geovisio 2.6.0__py3-none-any.whl → 2.7.0__py3-none-any.whl

geovisio/web/items.py

@@ -7,7 +7,7 @@ from psycopg.types.json import Jsonb
 from werkzeug.datastructures import MultiDict
 from uuid import UUID
 from geovisio import errors, utils
-from geovisio.utils import auth
+from geovisio.utils import auth, db
 from geovisio.utils.pictures import cleanupExif
 from geovisio.web.params import (
     as_latitude,
@@ -21,8 +21,7 @@ from geovisio.web.params import (
     parse_distance_range,
 )
 from geovisio.utils.fields import Bounds
-
-import psycopg
+import hashlib
 from psycopg.rows import dict_row
 from psycopg.sql import SQL
 from geovisio.web.utils import (
@@ -36,9 +35,10 @@ from geovisio.web.utils import (
     STAC_VERSION,
 )
 from flask import current_app, request, url_for, Blueprint
+from flask_babel import gettext as _, get_locale
 from geopic_tag_reader.writer import writePictureMetadata, PictureMetadata
+import sentry_sdk
 
-from geovisio.workers import runner_pictures
 
 bp = Blueprint("stac_items", __name__, url_prefix="/api")
 
@@ -59,6 +59,25 @@ def dbPictureToStacItem(seqId, dbPic):
         The equivalent in STAC Item format
     """
 
+    sensorDim = None
+    visibleArea = None
+    if dbPic["metadata"].get("crop") is not None:
+        sensorDim = [dbPic["metadata"]["crop"].get("fullWidth"), dbPic["metadata"]["crop"].get("fullHeight")]
+        visibleArea = [
+            dbPic["metadata"]["crop"].get("left"),
+            dbPic["metadata"]["crop"].get("top"),
+            int(dbPic["metadata"]["crop"].get("fullWidth", "0"))
+            - int(dbPic["metadata"]["crop"].get("width", "0"))
+            - int(dbPic["metadata"]["crop"].get("left", "0")),
+            int(dbPic["metadata"]["crop"].get("fullHeight", "0"))
+            - int(dbPic["metadata"]["crop"].get("height", "0"))
+            - int(dbPic["metadata"]["crop"].get("top", "0")),
+        ]
+        if None in sensorDim:
+            sensorDim = None
+        if None in visibleArea or visibleArea == [0, 0, 0, 0]:
+            visibleArea = None
+
     item = removeNoneInDict(
         {
             "type": "Feature",
@@ -72,7 +91,7 @@ def dbPictureToStacItem(seqId, dbPic):
             "bbox": dbPic["geojson"]["coordinates"] + dbPic["geojson"]["coordinates"],
             "providers": cleanNoneInList(
                 [
-                    {"name": dbPic["account_name"], "roles": ["producer"]},
+                    {"name": dbPic["account_name"], "roles": ["producer"], "id": str(dbPic["account_id"])},
                     (
                         {"name": dbPic["exif"]["Exif.Image.Artist"], "roles": ["producer"]}
                         if dbPic["exif"].get("Exif.Image.Artist") is not None
@@ -95,10 +114,12 @@ def dbPictureToStacItem(seqId, dbPic):
                                 "camera_model": dbPic["metadata"].get("model"),
                                 "focal_length": dbPic["metadata"].get("focal_length"),
                                 "field_of_view": dbPic["metadata"].get("field_of_view"),
+                                "sensor_array_dimensions": sensorDim,
+                                "visible_area": visibleArea,
                             }
                         )
                         if "metadata" in dbPic
-                        and any(True for f in dbPic["metadata"] if f in ["make", "model", "focal_length", "field_of_view"])
+                        and any(True for f in dbPic["metadata"] if f in ["make", "model", "focal_length", "field_of_view", "crop"])
                         else {}
                     ),
                     "pers:pitch": dbPic["metadata"].get("pitch"),
@@ -330,31 +351,31 @@ def getCollectionItems(collectionId):
         try:
             limit = int(limit)
             if limit < 1 or limit > 10000:
-                raise errors.InvalidAPIUsage("limit parameter should be an integer between 1 and 10000", status_code=400)
+                raise errors.InvalidAPIUsage(_("limit parameter should be an integer between 1 and 10000"), status_code=400)
         except ValueError:
-            raise errors.InvalidAPIUsage("limit parameter should be a valid, positive integer (between 1 and 10000)", status_code=400)
+            raise errors.InvalidAPIUsage(_("limit parameter should be a valid, positive integer (between 1 and 10000)"), status_code=400)
         sql_limit = SQL("LIMIT %(limit)s")
         params["limit"] = limit
 
