/
photos_search.go
117 lines (93 loc) Β· 3.1 KB
/
photos_search.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
package api
import (
"net/http"
"github.com/gin-gonic/gin"
"github.com/gin-gonic/gin/binding"
"github.com/photoprism/photoprism/internal/acl"
"github.com/photoprism/photoprism/internal/entity"
"github.com/photoprism/photoprism/internal/event"
"github.com/photoprism/photoprism/internal/form"
"github.com/photoprism/photoprism/internal/get"
"github.com/photoprism/photoprism/internal/search"
"github.com/photoprism/photoprism/pkg/i18n"
)
// SearchPhotos searches the pictures index and returns the result as JSON.
// See form.SearchPhotos for supported search params and data types.
//
// GET /api/v1/photos
func SearchPhotos(router *gin.RouterGroup) {
// searchPhotos checking authorization and parses the search request.
searchForm := func(c *gin.Context) (f form.SearchPhotos, s *entity.Session, err error) {
s = AuthAny(c, acl.ResourcePhotos, acl.Permissions{acl.ActionSearch, acl.ActionView, acl.AccessShared})
// Abort if permission was not granted.
if s.Abort(c) {
return f, s, i18n.Error(i18n.ErrForbidden)
}
// Abort if request params are invalid.
if err = c.MustBindWith(&f, binding.Form); err != nil {
event.AuditWarn([]string{ClientIP(c), "session %s", string(acl.ResourcePhotos), "form invalid", "%s"}, s.RefID, err)
AbortBadRequest(c)
return f, s, err
}
settings := get.Config().Settings()
// Ignore private flag if feature is disabled.
if !settings.Features.Private {
f.Public = false
}
// Ignore private flag if feature is disabled.
if f.Scope == "" &&
settings.Features.Review &&
acl.Rules.Deny(acl.ResourcePhotos, s.UserRole(), acl.ActionManage) {
f.Quality = 3
}
return f, s, nil
}
// defaultHandler a standard JSON result with all fields.
defaultHandler := func(c *gin.Context) {
f, s, err := searchForm(c)
// Abort if authorization or form are invalid.
if err != nil {
return
}
// Find matching pictures.
result, count, err := search.UserPhotos(f, s)
// Ok?
if err != nil {
event.AuditWarn([]string{ClientIP(c), "session %s", string(acl.ResourcePhotos), "search", "%s"}, s.RefID, err)
AbortBadRequest(c)
return
}
// Add response headers.
AddCountHeader(c, count)
AddLimitHeader(c, f.Count)
AddOffsetHeader(c, f.Offset)
AddTokenHeaders(c, s)
// Return as JSON.
c.JSON(http.StatusOK, result)
}
// viewHandler returns a photo viewer formatted result.
viewHandler := func(c *gin.Context) {
f, s, err := searchForm(c)
// Abort if authorization or form are invalid.
if err != nil {
return
}
conf := get.Config()
result, count, err := search.UserPhotosViewerResults(f, s, conf.ContentUri(), conf.ApiUri(), s.PreviewToken, s.DownloadToken)
if err != nil {
event.AuditWarn([]string{ClientIP(c), "session %s", string(acl.ResourcePhotos), "view", "%s"}, s.RefID, err)
AbortBadRequest(c)
return
}
// Add response headers.
AddCountHeader(c, count)
AddLimitHeader(c, f.Count)
AddOffsetHeader(c, f.Offset)
AddTokenHeaders(c, s)
// Return as JSON.
c.JSON(http.StatusOK, result)
}
// Register route handlers.
router.GET("/photos", defaultHandler)
router.GET("/photos/view", viewHandler)
}