@kyro-cms/admin 0.1.5 → 0.1.7

package/src/pages/api/storage-status.ts

@@ -0,0 +1,206 @@
+import type { APIRoute } from "astro";
+import { getDatabaseConfig } from "@/lib/db";
+
+interface RawStorageSettings {
+  provider?: string;
+  local?: {
+    uploadDir?: string;
+    baseUrl?: string;
+  };
+  aws?: Record<string, any>;
+  r2?: Record<string, any>;
+  gcs?: Record<string, any>;
+  digitalocean?: Record<string, any>;
+  backblaze?: Record<string, any>;
+  wasabi?: Record<string, any>;
+  bunny?: Record<string, any>;
+  cloudinary?: Record<string, any>;
+  imgix?: Record<string, any>;
+  ftp?: Record<string, any>;
+  limits?: Record<string, any>;
+  [key: string]: any;
+}
+
+function validateProviderConfig(
+  provider: string,
+  config: RawStorageSettings,
+): { valid: boolean; missing: string[] } {
+  const missing: string[] = [];
+
+  switch (provider) {
+    case "local": {
+      const local = config.local || {};
+      if (!local.uploadDir || local.uploadDir.trim() === "") {
+        missing.push("Upload Directory");
+      }
+      if (
+        !local.baseUrl ||
+        local.baseUrl.trim() === "" ||
+        local.baseUrl === "/"
+      ) {
+        missing.push("Base URL");
+      }
+      break;
+    }
+
+    case "aws": {
+      const aws = config.aws || {};
+      if (!aws.bucket?.trim()) missing.push("Bucket Name");
+      if (!aws.accessKeyId?.trim()) missing.push("Access Key ID");
+      if (!aws.secretAccessKey?.trim()) missing.push("Secret Access Key");
+      break;
+    }
+
+    case "r2": {
+      const r2 = config.r2 || {};
+      if (!r2.bucket?.trim()) missing.push("Bucket Name");
+      if (!r2.accountId?.trim()) missing.push("Account ID");
+      if (!r2.accessKeyId?.trim()) missing.push("Access Key ID");
+      if (!r2.secretAccessKey?.trim()) missing.push("Secret Access Key");
+      break;
+    }
+
+    case "gcs": {
+      const gcs = config.gcs || {};
+      if (!gcs.bucket?.trim()) missing.push("Bucket Name");
+      if (!gcs.projectId?.trim()) missing.push("Project ID");
+      if (!gcs.clientEmail?.trim()) missing.push("Client Email");
+      if (!gcs.privateKey?.trim()) missing.push("Private Key");
+      break;
+    }
+
+    case "digitalocean": {
+      const doConfig = config.digitalocean || {};
+      if (!doConfig.bucket?.trim()) missing.push("Space Name");
+      if (!doConfig.accessKeyId?.trim()) missing.push("Access Key ID");
+      if (!doConfig.secretAccessKey?.trim()) missing.push("Secret Access Key");
+      break;
+    }
+
+    case "backblaze": {
+      const b2 = config.backblaze || {};
+      if (!b2.bucket?.trim()) missing.push("Bucket Name");
+      if (!b2.accountId?.trim()) missing.push("Account ID");
+      if (!b2.applicationKeyId?.trim()) missing.push("Application Key ID");
+      if (!b2.applicationKey?.trim()) missing.push("Application Key");
+      break;
+    }
+
+    case "wasabi": {
+      const wasabi = config.wasabi || {};
+      if (!wasabi.bucket?.trim()) missing.push("Bucket Name");
+      if (!wasabi.accessKeyId?.trim()) missing.push("Access Key ID");
+      if (!wasabi.secretAccessKey?.trim()) missing.push("Secret Access Key");
+      break;
+    }
+
+    case "bunny": {
+      const bunny = config.bunny || {};
+      if (!bunny.storageZone?.trim()) missing.push("Storage Zone");
+      if (!bunny.apiKey?.trim()) missing.push("API Key");
+      break;
+    }
+
+    case "cloudinary": {
+      const cloudinary = config.cloudinary || {};
+      if (!cloudinary.cloudName?.trim()) missing.push("Cloud Name");
+      if (!cloudinary.apiKey?.trim()) missing.push("API Key");
+      if (!cloudinary.apiSecret?.trim()) missing.push("API Secret");
+      break;
+    }
+
+    case "imgix": {
+      const imgix = config.imgix || {};
+      if (!imgix.domain?.trim()) missing.push("Imgix Domain");
