create-pxlr 1.0.0

package/templates/clean/pxlr-cms/packages/api/src/modules/content/routes.ts

@@ -0,0 +1,385 @@
+import { FastifyPluginAsync } from 'fastify';
+import { z } from 'zod';
+import { v4 as uuid } from 'uuid';
+import { db } from '../../database/index.js';
+import { redis } from '../../database/redis.js';
+
+const createDocumentSchema = z.object({
+  schemaName: z.string().min(1),
+  data: z.record(z.any()),
+  locale: z.string().default('en'),
+  status: z.enum(['draft', 'published']).default('draft'),
+});
+
+const updateDocumentSchema = z.object({
+  data: z.record(z.any()).optional(),
+  locale: z.string().optional(),
+  status: z.enum(['draft', 'published', 'archived']).optional(),
+});
+
+const querySchema = z.object({
+  schemaName: z.string().optional(),
+  status: z.enum(['draft', 'published', 'archived']).optional(),
+  locale: z.string().optional(),
+  page: z.coerce.number().min(1).default(1),
+  limit: z.coerce.number().min(1).max(100).default(20),
+  orderBy: z.string().default('created_at'),
+  order: z.enum(['asc', 'desc']).default('desc'),
+  search: z.string().optional(),
+});
+
+export const contentRoutes: FastifyPluginAsync = async (fastify) => {
+  // List documents with filtering
+  fastify.get('/', {
+    schema: {
+      tags: ['Content'],
+      summary: 'List documents with filtering and pagination',
+      querystring: {
+        type: 'object',
+        properties: {
+          schemaName: { type: 'string' },
+          status: { type: 'string' },
+          locale: { type: 'string' },
+          page: { type: 'number' },
+          limit: { type: 'number' },
+          orderBy: { type: 'string' },
+          order: { type: 'string' },
+          search: { type: 'string' },
+        },
+      },
+    },
+  }, async (request) => {
+    const query = querySchema.parse(request.query);
+    const offset = (query.page - 1) * query.limit;
+
+    let whereClause = 'WHERE 1=1';
+    const params: any[] = [];
+    let paramIndex = 1;
+
+    if (query.schemaName) {
+      whereClause += ` AND schema_name = $${paramIndex++}`;
+      params.push(query.schemaName);
+    }
+    if (query.status) {
+      whereClause += ` AND status = $${paramIndex++}`;
+      params.push(query.status);
+    }
+    if (query.locale) {
+      whereClause += ` AND locale = $${paramIndex++}`;
+      params.push(query.locale);
+    }
+    if (query.search) {
+      whereClause += ` AND data::text ILIKE $${paramIndex++}`;
+      params.push(`%${query.search}%`);
+    }
+
+    // Count total
+    const countResult = await db.query(
+      `SELECT COUNT(*) FROM documents ${whereClause}`,
+      params
+    );
+    const total = parseInt(countResult.rows[0].count);
+
+    // Get documents
+    const allowedOrderBy = ['created_at', 'updated_at', 'published_at'];
+    const orderByColumn = allowedOrderBy.includes(query.orderBy) ? query.orderBy : 'created_at';
+    const orderDirection = query.order === 'asc' ? 'ASC' : 'DESC';
+
+    params.push(query.limit, offset);
+
+    const result = await db.query(
+      `SELECT d.*, s.title as schema_title, u.name as created_by_name
+       FROM documents d
+       LEFT JOIN schemas s ON d.schema_name = s.name
+       LEFT JOIN users u ON d.created_by = u.id
+       ${whereClause}
+       ORDER BY d.${orderByColumn} ${orderDirection}
+       LIMIT $${paramIndex++} OFFSET $${paramIndex}`,
+      params
+    );
+
+    return {
+      documents: result.rows,
+      pagination: {
+        page: query.page,
+        limit: query.limit,
+        total,
+        totalPages: Math.ceil(total / query.limit),
+      },
+    };
+  });
+
+  // Get single document
+  fastify.get('/:id', {
+    schema: {
+      tags: ['Content'],
+      summary: 'Get document by ID',
+    },
+  }, async (request, reply) => {
+    const { id } = request.params as { id: string };
+
+    const result = await db.query(
+      `SELECT d.*, s.title as schema_title, s.definition as schema_definition,
+              u1.name as created_by_name, u2.name as updated_by_name
+       FROM documents d
+       LEFT JOIN schemas s ON d.schema_name = s.name
+       LEFT JOIN users u1 ON d.created_by = u1.id
+       LEFT JOIN users u2 ON d.updated_by = u2.id
+       WHERE d.id = $1`,
