken = null;
try {
const fileData = await api.get<File>(`/files/${id}`);
if (fileId !== id) return; // paged on; ignore
file = fileData;
notes = fileData.notes ?? '';
contentDatetime = fileData.content_datetime
? fileData.content_datetime.slice(0, 16) // YYYY-MM-DDTHH:mm
: '';
isPublic = fileData.is_public ?? false;
dirty = false;
void fetchPreview(id);
void fetchContentToken(id);
// Log the view (activity.file_views). Fire-and-forget — never block or
// fail the viewer over view tracking.
void api.post(`/files/${id}/views`).catch(() => {});
} catch (e) {
error = e instanceof ApiError ? e.message : 'Failed to load file';
} finally {
loading = false;
}
}
async function fetchPreview(id: string) {
const token = get(authStore).accessToken;
try {
const res = await fetch(`/api/v1/files/${id}/preview`, {
headers: token ? { Authorization: `Bearer ${token}` } : {}
});
if (res.ok && fileId === id) {
previewSrc = URL.createObjectURL(await res.blob());
}
} catch {
// non-critical — thumbnail stays as fallback
}
}
// Mint a content token for this file so the "open original" link survives the
// 15-minute access-token expiry — a long video opened in a new tab keeps
// streaming, since the token is file-scoped and outlives session rotation.
// Fire-and-forget; the link falls back to the access token until it arrives.
async function fetchContentToken(id: string) {
try {
const res = await api.post<{ token: string; expires_in: number }>(
`/files/${id}/content-token`
);
if (fileId === id) contentToken = res.token;
} catch {
// non-critical — originalUrl falls back to the access token below
}
}
// Direct link to the full-resolution original, opened in a new tab. A
// navigation can't send the auth header, so the token rides in the query —
// the server accepts ?access_token= for GET media. Prefer the long-lived
// content token; fall back to the access token until it's minted.
let originalUrl = $derived(
fileId
? `/api/v1/files/${fileId}/content?inline=1&access_token=${encodeURIComponent(contentToken ?? $authStore.accessToken ?? '')}`
: '#'
);
// ---- Tags (lazy) ----
// Fetch the current file's tags the first time the Tags section is visible.
// Re-runs when fileId changes while the section is still on-screen.
$effect(() => {
const id = fileId;
if (id && tagsVisible && tagsLoadedFor !== id && !tagsLoading) {
void loadTags(id);
}
});
async function loadTags(id: string) {
tagsLoading = true;
try {
const tags = await api.get<Tag[]>(`/files/${id}/tags`);
if (fileId !== id) return; // paged on; ignore
fileTags = tags;
tagsLoadedFor = id;
} catch {
// non-critical — a later scroll into view retries
} finally {
tagsLoading = false;
}
}
// Svelte action: flips tagsVisible while the Tags section is in (or near) the
// viewport. rootMargin pre-loads just before it scrolls fully into view.
function tagsSentinel(node: HTMLElement) {
const observer = new IntersectionObserver(
(entries) => {
tagsVisible = entries[0]?.isIntersecting ?? false;
},
{ rootMargin: '200px' }
);
observer.observe(node);
return {
destroy() {
observer.disconnect();
}
};
}
async function addTag(tagId: string) {
const updated = await api.put<Tag[]>(`/files/${fileId}/tags/${tagId}`);
fileTags = updated;
tagsLoadedFor = fileId;
}
async function removeTag(tagId: string) {
await api.delete(`/files/${fileId}/tags/${tagId}`);
fileTags = fileTags.filter((t) => t.id !== tagId);
}
// ---- Review status ----
async function toggleReview() {
const id = file?.id;
if (!id) return;
const target = !file!.needs_review;
try {
await api.post('/files/bulk/review', { file_ids: [id], needs_review: target });
file = { ...file!, needs_review: target };
onReviewChange?.(id, target);
} catch {
// best-effort; leave the displayed state unchanged on failure
}
}
// ---- Save ----
async function save() {
if (!file || saving) return;
saving = true;
error = '';
try {
const updated = await api.patch<File>(`/files/${file.id}`, {
notes: notes.trim() || null,
content_datetime: contentDatetime ? new Date(contentDatetime).toISOString() : undefined,
is_public: isPublic
});
file = updated;
dirty = false;
} catch (e) {
error = e instanceof ApiError ? e.message : 'Failed to save';
} finally {
saving = false;
}
}
// ---- Keyboard ----
let viewerPage = $state<HTMLElement>();
let tagsSection = $state<HTMLElement>();
let pendingTagFocus = false;
// Bring the preview back to the top of the scroll container (the overlay, or
// the page in the standalone route). scrollIntoView resolves the right
// scroller in either case. Called when Escape leaves the tag filter.
function revealPreview() {
viewerPage?.scrollIntoView({ behavior: 'smooth', block: 'start' });
}
function handleKeydown(e: KeyboardEvent) {
// While the pool picker is open it owns the keyboard: Escape closes it
// (even from its search field), and every other key is swallowed so the
// viewer's shortcuts don't fire behind the modal. Typing still works —
// non-Escape keys aren't prevented, only ignored here.
if (poolPickerOpen) {
if (e.key === 'Escape') {
e.preventDefault();
poolPickerOpen = false;
}
return;
}
if (e.target instanceof HTMLInputElement || e.target instanceof HTMLTextAreaElement) return;
if (e.ctrlKey || e.metaKey || e.altKey) return;
// Letter keys are matched by physical position (e.code) so j/k/e work on any
// keyboard layout; arrows and Escape are layout-independent already.
if (e.key === 'ArrowLeft' || e.code === 'KeyK') {
if (prevId) onNavigate(prevId);
} else if (e.key === 'ArrowRight' || e.code === 'KeyJ') {
if (nextId) onNavigate(nextId);
} else if (e.code === 'KeyE') {
e.preventDefault();
jumpToTags();
} else if (e.key === 'Escape') {
onClose();
}
}
// Scroll the (lazily loaded) Tags section into view and drop the cursor into
// its filter. Forces the load so the focus lands even before the user reaches
// the section by scrolling.
function jumpToTags() {
tagsVisible = true;
tagsSection?.scrollIntoView({ behavior: 'smooth', block: 'start' });
pendingTagFocus = true;
focusTagInput();
}
function focusTagInput() {
requestAnimationFrame(() => tagsSection?.querySelector<HTMLInputElement>('input')?.focus());
}
$effect(() => {
if (tagsLoaded && pendingTagFocus) {
pendingTagFocus = false;
focusTagInput();
}
});
// ---- Helpers ----
function formatDatetime(iso: string | null | undefined): string {
if (!iso) return '—';
return new Date(iso).toLocaleString();
}
// EXIF values may be nested arrays/objects (e.g. rationals, GPS); render those
// as JSON instead of the useless "[object Object]".
function formatExifValue(val: unknown): string {
if (val === null || val === undefined) return '—';
if (typeof val === 'object') return JSON.stringify(val);
return String(val);
}
</script>
<svelte:window onkeydown={handleKeydown} />
<div class="viewer-page" bind:this={viewerPage}>
<!-- Top bar -->
<div class="top-bar">
<button class="back-btn" onclick={onClose} aria-label="Back to files">
<svg width="20" height="20" viewBox="0 0 20 20" fill="none" aria-hidden="true">
<path
d="M12 4L6 10L12 16"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
</button>
<span class="filename">{file?.original_name ?? ''}</span>
{#if file}
<button
class="review-btn"
class:needs={file.needs_review}
onclick={toggleReview}
aria-label={file.needs_review ? 'Mark as reviewed' : 'Mark as needs review'}
title={file.needs_review ? 'Tagging not done — mark reviewed' : 'Reviewed — mark as needs review'}
>
<svg width="20" height="20" viewBox="0 0 20 20" fill="none" aria-hidden="true">
<circle cx="10" cy="10" r="7.5" stroke="currentColor" stroke-width="1.6" />
<path
d="M6.5 10l2.2 2.2L13.5 7.5"
stroke="currentColor"
stroke-width="1.6"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
</button>
<button
class="pool-btn"
onclick={() => (poolPickerOpen = true)}
aria-label="Add to pool"
title="Add to pool"
>
<svg width="20" height="20" viewBox="0 0 20 20" fill="none" aria-hidden="true">
<rect
x="3"
y="5"
width="14"
height="11"
rx="2"
stroke="currentColor"
stroke-width="1.6"
/>
<path
d="M10 8.5v4M8 10.5h4"
stroke="currentColor"
stroke-width="1.6"
stroke-linecap="round"
/>
</svg>
</button>
{/if}
</div>
<!-- Preview -->
<div class="preview-wrap">
{#if previewSrc}
<a
class="preview-link"
href={originalUrl}
target="_blank"
rel="noopener"
title="Open original in a new tab"
>
<img src={previewSrc} alt={file?.original_name ?? ''} class="preview-img" />
</a>
{:else if loading}
<div class="preview-placeholder shimmer"></div>
{:else}
<div class="preview-placeholder failed"></div>
{/if}
<!-- Prev / Next -->
{#if prevId}
<button
class="nav-btn nav-prev"
onclick={() => prevId && onNavigate(prevId)}
aria-label="Previous file"
>
<svg width="18" height="18" viewBox="0 0 18 18" fill="none" aria-hidden="true">
<path
d="M11 3L5 9L11 15"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
</button>
{/if}
{#if nextId}
<button
class="nav-btn nav-next"
onclick={() => nextId && onNavigate(nextId)}
aria-label="Next file"
>
<svg width="18" height="18" viewBox="0 0 18 18" fill="none" aria-hidden="true">
<path
d="M7 3L13 9L7 15"
stroke="currentColor"
stroke-width="2"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
</button>
{/if}
</div>
<!-- Metadata panel -->
<div class="meta-panel">
{#if error}
