biondizzle/vstash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: biondizzle:8d950cf042399e92a8d19e58ad8fd79cc915fb56
Branches Tags
biondizzle:master
...
compare: biondizzle:master
Branches Tags
biondizzle:master

12 Commits
8d950cf042 ... master

Author SHA1 Message Date
biondizzle
c59f14f7d3 remove crap 2025-12-11 06:38:03 -05:00
biondizzle
1880548e16 Merge pull request #9 from biondizzle/codex/refactor-route-handling-to-use-config/routes 
Refactor API controllers to use explicit routes
 2025-06-05 21:07:12 -04:00
biondizzle
a6d0143d19 refactor routes 2025-06-05 21:06:46 -04:00
biondizzle
9190a159b5 Merge pull request #8 from biondizzle/codex/build-file-uploader-for-management-console 
Add admin object uploader
 2025-06-05 19:55:06 -04:00
biondizzle
9684406295 Add object upload feature to console 2025-06-05 19:54:51 -04:00
biondizzle
fab814e179 Merge pull request #7 from biondizzle/codex/build-presigned-url-upload-api 
Add presigned upload support
 2025-06-05 19:44:22 -04:00
biondizzle
d625879dd2 Merge branch 'master' into codex/build-presigned-url-upload-api 2025-06-05 19:44:02 -04:00
biondizzle
ad69872828 Update ConsoleApiController.php 2025-06-05 19:42:31 -04:00
biondizzle
96716653a2 Update ConsoleApiController.php 2025-06-05 19:41:32 -04:00
biondizzle
a6bee5be15 Add endpoint for presigned uploads 2025-06-05 19:39:58 -04:00
biondizzle
fdaa7232a1 Merge pull request #6 from biondizzle/codex/fix-authentication-check-logic 
Refactor auth checks
 2025-06-05 19:39:25 -04:00
biondizzle
409c9950de Refactor auth checks to avoid assignments in conditions 2025-06-05 19:39:09 -04:00
8 changed files with 677 additions and 327 deletions
Expand all files Collapse all files

2
.env
View File

@@ -27,7 +27,7 @@ APP_SECRET=6aa2ea989e29de27bc42a77db9849b87
# DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=8.0.32&charset=utf8mb4" # DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=8.0.32&charset=utf8mb4"
# DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=10.11.2-MariaDB&charset=utf8mb4" # DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=10.11.2-MariaDB&charset=utf8mb4"
# DATABASE_URL="postgresql://app:!ChangeMe!@127.0.0.1:5432/app?serverVersion=16&charset=utf8" # DATABASE_URL="postgresql://app:!ChangeMe!@127.0.0.1:5432/app?serverVersion=16&charset=utf8"
DATABASE_URL="mysql://vultradmin:AVNS_jn444_0nHCHAvnZkTFN@vultr-prod-a6de266e-e9c6-477c-abf3-7ec2e7a7bfc8-vultr-prod-3195.vultrdb.com:18140/defaultdb?serverVersion=8.0.32&charset=utf8mb4" DATABASE_URL=""
###< doctrine/doctrine-bundle ### ###< doctrine/doctrine-bundle ###
# Console login credentials # Console login credentials

121
config/routes/console_api.yaml
View File

@@ -1,39 +1,100 @@
# Console API Routes # Console API Routes
console_api_credentials: console_api_credentials_list:
path: /api/credentials path: /api/credentials
controller: App\Controller\ConsoleApiController::credentials controller: App\Controller\ConsoleApiController::listCredentials
methods: [GET, POST] methods: [GET]
console_api_credential_detail: console_api_credentials_create:
path: /api/credentials
controller: App\Controller\ConsoleApiController::createCredential
methods: [POST]
console_api_credential_get:
path: /api/credentials/{id} path: /api/credentials/{id}
controller: App\Controller\ConsoleApiController::credentialDetail controller: App\Controller\ConsoleApiController::getCredential
methods: [GET, PUT, DELETE] methods: [GET]
requirements: requirements:
id: '\d+' id: '\d+'
console_api_buckets: console_api_credential_update:
path: /api/buckets path: /api/credentials/{id}
controller: App\Controller\ConsoleApiController::buckets controller: App\Controller\ConsoleApiController::updateCredential
methods: [GET, POST] methods: [PUT]
requirements:
id: '\d+'
console_api_bucket_detail: console_api_credential_delete:
path: /api/credentials/{id}
controller: App\Controller\ConsoleApiController::deleteCredential
methods: [DELETE]
requirements:
id: '\d+'
console_api_buckets_list:
path: /api/buckets
controller: App\Controller\ConsoleApiController::listBuckets
methods: [GET]
console_api_buckets_create:
path: /api/buckets
controller: App\Controller\ConsoleApiController::createBucket
methods: [POST]
console_api_bucket_get:
path: /api/buckets/{name} path: /api/buckets/{name}
controller: App\Controller\ConsoleApiController::bucketDetail controller: App\Controller\ConsoleApiController::getBucket
methods: [GET, DELETE] methods: [GET]
requirements: requirements:
name: '[a-z0-9\-\.]+' name: '[a-z0-9\-\.]+'
console_api_objects: console_api_bucket_delete:
path: /api/buckets/{name}
controller: App\Controller\ConsoleApiController::deleteBucket
methods: [DELETE]
requirements:
name: '[a-z0-9\-\.]+'
console_api_objects_list:
path: /api/buckets/{bucketName}/objects path: /api/buckets/{bucketName}/objects
controller: App\Controller\ConsoleApiController::objects controller: App\Controller\ConsoleApiController::listObjects