     if withPicture and startAfterRank:
-        raise errors.InvalidAPIUsage(f"`startAfterRank` and `withPicture` are mutually exclusive parameters")
+        raise errors.InvalidAPIUsage(_("`startAfterRank` and `withPicture` are mutually exclusive parameters"))
 
     # Check if rank is valid
     if startAfterRank is not None:
         try:
             startAfterRank = int(startAfterRank)
             if startAfterRank < 1:
-                raise errors.InvalidAPIUsage("startAfterRank parameter should be a positive integer (starting from 1)", status_code=400)
+                raise errors.InvalidAPIUsage(_("startAfterRank parameter should be a positive integer (starting from 1)"), status_code=400)
         except ValueError:
-            raise errors.InvalidAPIUsage("startAfterRank parameter should be a valid, positive integer", status_code=400)
+            raise errors.InvalidAPIUsage(_("startAfterRank parameter should be a valid, positive integer"), status_code=400)
 
         filters.append(SQL("rank > %(start_after_rank)s"))
         params["start_after_rank"] = startAfterRank
 
     paginated = startAfterRank is not None or limit is not None or withPicture is not None
 
-    with psycopg.connect(current_app.config["DB_URL"], row_factory=dict_row) as conn:
-        with conn.cursor() as cursor:
+    with current_app.pool.connection() as conn:
+        with conn.cursor(row_factory=dict_row) as cursor:
             # check on sequence
             seqMeta = cursor.execute(
                 "SELECT s.id "
@@ -367,12 +388,14 @@ def getCollectionItems(collectionId):
             ).fetchone()
 
             if seqMeta is None:
-                raise errors.InvalidAPIUsage("Collection doesn't exist", status_code=404)
+                raise errors.InvalidAPIUsage(_("Collection doesn't exist"), status_code=404)
 
             maxRank = seqMeta.get("max_rank")
 
             if startAfterRank is not None and startAfterRank >= maxRank:
-                raise errors.InvalidAPIUsage(f"No more items in this collection (last available rank is {maxRank})", status_code=404)
+                raise errors.InvalidAPIUsage(
+                    _("No more items in this collection (last available rank is %(r)s)", r=maxRank), status_code=404
+                )
 
             if withPicture is not None:
                 withPicture = as_uuid(withPicture, "withPicture should be a valid UUID")
@@ -381,7 +404,7 @@ def getCollectionItems(collectionId):
                     params={"id": withPicture, "seq": collectionId},
                 ).fetchone()
                 if not pic:
-                    raise errors.InvalidAPIUsage(f"Picture with id {withPicture} does not exists")
+                    raise errors.InvalidAPIUsage(_("Picture with id %(p)s does not exists", p=withPicture))
                 rank = get_first_rank_of_page(pic["rank"], limit)
 
                 filters.append(SQL("rank >= %(start_after_rank)s"))
@@ -393,6 +416,7 @@ def getCollectionItems(collectionId):
 					p.id, p.ts, p.heading, p.metadata, p.inserted_at, p.status,
 					ST_AsGeoJSON(p.geom)::json AS geojson,
 					a.name AS account_name,
+                    p.account_id AS account_id,
                     sp.rank, p.exif,
 					CASE WHEN LAG(p.status) OVER othpics = 'ready' THEN LAG(p.id) OVER othpics END AS prevpic,
 					CASE WHEN LAG(p.status) OVER othpics = 'ready' THEN ST_AsGeoJSON(LAG(p.geom) OVER othpics)::json END AS prevpicgeojson,
@@ -545,8 +569,8 @@ def _getPictureItemById(collectionId, itemId):
           schema:
             type: string
     """
-    with psycopg.connect(current_app.config["DB_URL"], row_factory=dict_row) as conn:
-        with conn.cursor() as cursor:
+    with current_app.pool.connection() as conn:
+        with conn.cursor(row_factory=dict_row) as cursor:
             # Check if there is a logged user
             account = auth.get_current_account()
             accountId = account.id if account else None
@@ -557,6 +581,7 @@ def _getPictureItemById(collectionId, itemId):
 				SELECT
     				p.id, sp.rank, ST_AsGeoJSON(p.geom)::json AS geojson, p.heading, p.ts, p.metadata,
                     p.inserted_at, p.status, accounts.name AS account_name,
+                    p.account_id AS account_id,
 					spl.prevpic, spl.prevpicgeojson, spl.nextpic, spl.nextpicgeojson, p.exif,
                     relp.related_pics
 				FROM pictures p
@@ -665,7 +690,7 @@ def getCollectionItem(collectionId, itemId):
 