+      break;
+    }
+
+    case "ftp": {
+      const ftp = config.ftp || {};
+      if (!ftp.host?.trim()) missing.push("Host");
+      if (!ftp.user?.trim()) missing.push("Username");
+      if (!ftp.password?.trim()) missing.push("Password");
+      if (!ftp.baseUrl?.trim()) missing.push("Base URL");
+      break;
+    }
+
+    default:
+      missing.push("Unknown provider");
+  }
+
+  return { valid: missing.length === 0, missing };
+}
+
+export const GET: APIRoute = async () => {
+  const dbConfig = getDatabaseConfig();
+
+  try {
+    if (dbConfig.type === "sqlite") {
+      const Database = (await import("better-sqlite3")).default;
+      const db = new Database(dbConfig.contentDbPath || "./data/content.db");
+
+      try {
+        const row = db
+          .prepare("SELECT data FROM globals WHERE slug = ?")
+          .get("storage-settings") as { data: string } | undefined;
+
+        if (!row) {
+          return new Response(
+            JSON.stringify({
+              configured: false,
+              reason: "no-settings",
+              provider: null,
+              missingFields: [],
+            }),
+            { status: 200, headers: { "Content-Type": "application/json" } },
+          );
+        }
+
+        const data: RawStorageSettings =
+          typeof row.data === "string" ? JSON.parse(row.data) : row.data;
+        const provider = data.provider || "local";
+
+        // Validate based on provider
+        const validation = validateProviderConfig(provider, data);
+
+        if (!validation.valid) {
+          return new Response(
+            JSON.stringify({
+              configured: false,
+              reason: "incomplete-config",
+              provider,
+              missingFields: validation.missing,
+            }),
+            { status: 200, headers: { "Content-Type": "application/json" } },
+          );
+        }
+
+        return new Response(
+          JSON.stringify({
+            configured: true,
+            reason: "configured",
+            provider,
+            missingFields: [],
+          }),
+          { status: 200, headers: { "Content-Type": "application/json" } },
+        );
+      } finally {
+        db.close();
+      }
+    }
+
+    return new Response(
+      JSON.stringify({ configured: false, reason: "unsupported-db" }),
+      { status: 200, headers: { "Content-Type": "application/json" } },
+    );
+  } catch (error) {
+    return new Response(
+      JSON.stringify({
+        configured: false,
+        reason: "error",
+        details: String(error),
+      }),
+      { status: 500, headers: { "Content-Type": "application/json" } },
+    );
+  }
+};

package/src/pages/api/upload.ts

@@ -0,0 +1,334 @@
+import type { APIRoute } from "astro";
+import { MediaService, type Dialect } from "@kyro-cms/core";
+import { getDatabaseConfig, runMigrations } from "@/lib/db";
+
+const MAX_FILE_SIZE = 50 * 1024 * 1024; // 50MB
+
+const ALLOWED_TYPES = [
+  "image/jpeg",
+  "image/png",
+  "image/gif",
+  "image/webp",
+  "image/avif",
+  "image/svg+xml",
+  "video/mp4",
+  "video/webm",
+  "video/ogg",
+  "application/pdf",
+  "application/zip",
+  "text/plain",
+  "application/octet-stream",
+];
+
+async function ensureMediaTable(db: any) {
+  try {
+    db.exec(`
+      CREATE TABLE IF NOT EXISTS media (
+        id TEXT PRIMARY KEY,
+        filename TEXT NOT NULL UNIQUE,
+        title TEXT,
+        original_name TEXT NOT NULL,
+        mime_type TEXT NOT NULL,
+        file_size INTEGER NOT NULL,
+        width INTEGER,
+        height INTEGER,
+        url TEXT NOT NULL UNIQUE,
+        thumbnail_url TEXT,
+        folder TEXT,
+        provider TEXT NOT NULL DEFAULT 'local',
+        alt TEXT,
+        caption TEXT,
+        metadata TEXT,
+        created_at TEXT DEFAULT (datetime('now')),
