@promptbook/cli 0.112.0-102 → 0.112.0-103

package/apps/agents-server/src/tools/$provideCdnForServer.ts

@@ -3,87 +3,84 @@ import { DigitalOceanSpaces } from '../utils/cdn/classes/DigitalOceanSpaces';
 import { TrackedFilesStorage } from '../utils/cdn/classes/TrackedFilesStorage';
 import { VercelBlobStorage } from '../utils/cdn/classes/VercelBlobStorage';
 import { IIFilesStorageWithCdn } from '../utils/cdn/interfaces/IFilesStorage';
-import { resolveCdnStorageProvider } from '../utils/cdn/resolveCdnStorageProvider';
 
 /**
- * Environment value that enables path-style S3 requests.
+ * Cache of CDN instance
  *
  * @private internal cache for `$provideCdnForServer`
  */
-const TRUE_ENV_VALUE = 'true';
+let cdn: IIFilesStorageWithCdn | null = null;
 
 /**
- * Cache of raw CDN instance.
- *
- * @private internal cache for `$provideCdnForServer`
+ * Provides a CDN storage interface for server-side file operations, with caching to reuse instances.
  */
-let rawCdn: IIFilesStorageWithCdn | null = null;
+export function $provideCdnForServer(): IIFilesStorageWithCdn {
+    if (!cdn) {
+        const inner = createCdnStorageForServer();
+        const supabase = $provideSupabaseForServer();
+        cdn = new TrackedFilesStorage(inner, supabase);
+    }
 
-/**
- * Cache of tracked CDN instance.
- *
- * @private internal cache for `$provideCdnForServer`
- */
-let trackedCdn: IIFilesStorageWithCdn | null = null;
+    return cdn;
+}
 
 /**
- * Creates a CDN storage instance from environment variables.
+ * Creates the configured CDN storage implementation for server-side file operations.
  *
- * @private internal factory for `$provideCdnForServer`
+ * @private helper of `$provideCdnForServer`
  */
-function createCdnForServer(): IIFilesStorageWithCdn {
-    const provider = resolveCdnStorageProvider();
-
-    switch (provider) {
-        case 's3':
-            return new DigitalOceanSpaces({
-                bucket: process.env.CDN_BUCKET!,
-                pathPrefix: process.env.NEXT_PUBLIC_CDN_PATH_PREFIX || '',
-                endpoint: process.env.CDN_ENDPOINT!,
-                region: process.env.CDN_REGION || 'auto',
-                accessKeyId: process.env.CDN_ACCESS_KEY_ID!,
-                secretAccessKey: process.env.CDN_SECRET_ACCESS_KEY!,
-                cdnPublicUrl: new URL(process.env.NEXT_PUBLIC_CDN_PUBLIC_URL!),
-                gzip: process.env.CDN_GZIP !== 'false',
-                forcePathStyle: process.env.CDN_FORCE_PATH_STYLE === TRUE_ENV_VALUE,
-                isPublicReadAclEnabled: process.env.CDN_ENABLE_PUBLIC_READ_ACL !== 'false',
-            });
-
-        case 'vercel':
-            return new VercelBlobStorage({
-                token: process.env.VERCEL_BLOB_READ_WRITE_TOKEN!,
-                pathPrefix: process.env.NEXT_PUBLIC_CDN_PATH_PREFIX!,
-                cdnPublicUrl: new URL(process.env.NEXT_PUBLIC_CDN_PUBLIC_URL!),
-            });
+function createCdnStorageForServer(): IIFilesStorageWithCdn {
+    if (isS3CompatibleStorageSelected()) {
+        return new DigitalOceanSpaces({
+            bucket: process.env.CDN_BUCKET!,
+            pathPrefix: process.env.NEXT_PUBLIC_CDN_PATH_PREFIX || '',
+            endpoint: process.env.CDN_ENDPOINT!,
+            accessKeyId: process.env.CDN_ACCESS_KEY_ID!,
+            secretAccessKey: process.env.CDN_SECRET_ACCESS_KEY!,
+            cdnPublicUrl: new URL(process.env.NEXT_PUBLIC_CDN_PUBLIC_URL!),
+            gzip: true,
+            forcePathStyle: process.env.CDN_FORCE_PATH_STYLE === 'true',
+            region: process.env.CDN_REGION || 'auto',
+        });
     }
+
+    return new VercelBlobStorage({
+        token: process.env.VERCEL_BLOB_READ_WRITE_TOKEN!,
+        pathPrefix: process.env.NEXT_PUBLIC_CDN_PATH_PREFIX || '',
+        cdnPublicUrl: new URL(process.env.NEXT_PUBLIC_CDN_PUBLIC_URL!),
+    });
 }
 