     stacItem = _getPictureItemById(collectionId, itemId)
     if stacItem is None:
-        raise errors.InvalidAPIUsage("Item doesn't exist", status_code=404)
+        raise errors.InvalidAPIUsage(_("Item doesn't exist"), status_code=404)
 
     account = auth.get_current_account()
     picStatusToHttpCode = {
@@ -724,7 +749,7 @@ def searchItems():
     args: MultiDict[str, str]
     if request.method == "POST":
         if request.headers.get("Content-Type") != "application/json":
-            raise errors.InvalidAPIUsage("Search using POST method should have a JSON body", status_code=400)
+            raise errors.InvalidAPIUsage(_("Search using POST method should have a JSON body"), status_code=400)
         args = MultiDict(request.json)
     else:
         args = request.args
@@ -733,7 +758,7 @@ def searchItems():
     if args.get("limit") is not None:
         limit = args.get("limit", type=int)
         if limit is None or limit < 1 or limit > 10000:
-            raise errors.InvalidAPIUsage("Parameter limit must be either empty or a number between 1 and 10000", status_code=400)
+            raise errors.InvalidAPIUsage(_("Parameter limit must be either empty or a number between 1 and 10000"), status_code=400)
         else:
             sqlParams["limit"] = limit
     else:
@@ -789,7 +814,7 @@ def searchItems():
         place_fov_tolerance = args.get("place_fov_tolerance", type=int, default=30)
         if place_fov_tolerance < 2 or place_fov_tolerance > 180:
             raise errors.InvalidAPIUsage(
-                "Parameter place_fov_tolerance must be either empty or a number between 2 and 180", status_code=400
+                _("Parameter place_fov_tolerance must be either empty or a number between 2 and 180"), status_code=400
             )
         else:
             sqlParams["placefov"] = place_fov_tolerance / 2
@@ -811,7 +836,7 @@ def searchItems():
         try:
             intersects = json.loads(args["intersects"])
         except:
-            raise errors.InvalidAPIUsage("Parameter intersects should contain a valid GeoJSON Geometry (not a Feature)", status_code=400)
+            raise errors.InvalidAPIUsage(_("Parameter intersects should contain a valid GeoJSON Geometry (not a Feature)"), status_code=400)
         if intersects["type"] == "Point":
             sqlWhere.append(SQL("p.geom && ST_Expand(ST_GeomFromGeoJSON(%(geom)s), 0.000001)"))
         else:
@@ -827,7 +852,7 @@ def searchItems():
         try:
             sqlParams["ids"] = [UUID(j) for j in parse_list(args.get("ids"), paramName="ids")]
         except:
-            raise errors.InvalidAPIUsage("Parameter ids should be a JSON array of strings", status_code=400)
+            raise errors.InvalidAPIUsage(_("Parameter ids should be a JSON array of strings"), status_code=400)
 
     # Collections
     if args.get("collections") is not None:
@@ -839,7 +864,7 @@ def searchItems():
         try:
             sqlParams["collections"] = [UUID(j) for j in parse_list(args["collections"], paramName="collections")]
         except:
-            raise errors.InvalidAPIUsage("Parameter collections should be a JSON array of strings", status_code=400)
+            raise errors.InvalidAPIUsage(_("Parameter collections should be a JSON array of strings"), status_code=400)
 
