GKaszewski/k-photos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: move business logic out of presentation — ReadAssetFile, checksum, auth checks, MetadataValue conversions

Browse Source
This commit is contained in:
Gabriel Kaszewski
2026-05-31 06:10:07 +02:00
parent 0f003a3bd6
commit 34b231a8f6
18 changed files with 256 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
crates/application/src/catalog/mod.rs
View File

@@ -5,3 +5,4 @@ pub use commands::register_asset::{RegisterAssetCommand, RegisterAssetHandler};
pub use commands::update_metadata::{UpdateMetadataCommand, UpdateMetadataHandler};
pub use queries::get_asset::{GetAssetHandler, GetAssetQuery};
pub use queries::get_timeline::{GetTimelineHandler, GetTimelineQuery};
pub use queries::read_asset_file::{AssetFileResult, ReadAssetFileHandler, ReadAssetFileQuery};

5
crates/application/src/catalog/queries/get_asset.rs
View File

@@ -10,6 +10,7 @@ use std::sync::Arc;
#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
pub struct GetAssetQuery {
pub asset_id: SystemId,
pub user_id: SystemId,
}
pub struct GetAssetHandler {
@@ -38,6 +39,10 @@ impl GetAssetHandler {
.await?
.ok_or_else(|| DomainError::NotFound(format!("Asset {} not found", query.asset_id)))?;
if asset.owner_user_id != query.user_id {
return Err(DomainError::Forbidden("Access denied".to_string()));
}
let layers = self.metadata_repo.find_by_asset(&asset.asset_id).await?;
let resolved = resolve_metadata(&layers);

1
crates/application/src/catalog/queries/mod.rs
View File

@@ -1,2 +1,3 @@
pub mod get_asset;
pub mod get_timeline;
pub mod read_asset_file;

62
crates/application/src/catalog/queries/read_asset_file.rs Normal file
View File

@@ -0,0 +1,62 @@
use bytes::Bytes;
use domain::{
errors::DomainError,
ports::{AssetRepository, FileStoragePort},
value_objects::SystemId,
};
use std::sync::Arc;
#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
pub struct ReadAssetFileQuery {
pub asset_id: SystemId,
}
pub struct AssetFileResult {
pub data: Bytes,
pub mime_type: String,
pub filename: String,
}
pub struct ReadAssetFileHandler {
asset_repo: Arc<dyn AssetRepository>,
file_storage: Arc<dyn FileStoragePort>,
}
impl ReadAssetFileHandler {
pub fn new(
asset_repo: Arc<dyn AssetRepository>,
file_storage: Arc<dyn FileStoragePort>,
) -> Self {
Self {
asset_repo,
file_storage,
}
}
pub async fn execute(&self, query: ReadAssetFileQuery) -> Result<AssetFileResult, DomainError> {
let asset = self
.asset_repo
.find_by_id(&query.asset_id)
.await?
.ok_or_else(|| DomainError::NotFound(format!("Asset {} not found", query.asset_id)))?;
let data = self
.file_storage
.read_file(&asset.source_reference.relative_path)
.await?;
let filename = asset
.source_reference
.relative_path
.rsplit('/')
.next()
.unwrap_or(&asset.source_reference.relative_path)
.to_string();
Ok(AssetFileResult {
data,
mime_type: asset.mime_type,
filename,
})
}
}

4
crates/application/src/organization/commands/manage_album_entries.rs
View File

@@ -32,6 +32,10 @@ impl ManageAlbumEntriesHandler {
.await?
.ok_or_else(|| DomainError::NotFound(format!("Album {} not found", cmd.album_id)))?;
if album.creator_user_id != cmd.user_id {
return Err(DomainError::Forbidden("Access denied".to_string()));
}
match cmd.action {
AlbumAction::Add { asset_id } => album.add_asset(asset_id, cmd.user_id)?,
AlbumAction::Remove { asset_id } => album.remove_asset(&asset_id)?,

12
crates/application/src/organization/queries/get_album.rs
View File

@@ -6,6 +6,7 @@ use std::sync::Arc;
#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
pub struct GetAlbumQuery {
pub album_id: SystemId,
pub user_id: SystemId,
}
pub struct GetAlbumHandler {
@@ -18,9 +19,16 @@ impl GetAlbumHandler {
}
pub async fn execute(&self, query: GetAlbumQuery) -> Result<Album, DomainError> {
self.album_repo
let album = self
.album_repo
.find_by_id(&query.album_id)
.await?
.ok_or_else(|| DomainError::NotFound(format!("Album {} not found", query.album_id)))
.ok_or_else(|| DomainError::NotFound(format!("Album {} not found", query.album_id)))?;
if album.creator_user_id != query.user_id {
return Err(DomainError::Forbidden("Access denied".to_string()));
}
Ok(album)
}
}