 /**
- * Provides an untracked CDN storage interface for code paths that manage `File` rows themselves.
+ * Checks whether the current environment should use the S3-compatible storage implementation.
  *
- * @private internal cache for `$provideCdnForServer`
+ * @private helper of `$provideCdnForServer`
  */
-export function $provideUntrackedCdnForServer(): IIFilesStorageWithCdn {
-    if (!rawCdn) {
-        rawCdn = createCdnForServer();
+function isS3CompatibleStorageSelected(): boolean {
+    const storageMode = (process.env.PTBK_FILE_STORAGE_MODE || process.env.CDN_PROVIDER || '').toLowerCase();
+    const isS3StorageMode =
+        storageMode === 's3' || storageMode === 'external-s3' || storageMode === 'self-contained-s3';
+
+    if (isS3StorageMode) {
+        return hasS3CompatibleStorageConfiguration();
     }
 
-    return rawCdn;
+    return !process.env.VERCEL_BLOB_READ_WRITE_TOKEN && hasS3CompatibleStorageConfiguration();
 }
 
 /**
- * Provides a CDN storage interface for server-side file operations, with caching to reuse instances.
+ * Checks whether all S3-compatible storage environment variables are present.
  *
- * @private internal cache for `$provideCdnForServer`
+ * @private helper of `$provideCdnForServer`
  */
-export function $provideCdnForServer(): IIFilesStorageWithCdn {
-    if (!trackedCdn) {
-        const inner = $provideUntrackedCdnForServer();
-        const supabase = $provideSupabaseForServer();
-        trackedCdn = new TrackedFilesStorage(inner, supabase);
-    }
-
-    return trackedCdn;
+function hasS3CompatibleStorageConfiguration(): boolean {
+    return Boolean(
+        process.env.CDN_BUCKET &&
+            process.env.CDN_ENDPOINT &&
+            process.env.CDN_ACCESS_KEY_ID &&
+            process.env.CDN_SECRET_ACCESS_KEY &&
+            process.env.NEXT_PUBLIC_CDN_PUBLIC_URL,
+    );
 }
 
 // TODO: [🏓] Unite `xxxForServer` and `xxxForNode` naming

package/apps/agents-server/src/utils/cdn/classes/DigitalOceanSpaces.ts

@@ -12,45 +12,16 @@ type IDigitalOceanSpacesConfig = {
     readonly bucket: string;
     readonly pathPrefix: string;
     readonly endpoint: string;
-    readonly region?: string;
     readonly accessKeyId: string;
     readonly secretAccessKey: string;
     readonly cdnPublicUrl: URL;
     readonly gzip: boolean;
     readonly forcePathStyle?: boolean;
-    readonly isPublicReadAclEnabled?: boolean;
+    readonly region?: string;
 
     // TODO: [⛳️] Probbably prefix should be in this config not on the consumer side
 };
 
-/**
- * Resolves the S3 endpoint URL, preserving explicit `http` endpoints for local MinIO.
- *
- * @private internal helper for DigitalOceanSpaces.
- */
-function resolveS3Endpoint(endpoint: string): string {
-    if (/^https?:\/\//i.test(endpoint)) {
-        return endpoint;
-    }
-
-    return `https://${endpoint}`;
-}
-
-/**
- * Returns a URL object whose pathname ends with `/`.
- *
- * @private internal helper for DigitalOceanSpaces.
- */
-function ensureTrailingSlashUrl(url: URL): URL {
-    const normalizedUrl = new URL(url.href);
-
-    if (!normalizedUrl.pathname.endsWith('/')) {
-        normalizedUrl.pathname = `${normalizedUrl.pathname}/`;
-    }
-
-    return normalizedUrl;
-}
-
 /**
  * Class implementing digital ocean spaces.
  */
@@ -64,7 +35,7 @@ export class DigitalOceanSpaces implements IIFilesStorageWithCdn {
     public constructor(private readonly config: IDigitalOceanSpacesConfig) {
         this.s3 = new S3Client({
             region: config.region || 'auto',
-            endpoint: resolveS3Endpoint(config.endpoint),
+            endpoint: normalizeS3Endpoint(config.endpoint),
             forcePathStyle: config.forcePathStyle,
             credentials: {
                 accessKeyId: config.accessKeyId,
@@ -74,13 +45,13 @@ export class DigitalOceanSpaces implements IIFilesStorageWithCdn {
     }
 
