xref: /webtrees/app/Http/RequestHandlers/MediaFileThumbnail.php (revision 1558ebe91cf8aee21751e57fb864e4b0813c3468)
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2020 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees\Http\RequestHandlers;
21
22use Fig\Http\Message\StatusCodeInterface;
23use Fisharebest\Webtrees\Factory;
24use Fisharebest\Webtrees\Services\MediaFileService;
25use Fisharebest\Webtrees\Site;
26use Fisharebest\Webtrees\Tree;
27use League\Glide\Signatures\SignatureException;
28use League\Glide\Signatures\SignatureFactory;
29use Psr\Http\Message\ResponseInterface;
30use Psr\Http\Message\ServerRequestInterface;
31use Psr\Http\Server\RequestHandlerInterface;
32
33use function assert;
34use function pathinfo;
35use function redirect;
36use function strtolower;
37
38use const PATHINFO_EXTENSION;
39
40/**
41 * Controller for the media page and displaying images.
42 */
43class MediaFileThumbnail implements RequestHandlerInterface
44{
45    /** @var MediaFileService */
46    private $media_file_service;
47
48    /**
49     * MediaFileController constructor.
50     *
51     * @param MediaFileService $media_file_service
52     */
53    public function __construct(MediaFileService $media_file_service)
54    {
55        $this->media_file_service = $media_file_service;
56    }
57
58    /**
59     * Show an image/thumbnail, with/without a watermark.
60     *
61     * @param ServerRequestInterface $request
62     *
63     * @return ResponseInterface
64     */
65    public function handle(ServerRequestInterface $request): ResponseInterface
66    {
67        $tree = $request->getAttribute('tree');
68        assert($tree instanceof Tree);
69
70        $data_filesystem = Factory::filesystem()->data();
71
72        $params  = $request->getQueryParams();
73        $xref    = $params['xref'];
74        $fact_id = $params['fact_id'];
75        $media   = Factory::media()->make($xref, $tree);
76
77        if ($media === null) {
78            return $this->media_file_service->replacementImage((string) StatusCodeInterface::STATUS_NOT_FOUND);
79        }
80
81        if (!$media->canShow()) {
82            return $this->media_file_service->replacementImage((string) StatusCodeInterface::STATUS_FORBIDDEN);
83        }
84
85        foreach ($media->mediaFiles() as $media_file) {
86            if ($media_file->factId() === $fact_id) {
87                if ($media_file->isExternal()) {
88                    return redirect($media_file->filename());
89                }
90
91                // Validate HTTP signature
92                unset($params['route']);
93                $params['tree'] = $media_file->media()->tree()->name();
94
95                try {
96                    SignatureFactory::create(Site::getPreference('glide-key'))
97                        ->validateRequest('', $params);
98                } catch (SignatureException $ex) {
99                    return $this->media_file_service->replacementImage((string) StatusCodeInterface::STATUS_FORBIDDEN)
100                        ->withHeader('X-Signature-Exception', $ex->getMessage());
101                }
102
103                if ($media_file->isImage()) {
104                    $media_folder = $media_file->media()->tree()->getPreference('MEDIA_DIRECTORY', 'media/');
105                    $file         = $media_file->filename();
106
107                    return $this->media_file_service->generateImage($media_folder, $file, $data_filesystem, $request->getQueryParams());
108                }
109
110                // Shouldn't usually get here, as we only generate these URLs for images.
111                $extension = '.' . strtolower(pathinfo($media_file->filename(), PATHINFO_EXTENSION));
112
113                return $this->media_file_service->replacementImage($extension);
114            }
115        }
116
117        return $this->media_file_service->replacementImage((string) StatusCodeInterface::STATUS_NOT_FOUND);
118    }
119}
120