dyzulk/trustlab-api
1
0
Fork 0
mirror of https://github.com/dyzulk/trustlab-api.git synced 2026-01-26 05:15:35 +07:00
Code Issues Packages Projects Releases Wiki Activity

fix: add robust debug logging to controller

Browse Source
This commit is contained in:
dyzulk
2026-01-04 20:05:52 +07:00
parent 1bda1d4032
commit da05c82d33
1 changed files with 37 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
app/Http/Controllers/Api/AttachmentController.php
View File

@@ -14,40 +14,45 @@ class AttachmentController extends Controller
*/ */
public function download(Request $request, TicketAttachment $attachment) public function download(Request $request, TicketAttachment $attachment)
{ {
try {
$user = $request->user(); $user = $request->user();
// 1. Authorization Logic // 1. Authorization Logic
// Load relationships needed for checking
$attachment->load(['reply.ticket']); $attachment->load(['reply.ticket']);
$ticket = $attachment->reply->ticket; $ticket = $attachment->reply->ticket;
// Check if user is owner of the ticket OR is Admin/Owner
if ($ticket->user_id !== $user->id && !$user->isAdminOrOwner()) { if ($ticket->user_id !== $user->id && !$user->isAdminOrOwner()) {
abort(403, 'Unauthorized access to this attachment.'); abort(403, 'Unauthorized access to this attachment.');
} }
// 2. Fetch File from Private R2 Bucket // 2. Fetch File
// We assume new uploads store 'relative/path.ext' in DB
// But legacy uploads stored 'https://cdn...'
$path = $attachment->file_path; $path = $attachment->file_path;
$disk = 'r2-private';
// Detect if it's a full public URL (Legacy) or Relative Path (New)
if (filter_var($path, FILTER_VALIDATE_URL)) { if (filter_var($path, FILTER_VALIDATE_URL)) {
// It's a URL. It might be on the Public Bucket (old uploads).
// Strategy: Redirect to public URL? Or try to serve it?
// Since legacy files are on Public Bucket, we can just redirect or return URL.
// But if specific requirement is "Attachment Private", we should ideally migrate them.
// For now, if it's a URL, we assume it's public and redirect.
return redirect($path); return redirect($path);
} }
// It is a relative path intended for Private Bucket $disk = 'r2-private';
if (!Storage::disk($disk)->exists($path)) { if (!Storage::disk($disk)->exists($path)) {
\Log::error("Attachment 404: Path [$path] not found on disk [$disk]");
abort(404, 'File not found on secure storage.'); abort(404, 'File not found on secure storage.');
} }
return Storage::disk($disk)->download($path, $attachment->file_name); return Storage::disk($disk)->download($path, $attachment->file_name);
} catch (\Exception $e) {
\Log::error("Attachment Download Error: " . $e->getMessage(), [
'attachment_id' => $attachment->id,
'path' => $attachment->file_path ?? 'unknown',
'trace' => $e->getTraceAsString()
]);
return response()->json([
'error' => 'Server Error',
'message' => $e->getMessage(),
'file_path' => $attachment->file_path ?? 'unknown'
], 500);
}
} }
} }