feat: FilePond production hardening — extension-based validation, server-side size limits (2GB), annexe validation, drop accept attributes, FilePond file styling

app/migrations/pending/027_drop_banner_path.sql

@@ -1,10 +0,0 @@
--- Migration 027: drop banner_path column from theses table.
--- Banners were merged into covers in migration 016; the column has been
--- vestigial since.  This is safe to run even if the column is already absent.
--- Safe to re-run: IF EXISTS makes it idempotent.
-
--- SQLite does not support DROP COLUMN directly in older versions;
--- we use the ALTER TABLE … DROP COLUMN syntax (supported since SQLite 3.35.0).
--- If this fails on an older SQLite, the column stays as-is (harmless).
-
-ALTER TABLE theses DROP COLUMN banner_path;

app/migrations/pending/028_drop_banner_path.sql

@@ -1,12 +1,21 @@
--- 025_fix_oui_non_artefacts.sql
--- Clean OUI/NON CSV artefacts from authors.email (should be NULL, not literal strings).
--- Also update the v_theses_full view to use contact_interne/contact_public column names.
-
-UPDATE authors SET email = NULL WHERE email IN ('NON', 'OUI', '');
+-- Migration 028: drop banner_path from theses and v_theses_full.
+--
+-- 027_drop_banner_path failed because v_theses_full references banner_path.
+-- This migration:
+--   1. Drops dependent views
+--   2. Drops the column
+--   3. Recreates the view without banner_path
+-- Safe to re-run (views are re-created fresh each time, column drop is idempotent via error skip).
 
+-- Drop dependent views first (v_theses_public depends on v_theses_full)
 DROP VIEW IF EXISTS v_theses_public;
 DROP VIEW IF EXISTS v_theses_full;
-CREATE VIEW IF NOT EXISTS v_theses_full AS
+
+-- Drop column (may fail if already absent → run.php skips that error)
+ALTER TABLE theses DROP COLUMN banner_path;
+
+-- Recreate v_theses_full without banner_path
+CREATE VIEW v_theses_full AS
 SELECT
     t.id,
     t.identifier,
@@ -31,7 +40,6 @@ SELECT
     t.published_at,
     t.is_published,
     t.baiu_link,
-    t.banner_path,
     t.exemplaire_baiu,
     t.exemplaire_erg,
     t.cc2r,
@@ -44,7 +52,7 @@ SELECT
     GROUP_CONCAT(DISTINCT CASE WHEN ts.role = 'promoteur' AND ts.is_ulb = 1 THEN s.name END) as jury_promoteurs_ulb,
     GROUP_CONCAT(DISTINCT CASE WHEN ts.role = 'lecteur'   AND ts.is_external = 0 THEN s.name END) as jury_lecteurs_internes,
     GROUP_CONCAT(DISTINCT CASE WHEN ts.role = 'lecteur'   AND ts.is_external = 1 THEN s.name END) as jury_lecteurs_externes,
-    GROUP_CONCAT(DISTINCT l.name) as languages,
+    GROUP_CONCAT(DISTINCT UPPER(SUBSTR(l.name,1,1)) || SUBSTR(l.name,2)) as languages,
     GROUP_CONCAT(DISTINCT fmt.name) as formats,
     GROUP_CONCAT(DISTINCT tg.name) as keywords,
     (SELECT a2.email        FROM authors a2 JOIN thesis_authors ta2 ON a2.id = ta2.author_id WHERE ta2.thesis_id = t.id ORDER BY ta2.author_order LIMIT 1) as contact_interne,
@@ -67,6 +75,7 @@ LEFT JOIN thesis_tags tt ON t.id = tt.thesis_id
 LEFT JOIN tags tg ON tt.tag_id = tg.id
 GROUP BY t.id;
 
-CREATE VIEW IF NOT EXISTS v_theses_public AS
+-- Recreate v_theses_public (depends on v_theses_full)
+CREATE VIEW v_theses_public AS
 SELECT * FROM v_theses_full
 WHERE is_published = 1;