methods: [GET, POST, DELETE] methods: [GET]
requirements: requirements:
bucketName: '[a-z0-9\-\.]+' bucketName: '[a-z0-9\-\.]+'
console_api_object_detail: console_api_create_object:
path: /api/buckets/{bucketName}/objects
controller: App\Controller\ConsoleApiController::createObject
methods: [POST]
requirements:
bucketName: '[a-z0-9\-\.]+'
console_api_delete_objects:
path: /api/buckets/{bucketName}/objects
controller: App\Controller\ConsoleApiController::deleteObjects
methods: [DELETE]
requirements:
bucketName: '[a-z0-9\-\.]+'
console_api_object_get:
path: /api/buckets/{bucketName}/objects/{objectKey} path: /api/buckets/{bucketName}/objects/{objectKey}
controller: App\Controller\ConsoleApiController::objectDetail controller: App\Controller\ConsoleApiController::getObject
methods: [GET, DELETE] methods: [GET]
requirements:
bucketName: '[a-z0-9\-\.]+'
objectKey: '.+'
console_api_object_delete:
path: /api/buckets/{bucketName}/objects/{objectKey}
controller: App\Controller\ConsoleApiController::deleteObject
methods: [DELETE]
requirements:
bucketName: '[a-z0-9\-\.]+'
objectKey: '.+'
console_api_presigned_upload:
path: /api/buckets/{bucketName}/objects/{objectKey}/presigned-upload
controller: App\Controller\ConsoleApiController::createPresignedUpload
methods: [POST]
requirements: requirements:
bucketName: '[a-z0-9\-\.]+' bucketName: '[a-z0-9\-\.]+'
objectKey: '.+' objectKey: '.+'
@@ -45,10 +106,15 @@ console_api_multipart_uploads:
requirements: requirements:
bucketName: '[a-z0-9\-\.]+' bucketName: '[a-z0-9\-\.]+'
console_api_presigned_urls: console_api_presigned_urls_list:
path: /api/presigned-urls path: /api/presigned-urls
controller: App\Controller\ConsoleApiController::presignedUrls controller: App\Controller\ConsoleApiController::listPresignedUrls
methods: [GET, POST] methods: [GET]
console_api_presigned_urls_create:
path: /api/presigned-urls
controller: App\Controller\ConsoleApiController::createPresignedUrl
methods: [POST]
console_api_stats: console_api_stats:
path: /api/stats path: /api/stats
@@ -56,10 +122,15 @@ console_api_stats:
methods: [GET] methods: [GET]
# Console Authentication Routes # Console Authentication Routes
console_login: console_login_form:
path: /console/login path: /console/login
controller: App\Controller\ConsoleController::login controller: App\Controller\ConsoleController::loginForm
methods: [GET, POST] methods: [GET]
console_login_submit:
path: /console/login
controller: App\Controller\ConsoleController::loginSubmit
methods: [POST]
console_logout: console_logout:
path: /console/logout path: /console/logout

680
src/Controller/ConsoleApiController.php
View File

@@ -28,174 +28,202 @@ class ConsoleApiController extends AbstractController
} }
// Credentials Management // Credentials Management
public function credentials(Request $request): JsonResponse public function listCredentials(Request $request): JsonResponse
{ {
if ($resp = $this->checkAuth($request)) { $resp = $this->checkAuth($request);
if ($resp !== null) {
return $resp; return $resp;
} }
if ($request->getMethod() === 'GET') {
$credentials = $this->entityManager->getRepository(S3Credential::class)->findAll();
return new JsonResponse([ $credentials = $this->entityManager->getRepository(S3Credential::class)->findAll();
'credentials' => array_map(function($cred) {
return [
'id' => $cred->getId(),
'access_key' => $cred->getAccessKey(),
'user_name' => $cred->getUserName(),
'is_active' => $cred->isActive(),
'created_at' => $cred->getCreatedAt()->format('Y-m-d H:i:s'),
'bucket_count' => $cred->getBuckets()->count()
];
}, $credentials)
]);
}
if ($request->getMethod() === 'POST') { return new JsonResponse([
$data = json_decode($request->getContent(), true); 'credentials' => array_map(function($cred) {
return [
$accessKey = $data['access_key'] ?? 'AKIA' . strtoupper(bin2hex(random_bytes(10))); 'id' => $cred->getId(),
$secretKey = $data['secret_key'] ?? base64_encode(random_bytes(30)); 'access_key' => $cred->getAccessKey(),
$userName = $data['user_name'] ?? null; 'user_name' => $cred->getUserName(),
'is_active' => $cred->isActive(),
$credential = $this->s3Service->createCredential($accessKey, $secretKey, $userName); 'created_at' => $cred->getCreatedAt()->format('Y-m-d H:i:s'),
'bucket_count' => $cred->getBuckets()->count()
return new JsonResponse([ ];
'id' => $credential->getId(), }, $credentials)
'access_key' => $credential->getAccessKey(), ]);
'secret_key' => $credential->getSecretKey(),
'user_name' => $credential->getUserName(),
'is_active' => $credential->isActive(),
'created_at' => $credential->getCreatedAt()->format('Y-m-d H:i:s')
], 201);
}
return new JsonResponse(['error' => 'Method not allowed'], 405);
} }
public function credentialDetail(int $id, Request $request): JsonResponse public function createCredential(Request $request): JsonResponse
{ {
if ($resp = $this->checkAuth($request)) { $resp = $this->checkAuth($request);
if ($resp !== null) {