+        updated_at TEXT DEFAULT (datetime('now'))
+      )
+    `);
+  } catch (e: any) {
+    console.warn("[upload] Media table error:", e.message);
+  }
+}
+
+export const POST: APIRoute = async ({ request }) => {
+  const dbConfig = getDatabaseConfig();
+
+  let db: any = null;
+  let dialect: Dialect = "sqlite";
+  let genId = () => crypto.randomUUID();
+
+  // Connect to admin's database (same as admin UI uses)
+  try {
+    if (dbConfig.type === "sqlite") {
+      const Database = (await import("better-sqlite3")).default;
+      db = new Database(dbConfig.contentDbPath || "./data/content.db");
+      dialect = "sqlite";
+    } else if (dbConfig.type === "postgres") {
+      const { Pool } = await import("pg");
+      db = new Pool({
+        connectionString:
+          dbConfig.connectionString ||
+          `postgresql://${dbConfig.username}:${dbConfig.password}@${dbConfig.host}:${dbConfig.port}/${dbConfig.database}`,
+      });
+      dialect = "postgres";
+    } else if (dbConfig.type === "mysql") {
+      const mysql = await import("mysql2/promise");
+      db = await mysql.createPool({
+        uri:
+          dbConfig.connectionString ||
+          `mysql://${dbConfig.username}:${dbConfig.password}@${dbConfig.host}:${dbConfig.port}/${dbConfig.database}`,
+      });
+      dialect = "mysql";
+    }
+  } catch (e: any) {
+    return new Response(
+      JSON.stringify({ error: "Database connection failed: " + e.message }),
+      { status: 500, headers: { "Content-Type": "application/json" } },
+    );
+  }
+
+  // Get storage config from globals table
+  let storageConfig: any = undefined;
+
+  try {
+    if (dbConfig.type === "sqlite") {
+      const stmt = db.prepare("SELECT * FROM globals WHERE slug = ?");
+      const row = stmt.get("storage-settings") as any;
+      if (row) {
+        storageConfig =
+          typeof row.data === "string" ? JSON.parse(row.data) : row.data;
+        if (storageConfig.provider && !storageConfig.type) {
+          storageConfig.type = storageConfig.provider;
+        }
+        console.log(
+          "[upload] Storage config loaded:",
+          JSON.stringify(
+            {
+              provider: storageConfig.provider,
+              type: storageConfig.type,
+              r2: storageConfig.r2
+                ? {
+                    bucket: storageConfig.r2.bucket,
+                    accountId: storageConfig.r2.accountId,
+                    publicDevUrl: storageConfig.r2.publicDevUrl,
+                    prefix: storageConfig.r2.prefix,
+                  }
+                : undefined,
+            },
+            null,
+            2,
+          ),
+        );
+      }
+    } else if (dbConfig.type === "postgres" || dbConfig.type === "mysql") {
+      const result = await db.query("SELECT * FROM globals WHERE slug = ?", [
+        "storage-settings",
+      ]);
+      const rows = result.rows || result[0] || [];
+      if (rows.length > 0) {
+        storageConfig = rows[0].data;
+        if (storageConfig.provider && !storageConfig.type) {
+          storageConfig.type = storageConfig.provider;
+        }
+      }
+    }
+  } catch (e: any) {
+    console.warn("[upload] Error reading storage config:", e.message);
+  }
+
+  // Fallback to environment or default
+  if (!storageConfig && process.env.STORAGE_TYPE) {
+    storageConfig = {
+      type: process.env.STORAGE_TYPE,
+      [process.env.STORAGE_TYPE]: {
+        bucket: process.env.STORAGE_BUCKET,
+        region: process.env.STORAGE_REGION,
+        accessKeyId: process.env.STORAGE_ACCESS_KEY_ID,
+        secretAccessKey: process.env.STORAGE_SECRET_ACCESS_KEY,
+      },
+    };
+  }
+
+  if (!storageConfig) {
+    storageConfig = { type: "local" };
+  }
+
+  // Recreate media table
+  if (dbConfig.type === "sqlite") {
