xref: /webtrees/app/Http/RequestHandlers/MediaFileThumbnail.php (revision f71fd1b08a6fa0d9d229cd88a1030d8a4f4a7fff) 
146b03695SGreg Roach<?php
246b03695SGreg Roach
346b03695SGreg Roach/**
446b03695SGreg Roach * webtrees: online genealogy
589f7189bSGreg Roach * Copyright (C) 2021 webtrees development team
646b03695SGreg Roach * This program is free software: you can redistribute it and/or modify
746b03695SGreg Roach * it under the terms of the GNU General Public License as published by
846b03695SGreg Roach * the Free Software Foundation, either version 3 of the License, or
946b03695SGreg Roach * (at your option) any later version.
1046b03695SGreg Roach * This program is distributed in the hope that it will be useful,
1146b03695SGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of
1246b03695SGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1346b03695SGreg Roach * GNU General Public License for more details.
1446b03695SGreg Roach * You should have received a copy of the GNU General Public License
1589f7189bSGreg Roach * along with this program. If not, see <https://www.gnu.org/licenses/>.
1646b03695SGreg Roach */
1746b03695SGreg Roach
1846b03695SGreg Roachdeclare(strict_types=1);
1946b03695SGreg Roach
2046b03695SGreg Roachnamespace Fisharebest\Webtrees\Http\RequestHandlers;
2146b03695SGreg Roach
2246b03695SGreg Roachuse Fig\Http\Message\StatusCodeInterface;
236577bfc3SGreg Roachuse Fisharebest\Webtrees\Contracts\UserInterface;
246b9cb339SGreg Roachuse Fisharebest\Webtrees\Registry;
2546b03695SGreg Roachuse Fisharebest\Webtrees\Tree;
2646b03695SGreg Roachuse Psr\Http\Message\ResponseInterface;
2746b03695SGreg Roachuse Psr\Http\Message\ServerRequestInterface;
2846b03695SGreg Roachuse Psr\Http\Server\RequestHandlerInterface;
2946b03695SGreg Roach
3046b03695SGreg Roachuse function assert;
3146b03695SGreg Roachuse function redirect;
3246b03695SGreg Roach
3346b03695SGreg Roach/**
346577bfc3SGreg Roach * Create a thumbnail of a media file.
3546b03695SGreg Roach */
3646b03695SGreg Roachclass MediaFileThumbnail implements RequestHandlerInterface
3746b03695SGreg Roach{
3846b03695SGreg Roach    /**
3946b03695SGreg Roach     * Show an image/thumbnail, with/without a watermark.
4046b03695SGreg Roach     *
4146b03695SGreg Roach     * @param ServerRequestInterface $request
4246b03695SGreg Roach     *
4346b03695SGreg Roach     * @return ResponseInterface
4446b03695SGreg Roach     */
4546b03695SGreg Roach    public function handle(ServerRequestInterface $request): ResponseInterface
4646b03695SGreg Roach    {
4746b03695SGreg Roach        $tree = $request->getAttribute('tree');
4846b03695SGreg Roach        assert($tree instanceof Tree);
4946b03695SGreg Roach
506577bfc3SGreg Roach        $user = $request->getAttribute('user');
516577bfc3SGreg Roach        assert($user instanceof UserInterface);
5246b03695SGreg Roach
5346b03695SGreg Roach        $params  = $request->getQueryParams();
54*f71fd1b0SGreg Roach        $xref    = $params['xref'] ?? '';
55*f71fd1b0SGreg Roach        $fact_id = $params['fact_id'] ?? '';
566b9cb339SGreg Roach        $media   = Registry::mediaFactory()->make($xref, $tree);
5746b03695SGreg Roach
5846b03695SGreg Roach        if ($media === null) {
596b9cb339SGreg Roach            return Registry::imageFactory()->replacementImageResponse((string) StatusCodeInterface::STATUS_NOT_FOUND);
6046b03695SGreg Roach        }
6146b03695SGreg Roach
6246b03695SGreg Roach        if (!$media->canShow()) {
636b9cb339SGreg Roach            return Registry::imageFactory()->replacementImageResponse((string) StatusCodeInterface::STATUS_FORBIDDEN);
6446b03695SGreg Roach        }
6546b03695SGreg Roach
6646b03695SGreg Roach        foreach ($media->mediaFiles() as $media_file) {
6746b03695SGreg Roach            if ($media_file->factId() === $fact_id) {
6846b03695SGreg Roach                if ($media_file->isExternal()) {
6946b03695SGreg Roach                    return redirect($media_file->filename());
7046b03695SGreg Roach                }
7146b03695SGreg Roach
7246b03695SGreg Roach                // Validate HTTP signature
7382e1bbd1SGreg Roach                unset($params['route']);
7446b03695SGreg Roach                $params['tree'] = $media_file->media()->tree()->name();
7546b03695SGreg Roach
766577bfc3SGreg Roach                if ($media_file->signature($params) !== $params['s']) {
776b9cb339SGreg Roach                    return Registry::imageFactory()->replacementImageResponse((string) StatusCodeInterface::STATUS_FORBIDDEN)
786577bfc3SGreg Roach                        ->withHeader('X-Signature-Exception', 'Signature mismatch');
7946b03695SGreg Roach                }
8046b03695SGreg Roach
816b9cb339SGreg Roach                $image_factory = Registry::imageFactory();
8246b03695SGreg Roach
836577bfc3SGreg Roach                return $image_factory->mediaFileThumbnailResponse(
846577bfc3SGreg Roach                    $media_file,
856577bfc3SGreg Roach                    (int) $params['w'],
866577bfc3SGreg Roach                    (int) $params['h'],
876577bfc3SGreg Roach                    $params['fit'],
886577bfc3SGreg Roach                    $image_factory->fileNeedsWatermark($media_file, $user)
896577bfc3SGreg Roach                );
9046b03695SGreg Roach            }
9146b03695SGreg Roach        }
9246b03695SGreg Roach
936b9cb339SGreg Roach        return Registry::imageFactory()->replacementImageResponse((string) StatusCodeInterface::STATUS_NOT_FOUND);
9446b03695SGreg Roach    }
9546b03695SGreg Roach}
96