     # To speed up search, if it's a search by id and on only one id, we use the same code as /collections/:cid/items/:id
     if args.get("ids") is not None and args:
@@ -847,10 +872,10 @@ def searchItems():
         if ids and len(ids) == 1:
             picture_id = ids[0]
 
-            with psycopg.connect(current_app.config["DB_URL"]) as conn, conn.cursor() as cursor:
+            with current_app.pool.connection() as conn, conn.cursor() as cursor:
                 seq = cursor.execute("SELECT seq_id FROM sequences_pictures WHERE pic_id = %s", [picture_id]).fetchone()
                 if not seq:
-                    raise errors.InvalidAPIUsage("Picture doesn't exist", status_code=404)
+                    raise errors.InvalidAPIUsage(_("Picture doesn't exist"), status_code=404)
 
                 item = _getPictureItemById(seq[0], UUID(picture_id))
                 features = [item] if item else []
@@ -863,16 +888,17 @@ def searchItems():
     #
     # Database query
     #
-    with psycopg.connect(current_app.config["DB_URL"], row_factory=dict_row, options="-c statement_timeout=30000") as conn:
-        with conn.cursor() as cursor:
-            query = SQL(
-                """
+    with db.cursor(current_app, timeout=30000, row_factory=dict_row) as cursor:
+        query = SQL(
+            """
 SELECT * FROM (
     SELECT
         p.id, p.ts, p.heading, p.metadata, p.inserted_at,
         ST_AsGeoJSON(p.geom)::json AS geojson,
         sp.seq_id, sp.rank AS rank,
-        accounts.name AS account_name, p.exif
+        accounts.name AS account_name, 
+        p.account_id AS account_id,
+        p.exif
     FROM pictures p
     LEFT JOIN sequences_pictures sp ON p.id = sp.pic_id
     LEFT JOIN sequences s ON s.id = sp.seq_id
@@ -900,24 +926,24 @@ LEFT JOIN LATERAL (
     LIMIT 1
 ) next on true
 ;
-			"""
-            ).format(sqlWhere=SQL(" AND ").join(sqlWhere), sqlSubQueryWhere=SQL(" AND ").join(sqlSubQueryWhere), orderBy=order_by)
+        """
+        ).format(sqlWhere=SQL(" AND ").join(sqlWhere), sqlSubQueryWhere=SQL(" AND ").join(sqlSubQueryWhere), orderBy=order_by)
 
-            records = cursor.execute(query, sqlParams)
+        records = cursor.execute(query, sqlParams)
 
-            items = [dbPictureToStacItem(str(dbPic["seq_id"]), dbPic) for dbPic in records]
+        items = [dbPictureToStacItem(str(dbPic["seq_id"]), dbPic) for dbPic in records]
 
-            return (
-                {
-                    "type": "FeatureCollection",
-                    "features": items,
-                    "links": [
-                        get_root_link(),
-                    ],
-                },
-                200,
-                {"Content-Type": "application/geo+json"},
-            )
+        return (
+            {
+                "type": "FeatureCollection",
+                "features": items,
+                "links": [
+                    get_root_link(),
+                ],
+            },
+            200,
+            {"Content-Type": "application/geo+json"},
+        )
 
 
 @bp.route("/collections/<uuid:collectionId>/items", methods=["POST"])
@@ -952,18 +978,18 @@ def postCollectionItem(collectionId, account=None):
     """
 
     if not request.headers.get("Content-Type", "").startswith("multipart/form-data"):
-        raise errors.InvalidAPIUsage("Content type should be multipart/form-data", status_code=415)
+        raise errors.InvalidAPIUsage(_("Content type should be multipart/form-data"), status_code=415)
 
     # Check if position was given
     if request.form.get("position") is None:
-        raise errors.InvalidAPIUsage('Missing "position" parameter', status_code=400)
+        raise errors.InvalidAPIUsage(_('Missing "position" parameter'), status_code=400)
     else:
         try:
             position = int(request.form["position"])
             if position <= 0:
                 raise ValueError()
         except ValueError:
-            raise errors.InvalidAPIUsage("Position in sequence should be a positive integer", status_code=400)
+            raise errors.InvalidAPIUsage(_("Position in sequence should be a positive integer"), status_code=400)
 