<p class="error" role="alert">{error}</p>
{/if}
{#if file}
<!-- File info -->
<div class="info-row">
<span class="mime">{file.mime_type}</span>
<span class="sep">·</span>
<span class="created">Added {formatDatetime(file.created_at)}</span>
</div>
<!-- Edit form -->
<section class="section">
<label class="field-label" for="notes">Notes</label>
<textarea
id="notes"
class="textarea"
rows="3"
bind:value={notes}
oninput={() => (dirty = true)}
placeholder="Add notes…"
></textarea>
</section>
<section class="section">
<label class="field-label" for="datetime">Date taken</label>
<input
id="datetime"
type="datetime-local"
class="input"
bind:value={contentDatetime}
oninput={() => (dirty = true)}
/>
</section>
<section class="section toggle-row">
<span class="field-label">Public</span>
<button
class="toggle"
class:on={isPublic}
onclick={() => {
isPublic = !isPublic;
dirty = true;
}}
role="switch"
aria-checked={isPublic}
aria-label="Public"
>
<span class="thumb"></span>
</button>
</section>
<button class="save-btn" onclick={save} disabled={!dirty || saving}>
{saving ? 'Saving…' : 'Save changes'}
</button>
<!-- Tags (loaded lazily on scroll) -->
<section class="section" use:tagsSentinel bind:this={tagsSection}>
<div class="field-label">Tags</div>
{#if tagsLoaded}
<TagPicker {fileTags} onAdd={addTag} onRemove={removeTag} onExit={revealPreview} />
{:else}
<p class="tags-loading">Loading tags…</p>
{/if}
</section>
<!-- EXIF -->
{#if exifEntries.length > 0}
<section class="section">
<div class="field-label">EXIF</div>
<dl class="exif">
{#each exifEntries as [key, val]}
<dt>{key}</dt>
<dd>{formatExifValue(val)}</dd>
{/each}
</dl>
</section>
{/if}
{:else if !loading}
<p class="empty">File not found.</p>
{/if}
</div>
</div>
{#if poolPickerOpen && file}
<PoolPicker fileIds={[file.id!]} onClose={() => (poolPickerOpen = false)} />
{/if}
<style>
.viewer-page {
display: flex;
flex-direction: column;
min-height: 0;
padding-bottom: 70px; /* clear the bottom navbar in the standalone route */
}
/* ---- Top bar ---- */
.top-bar {
position: sticky;
top: 0;
z-index: 20;
display: flex;
align-items: center;
gap: 8px;
padding: 6px 10px;
background-color: var(--color-bg-primary);
border-bottom: 1px solid color-mix(in srgb, var(--color-accent) 15%, transparent);
min-height: 44px;
}
.back-btn {
display: flex;
align-items: center;
justify-content: center;
width: 36px;
height: 36px;
border-radius: 8px;
border: none;
background: none;
color: var(--color-text-primary);
cursor: pointer;
flex-shrink: 0;
}
.back-btn:hover {
background-color: color-mix(in srgb, var(--color-accent) 15%, transparent);
}
.filename {
font-size: 0.9rem;
color: var(--color-text-muted);
overflow: hidden;
text-overflow: ellipsis;
white-space: nowrap;
}
/* First of the trailing header buttons carries the auto margin that pushes the
review + pool group to the right edge. */
.review-btn {
margin-left: auto;
display: flex;
align-items: center;
justify-content: center;
width: 36px;
height: 36px;
border-radius: 8px;
border: none;
background: none;
color: var(--color-success); /* reviewed: solid green check */
cursor: pointer;
flex-shrink: 0;
}
.review-btn.needs {
color: var(--color-text-muted); /* not yet reviewed: dim check */
}
.review-btn:hover {
background-color: color-mix(in srgb, var(--color-accent) 15%, transparent);
}
.pool-btn {
display: flex;
align-items: center;
justify-content: center;
width: 36px;
height: 36px;
border-radius: 8px;
border: none;
background: none;
color: var(--color-text-primary);
cursor: pointer;
flex-shrink: 0;
}
.pool-btn:hover {
background-color: color-mix(in srgb, var(--color-accent) 15%, transparent);
}
/* ---- Preview ---- */
.preview-wrap {
position: relative;
background-color: #000;
display: flex;
align-items: center;
justify-content: center;
/* Fill viewport below the top bar (44px) */
height: calc(100dvh - 44px);
flex-shrink: 0;
overflow: hidden;
}
/* Whole preview area is a link: click opens the original in a new tab. */
.preview-link {
width: 100%;
height: 100%;
display: flex;
align-items: center;
justify-content: center;
cursor: zoom-in;
text-decoration: none;
}
.preview-img {
max-width: 100%;
max-height: 100%;
object-fit: contain;
display: block;
}
.preview-placeholder {
width: 100%;
height: 100%;
}
.preview-placeholder.shimmer {
background: linear-gradient(90deg, #111 25%, #222 50%, #111 75%);
background-size: 200% 100%;
animation: shimmer 1.4s infinite;
}
.preview-placeholder.failed {
background-color: #1a1010;
}
/* ---- Nav buttons ---- */
.nav-btn {
position: absolute;
top: 50%;
transform: translateY(-50%);
width: 40px;
height: 40px;
border-radius: 50%;
border: none;
background-color: rgba(0, 0, 0, 0.55);
color: #fff;
display: flex;
align-items: center;
justify-content: center;
cursor: pointer;
transition: background-color 0.15s;
}
.nav-btn:hover {
background-color: rgba(0, 0, 0, 0.8);
}
.nav-prev {
left: 10px;
}
.nav-next {
right: 10px;
}
/* ---- Metadata panel ---- */
.meta-panel {
padding: 14px 14px 0;
display: flex;
flex-direction: column;
gap: 2px;
}
.info-row {
display: flex;
align-items: center;
gap: 6px;
font-size: 0.8rem;
color: var(--color-text-muted);
padding-bottom: 10px;
}
.sep {
opacity: 0.4;
}
.section {
padding: 10px 0;
border-top: 1px solid color-mix(in srgb, var(--color-accent) 12%, transparent);
}
.field-label {
font-size: 0.75rem;
font-weight: 600;
color: var(--color-text-muted);
text-transform: uppercase;
letter-spacing: 0.05em;
margin-bottom: 6px;
}
.textarea {
width: 100%;
box-sizing: border-box;
padding: 8px 10px;
border-radius: 6px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-elevated);
color: var(--color-text-primary);
font-size: 0.875rem;
font-family: inherit;
resize: vertical;
outline: none;
min-height: 70px;
}
.textarea:focus {
border-color: var(--color-accent);
}
.input {
width: 100%;
box-sizing: border-box;
height: 36px;
padding: 0 10px;
border-radius: 6px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-elevated);
color: var(--color-text-primary);
font-size: 0.875rem;
font-family: inherit;
outline: none;
color-scheme: dark;
}
.input:focus {
border-color: var(--color-accent);
}
/* ---- Toggle ---- */
.toggle-row {
display: flex;
align-items: center;
justify-content: space-between;
padding-top: 12px;
padding-bottom: 12px;
}
.toggle-row .field-label {
margin-bottom: 0;
}
.toggle {
position: relative;
width: 44px;
height: 26px;
border-radius: 13px;
border: none;
background-color: color-mix(in srgb, var(--color-accent) 25%, var(--color-bg-elevated));
cursor: pointer;
transition: background-color 0.2s;
flex-shrink: 0;
}
.toggle.on {
background-color: var(--color-accent);
}
.thumb {
position: absolute;
top: 3px;
left: 3px;
width: 20px;
height: 20px;
border-radius: 50%;
background-color: #fff;
transition: transform 0.2s;
}
.toggle.on .thumb {
transform: translateX(18px);
}
/* ---- Save button ---- */
.save-btn {
width: 100%;
height: 40px;
border-radius: 8px;
border: none;
background-color: var(--color-accent);
color: var(--color-bg-primary);
font-size: 0.9rem;
font-weight: 600;
font-family: inherit;
cursor: pointer;
margin-top: 4px;
margin-bottom: 4px;
transition:
background-color 0.15s,
opacity 0.15s;
}
.save-btn:hover:not(:disabled) {
background-color: var(--color-accent-hover);
}
.save-btn:disabled {
opacity: 0.4;
cursor: default;
}
/* ---- Tags ---- */
.tags-loading {
margin: 0;
font-size: 0.8rem;
color: var(--color-text-muted);
opacity: 0.7;
}
/* ---- EXIF ---- */
.exif {
display: grid;
grid-template-columns: auto 1fr;
gap: 3px 12px;
font-size: 0.78rem;
margin: 0;
}
dt {
color: var(--color-text-muted);
font-weight: 500;
}
dd {
margin: 0;
color: var(--color-text-primary);
word-break: break-word;
}
/* ---- Misc ---- */
.error {
color: var(--color-danger);
font-size: 0.875rem;
padding: 8px 0;
}
.empty {
color: var(--color-text-muted);
font-size: 0.95rem;
text-align: center;
padding: 40px 0;
}
@keyframes shimmer {
0% {
background-position: 200% 0;
}
100% {
background-position: -200% 0;
}
}
</style>
frontend/src/lib/components/file/FilterBar.svelte
-532
View File
@@ -1,532 +0,0 @@
<script lang="ts">
import type { Tag } from '$lib/api/types';
import { fetchAllTags } from '$lib/api/tags';
import { buildDslFilter, parseDslFilter, tokenLabel } from '$lib/utils/dsl';
interface Props {
/** Current DSL filter string (e.g. "{t=uuid1,&,t=uuid2}"). */
value?: string | null;
onApply: (filter: string | null) => void;
onClose: () => void;
}
let { value = null, onApply, onClose }: Props = $props();
const OPERATORS = ['(', ')', '&', '|', '!'] as const;
let tags = $state<Tag[]>([]);
let search = $state('');
let tokens = $state<string[]>(parseDslFilter(value));
let tagNames = $derived(
new Map(tags.filter((t) => t.id && t.name).map((t) => [t.id as string, t.name as string]))
);
$effect(() => {
tokens = parseDslFilter(value ?? null);
});
$effect(() => {
fetchAllTags().then((all) => {
tags = all;
});
});
let filteredTags = $derived(
search.trim() ? tags.filter((t) => t.name?.toLowerCase().includes(search.toLowerCase())) : tags
);
function addToken(t: string) {
tokens = [...tokens, t];
}
// Free-text MIME filter. Matches against the type name (mt.name) via LIKE, so
// "image/png" is an exact-ish match and "image/%" / "%mp4" act as patterns.