return $resp; return $resp;
} }
$data = json_decode($request->getContent(), true);
$accessKey = $data['access_key'] ?? 'AKIA' . strtoupper(bin2hex(random_bytes(10)));
$secretKey = $data['secret_key'] ?? base64_encode(random_bytes(30));
$userName = $data['user_name'] ?? null;
$credential = $this->s3Service->createCredential($accessKey, $secretKey, $userName);
return new JsonResponse([
'id' => $credential->getId(),
'access_key' => $credential->getAccessKey(),
'secret_key' => $credential->getSecretKey(),
'user_name' => $credential->getUserName(),
'is_active' => $credential->isActive(),
'created_at' => $credential->getCreatedAt()->format('Y-m-d H:i:s')
], 201);
}
public function getCredential(int $id, Request $request): JsonResponse
{
$authResp = $this->checkAuth($request);
if ($authResp !== null) {
return $authResp;
}
$credential = $this->entityManager->getRepository(S3Credential::class)->find($id); $credential = $this->entityManager->getRepository(S3Credential::class)->find($id);
if (!$credential) { if (!$credential) {
return new JsonResponse(['error' => 'Credential not found'], 404); return new JsonResponse(['error' => 'Credential not found'], 404);
} }
if ($request->getMethod() === 'GET') { return new JsonResponse([
return new JsonResponse([ 'id' => $credential->getId(),
'id' => $credential->getId(), 'access_key' => $credential->getAccessKey(),
'access_key' => $credential->getAccessKey(), 'secret_key' => $credential->getSecretKey(),
'secret_key' => $credential->getSecretKey(), 'user_name' => $credential->getUserName(),
'user_name' => $credential->getUserName(), 'is_active' => $credential->isActive(),
'is_active' => $credential->isActive(), 'created_at' => $credential->getCreatedAt()->format('Y-m-d H:i:s'),
'created_at' => $credential->getCreatedAt()->format('Y-m-d H:i:s'), 'buckets' => array_map(function($bucket) {
'buckets' => array_map(function($bucket) { return [
return [ 'name' => $bucket->getName(),
'name' => $bucket->getName(), 'region' => $bucket->getRegion(),
'region' => $bucket->getRegion(), 'created_at' => $bucket->getCreatedAt()->format('Y-m-d H:i:s')
'created_at' => $bucket->getCreatedAt()->format('Y-m-d H:i:s') ];
]; }, $credential->getBuckets()->toArray())
}, $credential->getBuckets()->toArray()) ]);
]); }
public function updateCredential(int $id, Request $request): JsonResponse
{
$authResp = $this->checkAuth($request);
if ($authResp !== null) {
return $authResp;
}
$credential = $this->entityManager->getRepository(S3Credential::class)->find($id);
if (!$credential) {
return new JsonResponse(['error' => 'Credential not found'], 404);
} }
if ($request->getMethod() === 'PUT') { $data = json_decode($request->getContent(), true);
$data = json_decode($request->getContent(), true);
if (isset($data['user_name'])) { if (isset($data['user_name'])) {
$credential->setUserName($data['user_name']); $credential->setUserName($data['user_name']);
} }
if (isset($data['is_active'])) { if (isset($data['is_active'])) {
$credential->setIsActive($data['is_active']); $credential->setIsActive($data['is_active']);
}
$this->entityManager->flush();
return new JsonResponse(['message' => 'Credential updated']);
} }
if ($request->getMethod() === 'DELETE') { $this->entityManager->flush();
$this->entityManager->remove($credential);
$this->entityManager->flush();
return new JsonResponse(['message' => 'Credential deleted']); return new JsonResponse(['message' => 'Credential updated']);
}
public function deleteCredential(int $id, Request $request): JsonResponse
{
$authResp = $this->checkAuth($request);
if ($authResp !== null) {
return $authResp;
}
$credential = $this->entityManager->getRepository(S3Credential::class)->find($id);
if (!$credential) {
return new JsonResponse(['error' => 'Credential not found'], 404);
} }
return new JsonResponse(['error' => 'Method not allowed'], 405); $this->entityManager->remove($credential);
$this->entityManager->flush();
return new JsonResponse(['message' => 'Credential deleted']);
} }
// Buckets Management // Buckets Management
public function buckets(Request $request): JsonResponse public function listBuckets(Request $request): JsonResponse
{ {
if ($resp = $this->checkAuth($request)) { $authResp = $this->checkAuth($request);
return $resp; if ($authResp !== null) {
} return $authResp;
if ($request->getMethod() === 'GET') {
$buckets = $this->entityManager->getRepository(S3Bucket::class)->findAll();
return new JsonResponse([
'buckets' => array_map(function($bucket) {
$objectCount = $this->entityManager->getRepository(S3Object::class)->count(['bucket' => $bucket]);
$totalSize = $this->entityManager->createQueryBuilder()
->select('SUM(o.size)')
->from(S3Object::class, 'o')
->where('o.bucket = :bucket')
->setParameter('bucket', $bucket)
->getQuery()
->getSingleScalarResult() ?: 0;
return [
'name' => $bucket->getName(),
'region' => $bucket->getRegion(),
'owner' => $bucket->getOwner()->getUserName() ?: $bucket->getOwner()->getAccessKey(),