+      [id]
+    );
+
+    if (result.rows.length === 0) {
+      return reply.status(404).send({ error: true, message: 'Document not found' });
+    }
+
+    return { document: result.rows[0] };
+  });
+
+  // Create document
+  fastify.post('/', {
+    schema: {
+      tags: ['Content'],
+      summary: 'Create a new document',
+      security: [{ bearerAuth: [] }],
+    },
+    preHandler: [fastify.authenticate],
+  }, async (request, reply) => {
+    const body = createDocumentSchema.parse(request.body);
+    const user = request.user as { id: string };
+
+    // Verify schema exists
+    const schemaResult = await db.query(
+      'SELECT id, is_singleton FROM schemas WHERE name = $1',
+      [body.schemaName]
+    );
+
+    if (schemaResult.rows.length === 0) {
+      return reply.status(400).send({ error: true, message: 'Schema not found' });
+    }
+
+    const schema = schemaResult.rows[0];
+
+    // Check singleton
+    if (schema.is_singleton) {
+      const existingDoc = await db.query(
+        'SELECT id FROM documents WHERE schema_name = $1 AND locale = $2',
+        [body.schemaName, body.locale]
+      );
+      if (existingDoc.rows.length > 0) {
+        return reply.status(400).send({ 
+          error: true, 
+          message: 'Singleton document already exists for this locale' 
+        });
+      }
+    }
+
+    const documentId = uuid();
+    const publishedAt = body.status === 'published' ? new Date() : null;
+
+    const result = await db.query(
+      `INSERT INTO documents (id, schema_name, data, locale, status, published_at, created_by, updated_by) 
+       VALUES ($1, $2, $3, $4, $5, $6, $7, $7) 
+       RETURNING *`,
+      [documentId, body.schemaName, body.data, body.locale, body.status, publishedAt, user.id]
+    );
+
+    // Create initial version
+    await db.query(
+      `INSERT INTO document_versions (document_id, version, data, locale, created_by) 
+       VALUES ($1, 1, $2, $3, $4)`,
+      [documentId, body.data, body.locale, user.id]
+    );
+
+    // Publish event for real-time
+    await redis.publish('content:created', {
+      documentId,
+      schemaName: body.schemaName,
+      userId: user.id,
+    });
+
+    return { document: result.rows[0] };
+  });
+
+  // Update document
+  fastify.put('/:id', {
+    schema: {
+      tags: ['Content'],
+      summary: 'Update a document',
+      security: [{ bearerAuth: [] }],
+    },
+    preHandler: [fastify.authenticate],
+  }, async (request, reply) => {
+    const { id } = request.params as { id: string };
+    const body = updateDocumentSchema.parse(request.body);
+    const user = request.user as { id: string };
+
+    // Get current document
+    const currentDoc = await db.query(
+      'SELECT * FROM documents WHERE id = $1',
+      [id]
+    );
+
+    if (currentDoc.rows.length === 0) {
+      return reply.status(404).send({ error: true, message: 'Document not found' });
+    }
+
+    const doc = currentDoc.rows[0];
+
+    // Build update query
+    const updates: string[] = ['updated_by = $1'];
+    const values: any[] = [user.id];
+    let paramIndex = 2;
+
+    if (body.data) {
+      updates.push(`data = $${paramIndex++}`);
+      values.push(body.data);
+    }
+    if (body.locale) {
+      updates.push(`locale = $${paramIndex++}`);
+      values.push(body.locale);
+    }
+    if (body.status) {
+      updates.push(`status = $${paramIndex++}`);
+      values.push(body.status);
+      if (body.status === 'published' && doc.status !== 'published') {
+        updates.push(`published_at = CURRENT_TIMESTAMP`);
+      }
+    }
+
+    values.push(id);
+
+    const result = await db.query(
+      `UPDATE documents SET ${updates.join(', ')} WHERE id = $${paramIndex} RETURNING *`,
+      values
+    );
+
+    // Create new version if data changed
+    if (body.data) {
+      const versionResult = await db.query(
+        'SELECT MAX(version) as max_version FROM document_versions WHERE document_id = $1',
+        [id]
+      );
+      const newVersion = (versionResult.rows[0].max_version || 0) + 1;
+
+      await db.query(
+        `INSERT INTO document_versions (document_id, version, data, locale, created_by) 
+         VALUES ($1, $2, $3, $4, $5)`,