+    await ensureMediaTable(db);
+  } else {
+    try {
+      await runMigrations();
+    } catch (e: any) {
+      console.warn("[upload] runMigrations:", e.message);
+    }
+  }
+
+  // Initialize MediaService
+  let mediaService;
+  try {
+    console.log(
+      "[upload] About to init MediaService with config:",
+      JSON.stringify(
+        {
+          type: storageConfig.type,
+          r2: storageConfig.r2
+            ? {
+                bucket: storageConfig.r2.bucket,
+                accountId: storageConfig.r2.accountId,
+                accessKeyId: storageConfig.r2.accessKeyId ? "SET" : "UNDEFINED",
+                secretAccessKey: storageConfig.r2.secretAccessKey
+                  ? "SET"
+                  : "UNDEFINED",
+                publicDevUrl: storageConfig.r2.publicDevUrl,
+                prefix: storageConfig.r2.prefix,
+              }
+            : undefined,
+        },
+        null,
+        2,
+      ),
+    );
+
+    mediaService = await MediaService.init(db, {
+      dialect,
+      genId,
+      storageConfig,
+    });
+  } catch (e: any) {
+    return new Response(
+      JSON.stringify({ error: "Failed to init media service: " + e.message }),
+      { status: 500, headers: { "Content-Type": "application/json" } },
+    );
+  }
+
+  // Handle file upload
+  try {
+    const contentType = request.headers.get("Content-Type") || "";
+
+    if (contentType.includes("application/json")) {
+      const body = await request.json();
+      const { url, folder } = body;
+
+      if (url) {
+        try {
+          const isExternalUrl =
+            url.startsWith("http://") || url.startsWith("https://");
+
+          if (isExternalUrl) {
+            const response = await fetch(url);
+            if (!response.ok) {
+              return new Response(
+                JSON.stringify({
+                  error: "Failed to fetch URL: " + response.statusText,
+                }),
+                {
+                  status: 400,
+                  headers: { "Content-Type": "application/json" },
+                },
+              );
+            }
+            const blob = await response.blob();
+            const contentDisposition = response.headers.get(
+              "Content-Disposition",
+            );
+            const filenameMatch = contentDisposition?.match(
+              /filename[^;]*=([^";\s]+)/,
+            );
+            const filename =
+              filenameMatch?.[1] || url.split("/").pop() || "url-upload";
+
+            const file = new File([blob], filename, {
+              type: blob.type || "image/*",
+            });
+            const media = await mediaService.upload(file, folder || "");
+            return new Response(JSON.stringify(media), {
+              status: 200,
+              headers: { "Content-Type": "application/json" },
+            });
+          }
+
+          const fileMatches = url.match(/\/uploads\/(.+)/);
+          if (fileMatches) {
+            const fullPath = fileMatches[1];
+            const fullUrl =
+              new URL(url, request.url).origin + "/uploads/" + fullPath;
+            const { default: fs } = await import("fs/promises");
+            const path = await import("path");
+            const filePath = path.join(
+              process.cwd(),
+              "public",
+              "uploads",
+              fullPath,
+            );
+            const data = await fs.readFile(filePath);
+            const file = new File([data], fullPath);
+            const media = await mediaService.upload(file, folder || "");
+            return new Response(JSON.stringify(media), {
+              status: 200,
+              headers: { "Content-Type": "application/json" },
+            });
+          }
+        } catch (fetchErr: any) {
