GKaszewski/libertas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: implement album sharing functionality with permissions management

Browse Source
This commit is contained in:
Gabriel Kaszewski
2025-11-02 17:39:11 +01:00
parent f49d9179f5
commit a36b59a5fb
11 changed files with 263 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
libertas_api/src/factory.rs
View File

@@ -5,7 +5,8 @@ use libertas_core::{
error::{CoreError, CoreResult},
};
use libertas_infra::factory::{
build_album_repository, build_database_pool, build_media_repository, build_user_repository,
build_album_repository, build_album_share_repository, build_database_pool,
build_media_repository, build_user_repository,
};
use crate::{
@@ -28,6 +29,7 @@ pub async fn build_app_state(config: Config) -> CoreResult<AppState> {
let user_repo = build_user_repository(&config.database, db_pool.clone()).await?;
let media_repo = build_media_repository(&config.database, db_pool.clone()).await?;
let album_repo = build_album_repository(&config.database, db_pool.clone()).await?;
let album_share_repo = build_album_share_repository(&config.database, db_pool.clone()).await?;
let hasher = Arc::new(Argon2Hasher::default());
let tokenizer = Arc::new(JwtGenerator::new(config.jwt_secret.clone()));
@@ -40,10 +42,15 @@ pub async fn build_app_state(config: Config) -> CoreResult<AppState> {
let media_service = Arc::new(MediaServiceImpl::new(
media_repo.clone(),
user_repo.clone(),
album_share_repo.clone(),
config.clone(),
nats_client.clone(),
));
let album_service = Arc::new(AlbumServiceImpl::new(album_repo, media_repo));
let album_service = Arc::new(AlbumServiceImpl::new(
album_repo,
media_repo,
album_share_repo,
));
Ok(AppState {
user_service,

29
libertas_api/src/handlers/album_handlers.rs
View File

@@ -3,7 +3,10 @@ use axum::{
extract::{Path, State},
http::StatusCode,
};
use libertas_core::schema::{AddMediaToAlbumData, CreateAlbumData};
use libertas_core::{
models::AlbumPermission,
schema::{AddMediaToAlbumData, CreateAlbumData, ShareAlbumData},
};
use serde::Deserialize;
use uuid::Uuid;
@@ -57,8 +60,32 @@ async fn add_media_to_album(
Ok(StatusCode::OK)
}
#[derive(Deserialize)]
pub struct ShareAlbumRequest {
target_user_id: Uuid,
permission: AlbumPermission,
}
async fn share_album(
State(state): State<AppState>,
UserId(owner_id): UserId, // The person sharing must be authenticated
Path(album_id): Path<Uuid>,
Json(payload): Json<ShareAlbumRequest>,
) -> Result<StatusCode, ApiError> {
let data = ShareAlbumData {
album_id,
target_user_id: payload.target_user_id,
permission: payload.permission,
};
state.album_service.share_album(data, owner_id).await?;
Ok(StatusCode::OK)
}
pub fn album_routes() -> Router<AppState> {
Router::new()
.route("/", axum::routing::post(create_album))
.route("/{album_id}/media", axum::routing::post(add_media_to_album))
.route("/{album_id}/share", axum::routing::post(share_album))
}