+        [id, newVersion, body.data, body.locale || doc.locale, user.id]
+      );
+    }
+
+    // Publish event for real-time
+    await redis.publish('content:updated', {
+      documentId: id,
+      schemaName: doc.schema_name,
+      userId: user.id,
+    });
+
+    return { document: result.rows[0] };
+  });
+
+  // Delete document
+  fastify.delete('/:id', {
+    schema: {
+      tags: ['Content'],
+      summary: 'Delete a document',
+      security: [{ bearerAuth: [] }],
+    },
+    preHandler: [fastify.authenticate],
+  }, async (request, reply) => {
+    const { id } = request.params as { id: string };
+    const user = request.user as { id: string };
+
+    const doc = await db.query(
+      'SELECT schema_name FROM documents WHERE id = $1',
+      [id]
+    );
+
+    if (doc.rows.length === 0) {
+      return reply.status(404).send({ error: true, message: 'Document not found' });
+    }
+
+    await db.query('DELETE FROM documents WHERE id = $1', [id]);
+
+    // Publish event for real-time
+    await redis.publish('content:deleted', {
+      documentId: id,
+      schemaName: doc.rows[0].schema_name,
+      userId: user.id,
+    });
+
+    return { success: true, message: 'Document deleted' };
+  });
+
+  // Get document versions
+  fastify.get('/:id/versions', {
+    schema: {
+      tags: ['Content'],
+      summary: 'Get document version history',
+    },
+  }, async (request, reply) => {
+    const { id } = request.params as { id: string };
+
+    const doc = await db.query('SELECT id FROM documents WHERE id = $1', [id]);
+    if (doc.rows.length === 0) {
+      return reply.status(404).send({ error: true, message: 'Document not found' });
+    }
+
+    const result = await db.query(
+      `SELECT v.*, u.name as created_by_name 
+       FROM document_versions v
+       LEFT JOIN users u ON v.created_by = u.id
+       WHERE v.document_id = $1 
+       ORDER BY v.version DESC`,
+      [id]
+    );
+
+    return { versions: result.rows };
+  });
+
+  // Restore document version
+  fastify.post('/:id/versions/:version/restore', {
+    schema: {
+      tags: ['Content'],
+      summary: 'Restore document to a specific version',
+      security: [{ bearerAuth: [] }],
+    },
+    preHandler: [fastify.authenticate],
+  }, async (request, reply) => {
+    const { id, version } = request.params as { id: string; version: string };
+    const user = request.user as { id: string };
+
+    const versionResult = await db.query(
+      'SELECT * FROM document_versions WHERE document_id = $1 AND version = $2',
+      [id, parseInt(version)]
+    );
+
+    if (versionResult.rows.length === 0) {
+      return reply.status(404).send({ error: true, message: 'Version not found' });
+    }
+
+    const versionData = versionResult.rows[0];
+
+    // Update document with version data
+    const result = await db.query(
+      `UPDATE documents SET data = $1, updated_by = $2 WHERE id = $3 RETURNING *`,
+      [versionData.data, user.id, id]
+    );
+
+    // Create new version for the restore action
+    const maxVersionResult = await db.query(
+      'SELECT MAX(version) as max_version FROM document_versions WHERE document_id = $1',
+      [id]
+    );
+    const newVersion = (maxVersionResult.rows[0].max_version || 0) + 1;
+
+    await db.query(
+      `INSERT INTO document_versions (document_id, version, data, locale, change_summary, created_by) 
+       VALUES ($1, $2, $3, $4, $5, $6)`,
+      [id, newVersion, versionData.data, versionData.locale, `Restored to version ${version}`, user.id]
+    );
+
+    return { document: result.rows[0] };
+  });
+};

package/templates/clean/pxlr-cms/packages/api/src/modules/media/routes.ts

@@ -0,0 +1,312 @@
+import { FastifyPluginAsync } from 'fastify';
+import { z } from 'zod';
+import { v4 as uuid } from 'uuid';
+import * as Minio from 'minio';
+import sharp from 'sharp';
+import { db } from '../../database/index.js';
+import { config } from '../../config.js';
+
+// Initialize MinIO client
+const minioClient = new Minio.Client({
+  endPoint: config.minio.endpoint,
+  port: config.minio.port,
+  useSSL: config.minio.useSSL,
+  accessKey: config.minio.accessKey,
+  secretKey: config.minio.secretKey,
+});
+
+const updateMediaSchema = z.object({
+  altText: z.string().optional(),
