maintenance: allow /partage through gate, fix fragment routing, add visibility table in admin

Extract shared filepond logic into src/FilepondHandler.php class. Admin filepond endpoints delegate to the handler after AdminAuth check. New partage filepond endpoints at /partage/actions/filepond/ verify share_active session flag + CSRF token, no admin auth required. JS reads filepond-base meta tag to determine endpoint path: - Admin pages: /admin/actions/filepond (via head.php isAdmin check) - Partage form: /partage/actions/filepond (explicit meta) partage/index.php sets share_active = true on form render, cleans up on successful submit. Partage process endpoint rate-limited to 30/5min per session. No nginx changes needed — /partage/ location already handles PHP without auth_basic.
2026-06-26 00:29:18 +02:00 · 2026-05-12 15:19:32 +02:00
parent da153fc604
commit 6f7a02244f
22 changed files with 15010 additions and 532 deletions
--- a/app/public/admin/actions/filepond/revert.php
+++ b/app/public/admin/actions/filepond/revert.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * FilePond revert endpoint — deletes a just-uploaded tmp file.
+ * FilePond revert endpoint — deletes a just-uploaded tmp file (admin).
 *
 * DELETE /admin/actions/filepond/revert.php
 * Body: plain text file_id
@@ -10,7 +10,9 @@

 require_once __DIR__ . '/../../../../bootstrap.php';
 require_once __DIR__ . '/../../../../src/AdminAuth.php';
+require_once __DIR__ . '/../../../../src/FilepondHandler.php';

+// ── Auth (admin only) ────────────────────────────────────────────────────
 AdminAuth::requireLogin();

 // ── CSRF via header ──────────────────────────────────────────────────────
@@ -21,55 +23,5 @@ if (!isset($_SESSION['csrf_token'])
    die('Token CSRF invalide.');
 }

-// ── Only accept DELETE ───────────────────────────────────────────────────
-if ($_SERVER['REQUEST_METHOD'] !== 'DELETE') {
-    http_response_code(405);
-    die('Méthode non autorisée.');
-}
-
-// ── Read file_id from body ───────────────────────────────────────────────
-$fileId = trim(file_get_contents('php://input'));
-
-// PeerTube files have a special prefix; nothing to clean up locally
-// Format: peertube:video:UUID or peertube:audio:UUID
-if (str_starts_with($fileId, 'peertube:')) {
-    // PeerTube files are already uploaded; we don't delete them from PeerTube on revert
-    // (the user might still submit and associate them)
-    http_response_code(200);
-    exit;
-}
-
-if ($fileId === '' || !preg_match('/^[a-f0-9]{32}$/', $fileId)) {
-    http_response_code(400);
-    die('ID de fichier invalide.');
-}
-
-// ── Verify tmp directory exists and manifest matches session ─────────────
-$tmpDir = STORAGE_ROOT . '/tmp/filepond/' . $fileId;
-$manifestPath = $tmpDir . '/manifest.json';
-
-if (!is_dir($tmpDir) || !file_exists($manifestPath)) {
-    http_response_code(404);
-    exit;
-}
-
-$manifest = json_decode(file_get_contents($manifestPath), true);
-if (!is_array($manifest) || ($manifest['session_id'] ?? '') !== session_id()) {
-    http_response_code(403);
-    die('Session invalide.');
-}
-
-// ── Delete directory recursively ─────────────────────────────────────────
-$it = new RecursiveDirectoryIterator($tmpDir, RecursiveDirectoryIterator::SKIP_DOTS);
-$files_it = new RecursiveIteratorIterator($it, RecursiveIteratorIterator::CHILD_FIRST);
-foreach ($files_it as $file) {
-    if ($file->isDir()) {
-        rmdir($file->getRealPath());
-    } else {
-        unlink($file->getRealPath());
-    }
-}
-rmdir($tmpDir);
-
-http_response_code(200);
-exit;
+$handler = new FilepondHandler('[filepond:admin]');
+$handler->handleRevert();