     # Check if datetime was given
     ext_mtd = PictureMetadata()
@@ -977,11 +1003,11 @@ def postCollectionItem(collectionId, account=None):
     lon, lat = request.form.get("override_longitude"), request.form.get("override_latitude")
     if lon is not None or lat is not None:
         if lat is None:
-            raise errors.InvalidAPIUsage("Longitude cannot be overridden alone, override_latitude also needs to be set")
+            raise errors.InvalidAPIUsage(_("Longitude cannot be overridden alone, override_latitude also needs to be set"))
         if lon is None:
-            raise errors.InvalidAPIUsage("Latitude cannot be overridden alone, override_longitude also needs to be set")
-        lon = as_longitude(lon, error=f"For parameter `override_longitude`, `{lon}` is not a valid longitude")
-        lat = as_latitude(lat, error=f"For parameter `override_latitude`, `{lat}` is not a valid latitude")
+            raise errors.InvalidAPIUsage(_("Latitude cannot be overridden alone, override_longitude also needs to be set"))
+        lon = as_longitude(lon, error=_("For parameter `override_longitude`, `%(v)s` is not a valid longitude", v=lon))
+        lat = as_latitude(lat, error=_("For parameter `override_latitude`, `%(v)s` is not a valid latitude", v=lat))
         ext_mtd.longitude = lon
         ext_mtd.latitude = lat
 
@@ -1000,70 +1026,88 @@ def postCollectionItem(collectionId, account=None):
     if request.form.get("isBlurred") is None or request.form.get("isBlurred") in ["true", "false"]:
         isBlurred = request.form.get("isBlurred") == "true"
     else:
-        raise errors.InvalidAPIUsage("Picture blur status should be either unset, true or false", status_code=400)
+        raise errors.InvalidAPIUsage(_("Picture blur status should be either unset, true or false"), status_code=400)
 
     # Check if a picture file was given
     if "picture" not in request.files:
-        raise errors.InvalidAPIUsage("No picture file was sent", status_code=400)
+        raise errors.InvalidAPIUsage(_("No picture file was sent"), status_code=400)
     else:
         picture = request.files["picture"]
 
         # Check file validity
         if not (picture.filename != "" and "." in picture.filename and picture.filename.rsplit(".", 1)[1].lower() in ["jpg", "jpeg"]):
-            raise errors.InvalidAPIUsage("Picture file is either missing or in an unsupported format (should be jpg)", status_code=400)
+            raise errors.InvalidAPIUsage(_("Picture file is either missing or in an unsupported format (should be jpg)"), status_code=400)
 
-    with psycopg.connect(current_app.config["DB_URL"]) as conn:
-        with conn.cursor() as cursor:
+    with db.conn(current_app) as conn:
+        with conn.transaction(), conn.cursor() as cursor:
             # Check if sequence exists
-            seq = cursor.execute("SELECT id FROM sequences WHERE id = %s", [collectionId]).fetchone()
-            if not seq or len(seq) != 1:
-                raise errors.InvalidAPIUsage(f"Sequence {collectionId} wasn't found in database", status_code=404)
+            seq = cursor.execute("SELECT account_id, status FROM sequences WHERE id = %s", [collectionId]).fetchone()
+            if not seq:
+                raise errors.InvalidAPIUsage(_("Collection %(s)s wasn't found in database", s=collectionId), status_code=404)
+
+            # Account associated to picture doesn't match current user
+            if account is not None and account.id != str(seq[0]):
+                raise errors.InvalidAPIUsage(_("You're not authorized to add picture to this collection"), status_code=403)
+
+            # Check if sequence has not been deleted
+            status = seq[1]
+            if status == "deleted":
+                raise errors.InvalidAPIUsage(_("The collection has been deleted, impossible to add pictures to it"), status_code=404)
 
             # Compute various metadata
             accountId = accountIdOrDefault(account)
             raw_pic = picture.read()
             filesize = len(raw_pic)
 
+            with sentry_sdk.start_span(description="computing md5"):
+                # we save the content hash md5 as uuid since md5 is 128bit and uuid are efficiently handled in postgres
+                md5 = hashlib.md5(raw_pic).digest()
+                md5 = UUID(bytes=md5)
+
             additionalMetadata = {
                 "blurredByAuthor": isBlurred,
                 "originalFileName": os.path.basename(picture.filename),
                 "originalFileSize": filesize,
+                "originalContentMd5": md5,
             }
 