+  caption: z.string().optional(),
+  folder: z.string().optional(),
+});
+
+const querySchema = z.object({
+  folder: z.string().optional(),
+  mimeType: z.string().optional(),
+  page: z.coerce.number().min(1).default(1),
+  limit: z.coerce.number().min(1).max(100).default(20),
+  search: z.string().optional(),
+});
+
+// Ensure bucket exists with public read policy
+async function ensureBucket() {
+  const exists = await minioClient.bucketExists(config.minio.bucket);
+  if (!exists) {
+    await minioClient.makeBucket(config.minio.bucket);
+  }
+  
+  // Always ensure public read policy is set
+  const policy = {
+    Version: '2012-10-17',
+    Statement: [
+      {
+        Effect: 'Allow',
+        Principal: { AWS: ['*'] },
+        Action: ['s3:GetObject'],
+        Resource: [`arn:aws:s3:::${config.minio.bucket}/*`],
+      },
+    ],
+  };
+  
+  try {
+    await minioClient.setBucketPolicy(config.minio.bucket, JSON.stringify(policy));
+  } catch (err) {
+    console.log('Bucket policy already set or error:', err);
+  }
+}
+
+export const mediaRoutes: FastifyPluginAsync = async (fastify) => {
+  // Ensure bucket on startup
+  await ensureBucket();
+
+  // List media files
+  fastify.get('/', {
+    schema: {
+      tags: ['Media'],
+      summary: 'List media files with filtering',
+    },
+  }, async (request) => {
+    const query = querySchema.parse(request.query);
+    const offset = (query.page - 1) * query.limit;
+
+    let whereClause = 'WHERE 1=1';
+    const params: any[] = [];
+    let paramIndex = 1;
+
+    if (query.folder) {
+      whereClause += ` AND folder = $${paramIndex++}`;
+      params.push(query.folder);
+    }
+    if (query.mimeType) {
+      whereClause += ` AND mime_type LIKE $${paramIndex++}`;
+      params.push(`${query.mimeType}%`);
+    }
+    if (query.search) {
+      whereClause += ` AND (original_filename ILIKE $${paramIndex} OR alt_text ILIKE $${paramIndex})`;
+      params.push(`%${query.search}%`);
+      paramIndex++;
+    }
+
+    // Count total
+    const countResult = await db.query(
+      `SELECT COUNT(*) FROM media ${whereClause}`,
+      params
+    );
+    const total = parseInt(countResult.rows[0].count);
+
+    // Get files
+    params.push(query.limit, offset);
+    const result = await db.query(
+      `SELECT m.*, u.name as uploaded_by_name
+       FROM media m
+       LEFT JOIN users u ON m.uploaded_by = u.id
+       ${whereClause}
+       ORDER BY m.created_at DESC
+       LIMIT $${paramIndex++} OFFSET $${paramIndex}`,
+      params
+    );
+
+    return {
+      files: result.rows,
+      pagination: {
+        page: query.page,
+        limit: query.limit,
+        total,
+        totalPages: Math.ceil(total / query.limit),
+      },
+    };
+  });
+
+  // Get single media file
+  fastify.get('/:id', {
+    schema: {
+      tags: ['Media'],
+      summary: 'Get media file by ID',
+    },
+  }, async (request, reply) => {
+    const { id } = request.params as { id: string };
+
+    const result = await db.query(
+      `SELECT m.*, u.name as uploaded_by_name
+       FROM media m
+       LEFT JOIN users u ON m.uploaded_by = u.id
+       WHERE m.id = $1`,
+      [id]
+    );
+
+    if (result.rows.length === 0) {
+      return reply.status(404).send({ error: true, message: 'File not found' });
+    }
+
+    return { file: result.rows[0] };
+  });
+
+  // Upload media file
+  fastify.post('/upload', {
+    schema: {
+      tags: ['Media'],
+      summary: 'Upload a media file',
+      security: [{ bearerAuth: [] }],
+    },
+    preHandler: [fastify.authenticate],
+  }, async (request, reply) => {
+    const user = request.user as { id: string };
+    const data = await request.file();
+
+    if (!data) {
+      return reply.status(400).send({ error: true, message: 'No file uploaded' });
+    }
+
+    const buffer = await data.toBuffer();
+    const fileId = uuid();
+    const ext = data.filename.split('.').pop() || '';
+    const filename = `${fileId}.${ext}`;
+    const mimeType = data.mimetype;
+
+    let width: number | undefined;
+    let height: number | undefined;
+    let thumbnailUrl: string | undefined;
+
+    // Process images
+    if (mimeType.startsWith('image/')) {
+      try {