     public getItemUrl(key: string): URL {
-        return new URL(this.getStorageKey(key), ensureTrailingSlashUrl(this.cdnPublicUrl));
+        return new URL(this.config.pathPrefix + '/' + key, this.cdnPublicUrl);
     }
 
     public async getItem(key: string): Promise<IFile | null> {
         const parameters = {
             Bucket: this.config.bucket,
-            Key: this.getStorageKey(key),
+            Key: this.config.pathPrefix + '/' + key,
         };
 
         try {
@@ -136,12 +107,12 @@ export class DigitalOceanSpaces implements IIFilesStorageWithCdn {
         const uploadResult = await this.s3.send(
             new PutObjectCommand({
                 Bucket: this.config.bucket,
-                Key: this.getStorageKey(key),
+                Key: this.config.pathPrefix + '/' + key,
                 ContentType: processedFile.type,
                 ...putObjectRequestAdditional,
                 Body: processedFile.data,
                 // TODO: Public read access / just private to extending class
-                ...(this.config.isPublicReadAclEnabled === false ? {} : { ACL: 'public-read' }),
+                ACL: 'public-read',
             }),
         );
 
@@ -149,22 +120,19 @@ export class DigitalOceanSpaces implements IIFilesStorageWithCdn {
             throw new Error(`Upload result does not contain ETag`);
         }
     }
+}
 
-    /**
-     * Builds the final object key used in the S3 bucket.
-     *
-     * @private internal helper for DigitalOceanSpaces.
-     */
-    private getStorageKey(key: string): string {
-        const normalizedKey = key.replace(/^\/+/g, '');
-        const normalizedPathPrefix = this.config.pathPrefix.replace(/^\/+|\/+$/g, '');
-
-        if (!normalizedPathPrefix) {
-            return normalizedKey;
-        }
-
-        return `${normalizedPathPrefix}/${normalizedKey}`;
+/**
+ * Normalizes endpoint values from legacy host-only configuration and full S3 URLs.
+ *
+ * @private helper of `DigitalOceanSpaces`
+ */
+function normalizeS3Endpoint(endpoint: string): string {
+    if (/^https?:\/\//i.test(endpoint)) {
+        return endpoint;
     }
+
+    return `https://${endpoint}`;
 }
 
 // TODO: Implement Read-only mode

package/apps/agents-server/src/utils/cdn/classes/TrackedFilesStorage.ts

@@ -37,17 +37,20 @@ export class TrackedFilesStorage implements IIFilesStorageWithCdn {
 
         try {
             const { userId, purpose } = file;
-            const storageUrl = this.getItemUrl(key).href;
+            const cdnUrl = this.getItemUrl(key).href;
+            const securityResult =
+                file.securityResult as AgentsServerDatabase['public']['Tables']['File']['Insert']['securityResult'];
 
             await this.supabase.from(await $getTableName('File')).insert({
                 userId: userId || null,
                 fileName: key,
                 fileSize: file.fileSize ?? file.data.length,
                 fileType: file.type,
-                storageUrl,
+                storageUrl: cdnUrl,
                 shortUrl: null,
                 purpose: purpose || 'UNKNOWN',
                 status: 'COMPLETED',
+                securityResult: securityResult || null,
             });
         } catch (error) {
             console.error('Failed to track upload:', error);

package/apps/agents-server/src/utils/cdn/interfaces/IFilesStorage.ts

@@ -25,6 +25,11 @@ export type IFile = {
      * Note: This is optional, if not provided, the size of the buffer is used
      */
     fileSize?: number;
+
+    /**
+     * Optional file security result collected before the file is tracked.
+     */
+    securityResult?: Record<string, unknown>;
 };
 