// (m=<id> targets the numeric mime_id, which the UI doesn't expose.)
let mimeInput = $state('');
function addMime() {
const v = mimeInput.trim();
if (!v) return;
addToken(`m~${v}`);
mimeInput = '';
}
function removeToken(i: number) {
tokens = tokens.filter((_, idx) => idx !== i);
}
// Review status is a single, mutually-exclusive r=1 / r=0 token; null = "any".
let reviewToken = $derived(tokens.find((t) => t === 'r=1' || t === 'r=0') ?? null);
function setReview(value: 'r=1' | 'r=0' | null) {
const rest = tokens.filter((t) => t !== 'r=1' && t !== 'r=0');
tokens = value ? [...rest, value] : rest;
}
function apply() {
onApply(buildDslFilter(tokens));
}
function reset() {
tokens = [];
search = '';
onApply(null);
}
// ---- Keyboard navigation (from the search input) ----
// ↓/↑ highlight a tag, Enter adds it as a token; the operator chars insert an
// operator token; with the input empty ←/→ walk the active tokens and Del
// removes the focused one. Mod+Enter applies, Mod+Backspace resets, Esc closes.
let highlightIdx = $state(0);
let tokenFocusIdx = $state(-1);
const OP_KEYS = ['&', '|', '!', '(', ')'];
$effect(() => {
if (highlightIdx > filteredTags.length - 1) {
highlightIdx = Math.max(0, filteredTags.length - 1);
}
});
function onSearchKeydown(e: KeyboardEvent) {
if ((e.ctrlKey || e.metaKey) && e.key === 'Enter') {
e.preventDefault();
apply();
return;
}
if ((e.ctrlKey || e.metaKey) && e.key === 'Backspace') {
e.preventDefault();
reset();
return;
}
if (e.ctrlKey || e.metaKey || e.altKey) return;
if (OP_KEYS.includes(e.key)) {
e.preventDefault();
addToken(e.key);
return;
}
if (e.key === 'ArrowDown') {
e.preventDefault();
tokenFocusIdx = -1;
if (filteredTags.length) highlightIdx = Math.min(highlightIdx + 1, filteredTags.length - 1);
} else if (e.key === 'ArrowUp') {
e.preventDefault();
tokenFocusIdx = -1;
highlightIdx = Math.max(highlightIdx - 1, 0);
} else if (e.key === 'Enter') {
const tag = filteredTags[highlightIdx];
if (tag?.id) {
e.preventDefault();
addToken(`t=${tag.id}`);
}
} else if (e.key === 'ArrowRight' && search === '') {
e.preventDefault();
const n = tokens.length;
if (n) tokenFocusIdx = tokenFocusIdx < 0 ? 0 : Math.min(tokenFocusIdx + 1, n - 1);
} else if (e.key === 'ArrowLeft' && search === '') {
e.preventDefault();
const n = tokens.length;
if (n) tokenFocusIdx = tokenFocusIdx < 0 ? n - 1 : Math.max(tokenFocusIdx - 1, 0);
} else if (e.key === 'Delete' && tokenFocusIdx >= 0) {
e.preventDefault();
removeToken(tokenFocusIdx);
tokenFocusIdx = Math.min(tokenFocusIdx, tokens.length - 2);
} else if (e.key === 'Escape') {
e.preventDefault();
onClose();
}
}
// --- Drag-and-drop reordering ---
let dragIndex = $state<number | null>(null);
let dropIndex = $state<number | null>(null);
function onDragStart(i: number, e: DragEvent) {
dragIndex = i;
e.dataTransfer!.effectAllowed = 'move';
// Set minimal drag image so the token itself acts as the ghost
e.dataTransfer!.setData('text/plain', String(i));
}
function onDragOver(i: number, e: DragEvent) {
e.preventDefault();
e.dataTransfer!.dropEffect = 'move';
dropIndex = i;
}
function onDrop(i: number, e: DragEvent) {
e.preventDefault();
if (dragIndex === null || dragIndex === i) return;
const next = [...tokens];
const [moved] = next.splice(dragIndex, 1);
next.splice(i, 0, moved);
tokens = next;
dragIndex = null;
dropIndex = null;
}
function onDragEnd() {
dragIndex = null;
dropIndex = null;
}
</script>
<div class="bar">
<!-- Active tokens -->
<div class="active" class:empty={tokens.length === 0}>
{#if tokens.length === 0}
<span class="hint">No filter — tap a tag or operator below to build one</span>
{:else}
{#each tokens as token, i (i)}
<!-- svelte-ignore a11y_click_events_have_key_events a11y_no_static_element_interactions -->
<div
class="token active-token"
class:dragging={dragIndex === i}
class:drop-before={dropIndex === i && dragIndex !== null && dragIndex !== i}
class:kbfocus={tokenFocusIdx === i}
draggable="true"
role="button"
tabindex="0"
title="Drag to reorder · Click to remove"
ondragstart={(e) => onDragStart(i, e)}
ondragover={(e) => onDragOver(i, e)}
ondrop={(e) => onDrop(i, e)}
ondragend={onDragEnd}
onclick={() => removeToken(i)}
onkeydown={(e) => e.key === 'Delete' && removeToken(i)}
>
{tokenLabel(token, tagNames)}
</div>
{/each}
{/if}
</div>
<!-- Operator buttons -->
<div class="ops">
{#each OPERATORS as op}
<button class="token op-token" onclick={() => addToken(op)}>{op}</button>
{/each}
</div>
<!-- MIME / media type — appends an m~ token like a tag/operator -->
<div class="mime">
<button class="token mime-token" onclick={() => addToken('m~image/%')}>Images</button>
<button class="token mime-token" onclick={() => addToken('m~video/%')}>Video</button>
<input
class="mime-input"
type="text"
placeholder="MIME, e.g. image/png"
bind:value={mimeInput}
onkeydown={(e) => {
if (e.key === 'Enter') {
e.preventDefault();
addMime();
}
}}
autocomplete="off"
/>
<button class="token op-token mime-add" onclick={addMime} disabled={!mimeInput.trim()}>
+ MIME
</button>
</div>
<!-- Review status (mutually-exclusive r=1 / r=0) -->
<div class="review-seg" role="group" aria-label="Review status">
<button class="seg" class:on={reviewToken === null} onclick={() => setReview(null)}>Any</button>
<button class="seg" class:on={reviewToken === 'r=1'} onclick={() => setReview('r=1')}>
Needs review
</button>
<button class="seg" class:on={reviewToken === 'r=0'} onclick={() => setReview('r=0')}>
Reviewed
</button>
</div>
<!-- Tag search -->
<input
class="search"
type="search"
placeholder="Search tags…"
bind:value={search}
onkeydown={onSearchKeydown}
autocomplete="off"
/>
<!-- Tag list -->
<div class="tag-list">
{#each filteredTags as tag, i (tag.id)}
<button
class="token tag-token"
class:hl={highlightIdx === i}
style="background-color: {tag.color
? '#' + tag.color
: tag.category_color
? '#' + tag.category_color
: 'var(--color-tag-default)'}"
onclick={() => addToken(`t=${tag.id}`)}
>
{tag.name}
</button>
{:else}
<span class="no-tags">{search ? 'No matching tags' : 'No tags yet'}</span>
{/each}
</div>
<!-- Actions -->
<div class="actions">
<button class="btn btn-reset" onclick={reset}>Reset</button>
<button class="btn btn-apply" onclick={apply}>Apply</button>
<button class="btn btn-close" onclick={onClose}>Close</button>
</div>
</div>
<style>
.bar {
background-color: var(--color-bg-elevated);
border-bottom: 1px solid color-mix(in srgb, var(--color-accent) 20%, transparent);
padding: 8px 10px;
display: flex;
flex-direction: column;
gap: 8px;
position: sticky;
top: 43px; /* header height */
z-index: 9;
}
.active {
display: flex;
flex-wrap: wrap;
gap: 4px;
min-height: 32px;
align-items: center;
}
.active.empty {
opacity: 0.5;
}
.hint {
font-size: 0.75rem;
color: var(--color-text-muted);
}
.ops {
display: flex;
gap: 4px;
}
.mime {
display: flex;
flex-wrap: wrap;
gap: 4px;
align-items: center;
}
.mime-token {
background-color: color-mix(in srgb, var(--color-accent) 18%, var(--color-bg-elevated));
color: var(--color-text-primary);
font-weight: 600;
}
.mime-token:hover {
background-color: color-mix(in srgb, var(--color-accent) 35%, var(--color-bg-elevated));
}
.mime-input {
flex: 1;
min-width: 120px;
box-sizing: border-box;
height: 26px;
padding: 0 8px;
border-radius: 5px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-primary);
color: var(--color-text-primary);
font-size: 0.8rem;
font-family: inherit;
outline: none;
}
.mime-input:focus {
border-color: var(--color-accent);
}
.mime-add:disabled {
opacity: 0.4;
cursor: default;
}
.review-seg {
display: flex;
gap: 2px;
padding: 2px;
border-radius: 7px;
background-color: var(--color-bg-elevated);
align-self: flex-start;
}
.seg {
height: 24px;
padding: 0 10px;
border: none;
border-radius: 5px;
background: none;
color: var(--color-text-muted);
font-family: inherit;
font-size: 0.78rem;
font-weight: 600;
cursor: pointer;
}
.seg:hover {
color: var(--color-text-primary);
}
.seg.on {
background-color: var(--color-accent);
color: var(--color-bg-primary);
}
.token {
display: inline-flex;
align-items: center;
height: 26px;
padding: 0 8px;
border-radius: 5px;
font-size: 0.8rem;
cursor: pointer;
border: none;
font-family: inherit;
}
.active-token {
background-color: var(--color-accent);
color: var(--color-bg-primary);
font-weight: 600;
cursor: grab;
user-select: none;
transition:
opacity 0.15s,
outline 0.1s;
outline: 2px solid transparent;
}
.active-token:hover {
background-color: var(--color-accent-hover);
}
.active-token.dragging {
opacity: 0.4;
cursor: grabbing;
}