7
crates/application/src/storage/commands/ingest_asset.rs
View File

@@ -11,6 +11,7 @@ use domain::{
},
value_objects::{Checksum, DateTimeStamp, SystemId},
};
use sha2::{Digest, Sha256};
use std::sync::Arc;
#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]
@@ -18,7 +19,6 @@ pub struct IngestAssetCommand {
pub uploader_id: SystemId,
pub client_device_id: String,
pub filename: String,
pub checksum: String,
pub target_path_id: SystemId,
pub file_size: u64,
#[serde(skip)]
@@ -60,7 +60,10 @@ impl IngestAssetHandler {
&self,
cmd: IngestAssetCommand,
) -> Result<(Asset, IngestSession), DomainError> {
let checksum = Checksum::new(&cmd.checksum)?;
let mut hasher = Sha256::new();
hasher.update(&cmd.data);
let checksum_hex = format!("{:x}", hasher.finalize());
let checksum = Checksum::new(checksum_hex)?;
let path = self
.path_repo

31
crates/application/tests/catalog/queries/get_asset.rs
View File

@@ -16,12 +16,13 @@ async fn returns_asset_with_resolved_metadata() {
relative_path: "photos/img.jpg".into(),
checksum: Checksum::new("a".repeat(64)).unwrap(),
};
let owner = SystemId::new();
let asset = Asset::new(
source,
AssetType::Image,
"image/jpeg",
1024,
SystemId::new(),
owner,
);
asset_repo.save(&asset).await.unwrap();
@@ -42,6 +43,7 @@ async fn returns_asset_with_resolved_metadata() {
let (returned, resolved) = handler
.execute(GetAssetQuery {
asset_id: asset.asset_id,
user_id: owner,
})
.await
.unwrap();
@@ -62,8 +64,35 @@ async fn rejects_nonexistent() {
let result = handler
.execute(GetAssetQuery {
asset_id: SystemId::new(),
user_id: SystemId::new(),
})
.await;
assert!(matches!(result, Err(DomainError::NotFound(_))));
}
#[tokio::test]
async fn rejects_forbidden_access() {
let asset_repo = Arc::new(InMemoryAssetRepository::new());
let meta_repo = Arc::new(InMemoryAssetMetadataRepository::new());
let source = SourceReference {
volume_id: SystemId::new(),
relative_path: "photos/img.jpg".into(),
checksum: Checksum::new("a".repeat(64)).unwrap(),
};
let owner = SystemId::new();
let asset = Asset::new(source, AssetType::Image, "image/jpeg", 1024, owner);
asset_repo.save(&asset).await.unwrap();
let handler = GetAssetHandler::new(asset_repo, meta_repo);
let other_user = SystemId::new();
let result = handler
.execute(GetAssetQuery {
asset_id: asset.asset_id,
user_id: other_user,
})
.await;
assert!(matches!(result, Err(DomainError::Forbidden(_))));
}

1
crates/application/tests/catalog/queries/mod.rs
View File

@@ -1,2 +1,3 @@
mod get_asset;
mod get_timeline;
mod read_asset_file;

55
crates/application/tests/catalog/queries/read_asset_file.rs Normal file
View File