 /**

package/apps/agents-server/src/utils/shareTargetPayloads.ts

@@ -2,7 +2,7 @@ import { $getTableName } from '@/src/database/$getTableName';
 import { $provideSupabaseForServer } from '@/src/database/$provideSupabaseForServer';
 import type { Json } from '@/src/database/schema';
 import { FILE_SECURITY_CHECKERS } from '@/src/file-security-checkers';
-import { $provideUntrackedCdnForServer } from '@/src/tools/$provideCdnForServer';
+import { $provideCdnForServer } from '@/src/tools/$provideCdnForServer';
 import { $provideServer } from '@/src/tools/$provideServer';
 import { getUserFileCdnKey } from '@/src/utils/cdn/utils/getUserFileCdnKey';
 import { validateMimeType } from '@/src/utils/validators/validateMimeType';
@@ -231,12 +231,14 @@ async function createShareTargetAttachment(file: File, maxFileUploadBytes: numbe
 
     const mimeType = resolveShareTargetMimeType(file.type);
     const blobPath = getUserFileCdnKey(buffer, normalizedFilename);
-    const cdn = $provideUntrackedCdnForServer();
+    const cdn = $provideCdnForServer();
+    const storageUrl = cdn.getItemUrl(blobPath).href;
+
     await cdn.setItem(blobPath, {
-        data: buffer,
         type: mimeType,
-        fileSize: buffer.byteLength,
+        data: buffer,
         purpose: SHARE_TARGET_FILE_PURPOSE,
+        fileSize: buffer.byteLength,
     }).catch((error) => {
         throw new DatabaseError(
             spaceTrim(`
@@ -246,24 +248,14 @@ async function createShareTargetAttachment(file: File, maxFileUploadBytes: numbe
             `),
         );
     });
-    const storageUrl = cdn.getItemUrl(blobPath).href;
-    const fileRecordId = await insertShareTargetFileRecord({
-        fileName: normalizedFilename,
-        fileSize: buffer.byteLength,
-        fileType: mimeType,
-        storageUrl,
-    });
 
-    if (fileRecordId !== null) {
-        after(() =>
-            populateShareTargetFileSecurityResult({
-                fileId: fileRecordId,
-                storageUrl,
-            }).catch((error) => {
-                console.error('[share-target] Failed to finalize file security result', error);
-            }),
-        );
-    }
+    after(() =>
+        populateShareTargetFileSecurityResult({
+            storageUrl,
+        }).catch((error) => {
+            console.error('[share-target] Failed to finalize file security result', error);
+        }),
+    );
 
     return {
         name: normalizedFilename,
@@ -272,50 +264,10 @@ async function createShareTargetAttachment(file: File, maxFileUploadBytes: numbe
     };
 }
 
-/**
- * Inserts one admin-visible file row for a shared attachment.
- */
-async function insertShareTargetFileRecord(options: {
-    fileName: string;
-    fileSize: number;
-    fileType: string;
-    storageUrl: string;
-}): Promise<number | null> {
-    try {
-        const supabase = $provideSupabaseForServer() as TODO_any;
-        const fileTableName = await $getTableName('File');
-        const { data, error } = await supabase
-            .from(fileTableName)
-            .insert({
-                fileName: options.fileName,
-                fileSize: options.fileSize,
-                fileType: options.fileType,
-                storageUrl: options.storageUrl,
-                shortUrl: null,
-                purpose: SHARE_TARGET_FILE_PURPOSE,
-                status: 'COMPLETED',
-                agentId: null,
-                securityResult: null,
-            })
-            .select('id')
-            .maybeSingle();
-
-        if (error) {
-            console.error('[share-target] Failed to store uploaded file metadata', error);
-            return null;
-        }
-
-        return typeof data?.id === 'number' ? data.id : null;
-    } catch (error) {
-        console.error('[share-target] Failed to insert shared file metadata', error);
-        return null;
-    }
-}
-
 /**
  * Populates best-effort file-security results after the share redirect has already returned.
  */
-async function populateShareTargetFileSecurityResult(options: { fileId: number; storageUrl: string }): Promise<void> {
+async function populateShareTargetFileSecurityResult(options: { storageUrl: string }): Promise<void> {
     const securityResult: Record<string, unknown> = {};
 
     for (const checkerId of Object.keys(FILE_SECURITY_CHECKERS)) {
@@ -343,7 +295,7 @@ async function populateShareTargetFileSecurityResult(options: { fileId: number;
         .update({
             securityResult,
         })
-        .eq('id', options.fileId);
+        .eq('storageUrl', options.storageUrl);
 
     if (error) {
         throw new DatabaseError(

package/apps/agents-server/src/utils/upload/createBookEditorUploadHandler.ts

@@ -1,23 +1,20 @@
 'use client';
 