+        const metadata = await sharp(buffer).metadata();
+        width = metadata.width;
+        height = metadata.height;
+
+        // Create thumbnail
+        const thumbnail = await sharp(buffer)
+          .resize(300, 300, { fit: 'inside' })
+          .jpeg({ quality: 80 })
+          .toBuffer();
+
+        const thumbnailFilename = `thumbnails/${fileId}.jpg`;
+        await minioClient.putObject(config.minio.bucket, thumbnailFilename, thumbnail, {
+          'Content-Type': 'image/jpeg',
+        });
+        thumbnailUrl = `${config.minio.publicUrl}/${config.minio.bucket}/${thumbnailFilename}`;
+      } catch (err) {
+        fastify.log.warn('Failed to process image:', err);
+      }
+    }
+
+    // Upload original file
+    await minioClient.putObject(config.minio.bucket, filename, buffer, {
+      'Content-Type': mimeType,
+    });
+
+    const url = `${config.minio.publicUrl}/${config.minio.bucket}/${filename}`;
+
+    // Save to database
+    const result = await db.query(
+      `INSERT INTO media (id, filename, original_filename, mime_type, size_bytes, width, height, url, thumbnail_url, uploaded_by)
+       VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
+       RETURNING *`,
+      [fileId, filename, data.filename, mimeType, buffer.length, width, height, url, thumbnailUrl, user.id]
+    );
+
+    return { file: result.rows[0] };
+  });
+
+  // Update media metadata
+  fastify.put('/:id', {
+    schema: {
+      tags: ['Media'],
+      summary: 'Update media file metadata',
+      security: [{ bearerAuth: [] }],
+    },
+    preHandler: [fastify.authenticate],
+  }, async (request, reply) => {
+    const { id } = request.params as { id: string };
+    const body = updateMediaSchema.parse(request.body);
+
+    const existing = await db.query('SELECT id FROM media WHERE id = $1', [id]);
+    if (existing.rows.length === 0) {
+      return reply.status(404).send({ error: true, message: 'File not found' });
+    }
+
+    const updates: string[] = [];
+    const values: any[] = [];
+    let paramIndex = 1;
+
+    if (body.altText !== undefined) {
+      updates.push(`alt_text = $${paramIndex++}`);
+      values.push(body.altText);
+    }
+    if (body.caption !== undefined) {
+      updates.push(`caption = $${paramIndex++}`);
+      values.push(body.caption);
+    }
+    if (body.folder !== undefined) {
+      updates.push(`folder = $${paramIndex++}`);
+      values.push(body.folder);
+    }
+
+    if (updates.length === 0) {
+      return reply.status(400).send({ error: true, message: 'No updates provided' });
+    }
+
+    values.push(id);
+    const result = await db.query(
+      `UPDATE media SET ${updates.join(', ')} WHERE id = $${paramIndex} RETURNING *`,
+      values
+    );
+
+    return { file: result.rows[0] };
+  });
+
+  // Delete media file
+  fastify.delete('/:id', {
+    schema: {
+      tags: ['Media'],
+      summary: 'Delete a media file',
+      security: [{ bearerAuth: [] }],
+    },
+    preHandler: [fastify.authenticate],
+  }, async (request, reply) => {
+    const { id } = request.params as { id: string };
+
+    const result = await db.query(
+      'SELECT filename FROM media WHERE id = $1',
+      [id]
+    );
+
+    if (result.rows.length === 0) {
+      return reply.status(404).send({ error: true, message: 'File not found' });
+    }
+
+    const { filename } = result.rows[0];
+
+    // Delete from MinIO
+    try {
+      await minioClient.removeObject(config.minio.bucket, filename);
+      // Try to delete thumbnail
+      await minioClient.removeObject(config.minio.bucket, `thumbnails/${id}.jpg`).catch(() => {});
+    } catch (err) {
+      fastify.log.warn('Failed to delete file from storage:', err);
+    }
+
+    // Delete from database
+    await db.query('DELETE FROM media WHERE id = $1', [id]);
+
+    return { success: true, message: 'File deleted' };
+  });
+
+  // Get folders
+  fastify.get('/folders', {
+    schema: {
+      tags: ['Media'],
+      summary: 'Get list of media folders',
+    },
+  }, async () => {
+    const result = await db.query(
+      `SELECT DISTINCT folder, COUNT(*) as count 
+       FROM media 
+       GROUP BY folder 
+       ORDER BY folder`
+    );
+
+    return { folders: result.rows };
+  });
+};