+          return new Response(
+            JSON.stringify({ error: "Failed to add URL: " + fetchErr.message }),
+            {
+              status: 400,
+              headers: { "Content-Type": "application/json" },
+            },
+          );
+        }
+      }
+
+      return new Response(
+        JSON.stringify({ error: "No file or URL provided" }),
+        {
+          status: 400,
+          headers: { "Content-Type": "application/json" },
+        },
+      );
+    }
+
+    const formData = await request.formData();
+    const file = formData.get("file") as File | null;
+    const folder = (formData.get("folder") as string) || "";
+
+    if (!file) {
+      return new Response(JSON.stringify({ error: "No file provided" }), {
+        status: 400,
+        headers: { "Content-Type": "application/json" },
+      });
+    }
+
+    if (!ALLOWED_TYPES.includes(file.type)) {
+      return new Response(
+        JSON.stringify({ error: `Invalid file type: ${file.type}` }),
+        { status: 400, headers: { "Content-Type": "application/json" } },
+      );
+    }
+
+    if (file.size > MAX_FILE_SIZE) {
+      return new Response(
+        JSON.stringify({
+          error: `File too large. Max size: ${MAX_FILE_SIZE / 1024 / 1024}MB`,
+        }),
+        { status: 400, headers: { "Content-Type": "application/json" } },
+      );
+    }
+
+    const media = await mediaService.upload(file, folder);
+
+    return new Response(JSON.stringify(media), {
+      status: 200,
+      headers: { "Content-Type": "application/json" },
+    });
+  } catch (error: any) {
+    console.error("Upload error:", error);
+    return new Response(
+      JSON.stringify({ error: error.message || "Upload failed" }),
+      { status: 500, headers: { "Content-Type": "application/json" } },
+    );
+  } finally {
+    if (dbConfig.type === "sqlite" && db) {
+      db.close();
+    }
+  }
+};

package/src/pages/api/webhooks/index.ts

@@ -0,0 +1,71 @@
+import type { APIRoute } from "astro";
+import { dataStore } from "../../../lib/dataStore";
+
+export const GET: APIRoute = async () => {
+  try {
+    const webhooks = await dataStore.find("_webhooks", { limit: 100, page: 1 });
+
+    const docs = webhooks.docs.map((w: any) => ({
+      id: w.id,
+      name: w.name,
+      url: w.url,
+      events: w.events || [],
+      secret: w.secret,
+      status: w.status || "active",
+      createdAt: w.createdAt,
+      lastTriggered: w.lastTriggered,
+    }));
+
+    return new Response(JSON.stringify(docs), {
+      status: 200,
+      headers: { "Content-Type": "application/json" },
+    });
+  } catch (error: any) {
+    return new Response(JSON.stringify({ error: error.message }), {
+      status: 500,
+      headers: { "Content-Type": "application/json" },
+    });
+  }
+};
+
+export const POST: APIRoute = async ({ request }) => {
+  try {
+    const body = await request.json();
+    const { name, url, events, secret } = body;
+
+    if (!name || !url) {
+      return new Response(
+        JSON.stringify({ error: "Name and URL are required" }),
+        {
+          status: 400,
+          headers: { "Content-Type": "application/json" },
+        },
+      );
+    }
+
+    const doc = await dataStore.create("_webhooks", {
+      name,
+      url,
+      events: events || [],
+      secret: secret || "",
+      status: "active",
+      createdAt: new Date().toISOString(),
+    });
+
+    return new Response(
+      JSON.stringify({
+        id: doc.id,
+        name: doc.name,
+      }),
+      {
+        status: 201,
+        headers: { "Content-Type": "application/json" },
+      },
+    );
+  } catch (error: any) {
+    return new Response(JSON.stringify({ error: error.message }), {
+      status: 500,
+      headers: { "Content-Type": "application/json" },
+    });
+  }
+};