-import { upload } from '@vercel/blob/client';
-import type { number_percent, string_knowledge_source_content } from '@promptbook-local/types';
-import { isServerRoutedCdnUploadProvider, resolveCdnStorageProvider } from '../cdn/resolveCdnStorageProvider';
+import type { string_knowledge_source_content } from '@promptbook-local/types';
 import { getSafeCdnPath } from '../cdn/utils/getSafeCdnPath';
 import { normalizeUploadFilename } from '../normalization/normalizeUploadFilename';
+import {
+    buildDefaultUserFileUploadPath,
+    uploadFileToServer,
+    type FileUploadProgressCallback,
+} from './uploadFileToServer';
 
 /**
  * Progress callback invoked during file uploads.
  *
  * @private used by chat and book editors.
  */
-export type FileUploadProgressCallback = (
-    progress: number_percent,
-    stats?: {
-        loadedBytes: number;
-        totalBytes: number;
-    },
-) => void;
+export type { FileUploadProgressCallback };
 
 /**
  * Optional upload configuration such as progress reporting or cancellation.
@@ -56,8 +53,8 @@ type UploadPathBuilder = (normalizedFilename: string, pathPrefix: string) => str
 /**
  * Constant for build default user file path.
  */
-const buildDefaultUserFilePath: UploadPathBuilder = (normalizedFilename, pathPrefix) =>
-    pathPrefix ? `${pathPrefix}/user/files/${normalizedFilename}` : `user/files/${normalizedFilename}`;
+const buildDefaultUserFilePath: UploadPathBuilder = (normalizedFilename) =>
+    buildDefaultUserFileUploadPath(normalizedFilename);
 
 /**
  * Configuration of the shared upload handler.
@@ -76,109 +73,6 @@ type SharedUploadHandlerConfig = {
  */
 const DEFAULT_SHORT_URL_PREFIX = 'https://ptbk.io/k/';
 
-/**
- * Response returned by the server-routed upload API.
- *
- * @private used by chat and book editors.
- */
-type ServerRoutedUploadResponse = {
-    url: string;
-};
-
-/**
- * Uploads a file through `/api/upload` for S3-compatible storage providers.
- *
- * @private used by chat and book editors.
- */
-function uploadFileThroughServer(options: {
-    safeUploadPath: string;
-    file: File;
-    purpose: string;
-    abortSignal?: AbortSignal;
-    onProgress?: FileUploadProgressCallback;
-}): Promise<ServerRoutedUploadResponse> {
-    const { safeUploadPath, file, purpose, abortSignal, onProgress } = options;
-    const formData = new FormData();
-    formData.set('file', file);
-    formData.set('pathname', safeUploadPath);
-    formData.set('purpose', purpose);
-    formData.set('contentType', file.type || 'application/octet-stream');
-
-    return new Promise((resolve, reject) => {
-        const request = new XMLHttpRequest();
-
-        /**
-         * Removes abort listeners once the upload finishes.
-         */
-        const cleanup = () => {
-            abortSignal?.removeEventListener('abort', handleAbort);
-        };
-
-        /**
-         * Aborts the active XHR upload when the caller aborts.
-         */
-        const handleAbort = () => {
-            request.abort();
-            cleanup();
-            reject(new DOMException('Upload aborted.', 'AbortError'));
-        };
-
-        request.upload.addEventListener('progress', (event) => {
-            if (!event.lengthComputable) {
-                return;
-            }
-
-            onProgress?.((event.loaded / event.total) as number_percent, {
-                loadedBytes: event.loaded,
-                totalBytes: event.total,
-            });
-        });
-
-        request.addEventListener('load', () => {
-            cleanup();
-
-            if (request.status < 200 || request.status >= 300) {
-                reject(new Error(`Upload failed with HTTP ${request.status}: ${request.responseText}`));
-                return;
-            }
-
-            try {
-                const parsedResponse = JSON.parse(request.responseText) as Partial<ServerRoutedUploadResponse>;
-                if (typeof parsedResponse.url !== 'string' || parsedResponse.url.trim() === '') {
-                    reject(new Error('Upload response did not contain a file URL.'));
-                    return;
-                }
-
-                onProgress?.(1 as number_percent, {
-                    loadedBytes: file.size,
-                    totalBytes: file.size,
-                });
-                resolve({ url: parsedResponse.url });
-            } catch (error) {
-                reject(error);
-            }
-        });
-
-        request.addEventListener('error', () => {
-            cleanup();
-            reject(new Error('Upload failed before the server responded.'));
-        });
-
-        request.addEventListener('abort', () => {
-            cleanup();
-        });
-
-        if (abortSignal?.aborted) {
-            handleAbort();
-            return;
-        }
-
-        abortSignal?.addEventListener('abort', handleAbort);
-        request.open('POST', '/api/upload');
-        request.send(formData);
-    });
-}
-
 /**
  * Upload handler that normalizes the filename, uploads via `/api/upload`, and optionally returns a short URL.
  *
@@ -196,50 +90,29 @@ export function createFileUploadHandler<ReturnType extends string = string>(
 
