mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2025-06-07 18:44:08 +00:00
Julien Fastré
d688022825
Added new files for handling asynchronous file uploads in ChillDocStoreBundle. The new files include a controller for generating temporary URLs (AsyncUploadController.php), a security authorization file (AsyncUploadVoter.php), and a corresponding test file (AsyncUploadControllerTest.php). These implementations permit asynchronous uploads via POST, GET, and HEAD methods while maintaining security protocols.
101 lines
3.8 KiB
PHP
101 lines
3.8 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
/*
|
|
* Chill is a software for social workers
|
|
*
|
|
* For the full copyright and license information, please view
|
|
* the LICENSE file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Chill\DocStoreBundle\Controller;
|
|
|
|
use Chill\DocStoreBundle\AsyncUpload\Exception\TempUrlGeneratorException;
|
|
use Chill\DocStoreBundle\AsyncUpload\TempUrlGeneratorInterface;
|
|
use Chill\DocStoreBundle\Security\Authorization\AsyncUploadVoter;
|
|
use Psr\Log\LoggerInterface;
|
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
use Symfony\Component\HttpFoundation\Response;
|
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
|
use Symfony\Component\Routing\Annotation\Route;
|
|
use Symfony\Component\Security\Core\Security;
|
|
use Symfony\Component\Serializer\Normalizer\AbstractNormalizer;
|
|
use Symfony\Component\Serializer\SerializerInterface;
|
|
|
|
final readonly class AsyncUploadController
|
|
{
|
|
public function __construct(
|
|
private TempUrlGeneratorInterface $tempUrlGenerator,
|
|
private SerializerInterface $serializer,
|
|
private Security $security,
|
|
private LoggerInterface $logger,
|
|
) {}
|
|
|
|
/**
|
|
* @Route("/asyncupload/temp_url/generate/{method}",
|
|
* name="async_upload.generate_url")
|
|
*/
|
|
public function getSignedUrl(string $method, Request $request): JsonResponse
|
|
{
|
|
try {
|
|
switch (strtolower($method)) {
|
|
case 'post':
|
|
$p = $this->tempUrlGenerator
|
|
->generatePost(
|
|
$request->query->has('expires_delay') ? $request->query->getInt('expires_delay') : null,
|
|
$request->query->has('submit_delay') ? $request->query->getInt('submit_delay') : null
|
|
)
|
|
;
|
|
break;
|
|
case 'get':
|
|
case 'head':
|
|
$object_name = $request->query->get('object_name', null);
|
|
|
|
if (null === $object_name) {
|
|
return (new JsonResponse((object) [
|
|
'message' => 'the object_name is null',
|
|
]))
|
|
->setStatusCode(JsonResponse::HTTP_BAD_REQUEST);
|
|
}
|
|
$p = $this->tempUrlGenerator->generate(
|
|
$method,
|
|
$object_name,
|
|
$request->query->has('expires_delay') ? $request->query->getInt('expires_delay') : null
|
|
);
|
|
break;
|
|
default:
|
|
return (new JsonResponse((object) ['message' => 'the method '
|
|
."{$method} is not valid"]))
|
|
->setStatusCode(JsonResponse::HTTP_BAD_REQUEST);
|
|
}
|
|
} catch (TempUrlGeneratorException $e) {
|
|
$this->logger->warning('The client requested a temp url'
|
|
.' which sparkle an error.', [
|
|
'message' => $e->getMessage(),
|
|
'expire_delay' => $request->query->getInt('expire_delay', 0),
|
|
'file_count' => $request->query->getInt('file_count', 1),
|
|
'method' => $method,
|
|
]);
|
|
|
|
$p = new \stdClass();
|
|
$p->message = $e->getMessage();
|
|
$p->status = JsonResponse::HTTP_BAD_REQUEST;
|
|
|
|
return new JsonResponse($p, JsonResponse::HTTP_BAD_REQUEST);
|
|
}
|
|
|
|
if (!$this->security->isGranted(AsyncUploadVoter::GENERATE_SIGNATURE, $p)) {
|
|
throw new AccessDeniedHttpException('not allowed to generate this signature');
|
|
}
|
|
|
|
return new JsonResponse(
|
|
$this->serializer->serialize($p, 'json', [AbstractNormalizer::GROUPS => ['read']]),
|
|
Response::HTTP_OK,
|
|
[],
|
|
true
|
|
);
|
|
}
|
|
}
|