@@ -0,0 +1,55 @@
use application::catalog::{ReadAssetFileHandler, ReadAssetFileQuery};
use application::testing::{InMemoryAssetRepository, InMemoryFileStorage};
use bytes::Bytes;
use domain::catalog::entities::{Asset, AssetType, SourceReference};
use domain::errors::DomainError;
use domain::ports::{AssetRepository, FileStoragePort};
use domain::value_objects::{Checksum, SystemId};
use std::sync::Arc;
#[tokio::test]
async fn reads_file_successfully() {
let asset_repo = Arc::new(InMemoryAssetRepository::new());
let file_storage = Arc::new(InMemoryFileStorage::new());
let source = SourceReference {
volume_id: SystemId::new(),
relative_path: "photos/inbox/cat.jpg".into(),
checksum: Checksum::new("a".repeat(64)).unwrap(),
};
let asset = Asset::new(source, AssetType::Image, "image/jpeg", 512, SystemId::new());
asset_repo.save(&asset).await.unwrap();
let file_data = Bytes::from(vec![0xFFu8; 512]);
file_storage
.store_file("photos/inbox/cat.jpg", file_data.clone())
.await
.unwrap();
let handler = ReadAssetFileHandler::new(asset_repo, file_storage);
let result = handler
.execute(ReadAssetFileQuery {
asset_id: asset.asset_id,
})
.await
.unwrap();
assert_eq!(result.data, file_data);
assert_eq!(result.mime_type, "image/jpeg");
assert_eq!(result.filename, "cat.jpg");
}
#[tokio::test]
async fn rejects_nonexistent_asset() {
let asset_repo = Arc::new(InMemoryAssetRepository::new());
let file_storage = Arc::new(InMemoryFileStorage::new());
let handler = ReadAssetFileHandler::new(asset_repo, file_storage);
let result = handler
.execute(ReadAssetFileQuery {
asset_id: SystemId::new(),
})
.await;
assert!(matches!(result, Err(DomainError::NotFound(_))));
}

20
crates/application/tests/organization/commands/manage_album_entries.rs
View File

@@ -111,3 +111,23 @@ async fn rejects_duplicate_add() {
.await;
assert!(matches!(result, Err(DomainError::Conflict(_))));
}
#[tokio::test]
async fn rejects_forbidden_access() {
let repo = Arc::new(InMemoryAlbumRepository::new());
let creator = SystemId::new();
let album_id = setup_album(&repo, creator).await;
let handler = ManageAlbumEntriesHandler::new(repo);
let other_user = SystemId::new();
let result = handler
.execute(ManageAlbumEntriesCommand {
album_id,
action: AlbumAction::Add {
asset_id: SystemId::new(),
},
user_id: other_user,
})
.await;
assert!(matches!(result, Err(DomainError::Forbidden(_))));
}

27
crates/application/tests/organization/queries/get_album.rs
View File

@@ -24,6 +24,7 @@ async fn returns_album() {
let found = query_handler
.execute(GetAlbumQuery {
album_id: album.album_id,
user_id: creator,
})
.await
.unwrap();
@@ -39,7 +40,33 @@ async fn rejects_nonexistent() {
let result = handler
.execute(GetAlbumQuery {
album_id: SystemId::new(),
user_id: SystemId::new(),
})
.await;
assert!(matches!(result, Err(DomainError::NotFound(_))));
}
#[tokio::test]
async fn rejects_forbidden_access() {
let repo = Arc::new(InMemoryAlbumRepository::new());
let creator = SystemId::new();
let create_handler = CreateAlbumHandler::new(repo.clone());
let album = create_handler
.execute(CreateAlbumCommand {
title: "Private Album".into(),
creator_id: creator,
})
.await
.unwrap();
let query_handler = GetAlbumHandler::new(repo);
let other_user = SystemId::new();
let result = query_handler
.execute(GetAlbumQuery {
album_id: album.album_id,
user_id: other_user,
})
.await;
assert!(matches!(result, Err(DomainError::Forbidden(_))));
}

28
crates/application/tests/storage/commands/ingest_asset.rs
View File

@@ -77,9 +77,6 @@ impl Harness {
}
}
fn valid_checksum() -> String {
"a".repeat(64)
}
#[tokio::test]
async fn ingests_successfully() {
@@ -93,7 +90,6 @@ async fn ingests_successfully() {
uploader_id: user,
client_device_id: "iphone-1".into(),
filename: "photo.jpg".into(),
checksum: valid_checksum(),
target_path_id: path_id,
file_size: 1024,
data: Bytes::from(vec![0u8; 1024]),
@@ -124,7 +120,6 @@ async fn rejects_quota_exceeded() {
uploader_id: user,
client_device_id: "iphone-1".into(),
filename: "big.jpg".into(),
checksum: valid_checksum(),
target_path_id: path_id,
file_size: 1024,
data: Bytes::from(vec![0u8; 1024]),
@@ -134,28 +129,6 @@ async fn rejects_quota_exceeded() {
assert!(matches!(result, Err(DomainError::QuotaExceeded(_))));
}
#[tokio::test]
async fn rejects_invalid_checksum() {
let h = Harness::new();
let user = SystemId::new();
let path_id = h.setup_volume_and_path(user).await;
let handler = h.ingest_handler();
let result = handler
.execute(IngestAssetCommand {
uploader_id: user,
client_device_id: "iphone-1".into(),
filename: "photo.jpg".into(),
checksum: "tooshort".into(),
target_path_id: path_id,
file_size: 1024,
data: Bytes::from(vec![0u8; 1024]),
})
.await;
assert!(matches!(result, Err(DomainError::Validation(_))));
}
#[tokio::test]
async fn rejects_non_ingest_path() {
let h = Harness::new();
@@ -187,7 +160,6 @@ async fn rejects_non_ingest_path() {
uploader_id: user,
client_device_id: "iphone-1".into(),
filename: "photo.jpg".into(),
checksum: valid_checksum(),
target_path_id: path.path_id,
file_size: 1024,
data: Bytes::from(vec![0u8; 1024]),