.active-token.drop-before {
outline: 2px solid var(--color-accent);
outline-offset: 2px;
}
.active-token.kbfocus {
outline: 2px solid var(--color-danger);
outline-offset: 2px;
}
.op-token {
background-color: color-mix(in srgb, var(--color-accent) 18%, var(--color-bg-elevated));
color: var(--color-text-primary);
font-weight: 700;
min-width: 30px;
justify-content: center;
}
.op-token:hover {
background-color: color-mix(in srgb, var(--color-accent) 35%, var(--color-bg-elevated));
}
.search {
width: 100%;
box-sizing: border-box;
height: 30px;
padding: 0 10px;
border-radius: 6px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-primary);
color: var(--color-text-primary);
font-size: 0.85rem;
font-family: inherit;
outline: none;
}
.search:focus {
border-color: var(--color-accent);
}
.tag-list {
display: flex;
flex-wrap: wrap;
gap: 4px;
max-height: 120px;
overflow-y: auto;
}
.tag-token {
color: rgba(255, 255, 255, 0.9);
}
.tag-token:hover {
filter: brightness(1.15);
}
.tag-token.hl {
outline: 2px solid var(--color-text-primary);
outline-offset: 1px;
}
.no-tags {
font-size: 0.8rem;
color: var(--color-text-muted);
}
.actions {
display: flex;
gap: 6px;
justify-content: flex-end;
}
.btn {
height: 30px;
padding: 0 14px;
border-radius: 6px;
border: none;
font-size: 0.85rem;
font-family: inherit;
cursor: pointer;
}
.btn-apply {
background-color: var(--color-accent);
color: var(--color-bg-primary);
font-weight: 600;
}
.btn-apply:hover {
background-color: var(--color-accent-hover);
}
.btn-reset {
background-color: color-mix(in srgb, var(--color-danger) 20%, var(--color-bg-elevated));
color: var(--color-text-primary);
}
.btn-reset:hover {
background-color: color-mix(in srgb, var(--color-danger) 35%, var(--color-bg-elevated));
}
.btn-close {
background-color: color-mix(in srgb, var(--color-accent) 15%, var(--color-bg-elevated));
color: var(--color-text-muted);
}
.btn-close:hover {
color: var(--color-text-primary);
}
</style>
frontend/src/lib/components/file/PoolPicker.svelte
-251
View File
@@ -1,251 +0,0 @@
<script lang="ts">
import { api } from '$lib/api/client';
import type { Pool, PoolOffsetPage } from '$lib/api/types';
interface Props {
/** Files to add to the chosen pool. */
fileIds: string[];
/** Called after a successful add (before close) — e.g. to clear a selection. */
onAdded?: (poolId: string) => void;
/** Close the picker without adding. */
onClose: () => void;
}
let { fileIds, onAdded, onClose }: Props = $props();
let pools = $state<Pool[]>([]);
let loading = $state(true);
let loadError = $state('');
let addError = $state('');
let search = $state('');
let busy = $state(false);
$effect(() => {
void load();
});
async function load() {
loading = true;
loadError = '';
try {
const res = await api.get<PoolOffsetPage>('/pools?limit=200&sort=name&order=asc');
pools = res.items ?? [];
} catch {
loadError = 'Failed to load pools';
} finally {
loading = false;
}
}
let filtered = $derived(
search.trim()
? pools.filter((p) => p.name?.toLowerCase().includes(search.toLowerCase()))
: pools
);
async function add(poolId: string) {
if (busy) return;
busy = true;
addError = '';
try {
await api.post(`/pools/${poolId}/files`, { file_ids: fileIds });
onAdded?.(poolId);
onClose();
} catch {
addError = 'Failed to add to pool';
busy = false;
}
}
let count = $derived(fileIds.length);
</script>
<!-- svelte-ignore a11y_click_events_have_key_events -->
<div class="picker-backdrop" role="presentation" onclick={onClose}></div>
<div class="picker-sheet" class:busy role="dialog" aria-label="Add to pool">
<div class="picker-header">
<span class="picker-title">Add {count} file{count !== 1 ? 's' : ''} to pool</span>
<button class="picker-close" onclick={onClose} aria-label="Close">
<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true">
<path
d="M3 3l10 10M13 3L3 13"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
/>
</svg>
</button>
</div>
<div class="picker-search-wrap">
<input
class="picker-search"
type="search"
placeholder="Search pools…"
bind:value={search}
autocomplete="off"
/>
</div>
{#if loading}
<p class="picker-empty">Loading…</p>
{:else if loadError}
<p class="picker-error">{loadError}</p>
{:else}
{#if addError}
<p class="picker-error">{addError}</p>
{/if}
{#if filtered.length === 0}
<p class="picker-empty">No pools found.</p>
{:else}
<ul class="picker-list">
{#each filtered as pool (pool.id)}
<li>
<button class="picker-item" onclick={() => pool.id && add(pool.id)}>
<span class="picker-item-name">{pool.name}</span>
<span class="picker-item-count">{pool.file_count ?? 0} files</span>
</button>
</li>
{/each}
</ul>
{/if}
{/if}
</div>
<style>
.picker-backdrop {
position: fixed;
inset: 0;
z-index: 110;
background: rgba(0, 0, 0, 0.5);
}
.picker-sheet {
position: fixed;
left: 0;
right: 0;
bottom: 0;
z-index: 111;
background-color: var(--color-bg-secondary);
border-radius: 14px 14px 0 0;
padding-bottom: env(safe-area-inset-bottom, 0px);
max-height: 70dvh;
display: flex;
flex-direction: column;
animation: slide-up 0.18s ease-out;
}
.picker-sheet.busy {
opacity: 0.6;
pointer-events: none;
}
@keyframes slide-up {
from {
transform: translateY(20px);
opacity: 0;
}
to {
transform: translateY(0);
opacity: 1;
}
}
.picker-header {
display: flex;
align-items: center;
padding: 14px 16px 10px;
gap: 8px;
}
.picker-title {
flex: 1;
font-size: 0.95rem;
font-weight: 600;
}
.picker-close {
background: none;
border: none;
cursor: pointer;
color: var(--color-text-muted);
padding: 4px;
display: flex;
align-items: center;
}
.picker-close:hover {
color: var(--color-text-primary);
}
.picker-search-wrap {
padding: 0 14px 10px;
}
.picker-search {
width: 100%;
box-sizing: border-box;
height: 34px;
padding: 0 10px;
border-radius: 8px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-elevated);
color: var(--color-text-primary);
font-size: 0.9rem;
font-family: inherit;
outline: none;
}
.picker-search:focus {
border-color: var(--color-accent);
}
.picker-list {
list-style: none;
margin: 0;
padding: 0 8px 12px;
overflow-y: auto;
flex: 1;
}
.picker-item {
display: flex;
align-items: center;
width: 100%;
text-align: left;
padding: 11px 10px;
border-radius: 8px;
background: none;
border: none;
cursor: pointer;
font-family: inherit;
gap: 8px;
}
.picker-item:hover {
background-color: color-mix(in srgb, var(--color-accent) 12%, transparent);
}
.picker-item-name {
flex: 1;
font-size: 0.95rem;
color: var(--color-text-primary);
}
.picker-item-count {
font-size: 0.8rem;
color: var(--color-text-muted);
}
.picker-empty,
.picker-error {
text-align: center;
padding: 20px;
font-size: 0.9rem;
color: var(--color-text-muted);
}
.picker-error {
color: var(--color-danger);
}
</style>
frontend/src/lib/components/file/TagPicker.svelte
-328
View File
@@ -1,328 +0,0 @@
<script lang="ts">
import type { Tag } from '$lib/api/types';
import { fetchAllTags, sortTags } from '$lib/api/tags';
import { tagSorting } from '$lib/stores/sorting';
interface Props {
fileTags: Tag[];
onAdd: (tagId: string) => Promise<void>;
onRemove: (tagId: string) => Promise<void>;
/** Called when Escape leaves an already-empty filter, so the viewer can
* scroll the preview back into view. */
onExit?: () => void;
}
let { fileTags, onAdd, onRemove, onExit }: Props = $props();
let allTags = $state<Tag[]>([]);
let search = $state('');
let busy = $state(false);
$effect(() => {
fetchAllTags().then((all) => {
allTags = all;
});
});
let assignedIds = $derived(new Set(fileTags.map((t) => t.id)));
let filteredAvailable = $derived(
allTags.filter(
(t) =>
!assignedIds.has(t.id) &&
(!search.trim() || t.name?.toLowerCase().includes(search.toLowerCase()))
)
);
// Show a file's already-assigned tags in the user's chosen tag order too.
let sortedAssigned = $derived(sortTags(fileTags, $tagSorting));
let filteredAssigned = $derived(
search.trim()
? sortedAssigned.filter((t) => t.name?.toLowerCase().includes(search.toLowerCase()))
: sortedAssigned
);
async function handleAdd(tagId: string) {
if (busy) return;
busy = true;
try {
await onAdd(tagId);
} finally {
busy = false;
}
}
async function handleRemove(tagId: string) {
if (busy) return;
busy = true;
try {
await onRemove(tagId);
} finally {
busy = false;
}
}
function tagStyle(tag: Tag) {
const color = tag.color ?? tag.category_color;
return color ? `background-color: #${color}` : '';
}
// ---- Keyboard navigation (from the search input) ----
// ↓/↑ highlight a suggestion, Enter adds it (focus stays for chaining); with the
// input empty, ←/→ walk the assigned pills and Del removes the focused one.