'created_at' => $bucket->getCreatedAt()->format('Y-m-d H:i:s'),
'object_count' => $objectCount,
'total_size' => $totalSize,
'total_size_human' => $this->formatBytes($totalSize)
];
}, $buckets)
]);
} }
if ($request->getMethod() === 'POST') { $buckets = $this->entityManager->getRepository(S3Bucket::class)->findAll();
$data = json_decode($request->getContent(), true);
$bucketName = $data['name'] ?? null; return new JsonResponse([
$ownerId = $data['owner_id'] ?? null; 'buckets' => array_map(function($bucket) {
$region = $data['region'] ?? ($_ENV['APP_REGION'] ?? 'us-east-1'); $objectCount = $this->entityManager->getRepository(S3Object::class)->count(['bucket' => $bucket]);
$totalSize = $this->entityManager->createQueryBuilder()
->select('SUM(o.size)')
->from(S3Object::class, 'o')
->where('o.bucket = :bucket')
->setParameter('bucket', $bucket)
->getQuery()
->getSingleScalarResult() ?: 0;
if (!$bucketName || !$ownerId) { return [
return new JsonResponse(['error' => 'Missing bucket name or owner'], 400);
}
$owner = $this->entityManager->getRepository(S3Credential::class)->find($ownerId);
if (!$owner) {
return new JsonResponse(['error' => 'Owner not found'], 404);
}
try {
$bucket = $this->s3Service->createBucket($bucketName, $owner, $region);
return new JsonResponse([
'name' => $bucket->getName(), 'name' => $bucket->getName(),
'region' => $bucket->getRegion(), 'region' => $bucket->getRegion(),
'owner' => $bucket->getOwner()->getUserName() ?: $bucket->getOwner()->getAccessKey(), 'owner' => $bucket->getOwner()->getUserName() ?: $bucket->getOwner()->getAccessKey(),
'created_at' => $bucket->getCreatedAt()->format('Y-m-d H:i:s') 'created_at' => $bucket->getCreatedAt()->format('Y-m-d H:i:s'),
], 201); 'object_count' => $objectCount,
} catch (\Exception $e) { 'total_size' => $totalSize,
return new JsonResponse(['error' => $e->getMessage()], 400); 'total_size_human' => $this->formatBytes($totalSize)
} ];
} }, $buckets)
]);
return new JsonResponse(['error' => 'Method not allowed'], 405);
} }
public function bucketDetail(string $name, Request $request): JsonResponse public function createBucket(Request $request): JsonResponse
{ {
if ($resp = $this->checkAuth($request)) { $authResp = $this->checkAuth($request);
return $resp; if ($authResp !== null) {
return $authResp;
}
$data = json_decode($request->getContent(), true);
$bucketName = $data['name'] ?? null;
$ownerId = $data['owner_id'] ?? null;
$region = $data['region'] ?? ($_ENV['APP_REGION'] ?? 'us-east-1');
if (!$bucketName || !$ownerId) {
return new JsonResponse(['error' => 'Missing bucket name or owner'], 400);
}
$owner = $this->entityManager->getRepository(S3Credential::class)->find($ownerId);
if (!$owner) {
return new JsonResponse(['error' => 'Owner not found'], 404);
}
try {
$bucket = $this->s3Service->createBucket($bucketName, $owner, $region);
return new JsonResponse([
'name' => $bucket->getName(),
'region' => $bucket->getRegion(),
'owner' => $bucket->getOwner()->getUserName() ?: $bucket->getOwner()->getAccessKey(),
'created_at' => $bucket->getCreatedAt()->format('Y-m-d H:i:s')
], 201);
} catch (\Exception $e) {
return new JsonResponse(['error' => $e->getMessage()], 400);
}
}
public function getBucket(string $name, Request $request): JsonResponse
{
$authResp = $this->checkAuth($request);
if ($authResp !== null) {
return $authResp;
} }
$bucket = $this->s3Service->findBucketByName($name); $bucket = $this->s3Service->findBucketByName($name);
@@ -203,49 +231,57 @@ class ConsoleApiController extends AbstractController
return new JsonResponse(['error' => 'Bucket not found'], 404); return new JsonResponse(['error' => 'Bucket not found'], 404);
} }
if ($request->getMethod() === 'GET') { $objects = $this->s3Service->listObjects($bucket);
$objects = $this->s3Service->listObjects($bucket); $totalSize = array_sum(array_map(fn($obj) => $obj->getSize(), $objects));
$totalSize = array_sum(array_map(fn($obj) => $obj->getSize(), $objects));
return new JsonResponse([ return new JsonResponse([
'name' => $bucket->getName(), 'name' => $bucket->getName(),
'region' => $bucket->getRegion(), 'region' => $bucket->getRegion(),
'owner' => $bucket->getOwner()->getUserName() ?: $bucket->getOwner()->getAccessKey(), 'owner' => $bucket->getOwner()->getUserName() ?: $bucket->getOwner()->getAccessKey(),
'created_at' => $bucket->getCreatedAt()->format('Y-m-d H:i:s'), 'created_at' => $bucket->getCreatedAt()->format('Y-m-d H:i:s'),
'object_count' => count($objects), 'object_count' => count($objects),
'total_size' => $totalSize, 'total_size' => $totalSize,
'total_size_human' => $this->formatBytes($totalSize), 'total_size_human' => $this->formatBytes($totalSize),
'objects' => array_map(function($obj) { 'objects' => array_map(function($obj) {
return [ return [
'key' => $obj->getObjectKey(), 'key' => $obj->getObjectKey(),
'size' => $obj->getSize(), 'size' => $obj->getSize(),