31
crates/domain/src/common/value_objects/structured_data.rs
View File

@@ -62,3 +62,34 @@ impl Default for StructuredData {
Self::new()
}
}
impl From<&MetadataValue> for serde_json::Value {
fn from(val: &MetadataValue) -> Self {
match val {
MetadataValue::String(s) => serde_json::Value::String(s.clone()),
MetadataValue::Integer(i) => serde_json::json!(*i),
MetadataValue::Float(f) => serde_json::json!(*f),
MetadataValue::Boolean(b) => serde_json::Value::Bool(*b),
MetadataValue::Null => serde_json::Value::Null,
}
}
}
impl From<serde_json::Value> for MetadataValue {
fn from(val: serde_json::Value) -> Self {
match val {
serde_json::Value::String(s) => MetadataValue::String(s),
serde_json::Value::Number(n) => {
if let Some(i) = n.as_i64() {
MetadataValue::Integer(i)
} else if let Some(f) = n.as_f64() {
MetadataValue::Float(f)
} else {
MetadataValue::Null
}
}
serde_json::Value::Bool(b) => MetadataValue::Boolean(b),
_ => MetadataValue::Null,
}
}
}

1
crates/presentation/Cargo.toml
View File

@@ -16,6 +16,5 @@ chrono = { workspace = true }
bytes = { workspace = true }
tracing = { workspace = true }
async-trait = { workspace = true }
sha2 = { workspace = true }
utoipa = { workspace = true }
utoipa-scalar = { workspace = true }

3
crates/presentation/src/handlers/albums.rs
View File

@@ -31,11 +31,12 @@ pub async fn create_album(
pub async fn get_album(
State(state): State<AppState>,
_claims: JwtClaims,
claims: JwtClaims,
Path((album_id,)): Path<(uuid::Uuid,)>,
) -> Result<Json<AlbumResponse>, AppError> {
let query = GetAlbumQuery {
album_id: SystemId::from_uuid(album_id),
user_id: claims.user_id,
};
let album = state.get_album_handler.execute(query).await?;
Ok(Json(AlbumResponse::from_domain(&album)))

9
crates/presentation/src/handlers/assets.rs
View File

@@ -15,7 +15,6 @@ use axum::{
response::Response,
};
use domain::value_objects::{MetadataValue, StructuredData, SystemId};
use sha2::{Digest, Sha256};
#[derive(Debug, serde::Deserialize)]
pub struct TimelineParams {
@@ -80,17 +79,12 @@ pub async fn ingest(
))
})?;
let mut hasher = Sha256::new();
hasher.update(&data);
let checksum = format!("{:x}", hasher.finalize());
let file_size = data.len() as u64;
let cmd = IngestAssetCommand {
uploader_id: claims.user_id,
client_device_id,
filename: fname,
checksum,
target_path_id: SystemId::from_uuid(path_id),
file_size,
data,
@@ -110,11 +104,12 @@ pub async fn ingest(
pub async fn get_asset(
State(state): State<AppState>,
_claims: JwtClaims,
claims: JwtClaims,
Path((asset_id,)): Path<(uuid::Uuid,)>,
) -> Result<Json<AssetResponse>, AppError> {
let query = GetAssetQuery {
asset_id: SystemId::from_uuid(asset_id),
user_id: claims.user_id,
};
let (asset, metadata) = state.get_asset_handler.execute(query).await?;
Ok(Json(AssetResponse::from_domain(&asset, &metadata)))