             # Update picture metadata if needed
-            updated_picture = writePictureMetadata(raw_pic, ext_mtd)
+            with sentry_sdk.start_span(description="overwriting metadata"):
+                updated_picture = writePictureMetadata(raw_pic, ext_mtd)
 
             # Insert picture into database
-            try:
-                picId = utils.pictures.insertNewPictureInDatabase(
-                    conn, collectionId, position, updated_picture, accountId, additionalMetadata
-                )
-            except utils.pictures.PicturePositionConflict:
-                raise errors.InvalidAPIUsage("Picture at given position already exist", status_code=409)
-            except utils.pictures.MetadataReadingError as e:
-                raise errors.InvalidAPIUsage("Impossible to parse picture metadata", payload={"details": {"error": e.details}})
+            with sentry_sdk.start_span(description="Insert picture in db"):
+                try:
+                    picId = utils.pictures.insertNewPictureInDatabase(
+                        conn, collectionId, position, updated_picture, accountId, additionalMetadata, lang=get_locale().language
+                    )
+                except utils.pictures.PicturePositionConflict:
+                    raise errors.InvalidAPIUsage(_("Picture at given position already exist"), status_code=409)
+                except utils.pictures.MetadataReadingError as e:
+                    raise errors.InvalidAPIUsage(_("Impossible to parse picture metadata"), payload={"details": {"error": e.details}})
+                except utils.pictures.InvalidMetadataValue as e:
+                    raise errors.InvalidAPIUsage(_("Picture has invalid metadata"), payload={"details": {"error": e.details}})
 
             # Save file into appropriate filesystem
-            try:
-                utils.pictures.saveRawPicture(picId, updated_picture, isBlurred)
-            except:
-                logging.exception("Picture wasn't correctly saved in filesystem")
-                raise errors.InvalidAPIUsage("Picture wasn't correctly saved in filesystem", status_code=500)
-
-            conn.commit()
-
-            runner_pictures.background_processor.process_pictures()
-
-            # Return picture metadata
-            return (
-                getCollectionItem(collectionId, picId)[0],
-                202,
-                {
-                    "Content-Type": "application/json",
-                    "Access-Control-Expose-Headers": "Location",  # Needed for allowing web browsers access Location header
-                    "Location": url_for("stac_items.getCollectionItem", _external=True, collectionId=collectionId, itemId=picId),
-                },
-            )
+            with sentry_sdk.start_span(description="Saving picture"):
+                try:
+                    utils.pictures.saveRawPicture(picId, updated_picture, isBlurred)
+                except:
+                    logging.exception("Picture wasn't correctly saved in filesystem")
+                    raise errors.InvalidAPIUsage(_("Picture wasn't correctly saved in filesystem"), status_code=500)
+
+    current_app.background_processor.process_pictures()
+
+    # Return picture metadata
+    return (
+        getCollectionItem(collectionId, picId)[0],
+        202,
+        {
+            "Content-Type": "application/json",
+            "Access-Control-Expose-Headers": "Location",  # Needed for allowing web browsers access Location header
+            "Location": url_for("stac_items.getCollectionItem", _external=True, collectionId=collectionId, itemId=picId),
+        },
+    )
 
 
 @bp.route("/collections/<uuid:collectionId>/items/<uuid:itemId>", methods=["PATCH"])
@@ -1121,7 +1165,7 @@ def patchCollectionItem(collectionId, itemId, account):
     visible = metadata.get("visible")
     if visible is not None:
         if visible not in ["true", "false"]:
-            raise errors.InvalidAPIUsage("Picture visibility parameter (visible) should be either unset, true or false", status_code=400)
+            raise errors.InvalidAPIUsage(_("Picture visibility parameter (visible) should be either unset, true or false"), status_code=400)
         visible = visible == "true"
 