'size_human' => $this->formatBytes($obj->getSize()), 'size_human' => $this->formatBytes($obj->getSize()),
'content_type' => $obj->getContentType(), 'content_type' => $obj->getContentType(),
'etag' => $obj->getEtag(), 'etag' => $obj->getEtag(),
'is_multipart' => $obj->isMultipart(), 'is_multipart' => $obj->isMultipart(),
'created_at' => $obj->getCreatedAt()->format('Y-m-d H:i:s') 'created_at' => $obj->getCreatedAt()->format('Y-m-d H:i:s')
]; ];
}, $objects) }, $objects)
]); ]);
}
public function deleteBucket(string $name, Request $request): JsonResponse
{
$authResp = $this->checkAuth($request);
if ($authResp !== null) {
return $authResp;
}
$bucket = $this->s3Service->findBucketByName($name);
if (!$bucket) {
return new JsonResponse(['error' => 'Bucket not found'], 404);
} }
if ($request->getMethod() === 'DELETE') { try {
try { $this->s3Service->deleteBucket($bucket);
$this->s3Service->deleteBucket($bucket); return new JsonResponse(['message' => 'Bucket deleted']);
return new JsonResponse(['message' => 'Bucket deleted']); } catch (\Exception $e) {
} catch (\Exception $e) { return new JsonResponse(['error' => $e->getMessage()], 400);
return new JsonResponse(['error' => $e->getMessage()], 400);
}
} }
return new JsonResponse(['error' => 'Method not allowed'], 405);
} }
// Objects Management // Objects Management
public function objects(string $bucketName, Request $request): JsonResponse public function listObjects(string $bucketName, Request $request): JsonResponse
{ {
if ($resp = $this->checkAuth($request)) { $authResp = $this->checkAuth($request);
return $resp; if ($authResp !== null) {
return $authResp;
} }
$bucket = $this->s3Service->findBucketByName($bucketName); $bucket = $this->s3Service->findBucketByName($bucketName);
@@ -253,48 +289,95 @@ class ConsoleApiController extends AbstractController
return new JsonResponse(['error' => 'Bucket not found'], 404); return new JsonResponse(['error' => 'Bucket not found'], 404);
} }
if ($request->getMethod() === 'GET') { $prefix = $request->query->get('prefix', '');
$prefix = $request->query->get('prefix', ''); $objects = $this->s3Service->listObjects($bucket, $prefix);
$objects = $this->s3Service->listObjects($bucket, $prefix);
return new JsonResponse([ return new JsonResponse([
'objects' => array_map(function($obj) { 'objects' => array_map(function($obj) {
return [ return [
'key' => $obj->getObjectKey(), 'key' => $obj->getObjectKey(),
'size' => $obj->getSize(), 'size' => $obj->getSize(),
'size_human' => $this->formatBytes($obj->getSize()), 'size_human' => $this->formatBytes($obj->getSize()),
'content_type' => $obj->getContentType(), 'content_type' => $obj->getContentType(),
'etag' => $obj->getEtag(), 'etag' => $obj->getEtag(),
'is_multipart' => $obj->isMultipart(), 'is_multipart' => $obj->isMultipart(),
'created_at' => $obj->getCreatedAt()->format('Y-m-d H:i:s') 'created_at' => $obj->getCreatedAt()->format('Y-m-d H:i:s')
]; ];
}, $objects) }, $objects)
]); ]);
}
if ($request->getMethod() === 'DELETE') {
$data = json_decode($request->getContent(), true);
$keys = $data['keys'] ?? [];
$deleted = [];
foreach ($keys as $key) {
$object = $this->s3Service->findObject($bucket, $key);
if ($object) {
$this->s3Service->deleteObject($object);
$deleted[] = $key;
}
}
return new JsonResponse(['deleted' => $deleted]);
}
return new JsonResponse(['error' => 'Method not allowed'], 405);
} }
public function objectDetail(string $bucketName, string $objectKey, Request $request): JsonResponse public function createObject(string $bucketName, Request $request): JsonResponse
{ {
if ($resp = $this->checkAuth($request)) { $authResp = $this->checkAuth($request);
return $resp; if ($authResp !== null) {
return $authResp;
}
$bucket = $this->s3Service->findBucketByName($bucketName);
if (!$bucket) {
return new JsonResponse(['error' => 'Bucket not found'], 404);
}
$objectKey = $request->headers->get('X-Object-Key')
?? $request->query->get('key')
?? $request->request->get('object_key');
if (empty($objectKey)) {
return new JsonResponse(['error' => 'Missing object key'], 400);
}
$contentType = $request->headers->get('Content-Type', 'application/octet-stream');
$file = $request->files->get('file');
if ($file instanceof \Symfony\Component\HttpFoundation\File\UploadedFile) {
$contentType = $file->getMimeType() ?: $contentType;
$content = file_get_contents($file->getPathname());
} else {
$content = $request->getContent();
}
$object = $this->s3Service->putObject($bucket, $objectKey, $content, $contentType);
return new JsonResponse([
'key' => $object->getObjectKey(),
'etag' => $object->getEtag(),
'size' => $object->getSize(),
'content_type' => $object->getContentType()
], 201);
}
public function deleteObjects(string $bucketName, Request $request): JsonResponse
{
$authResp = $this->checkAuth($request);
if ($authResp !== null) {
return $authResp;
}
$bucket = $this->s3Service->findBucketByName($bucketName);
if (!$bucket) {
return new JsonResponse(['error' => 'Bucket not found'], 404);
}