     return async (file, optionsOrOnProgress) => {
         const { onProgress, abortSignal } = normalizeUploadOptions(optionsOrOnProgress);
-        const provider = resolveCdnStorageProvider();
-        const isServerRoutedUploadEnabled = isServerRoutedCdnUploadProvider(provider);
         const pathPrefix = process.env.NEXT_PUBLIC_CDN_PATH_PREFIX || '';
         const normalizedFilename = normalizeUploadFilename(file.name);
-        const publicUploadPath = pathBuilder(normalizedFilename, pathPrefix);
-        const storageUploadPath = pathBuilder(normalizedFilename, isServerRoutedUploadEnabled ? '' : pathPrefix);
-        const safeUploadPath = getSafeCdnPath({
-            pathname: storageUploadPath,
-            pathPrefix: isServerRoutedUploadEnabled ? pathPrefix : undefined,
+        const uploadPath = pathBuilder(normalizedFilename, pathPrefix);
+        const safeUploadPath = getSafeCdnPath({ pathname: uploadPath, pathPrefix });
+
+        const uploadResult = await uploadFileToServer({
+            file,
+            pathname: safeUploadPath,
+            purpose,
+            contentType: file.type || 'application/octet-stream',
+            abortSignal,
+            onProgress,
         });
 
-        const blob = isServerRoutedUploadEnabled
-            ? await uploadFileThroughServer({
-                  safeUploadPath,
-                  file,
-                  purpose,
-                  abortSignal,
-                  onProgress,
-              })
-            : await upload(safeUploadPath, file, {
-                  access: 'public',
-                  handleUploadUrl: '/api/upload',
-                  clientPayload: JSON.stringify({
-                      purpose,
-                      contentType: file.type || 'application/octet-stream',
-                  }),
-                  abortSignal,
-                  onUploadProgress: (progressEvent) => {
-                      onProgress?.(progressEvent.percentage / 100, {
-                          loadedBytes: progressEvent.loaded,
-                          totalBytes: progressEvent.total,
-                      });
-                  },
-              });
-
         if (returnShortUrl && process.env.NEXT_PUBLIC_CDN_PUBLIC_URL) {
-            const slashIndex = publicUploadPath.lastIndexOf('/');
-            const directoryPath = slashIndex === -1 ? '' : `${publicUploadPath.slice(0, slashIndex + 1)}`;
+            const slashIndex = uploadPath.lastIndexOf('/');
+            const directoryPath = slashIndex === -1 ? '' : `${uploadPath.slice(0, slashIndex + 1)}`;
             const longUrlPrefix = `${process.env.NEXT_PUBLIC_CDN_PUBLIC_URL}/${directoryPath}`;
-            const shortUrl = blob.url.split(longUrlPrefix).join(shortUrlPrefix);
+            const shortUrl = uploadResult.url.split(longUrlPrefix).join(shortUrlPrefix);
             return shortUrl as ReturnType;
         }
 
-        return blob.url as ReturnType;
+        return uploadResult.url as ReturnType;
     };
 }