     # Check if heading is valid
@@ -1133,7 +1177,9 @@ def patchCollectionItem(collectionId, itemId, account):
                 raise ValueError()
         except ValueError:
             raise errors.InvalidAPIUsage(
-                "Heading is not valid, should be an integer in degrees from 0° to 360°. North is 0°, East = 90°, South = 180° and West = 270°.",
+                _(
+                    "Heading is not valid, should be an integer in degrees from 0° to 360°. North is 0°, East = 90°, South = 180° and West = 270°."
+                ),
                 status_code=400,
             )
 
@@ -1142,17 +1188,17 @@ def patchCollectionItem(collectionId, itemId, account):
         return getCollectionItem(collectionId, itemId)
 
     # Check if picture exists and if given account is authorized to edit
-    with psycopg.connect(current_app.config["DB_URL"], row_factory=dict_row) as conn:
-        with conn.cursor() as cursor:
+    with db.conn(current_app) as conn:
+        with conn.transaction(), conn.cursor(row_factory=dict_row) as cursor:
             pic = cursor.execute("SELECT status, account_id FROM pictures WHERE id = %s", [itemId]).fetchone()
 
             # Picture not found
             if not pic:
-                raise errors.InvalidAPIUsage(f"Picture {itemId} wasn't found in database", status_code=404)
+                raise errors.InvalidAPIUsage(_("Picture %(p)s wasn't found in database", p=itemId), status_code=404)
 
             # Account associated to picture doesn't match current user
             if account is not None and account.id != str(pic["account_id"]):
-                raise errors.InvalidAPIUsage("You're not authorized to edit this picture", status_code=403)
+                raise errors.InvalidAPIUsage(_("You're not authorized to edit this picture"), status_code=403)
 
             sqlUpdates = []
             sqlParams = {"id": itemId, "account": account.id}
@@ -1162,7 +1208,12 @@ def patchCollectionItem(collectionId, itemId, account):
             if oldStatus not in ["ready", "hidden"]:
                 # Picture is in a preparing/broken/... state so no edit possible
                 raise errors.InvalidAPIUsage(
-                    f"Picture {itemId} is in {oldStatus} state, its visibility can't be changed for now", status_code=400
+                    _(
+                        "Picture %(p)s is in %(s)s state, its visibility can't be changed for now",
+                        p=itemId,
+                        s=oldStatus,
+                    ),
+                    status_code=400,
                 )
 
             newStatus = None
@@ -1194,10 +1245,9 @@ def patchCollectionItem(collectionId, itemId, account):
                 ).format(updates=SQL(", ").join(sqlUpdates)),
                 sqlParams,
             )
-            conn.commit()
 
-            # Redirect response to a classic GET
-            return getCollectionItem(collectionId, itemId)
+    # Redirect response to a classic GET
+    return getCollectionItem(collectionId, itemId)
 
 
 @bp.route("/collections/<uuid:collectionId>/items/<uuid:itemId>", methods=["DELETE"])
@@ -1229,26 +1279,24 @@ def deleteCollectionItem(collectionId, itemId, account):
     """
 
     # Check if picture exists and if given account is authorized to edit
-    with psycopg.connect(current_app.config["DB_URL"]) as conn:
-        with conn.cursor() as cursor:
+    with db.conn(current_app) as conn:
+        with conn.transaction(), conn.cursor() as cursor:
             pic = cursor.execute("SELECT status, account_id FROM pictures WHERE id = %s", [itemId]).fetchone()
 
             # Picture not found
             if not pic:
-                raise errors.InvalidAPIUsage(f"Picture {itemId} wasn't found in database", status_code=404)
+                raise errors.InvalidAPIUsage(_("Picture %(p)s wasn't found in database", p=itemId), status_code=404)
 
             # Account associated to picture doesn't match current user
             if account is not None and account.id != str(pic[1]):
-                raise errors.InvalidAPIUsage("You're not authorized to edit this picture", status_code=403)
+                raise errors.InvalidAPIUsage(_("You're not authorized to edit this picture"), status_code=403)
 
             cursor.execute("DELETE FROM pictures WHERE id = %s", [itemId])
 
             # delete images
             utils.pictures.removeAllFiles(itemId)
 
-            conn.commit()
-
-            return "", 204
+    return "", 204
 
 
 def _getHDJpgPictureURL(picId: str, status: Optional[str]):