$data = json_decode($request->getContent(), true);
$keys = $data['keys'] ?? [];
$deleted = [];
foreach ($keys as $key) {
$object = $this->s3Service->findObject($bucket, $key);
if ($object) {
$this->s3Service->deleteObject($object);
$deleted[] = $key;
}
}
return new JsonResponse(['deleted' => $deleted]);
}
public function getObject(string $bucketName, string $objectKey, Request $request): JsonResponse
{
$authResp = $this->checkAuth($request);
if ($authResp !== null) {
return $authResp;
} }
$bucket = $this->s3Service->findBucketByName($bucketName); $bucket = $this->s3Service->findBucketByName($bucketName);
@@ -308,35 +391,83 @@ class ConsoleApiController extends AbstractController
return new JsonResponse(['error' => 'Object not found'], 404); return new JsonResponse(['error' => 'Object not found'], 404);
} }
if ($request->getMethod() === 'GET') { return new JsonResponse([
return new JsonResponse([ 'key' => $object->getObjectKey(),
'key' => $object->getObjectKey(), 'size' => $object->getSize(),
'size' => $object->getSize(), 'size_human' => $this->formatBytes($object->getSize()),
'size_human' => $this->formatBytes($object->getSize()), 'content_type' => $object->getContentType(),
'content_type' => $object->getContentType(), 'etag' => $object->getEtag(),
'etag' => $object->getEtag(), 'is_multipart' => $object->isMultipart(),
'is_multipart' => $object->isMultipart(), 'part_count' => $object->getPartCount(),
'part_count' => $object->getPartCount(), 'metadata' => $object->getMetadata(),
'metadata' => $object->getMetadata(), 'storage_path' => $object->getStoragePath(),
'storage_path' => $object->getStoragePath(), 'created_at' => $object->getCreatedAt()->format('Y-m-d H:i:s'),
'created_at' => $object->getCreatedAt()->format('Y-m-d H:i:s'), 'updated_at' => $object->getUpdatedAt()->format('Y-m-d H:i:s')
'updated_at' => $object->getUpdatedAt()->format('Y-m-d H:i:s') ]);
]); }
public function deleteObject(string $bucketName, string $objectKey, Request $request): JsonResponse
{
$authResp = $this->checkAuth($request);
if ($authResp !== null) {
return $authResp;
}
$bucket = $this->s3Service->findBucketByName($bucketName);
if (!$bucket) {
return new JsonResponse(['error' => 'Bucket not found'], 404);
} }
if ($request->getMethod() === 'DELETE') { $object = $this->s3Service->findObject($bucket, $objectKey);
$this->s3Service->deleteObject($object);
return new JsonResponse(['message' => 'Object deleted']); if (!$object) {
return new JsonResponse(['error' => 'Object not found'], 404);
} }
return new JsonResponse(['error' => 'Method not allowed'], 405); $this->s3Service->deleteObject($object);
return new JsonResponse(['message' => 'Object deleted']);
}
public function createPresignedUpload(string $bucketName, string $objectKey, Request $request): JsonResponse
{
$resp = $this->checkAuth($request);
if (!empty($resp)) {
return $resp;
}
$bucket = $this->s3Service->findBucketByName($bucketName);
if (!$bucket) {
return new JsonResponse(['error' => 'Bucket not found'], 404);
}
$data = json_decode($request->getContent(), true);
$accessKey = $data['access_key'] ?? null;
$expiresIn = $data['expires_in'] ?? 3600;
$contentType = $data['content_type'] ?? 'application/octet-stream';
if (!$accessKey) {
return new JsonResponse(['error' => 'Missing access key'], 400);
}
$credential = $this->s3Service->findCredentialByAccessKey($accessKey);
if (!$credential) {
return new JsonResponse(['error' => 'Invalid access key'], 404);
}
// Create placeholder object
$this->s3Service->putObject($bucket, $objectKey, '', $contentType);
$url = $this->s3Service->generatePresignedUrl($bucketName, $objectKey, $credential, 'PUT', $expiresIn);
return new JsonResponse(['url' => $url], 201);
} }
// Multipart Uploads // Multipart Uploads
public function multipartUploads(string $bucketName, Request $request): JsonResponse public function multipartUploads(string $bucketName, Request $request): JsonResponse
{ {
if ($resp = $this->checkAuth($request)) { $authResp = $this->checkAuth($request);
return $resp; if ($authResp !== null) {
return $authResp;
} }
$bucket = $this->s3Service->findBucketByName($bucketName); $bucket = $this->s3Service->findBucketByName($bucketName);
@@ -366,67 +497,72 @@ class ConsoleApiController extends AbstractController
} }
// Presigned URLs // Presigned URLs
public function presignedUrls(Request $request): JsonResponse public function listPresignedUrls(Request $request): JsonResponse
{ {
if ($resp = $this->checkAuth($request)) { $authResp = $this->checkAuth($request);
return $resp; if ($authResp !== null) {
} return $authResp;
if ($request->getMethod() === 'GET') {
$urls = $this->entityManager->getRepository(\App\Entity\S3PresignedUrl::class)
->createQueryBuilder('p')
->where('p.expiresAt > :now')
->setParameter('now', new \DateTime())
->orderBy('p.createdAt', 'DESC')
->setMaxResults(100)
->getQuery()
->getResult();
return new JsonResponse([
'urls' => array_map(function($url) {
