Eliminate all code, tests, and utilities related to the legacy 'unclaimed' user scope. All API endpoints, document and audiobook storage, and access logic now require a valid authenticated userId and only operate on resources owned by that user. Remove related helper functions, test cases, and conditional flows for anonymous/unclaimed data. Update types, client APIs, and UI logic to reflect that only 'user' scope is supported. This simplifies ownership checks and removes ambiguity around document and audiobook access.
81 lines
3 KiB
TypeScript
81 lines
3 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server';
|
|
import { and, eq, inArray } from 'drizzle-orm';
|
|
import { db } from '@/db';
|
|
import { documents } from '@/db/schema';
|
|
import { requireAuthContext } from '@/lib/server/auth/auth';
|
|
import { isValidDocumentId, presignGet } from '@/lib/server/documents/blobstore';
|
|
import { getOpenReaderTestNamespace } from '@/lib/server/testing/test-namespace';
|
|
import { isS3Configured } from '@/lib/server/storage/s3';
|
|
import { errorToLog, serverLogger } from '@/lib/server/logger';
|
|
import { errorResponse } from '@/lib/server/errors/next-response';
|
|
|
|
export const dynamic = 'force-dynamic';
|
|
|
|
function s3NotConfiguredResponse(): NextResponse {
|
|
return NextResponse.json(
|
|
{ error: 'Documents storage is not configured. Set S3_* environment variables.' },
|
|
{ status: 503 },
|
|
);
|
|
}
|
|
|
|
export async function GET(req: NextRequest) {
|
|
try {
|
|
if (!isS3Configured()) return s3NotConfiguredResponse();
|
|
|
|
const ctxOrRes = await requireAuthContext(req);
|
|
if (ctxOrRes instanceof Response) return ctxOrRes;
|
|
if (!ctxOrRes.userId) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
|
|
|
|
const testNamespace = getOpenReaderTestNamespace(req.headers);
|
|
const storageUserId = ctxOrRes.userId;
|
|
const allowedUserIds = [storageUserId];
|
|
|
|
const url = new URL(req.url);
|
|
const id = (url.searchParams.get('id') || '').trim().toLowerCase();
|
|
if (!isValidDocumentId(id)) {
|
|
return NextResponse.json({ error: 'Invalid id' }, { status: 400 });
|
|
}
|
|
|
|
const rows = (await db
|
|
.select({ id: documents.id, userId: documents.userId })
|
|
.from(documents)
|
|
.where(and(eq(documents.id, id), inArray(documents.userId, allowedUserIds)))) as Array<{
|
|
id: string;
|
|
userId: string;
|
|
}>;
|
|
|
|
const doc = rows.find((row) => row.userId === storageUserId) ?? rows[0];
|
|
if (!doc) {
|
|
return NextResponse.json({ error: 'Not found' }, { status: 404 });
|
|
}
|
|
|
|
const fallbackUrl = `/api/documents/blob/get/fallback?id=${encodeURIComponent(doc.id)}`;
|
|
const directUrl = await presignGet(doc.id, testNamespace).catch(() => null);
|
|
if (!directUrl) {
|
|
serverLogger.warn({
|
|
event: 'documents.blob.get.presign.unavailable',
|
|
degraded: true,
|
|
fallbackPath: 'download_proxy',
|
|
documentId: doc.id,
|
|
}, 'Presigned document download unavailable, redirecting to proxy fallback');
|
|
return NextResponse.redirect(fallbackUrl, {
|
|
status: 307,
|
|
headers: { 'Cache-Control': 'no-store' },
|
|
});
|
|
}
|
|
|
|
return NextResponse.redirect(directUrl, {
|
|
status: 307,
|
|
headers: { 'Cache-Control': 'no-store' },
|
|
});
|
|
} catch (error) {
|
|
serverLogger.error({
|
|
event: 'documents.blob.get.presign.failed',
|
|
error: errorToLog(error),
|
|
}, 'Failed to create document download signature');
|
|
return errorResponse(error, {
|
|
apiErrorMessage: 'Failed to prepare document download',
|
|
normalize: { code: 'DOCUMENTS_BLOB_GET_PRESIGN_FAILED', errorClass: 'storage' },
|
|
});
|
|
}
|
|
}
|