let highlightIdx = $state(0);
let assignedFocusIdx = $state(-1);
$effect(() => {
if (highlightIdx > filteredAvailable.length - 1) {
highlightIdx = Math.max(0, filteredAvailable.length - 1);
}
});
function onSearchKeydown(e: KeyboardEvent) {
if (e.key === 'ArrowDown') {
e.preventDefault();
assignedFocusIdx = -1;
if (filteredAvailable.length) {
highlightIdx = Math.min(highlightIdx + 1, filteredAvailable.length - 1);
}
} else if (e.key === 'ArrowUp') {
e.preventDefault();
assignedFocusIdx = -1;
highlightIdx = Math.max(highlightIdx - 1, 0);
} else if (e.key === 'Enter') {
const tag = filteredAvailable[highlightIdx];
if (tag?.id) {
e.preventDefault();
void handleAdd(tag.id);
}
} else if (e.key === 'ArrowRight' && search === '') {
e.preventDefault();
const n = filteredAssigned.length;
if (n) assignedFocusIdx = assignedFocusIdx < 0 ? 0 : Math.min(assignedFocusIdx + 1, n - 1);
} else if (e.key === 'ArrowLeft' && search === '') {
e.preventDefault();
const n = filteredAssigned.length;
if (n) assignedFocusIdx = assignedFocusIdx < 0 ? n - 1 : Math.max(assignedFocusIdx - 1, 0);
} else if (e.key === 'Delete' && assignedFocusIdx >= 0) {
const tag = filteredAssigned[assignedFocusIdx];
if (tag?.id) {
e.preventDefault();
void handleRemove(tag.id);
assignedFocusIdx = Math.min(assignedFocusIdx, filteredAssigned.length - 2);
}
} else if (e.key === 'Escape') {
e.preventDefault();
if (search) {
// Non-empty filter: just clear it, keeping focus for more editing.
search = '';
assignedFocusIdx = -1;
return;
}
// Empty: blur back to the page (so arrow keys and a further Escape reach
// the viewer) and let it scroll the preview back into view.
assignedFocusIdx = -1;
(e.currentTarget as HTMLInputElement).blur();
onExit?.();
}
}
</script>
<div class="picker" class:busy>
<!-- Assigned tags -->
{#if fileTags.length > 0}
<div class="section-label">Assigned</div>
<div class="tag-row">
{#each filteredAssigned as tag, i (tag.id)}
<button
class="tag assigned"
class:kbfocus={assignedFocusIdx === i}
style={tagStyle(tag)}
onclick={() => handleRemove(tag.id!)}
title="Remove tag"
>
{tag.name}
<span class="remove">×</span>
</button>
{/each}
</div>
{/if}
<!-- Search -->
<div class="search-wrap">
<input
class="search"
type="search"
placeholder="Search tags…"
bind:value={search}
onkeydown={onSearchKeydown}
autocomplete="off"
/>
{#if search}
<button class="search-clear" onclick={() => (search = '')} aria-label="Clear search">
<svg width="14" height="14" viewBox="0 0 14 14" fill="none" aria-hidden="true">
<path
d="M2 2l10 10M12 2L2 12"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
/>
</svg>
</button>
{/if}
</div>
<!-- Available tags -->
{#if filteredAvailable.length > 0}
<div class="section-label">Add tag</div>
<div class="tag-row available-row">
{#each filteredAvailable as tag, i (tag.id)}
<button
class="tag available"
class:hl={highlightIdx === i}
style={tagStyle(tag)}
onclick={() => handleAdd(tag.id!)}
title="Add tag"
>
{tag.name}
</button>
{/each}
</div>
{:else if search.trim()}
<p class="empty">No matching tags</p>
{/if}
</div>
<style>
.picker {
display: flex;
flex-direction: column;
gap: 6px;
}
.picker.busy {
opacity: 0.6;
pointer-events: none;
}
.section-label {
font-size: 0.75rem;
color: var(--color-text-muted);
font-weight: 600;
text-transform: uppercase;
letter-spacing: 0.05em;
}
.tag-row {
display: flex;
flex-wrap: wrap;
gap: 5px;
}
.available-row {
max-height: 140px;
overflow-y: auto;
}
.tag {
display: inline-flex;
align-items: center;
gap: 4px;
height: 26px;
padding: 0 9px;
border-radius: 5px;
font-size: 0.8rem;
font-family: inherit;
cursor: pointer;
border: none;
background-color: var(--color-tag-default);
color: rgba(255, 255, 255, 0.9);
user-select: none;
}
.tag.assigned {
opacity: 0.95;
}
.tag.assigned:hover {
filter: brightness(1.1);
}
.remove {
font-size: 1rem;
line-height: 1;
opacity: 0.7;
}
.tag.available {
opacity: 0.75;
}
.tag.available:hover {
opacity: 1;
filter: brightness(1.1);
}
.tag.available.hl {
opacity: 1;
outline: 2px solid var(--color-accent);
outline-offset: 1px;
}
.tag.assigned.kbfocus {
outline: 2px solid var(--color-danger);
outline-offset: 1px;
}
.search-wrap {
position: relative;
display: flex;
align-items: center;
}
.search {
width: 100%;
box-sizing: border-box;
height: 32px;
padding: 0 10px;
border-radius: 6px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-primary);
color: var(--color-text-primary);
font-size: 0.85rem;
font-family: inherit;
outline: none;
}
.search:focus {
border-color: var(--color-accent);
}
.search-clear {
position: absolute;
right: 6px;
display: flex;
align-items: center;
justify-content: center;
width: 20px;
height: 20px;
border-radius: 50%;
border: none;
background: none;
color: var(--color-text-muted);
cursor: pointer;
padding: 0;
}
.search-clear:hover {
color: var(--color-text-primary);
background-color: color-mix(in srgb, var(--color-accent) 20%, transparent);
}
.empty {
font-size: 0.8rem;
color: var(--color-text-muted);
margin: 0;
}
</style>
frontend/src/lib/components/file/Thumb.svelte
-98
View File
@@ -1,98 +0,0 @@
<script lang="ts">
import { get } from 'svelte/store';
import { authStore } from '$lib/stores/auth';
interface Props {
/** File id whose thumbnail to load. */
id: string;
alt?: string;
/** Square edge length in px. */
size?: number;
}
let { id, alt = '', size = 96 }: Props = $props();
let imgSrc = $state<string | null>(null);
let failed = $state(false);
// Thumbnails are auth-gated, so fetch with the bearer token and render the blob
// (mirrors FileCard's loader). Re-runs whenever the id changes.
$effect(() => {
const token = get(authStore).accessToken;
let objectUrl: string | null = null;
let cancelled = false;
imgSrc = null;
failed = false;
fetch(`/api/v1/files/${id}/thumbnail`, {
headers: token ? { Authorization: `Bearer ${token}` } : {}
})
.then((res) => (res.ok ? res.blob() : null))
.then((blob) => {
if (cancelled || !blob) {
if (!cancelled) failed = true;
return;
}
objectUrl = URL.createObjectURL(blob);
imgSrc = objectUrl;
})
.catch(() => {
if (!cancelled) failed = true;
});
return () => {
cancelled = true;
if (objectUrl) URL.revokeObjectURL(objectUrl);
};
});
</script>
<div class="thumb" style="width:{size}px;height:{size}px">
{#if imgSrc}
<img src={imgSrc} {alt} draggable="false" />
{:else if failed}
<div class="ph failed" aria-label="Failed to load"></div>
{:else}
<div class="ph loading" aria-label="Loading"></div>
{/if}
</div>
<style>
.thumb {
overflow: hidden;
border-radius: 8px;
background-color: var(--color-bg-elevated);
flex-shrink: 0;
}
img {
width: 100%;
height: 100%;
object-fit: contain;
display: block;
}
.ph {
width: 100%;
height: 100%;
}
.ph.loading {
background: linear-gradient(
90deg,
var(--color-bg-elevated) 25%,
color-mix(in srgb, var(--color-accent) 12%, var(--color-bg-elevated)) 50%,
var(--color-bg-elevated) 75%
);
background-size: 200% 100%;
animation: shimmer 1.4s infinite;
}
.ph.failed {
background-color: color-mix(in srgb, var(--color-danger) 15%, var(--color-bg-elevated));
}
@keyframes shimmer {
0% {
background-position: 200% 0;
}
100% {
background-position: -200% 0;
}
}
</style>
frontend/src/lib/components/layout/Header.svelte
-225
View File
@@ -1,225 +0,0 @@
<script lang="ts">
import type { SortOrder } from '$lib/stores/sorting';
import { selectionStore, selectionActive } from '$lib/stores/selection';
interface Props {
sortOptions: { value: string; label: string }[];
sort: string;
order: SortOrder;
filterActive?: boolean;
onSortChange: (sort: string) => void;
onOrderToggle: () => void;
onFilterToggle: () => void;
onUpload?: () => void;
onTrash?: () => void;
onDuplicates?: () => void;
}
let {
sortOptions,
sort,
order,
filterActive = false,
onSortChange,
onOrderToggle,
onFilterToggle,
onUpload,
onTrash,
onDuplicates
}: Props = $props();
</script>
<header>
<button
class="select-btn"
class:active={$selectionActive}
onclick={() => ($selectionActive ? selectionStore.exit() : selectionStore.enter())}
>
{$selectionActive ? 'Cancel' : 'Select'}
</button>
{#if onUpload}
<button class="upload-btn icon-btn" onclick={onUpload} title="Upload files">
<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true">
<path
d="M8 2v9M4 6l4-4 4 4"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
stroke-linejoin="round"
/>
<path d="M2 13h12" stroke="currentColor" stroke-width="1.8" stroke-linecap="round" />
</svg>
</button>
{/if}
{#if onDuplicates}
<button class="icon-btn dup-btn" onclick={onDuplicates} title="Duplicates">
<svg width="15" height="15" viewBox="0 0 15 15" fill="none" aria-hidden="true">
<rect x="2" y="2" width="8" height="8" rx="1.5" stroke="currentColor" stroke-width="1.5" />
<path
d="M5 12.5h6A1.5 1.5 0 0 0 12.5 11V5"
stroke="currentColor"
stroke-width="1.5"
stroke-linecap="round"
