xref: /webtrees/app/Http/RequestHandlers/MediaFileThumbnail.php (revision 9071c11496bdb14e4f44dee247d847846ba5b44d)
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2020 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees\Http\RequestHandlers;
21
22use Fig\Http\Message\StatusCodeInterface;
23use Fisharebest\Webtrees\Factory;
24use Fisharebest\Webtrees\Services\MediaFileService;
25use Fisharebest\Webtrees\Site;
26use Fisharebest\Webtrees\Tree;
27use League\Flysystem\FilesystemInterface;
28use League\Glide\Signatures\SignatureException;
29use League\Glide\Signatures\SignatureFactory;
30use Psr\Http\Message\ResponseInterface;
31use Psr\Http\Message\ServerRequestInterface;
32use Psr\Http\Server\RequestHandlerInterface;
33
34use function assert;
35use function pathinfo;
36use function redirect;
37use function strtolower;
38
39use const PATHINFO_EXTENSION;
40
41/**
42 * Controller for the media page and displaying images.
43 */
44class MediaFileThumbnail implements RequestHandlerInterface
45{
46    /** @var MediaFileService */
47    private $media_file_service;
48
49    /**
50     * MediaFileController constructor.
51     *
52     * @param MediaFileService $media_file_service
53     */
54    public function __construct(MediaFileService $media_file_service)
55    {
56        $this->media_file_service = $media_file_service;
57    }
58
59    /**
60     * Show an image/thumbnail, with/without a watermark.
61     *
62     * @param ServerRequestInterface $request
63     *
64     * @return ResponseInterface
65     */
66    public function handle(ServerRequestInterface $request): ResponseInterface
67    {
68        $tree = $request->getAttribute('tree');
69        assert($tree instanceof Tree);
70
71        $data_filesystem = $request->getAttribute('filesystem.data');
72        assert($data_filesystem instanceof FilesystemInterface);
73
74        $params  = $request->getQueryParams();
75        $xref    = $params['xref'];
76        $fact_id = $params['fact_id'];
77        $media   = Factory::media()->make($xref, $tree);
78
79        if ($media === null) {
80            return $this->media_file_service->replacementImage((string) StatusCodeInterface::STATUS_NOT_FOUND);
81        }
82
83        if (!$media->canShow()) {
84            return $this->media_file_service->replacementImage((string) StatusCodeInterface::STATUS_FORBIDDEN);
85        }
86
87        foreach ($media->mediaFiles() as $media_file) {
88            if ($media_file->factId() === $fact_id) {
89                if ($media_file->isExternal()) {
90                    return redirect($media_file->filename());
91                }
92
93                // Validate HTTP signature
94                unset($params['route']);
95                $params['tree'] = $media_file->media()->tree()->name();
96
97                try {
98                    SignatureFactory::create(Site::getPreference('glide-key'))
99                        ->validateRequest('', $params);
100                } catch (SignatureException $ex) {
101                    return $this->media_file_service->replacementImage((string) StatusCodeInterface::STATUS_FORBIDDEN)
102                        ->withHeader('X-Signature-Exception', $ex->getMessage());
103                }
104
105                if ($media_file->isImage()) {
106                    $media_folder = $media_file->media()->tree()->getPreference('MEDIA_DIRECTORY', 'media/');
107                    $file         = $media_file->filename();
108
109                    return $this->media_file_service->generateImage($media_folder, $file, $data_filesystem, $request->getQueryParams());
110                }
111
112                // Shouldn't usually get here, as we only generate these URLs for images.
113                $extension = '.' . strtolower(pathinfo($media_file->filename(), PATHINFO_EXTENSION));
114
115                return $this->media_file_service->replacementImage($extension);
116            }
117        }
118
119        return $this->media_file_service->replacementImage((string) StatusCodeInterface::STATUS_NOT_FOUND);
120    }
121}
122