return [
'bucket_name' => $url->getBucketName(),
'object_key' => $url->getObjectKey(),
'method' => $url->getMethod(),
'access_key' => $url->getAccessKey(),
'expires_at' => $url->getExpiresAt()->format('Y-m-d H:i:s'),
'created_at' => $url->getCreatedAt()->format('Y-m-d H:i:s'),
'url' => $url->getUrl()
];
}, $urls)
]);
} }
if ($request->getMethod() === 'POST') { $urls = $this->entityManager->getRepository(\App\Entity\S3PresignedUrl::class)
$data = json_decode($request->getContent(), true); ->createQueryBuilder('p')
->where('p.expiresAt > :now')
->setParameter('now', new \DateTime())
->orderBy('p.createdAt', 'DESC')
->setMaxResults(100)
->getQuery()
->getResult();
$bucketName = $data['bucket_name'] ?? null; return new JsonResponse([
$objectKey = $data['object_key'] ?? null; 'urls' => array_map(function($url) {
$method = $data['method'] ?? 'GET'; return [
$expiresIn = $data['expires_in'] ?? 3600; 'bucket_name' => $url->getBucketName(),
$accessKey = $data['access_key'] ?? null; 'object_key' => $url->getObjectKey(),
'method' => $url->getMethod(),
'access_key' => $url->getAccessKey(),
'expires_at' => $url->getExpiresAt()->format('Y-m-d H:i:s'),
'created_at' => $url->getCreatedAt()->format('Y-m-d H:i:s'),
'url' => $url->getUrl()
];
}, $urls)
]);
}
if (!$bucketName || !$objectKey || !$accessKey) { public function createPresignedUrl(Request $request): JsonResponse
return new JsonResponse(['error' => 'Missing required fields'], 400); {
} $authResp = $this->checkAuth($request);
if ($authResp !== null) {
$credential = $this->s3Service->findCredentialByAccessKey($accessKey); return $authResp;
if (!$credential) {
return new JsonResponse(['error' => 'Invalid access key'], 404);
}
$url = $this->s3Service->generatePresignedUrl($bucketName, $objectKey, $credential, $method, $expiresIn);
return new JsonResponse(['url' => $url], 201);
} }
return new JsonResponse(['error' => 'Method not allowed'], 405); $data = json_decode($request->getContent(), true);
$bucketName = $data['bucket_name'] ?? null;
$objectKey = $data['object_key'] ?? null;
$method = $data['method'] ?? 'GET';
$expiresIn = $data['expires_in'] ?? 3600;
$accessKey = $data['access_key'] ?? null;
if (!$bucketName || !$objectKey || !$accessKey) {
return new JsonResponse(['error' => 'Missing required fields'], 400);
}
$credential = $this->s3Service->findCredentialByAccessKey($accessKey);
if (!$credential) {
return new JsonResponse(['error' => 'Invalid access key'], 404);
}
$url = $this->s3Service->generatePresignedUrl($bucketName, $objectKey, $credential, $method, $expiresIn);
return new JsonResponse(['url' => $url], 201);
} }
// Statistics // Statistics
public function stats(Request $request): JsonResponse public function stats(Request $request): JsonResponse
{ {
if ($resp = $this->checkAuth($request)) { $authResp = $this->checkAuth($request);
return $resp; if ($authResp !== null) {
return $authResp;
} }
$credentialCount = $this->entityManager->getRepository(S3Credential::class)->count([]); $credentialCount = $this->entityManager->getRepository(S3Credential::class)->count([]);
$bucketCount = $this->entityManager->getRepository(S3Bucket::class)->count([]); $bucketCount = $this->entityManager->getRepository(S3Bucket::class)->count([]);

32
src/Controller/ConsoleController.php
View File

@@ -18,28 +18,32 @@ class ConsoleController extends AbstractController
return $this->render('console/index.html.twig'); return $this->render('console/index.html.twig');
} }
public function login(Request $request): Response public function loginForm(Request $request): Response
{ {
if ($request->getSession()->get('console_logged_in')) { if ($request->getSession()->get('console_logged_in')) {
return new RedirectResponse('/console'); return new RedirectResponse('/console');
} }
$error = null; return $this->render('console/login.html.twig', ['error' => null]);
if ($request->isMethod('POST')) { }
$user = $request->request->get('username');
$pass = $request->request->get('password');
$envUser = $_ENV['CONSOLE_USER'] ?? 'admin';
$envPass = $_ENV['CONSOLE_PASS'] ?? 'password';
if ($user === $envUser && $pass === $envPass) { public function loginSubmit(Request $request): Response
$request->getSession()->set('console_logged_in', true); {
return new RedirectResponse('/console'); if ($request->getSession()->get('console_logged_in')) {
} return new RedirectResponse('/console');
$error = 'Invalid credentials';
} }
return $this->render('console/login.html.twig', ['error' => $error]); $user = $request->request->get('username');
$pass = $request->request->get('password');
$envUser = $_ENV['CONSOLE_USER'] ?? 'admin';
$envPass = $_ENV['CONSOLE_PASS'] ?? 'password';
if ($user === $envUser && $pass === $envPass) {
$request->getSession()->set('console_logged_in', true);
return new RedirectResponse('/console');
}
return $this->render('console/login.html.twig', ['error' => 'Invalid credentials']);
} }