63
libertas_api/src/services/album_service.rs
View File

@@ -6,7 +6,7 @@ use libertas_core::{
authz,
error::{CoreError, CoreResult},
models::Album,
repositories::{AlbumRepository, MediaRepository},
repositories::{AlbumRepository, AlbumShareRepository, MediaRepository},
schema::{AddMediaToAlbumData, CreateAlbumData, ShareAlbumData},
services::AlbumService,
};
@@ -15,25 +15,21 @@ use uuid::Uuid;
pub struct AlbumServiceImpl {
album_repo: Arc<dyn AlbumRepository>,
media_repo: Arc<dyn MediaRepository>,
album_share_repo: Arc<dyn AlbumShareRepository>,
}
impl AlbumServiceImpl {
pub fn new(album_repo: Arc<dyn AlbumRepository>, media_repo: Arc<dyn MediaRepository>) -> Self {
pub fn new(
album_repo: Arc<dyn AlbumRepository>,
media_repo: Arc<dyn MediaRepository>,
album_share_repo: Arc<dyn AlbumShareRepository>,
) -> Self {
Self {
album_repo,
media_repo,
album_share_repo,
}
}
async fn is_album_owner(&self, user_id: Uuid, album_id: Uuid) -> CoreResult<bool> {
let album = self
.album_repo
.find_by_id(album_id)
.await?
.ok_or(CoreError::NotFound("Album".to_string(), album_id))?;
Ok(album.owner_id == user_id)
}
}
#[async_trait]
@@ -66,7 +62,12 @@ impl AlbumService for AlbumServiceImpl {
.await?
.ok_or(CoreError::NotFound("Album".to_string(), album_id))?;
if !authz::is_owner(user_id, &album) {
let share_permission = self
.album_share_repo
.get_user_permission(album_id, user_id)
.await?;
if !authz::can_view_album(user_id, &album, share_permission) {
return Err(CoreError::Auth("Access denied to album".to_string()));
}
@@ -80,8 +81,15 @@ impl AlbumService for AlbumServiceImpl {
.await?
.ok_or(CoreError::NotFound("Album".to_string(), data.album_id))?;
if !authz::is_owner(user_id, &album) {
return Err(CoreError::Auth("User does not own this album".to_string()));
let share_permission = self
.album_share_repo
.get_user_permission(data.album_id, user_id)
.await?;
if !authz::can_contribute_to_album(user_id, &album, share_permission) {
return Err(CoreError::Auth(
"User does not have permission to add media to this album".to_string(),
));
}
for media_id in &data.media_ids {
@@ -108,8 +116,27 @@ impl AlbumService for AlbumServiceImpl {
self.album_repo.list_by_user(user_id).await
}
async fn share_album(&self, _data: ShareAlbumData, _owner_id: Uuid) -> CoreResult<()> {
// This is not part of the MVP, but part of the trait
unimplemented!("Sharing will be implemented in a future phase")
async fn share_album(&self, data: ShareAlbumData, owner_id: Uuid) -> CoreResult<()> {
let album = self
.album_repo
.find_by_id(data.album_id)
.await?
.ok_or(CoreError::NotFound("Album".to_string(), data.album_id))?;
if !authz::is_owner(owner_id, &album) {
return Err(CoreError::Auth(
"Only the album owner can share the album".to_string(),
));
}
if data.target_user_id == owner_id {
return Err(CoreError::Validation(
"Cannot share album with oneself".to_string(),
));
}
self.album_share_repo
.create_or_update_share(data.album_id, data.target_user_id, data.permission)
.await
}
}

35
libertas_api/src/services/media_service.rs
View File

@@ -8,7 +8,7 @@ use libertas_core::{
config::Config,
error::{CoreError, CoreResult},
models::Media,
repositories::{MediaRepository, UserRepository},
repositories::{AlbumShareRepository, MediaRepository, UserRepository},
schema::UploadMediaData,
services::MediaService,
};
@@ -20,6 +20,7 @@ use uuid::Uuid;
pub struct MediaServiceImpl {
repo: Arc<dyn MediaRepository>,
user_repo: Arc<dyn UserRepository>,
album_share_repo: Arc<dyn AlbumShareRepository>,
config: Config,
nats_client: async_nats::Client,
}
@@ -28,12 +29,14 @@ impl MediaServiceImpl {
pub fn new(
repo: Arc<dyn MediaRepository>,
user_repo: Arc<dyn UserRepository>,
album_share_repo: Arc<dyn AlbumShareRepository>,
config: Config,
nats_client: async_nats::Client,
) -> Self {
Self {
repo,
user_repo,
album_share_repo,
config,
nats_client,
}
@@ -141,11 +144,20 @@ impl MediaService for MediaServiceImpl {
.await?
.ok_or(CoreError::NotFound("User".to_string(), user_id))?;
if !authz::is_owner(user_id, &media) && !authz::is_admin(&user) {
return Err(CoreError::Auth("Access denied".to_string()));
if authz::is_owner(user_id, &media) || authz::is_admin(&user) {
return Ok(media);
}
Ok(media)
let is_shared = self
.album_share_repo
.is_media_in_shared_album(id, user_id)
.await?;
if is_shared {
return Ok(media);
}
Err(CoreError::Auth("Access denied".to_string()))
}
async fn list_user_media(&self, user_id: Uuid) -> CoreResult<Vec<Media>> {
@@ -165,10 +177,19 @@ impl MediaService for MediaServiceImpl {
.await?
.ok_or(CoreError::NotFound("User".to_string(), user_id))?;
if !authz::is_owner(user_id, &media) && !authz::is_admin(&user) {
return Err(CoreError::Auth("Access denied".to_string()));
if authz::is_owner(user_id, &media) || authz::is_admin(&user) {
return Ok(media.storage_path);
}
Ok(media.storage_path)
let is_shared = self
.album_share_repo
.is_media_in_shared_album(id, user_id)
.await?;
if is_shared {
return Ok(media.storage_path);
}
Err(CoreError::Auth("Access denied".to_string()))
}
}