/>
</svg>
</button>
{/if}
{#if onTrash}
<button class="icon-btn trash-btn" onclick={onTrash} title="Trash">
<svg width="15" height="15" viewBox="0 0 15 15" fill="none" aria-hidden="true">
<path
d="M2 4h11M5 4V2.5h5V4M5.5 7v4.5M9.5 7v4.5M3 4l.8 9h7.4l.8-9"
stroke="currentColor"
stroke-width="1.6"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
</button>
{/if}
<div class="controls">
<select
class="sort-select"
value={sort}
onchange={(e) => onSortChange((e.currentTarget as HTMLSelectElement).value)}
>
{#each sortOptions as opt}
<option value={opt.value}>{opt.label}</option>
{/each}
</select>
<button
class="icon-btn order-btn"
onclick={onOrderToggle}
title={order === 'asc' ? 'Ascending' : 'Descending'}
>
{#if order === 'asc'}
<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true">
<path
d="M4 10L8 6L12 10"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
{:else}
<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true">
<path
d="M4 6L8 10L12 6"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
stroke-linejoin="round"
/>
</svg>
{/if}
</button>
<button
class="icon-btn filter-btn"
class:active={filterActive}
onclick={onFilterToggle}
title="Filter"
>
<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true">
<path
d="M2 4h12M4 8h8M6 12h4"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
/>
</svg>
</button>
</div>
</header>
<style>
header {
display: flex;
align-items: center;
padding: 6px 10px;
background-color: var(--color-bg-primary);
border-bottom: 1px solid color-mix(in srgb, var(--color-accent) 15%, transparent);
gap: 6px;
flex-shrink: 0;
position: sticky;
top: 0;
z-index: 10;
}
.select-btn {
height: 30px;
padding: 0 12px;
border-radius: 6px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-elevated);
color: var(--color-text-muted);
font-size: 0.85rem;
font-family: inherit;
cursor: pointer;
}
.select-btn:hover {
color: var(--color-text-primary);
border-color: var(--color-accent);
}
.select-btn.active {
background-color: color-mix(in srgb, var(--color-accent) 25%, var(--color-bg-elevated));
color: var(--color-accent);
border-color: var(--color-accent);
}
.controls {
display: flex;
align-items: center;
gap: 4px;
margin-left: auto;
}
.sort-select {
height: 30px;
padding: 0 8px;
border-radius: 6px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-elevated);
color: var(--color-text-primary);
font-size: 0.85rem;
font-family: inherit;
cursor: pointer;
outline: none;
}
.sort-select:focus {
border-color: var(--color-accent);
}
.icon-btn {
width: 30px;
height: 30px;
display: flex;
align-items: center;
justify-content: center;
border-radius: 6px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-elevated);
color: var(--color-text-muted);
cursor: pointer;
}
.icon-btn:hover {
color: var(--color-text-primary);
border-color: var(--color-accent);
}
.icon-btn.active {
background-color: color-mix(in srgb, var(--color-accent) 25%, var(--color-bg-elevated));
color: var(--color-accent);
border-color: var(--color-accent);
}
</style>
frontend/src/lib/components/layout/KeyboardHelp.svelte
-193
View File
@@ -1,193 +0,0 @@
<script lang="ts">
interface Props {
onClose: () => void;
}
let { onClose }: Props = $props();
// Static cheat-sheet of the app's shortcuts, grouped by context. Kept in sync
// by hand with the per-context handlers (global nav here, the rest on the
// Files page / viewer / tag pickers).
const groups: { title: string; rows: [string, string][] }[] = [
{
title: 'Anywhere',
rows: [
['g then c / t / f / p / s', 'Go to Categories / Tags / Files / Pools / Settings'],
['1 5', 'Jump to a section'],
['?', 'Toggle this help'],
['/', 'Focus the filter / search']
]
},
{
title: 'File grid',
rows: [
['↑ ↓ ← →', 'Move focus between files'],
['Enter', 'Open the focused file'],
['Space / x', 'Select / deselect'],
['Shift+Space / Shift+x', 'Select a range from the anchor'],
['e', 'Edit tags (focus the tag filter)'],
['p', 'Add to pool'],
['Del', 'Move to trash'],
['Esc', 'Clear selection']
]
},
{
title: 'Viewer',
rows: [
['← / → or j / k', 'Previous / next file'],
['e', 'Jump to tags & focus the filter'],
['Esc', 'Close']
]
},
{
title: 'Tag editor / filter',
rows: [
['↓ ↑', 'Highlight a suggestion'],
['Enter', 'Add the highlighted tag'],
['← →', 'Move across added tags / tokens (empty input)'],
['Del', 'Remove the focused tag / token'],
['& | ! ( )', 'Insert an operator (filter only)'],
['Ctrl+Enter', 'Apply the filter'],
['Ctrl+Backspace', 'Reset the filter'],
['Esc', 'Leave the field / close']
]
}
];
</script>
<!-- svelte-ignore a11y_click_events_have_key_events a11y_no_static_element_interactions -->
<div class="backdrop" role="presentation" onclick={onClose}></div>
<div class="sheet" role="dialog" aria-label="Keyboard shortcuts" aria-modal="true">
<div class="head">
<span class="title">Keyboard shortcuts</span>
<button class="close" onclick={onClose} aria-label="Close">
<svg width="16" height="16" viewBox="0 0 16 16" fill="none" aria-hidden="true">
<path
d="M3 3l10 10M13 3L3 13"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
/>
</svg>
</button>
</div>
<div class="body">
{#each groups as group}
<section class="group">
<h3 class="group-title">{group.title}</h3>
{#each group.rows as [keys, desc]}
<div class="row">
<kbd class="keys">{keys}</kbd>
<span class="desc">{desc}</span>
</div>
{/each}
</section>
{/each}
</div>
</div>
<style>
.backdrop {
position: fixed;
inset: 0;
z-index: 300;
background: rgba(0, 0, 0, 0.5);
}
.sheet {
position: fixed;
left: 50%;
top: 50%;
transform: translate(-50%, -50%);
z-index: 301;
width: min(560px, calc(100vw - 24px));
max-height: min(80dvh, 640px);
display: flex;
flex-direction: column;
background-color: var(--color-bg-secondary);
border-radius: 14px;
box-shadow: 0 8px 40px rgba(0, 0, 0, 0.5);
animation: pop 0.16s ease-out;
}
@keyframes pop {
from {
transform: translate(-50%, -48%) scale(0.98);
opacity: 0;
}
to {
transform: translate(-50%, -50%) scale(1);
opacity: 1;
}
}
.head {
display: flex;
align-items: center;
padding: 14px 16px 10px;
}
.title {
flex: 1;
font-size: 1rem;
font-weight: 600;
}
.close {
background: none;
border: none;
cursor: pointer;
color: var(--color-text-muted);
padding: 4px;
display: flex;
}
.close:hover {
color: var(--color-text-primary);
}
.body {
padding: 0 16px 18px;
overflow-y: auto;
display: grid;
grid-template-columns: repeat(auto-fit, minmax(230px, 1fr));
gap: 6px 20px;
}
.group {
break-inside: avoid;
padding-top: 8px;
}
.group-title {
font-size: 0.72rem;
text-transform: uppercase;
letter-spacing: 0.06em;
color: var(--color-accent);
margin: 0 0 6px;
}
.row {
display: flex;
align-items: baseline;
gap: 10px;
padding: 3px 0;
}
.keys {
flex-shrink: 0;
font-family: var(--font-sans);
font-size: 0.72rem;
color: var(--color-text-primary);
background-color: var(--color-bg-elevated);
border: 1px solid color-mix(in srgb, var(--color-accent) 25%, transparent);
border-radius: 5px;
padding: 2px 6px;
white-space: nowrap;
}
.desc {
font-size: 0.82rem;
color: var(--color-text-muted);
}
</style>
frontend/src/lib/components/layout/SelectionBar.svelte
-160
View File
@@ -1,160 +0,0 @@
<script lang="ts">
import { selectionStore, selectionCount } from '$lib/stores/selection';
interface Props {
onEditTags: () => void;
onAddToPool: () => void;
onMarkReviewed: () => void;
onDelete: () => void;
}
let { onEditTags, onAddToPool, onMarkReviewed, onDelete }: Props = $props();
</script>
<div class="bar" role="toolbar" aria-label="Selection actions">
<div class="row">
<!-- Count / deselect all -->
<button class="count" onclick={() => selectionStore.exit()} title="Clear selection">
<span class="num">{$selectionCount}</span>
<span class="label">selected</span>
<svg
class="close-icon"
width="14"
height="14"
viewBox="0 0 14 14"
fill="none"
aria-hidden="true"
>
<path
d="M2 2l10 10M12 2L2 12"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
/>
</svg>
</button>
<div class="spacer"></div>
<button class="action edit-tags" onclick={onEditTags}>Edit tags</button>
<button class="action add-pool" onclick={onAddToPool}>Add to pool</button>
<button class="action mark-reviewed" onclick={onMarkReviewed}>Mark reviewed</button>
<button class="action delete" onclick={onDelete}>Delete</button>
</div>
</div>
<style>
.bar {
position: fixed;
left: 10px;
right: 10px;
bottom: 65px;
box-sizing: border-box;
background-color: var(--color-bg-secondary);
border-radius: 10px;
box-shadow: 0 0 12px rgba(0, 0, 0, 0.5);
padding: 12px 14px;
z-index: 100;
animation: slide-up 0.18s ease-out;
}
@keyframes slide-up {
from {
transform: translateY(12px);
opacity: 0;
}
to {
transform: translateY(0);
opacity: 1;
}
}
.row {
display: flex;
align-items: center;
gap: 4px;
}
.spacer {
flex: 1;
}
.count {
display: flex;
align-items: center;
gap: 5px;
background: none;
border: none;
cursor: pointer;
padding: 4px 6px;
border-radius: 6px;
color: var(--color-text-muted);
font-family: inherit;
}
.count:hover {
background-color: color-mix(in srgb, var(--color-accent) 12%, transparent);
color: var(--color-text-primary);
}
.num {
font-size: 1.1rem;
font-weight: 700;
color: var(--color-text-primary);
}
.label {
font-size: 0.85rem;
}
.close-icon {
opacity: 0.5;
}
.count:hover .close-icon {
opacity: 1;
}
.action {
background: none;
border: none;
cursor: pointer;
padding: 6px 10px;
border-radius: 6px;
font-size: 0.85rem;
font-family: inherit;
font-weight: 600;
}
.edit-tags {
color: var(--color-info);
}
.edit-tags:hover {
background-color: color-mix(in srgb, var(--color-info) 15%, transparent);
}
.add-pool {
color: var(--color-warning);
}
.add-pool:hover {
background-color: color-mix(in srgb, var(--color-warning) 15%, transparent);
}
.mark-reviewed {
color: var(--color-success);
}
.mark-reviewed:hover {
background-color: color-mix(in srgb, var(--color-success) 15%, transparent);
}
.delete {
color: var(--color-danger);
}
.delete:hover {
background-color: color-mix(in srgb, var(--color-danger) 15%, transparent);
}
</style>
frontend/src/lib/components/tag/TagBadge.svelte
-75
View File
@@ -1,75 +0,0 @@
<script lang="ts">
import type { Tag } from '$lib/api/types';
interface Props {
tag: Tag;
onclick?: () => void;
size?: 'sm' | 'md';
/** Roving keyboard-focus ring (shown only during keyboard navigation). */
focused?: boolean;
/** Position in a roving-focus grid; exposed as data-item-index for nav. */
index?: number;
}
let { tag, onclick, size = 'md', focused = false, index }: Props = $props();
const color = tag.color ?? tag.category_color;
const style = color ? `background-color: #${color}` : '';
</script>
{#if onclick}
<button
class="badge {size}"
class:focused
{style}
{onclick}
type="button"
data-item-index={index}
>
{tag.name}
</button>
{:else}
<span class="badge {size}" {style}>{tag.name}</span>
{/if}
<style>
.badge {
display: inline-flex;
align-items: center;
border-radius: 5px;
font-family: inherit;
background-color: var(--color-tag-default);
color: rgba(255, 255, 255, 0.9);
white-space: nowrap;
border: none;
cursor: default;
}
.badge.md {
height: 28px;
padding: 0 10px;
font-size: 0.85rem;
}
.badge.sm {
height: 22px;
padding: 0 7px;
font-size: 0.75rem;
}
button.badge {
cursor: pointer;
}
button.badge:hover {
filter: brightness(1.15);
}
.badge.focused {
outline: 2px solid var(--color-text-primary);
outline-offset: 2px;
/* Keep the ring clear of the fixed bottom navbar when scrolled into view. */
scroll-margin-bottom: calc(72px + env(safe-area-inset-bottom, 0px));
scroll-margin-top: 52px;
}
</style>
frontend/src/lib/components/tag/TagRuleEditor.svelte
-333
View File
@@ -1,333 +0,0 @@
<script lang="ts">
import { api, ApiError } from '$lib/api/client';
import type { Tag, TagRule } from '$lib/api/types';
import { fetchAllTags } from '$lib/api/tags';
import TagBadge from './TagBadge.svelte';
import { appSettings } from '$lib/stores/appSettings';
interface Props {
tagId: string;
rules: TagRule[];
onRulesChange: (rules: TagRule[]) => void;
}
let { tagId, rules, onRulesChange }: Props = $props();
let allTags = $state<Tag[]>([]);
let search = $state('');
let busy = $state(false);
let error = $state('');
$effect(() => {
fetchAllTags().then((all) => {
allTags = all;
});
});
// IDs already used in rules
let usedIds = $derived(new Set(rules.map((r) => r.then_tag_id)));
let filteredTags = $derived(
allTags.filter(
(t) =>
t.id !== tagId &&
!usedIds.has(t.id) &&
(!search.trim() || t.name?.toLowerCase().includes(search.toLowerCase()))
)
);
function tagForId(id: string | undefined) {
return allTags.find((t) => t.id === id);
}
async function addRule(thenTagId: string) {
if (busy) return;
busy = true;
error = '';
try {
const rule = await api.post<TagRule>(`/tags/${tagId}/rules`, {
then_tag_id: thenTagId,
is_active: true,
apply_to_existing: $appSettings.tagRuleApplyToExisting
});
onRulesChange([...rules, rule]);
search = '';
} catch (e) {
error = e instanceof ApiError ? e.message : 'Failed to add rule';
} finally {
busy = false;
}
}
async function toggleRule(rule: TagRule) {
if (busy) return;
busy = true;
error = '';
const thenTagId = rule.then_tag_id!;
const activating = !rule.is_active;
try {
const body: Record<string, unknown> = { is_active: activating };
if (activating) body.apply_to_existing = $appSettings.tagRuleApplyToExisting;
const updated = await api.patch<TagRule>(`/tags/${tagId}/rules/${thenTagId}`, body);
onRulesChange(rules.map((r) => (r.then_tag_id === thenTagId ? updated : r)));
} catch (e) {
error = e instanceof ApiError ? e.message : 'Failed to update rule';
} finally {
busy = false;
}
}
async function removeRule(thenTagId: string) {
if (busy) return;
busy = true;
error = '';
try {
await api.delete(`/tags/${tagId}/rules/${thenTagId}`);
onRulesChange(rules.filter((r) => r.then_tag_id !== thenTagId));
} catch (e) {
error = e instanceof ApiError ? e.message : 'Failed to remove rule';
} finally {
busy = false;
}
}
</script>
<div class="editor" class:busy>
<p class="desc">When this tag is applied, also apply:</p>
{#if error}
<p class="error" role="alert">{error}</p>
{/if}
<!-- Current rules -->
{#if rules.length > 0}
<div class="rule-list">
{#each rules as rule (rule.then_tag_id)}
{@const t = tagForId(rule.then_tag_id)}
<div class="rule-row" class:inactive={!rule.is_active}>
{#if t}
<TagBadge tag={t} size="sm" />
{:else}
<span class="unknown">{rule.then_tag_name ?? rule.then_tag_id}</span>
{/if}
<button
class="toggle-btn"
class:active={rule.is_active}
onclick={() => toggleRule(rule)}
title={rule.is_active ? 'Deactivate rule' : 'Activate rule'}
aria-label={rule.is_active ? 'Deactivate rule' : 'Activate rule'}
>
{#if rule.is_active}
<svg width="12" height="12" viewBox="0 0 12 12" fill="none" aria-hidden="true">
<circle cx="6" cy="6" r="5" stroke="currentColor" stroke-width="1.5" />
<circle cx="6" cy="6" r="2.5" fill="currentColor" />
</svg>
{:else}
<svg width="12" height="12" viewBox="0 0 12 12" fill="none" aria-hidden="true">
<circle cx="6" cy="6" r="5" stroke="currentColor" stroke-width="1.5" />
</svg>
{/if}
</button>
<button
class="remove-btn"
onclick={() => removeRule(rule.then_tag_id!)}
aria-label="Remove rule">×</button
>
</div>
{/each}
</div>
{:else}
<p class="empty">No rules — when this tag is applied, nothing extra happens.</p>
{/if}
<!-- Add rule -->
<div class="add-section">
<div class="section-label">Add rule</div>
<div class="search-wrap">
<input
class="search"
type="search"
placeholder="Search tags to add…"
bind:value={search}
autocomplete="off"
/>
{#if search}
<button class="search-clear" onclick={() => (search = '')} aria-label="Clear search">
<svg width="14" height="14" viewBox="0 0 14 14" fill="none" aria-hidden="true">
<path
d="M2 2l10 10M12 2L2 12"
stroke="currentColor"
stroke-width="1.8"
stroke-linecap="round"
/>
</svg>
</button>
{/if}
</div>
<div class="tag-pick">
{#each filteredTags as t (t.id)}
<TagBadge tag={t} size="sm" onclick={() => addRule(t.id!)} />
{:else}
<span class="empty">{search.trim() ? 'No matching tags' : 'All tags already added'}</span>
{/each}
</div>
</div>
</div>
<style>
.editor {
display: flex;
flex-direction: column;
gap: 8px;
}
.editor.busy {
opacity: 0.6;
pointer-events: none;
}
.desc {
font-size: 0.82rem;
color: var(--color-text-muted);
margin: 0;
}
.rule-list {
display: flex;
flex-wrap: wrap;
gap: 6px;
align-items: center;
}
.rule-row {
display: inline-flex;
align-items: center;
gap: 2px;
}
.rule-row.inactive {
opacity: 0.45;
}
.toggle-btn {
display: flex;
align-items: center;
justify-content: center;
background: none;
border: none;
color: var(--color-text-muted);
cursor: pointer;
padding: 2px 3px;
border-radius: 3px;
line-height: 1;
}
.toggle-btn.active {
color: var(--color-accent);
}
.toggle-btn:hover {
color: var(--color-text-primary);
}
.remove-btn {
background: none;
border: none;
color: var(--color-text-muted);
font-size: 1rem;
line-height: 1;
cursor: pointer;
padding: 1px 3px;
border-radius: 3px;
}
.remove-btn:hover {
color: var(--color-danger);
}
.unknown {
font-size: 0.75rem;
color: var(--color-text-muted);
font-family: monospace;
}
.section-label {
font-size: 0.75rem;
font-weight: 600;
color: var(--color-text-muted);
text-transform: uppercase;
letter-spacing: 0.05em;
margin-bottom: 4px;
}
.add-section {
display: flex;
flex-direction: column;
gap: 6px;
}
.search-wrap {
position: relative;
display: flex;
align-items: center;
}
.search {
width: 100%;
box-sizing: border-box;
height: 32px;
padding: 0 10px;
border-radius: 6px;
border: 1px solid color-mix(in srgb, var(--color-accent) 30%, transparent);
background-color: var(--color-bg-primary);
color: var(--color-text-primary);
font-size: 0.85rem;
font-family: inherit;
outline: none;
}
.search:focus {
border-color: var(--color-accent);
}
.search-clear {
position: absolute;
right: 6px;
display: flex;
align-items: center;
justify-content: center;
width: 20px;
height: 20px;
border-radius: 50%;
border: none;
background: none;
color: var(--color-text-muted);
cursor: pointer;
padding: 0;
}
.search-clear:hover {
color: var(--color-text-primary);
background-color: color-mix(in srgb, var(--color-accent) 20%, transparent);
}
.tag-pick {
display: flex;
flex-wrap: wrap;
gap: 5px;
max-height: 100px;
overflow-y: auto;
}
.empty {
font-size: 0.8rem;
color: var(--color-text-muted);
margin: 0;
}
.error {
font-size: 0.8rem;
color: var(--color-danger);
margin: 0;
}
</style>
frontend/src/lib/stores/appSettings.ts
-28
View File
@@ -1,28 +0,0 @@
import { writable } from 'svelte/store';
import { browser } from '$app/environment';
export interface AppSettings {
fileLoadLimit: number;
tagRuleApplyToExisting: boolean;
}
const DEFAULTS: AppSettings = {
fileLoadLimit: 100,
tagRuleApplyToExisting: true
};
function load(): AppSettings {
if (!browser) return { ...DEFAULTS };
try {
const stored = JSON.parse(localStorage.getItem('app-settings') ?? 'null');
return stored ? { ...DEFAULTS, ...stored } : { ...DEFAULTS };
} catch {
return { ...DEFAULTS };
}
}
export const appSettings = writable<AppSettings>(load());
appSettings.subscribe((v) => {
if (browser) localStorage.setItem('app-settings', JSON.stringify(v));
});
frontend/src/lib/stores/auth.ts
-59
View File
@@ -1,59 +0,0 @@
import { writable, derived } from 'svelte/store';
export interface AuthUser {
id: number;
name: string;
isAdmin: boolean;
}
export interface AuthState {
accessToken: string | null;
refreshToken: string | null;
user: AuthUser | null;
}
const initial: AuthState = { accessToken: null, refreshToken: null, user: null };
function loadStored(): AuthState {
if (typeof localStorage === 'undefined') return initial;
try {
return JSON.parse(localStorage.getItem('auth') ?? 'null') ?? initial;
} catch {
return initial;
}
}
export const authStore = writable<AuthState>(loadStored());
// Persist on change. Compare first so a value that just arrived from another tab
// (applied by the storage listener below) isn't written straight back, which
// would risk a storage-event echo between tabs.
authStore.subscribe((state) => {
if (typeof localStorage === 'undefined') return;
const serialized = JSON.stringify(state);
if (localStorage.getItem('auth') !== serialized) {
localStorage.setItem('auth', serialized);
}
});
// Keep tabs in sync. Refresh tokens rotate on every use (each refresh deletes the
// old session server-side), so when one tab logs in, refreshes, or logs out, the
// others must pick up the new tokens — or the cleared session — immediately.
// Otherwise a second tab would later refresh with a token that's already been
// rotated away and get bounced to the login screen.
if (typeof window !== 'undefined') {
window.addEventListener('storage', (e) => {
if (e.key !== 'auth') return;
let next: AuthState = initial;
if (e.newValue) {
try {
next = (JSON.parse(e.newValue) as AuthState) ?? initial;
} catch {
next = initial;
}
}
authStore.set(next);
});
}
export const isAuthenticated = derived(authStore, ($auth) => !!$auth.accessToken);
frontend/src/lib/stores/listScroll.ts
-19
View File
@@ -1,19 +0,0 @@
// Reapply a restored scroll offset to a list's scroller, retrying across frames
// because the list may not be laid out yet right after a cache rehydrate (and
// SvelteKit resets scroll to the top on navigation, so this has to win after).
export function restoreListScroll(getEl: () => HTMLElement | undefined, top: number): void {
let tries = 12;
const apply = () => {
const el = getEl();
if (!el) {
if (tries-- > 0) requestAnimationFrame(apply);
return;
}
if (el.scrollHeight > top + el.clientHeight || tries-- <= 0) {
el.scrollTop = top;
return;
}
requestAnimationFrame(apply);
};
requestAnimationFrame(apply);
}
frontend/src/lib/stores/sectionCache.ts
-47
View File
@@ -1,47 +0,0 @@
// In-memory, per-section view cache. When you leave a list (Files, Tags, …) for
// another section and come back, the page restores its loaded items, pagination
// cursors and scroll position from here instead of refetching from scratch.
//
// Kept deliberately simple: a plain module-level Map that lives for the session.
// No TTL — a snapshot is taken from the page's current state on the way out, so
// it already reflects local mutations (deletes, uploads, tag edits). It is
// dropped on a full reload, and each page validates the snapshot's `resetKey`
// (sort/filter/search) before trusting it, so a stale query never restores.
export type SectionKey = 'files' | 'tags' | 'categories' | 'pools';
/** Snapshot shape shared by the offset-paginated lists (tags/categories/pools). */
export interface OffsetListSnapshot<T> {
/** sort|order|search at capture — guards against restoring a different query. */
resetKey: string;
search: string;
items: T[];
total: number;
offset: number;
}
interface Snapshot<T> {
/** Scroll offset of the list's scroller at capture time. */
scrollTop: number;
/** Page-specific state blob; opaque to this module. */
data: T;
savedAt: number;
}
const cache = new Map<SectionKey, Snapshot<unknown>>();
export function saveSection<T>(key: SectionKey, scrollTop: number, data: T): void {
cache.set(key, { scrollTop, data, savedAt: Date.now() });
}
/** Read and remove a section's snapshot (restore consumes it). */
export function takeSection<T>(key: SectionKey): { scrollTop: number; data: T } | null {
const snap = cache.get(key) as Snapshot<T> | undefined;
if (!snap) return null;
cache.delete(key);
return { scrollTop: snap.scrollTop, data: snap.data };
}
export function clearSection(key: SectionKey): void {
cache.delete(key);
}
frontend/src/lib/stores/selection.ts
-65
View File
@@ -1,65 +0,0 @@
import { writable, derived } from 'svelte/store';
interface SelectionState {
active: boolean;
ids: Set<string>;
}
function createSelectionStore() {
const { subscribe, update, set } = writable<SelectionState>({
active: false,
ids: new Set()
});
return {
subscribe,
enter() {
update((s) => ({ ...s, active: true }));
},
exit() {
set({ active: false, ids: new Set() });
},
toggle(id: string) {
update((s) => {
const ids = new Set(s.ids);
if (ids.has(id)) {
ids.delete(id);
} else {
ids.add(id);
}
// Exit selection mode automatically when last item is deselected
const active = ids.size > 0;
return { active, ids };
});
},
select(id: string) {
update((s) => {
const ids = new Set(s.ids);
ids.add(id);
return { active: true, ids };
});
},
deselect(id: string) {
update((s) => {
const ids = new Set(s.ids);
ids.delete(id);
const active = ids.size > 0;
return { active, ids };
});
},
clear() {
set({ active: false, ids: new Set() });
}
};
}
export const selectionStore = createSelectionStore();
export const selectionCount = derived(selectionStore, ($s) => $s.ids.size);
export const selectionActive = derived(selectionStore, ($s) => $s.active);
frontend/src/lib/stores/sorting.ts
-58
View File
@@ -1,58 +0,0 @@
import { writable } from 'svelte/store';
import { browser } from '$app/environment';
export type FileSortField = 'content_datetime' | 'created' | 'original_name' | 'mime';
export type TagSortField = 'name' | 'color' | 'category_name' | 'created';
export type SortOrder = 'asc' | 'desc';
export interface SortState<F extends string> {
sort: F;
order: SortOrder;
}
function makeSortStore<F extends string>(key: string, defaults: SortState<F>) {
const stored = browser ? localStorage.getItem(key) : null;
const initial: SortState<F> = stored ? (JSON.parse(stored) as SortState<F>) : defaults;
const store = writable<SortState<F>>(initial);
store.subscribe((v) => {
if (browser) localStorage.setItem(key, JSON.stringify(v));
});
return {
subscribe: store.subscribe,
setSort(sort: F) {
store.update((s) => ({ ...s, sort }));
},
setOrder(order: SortOrder) {
store.update((s) => ({ ...s, order }));
},
toggleOrder() {
store.update((s) => ({ ...s, order: s.order === 'asc' ? 'desc' : 'asc' }));
}
};
}
export const fileSorting = makeSortStore<FileSortField>('sort:files', {
sort: 'created',
order: 'desc'
});
export const tagSorting = makeSortStore<TagSortField>('sort:tags', {
sort: 'created',
order: 'desc'
});
export type CategorySortField = 'name' | 'color' | 'created';
export const categorySorting = makeSortStore<CategorySortField>('sort:categories', {
sort: 'name',
order: 'asc'
});
export type PoolSortField = 'name' | 'created';
export const poolSorting = makeSortStore<PoolSortField>('sort:pools', {
sort: 'created',
order: 'desc'
});

Some files were not shown because too many files have changed in this diff Show More