public function logout(Request $request): Response public function logout(Request $request): Response

52
templates/console/index.html.twig
View File

@@ -529,9 +529,12 @@
<div x-show="selectedBucket" class="card"> <div x-show="selectedBucket" class="card">
<div class="card-header"> <div class="card-header">
Objects Objects
<div> <div style="display: flex; gap: 0.5rem;">
<input x-model="objectSearch" @input="filterObjects()" <input x-model="objectSearch" @input="filterObjects()"
placeholder="Search objects..." class="search-input"> placeholder="Search objects..." class="search-input">
<button @click="showUploadModal = true" class="btn btn-primary btn-sm">
<i class="fas fa-upload"></i> Upload
</button>
</div> </div>
</div> </div>
<div class="card-body"> <div class="card-body">
@@ -630,6 +633,27 @@
</div> </div>
</div> </div>
<!-- Upload Object Modal -->
<div x-show="showUploadModal" x-cloak class="modal" @click.self="showUploadModal = false">
<div class="modal-content">
<h3 style="margin-bottom: 1rem;">Upload Object</h3>
<form @submit.prevent="uploadObject()">
<div class="form-group">
<label class="form-label">Object Key</label>
<input x-model="uploadKey" type="text" class="form-input" placeholder="path/to/file.txt" required>
</div>
<div class="form-group">
<label class="form-label">Select File</label>
<input type="file" @change="uploadFile = $event.target.files[0]" class="form-input" required>
</div>
<div style="display: flex; gap: 1rem; justify-content: flex-end;">
<button type="button" @click="showUploadModal = false" class="btn btn-secondary">Cancel</button>
<button type="submit" class="btn btn-primary">Upload</button>
</div>
</form>
</div>
</div>
<!-- Create Credential Modal --> <!-- Create Credential Modal -->
<div x-show="showCreateCredentialModal" x-cloak class="modal" @click.self="showCreateCredentialModal = false"> <div x-show="showCreateCredentialModal" x-cloak class="modal" @click.self="showCreateCredentialModal = false">
<div class="modal-content"> <div class="modal-content">
@@ -775,6 +799,7 @@
showCreateCredentialModal: false, showCreateCredentialModal: false,
showCreateBucketModal: false, showCreateBucketModal: false,
showCreatePresignedModal: false, showCreatePresignedModal: false,
showUploadModal: false,
// Forms // Forms
newCredential: { newCredential: {
@@ -794,6 +819,8 @@
expires_in: 3600, expires_in: 3600,
access_key: '' access_key: ''
}, },
uploadFile: null,
uploadKey: '',
init() { init() {
this.loadStats(); this.loadStats();
@@ -1003,6 +1030,29 @@
} }
}, },
async uploadObject() {
if (!this.uploadFile || !this.uploadKey) return;
try {
await fetch(`/api/buckets/${this.selectedBucket.name}/objects?key=${encodeURIComponent(this.uploadKey)}`, {
method: 'POST',
headers: {
'Content-Type': this.uploadFile.type || 'application/octet-stream',
'X-Object-Key': this.uploadKey
},
body: this.uploadFile
});
this.showMessage('Object uploaded successfully!');
this.showUploadModal = false;
this.uploadFile = null;
this.uploadKey = '';
this.viewBucket(this.selectedBucket.name);
} catch (error) {
console.error('Failed to upload object:', error);
this.showMessage('Upload failed', 'error');
}
},
async viewCredential(credential) { async viewCredential(credential) {
// Could open a modal with full credential details // Could open a modal with full credential details
alert(`Access Key: ${credential.access_key}\nUser: ${credential.user_name || 'N/A'}\nStatus: ${credential.is_active ? 'Active' : 'Inactive'}`); alert(`Access Key: ${credential.access_key}\nUser: ${credential.user_name || 'N/A'}\nStatus: ${credential.is_active ? 'Active' : 'Inactive'}`);

44
templates/openapi/openapi.yaml
View File

@@ -589,6 +589,32 @@ paths:
application/json: application/json:
schema: schema:
$ref: '#/components/schemas/CreatePresignedUrlResponse' $ref: '#/components/schemas/CreatePresignedUrlResponse'
/api/buckets/{bucketName}/objects/{objectKey}/presigned-upload:
parameters:
- $ref: '#/components/parameters/BucketName'
- $ref: '#/components/parameters/ObjectKey'
post:
operationId: createPresignedUpload
tags:
- Management - Presigned URLs
summary: Create presigned upload URL
description: Creates an empty object and returns a presigned URL for uploading content
security:
- ApiKey: []
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/CreatePresignedUploadRequest'
responses:
'201':
description: Presigned URL created
content:
application/json:
schema:
$ref: '#/components/schemas/CreatePresignedUrlResponse'
components: components:
schemas: schemas:
CreatePresignedUrlResponse: CreatePresignedUrlResponse:
@@ -597,6 +623,24 @@ components:
url: url:
type: string type: string
example: /my-bucket/file.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIOSFODNN7EXAMPLE%2F20230115%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230115T103000Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=abc123&hash=def456 example: /my-bucket/file.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIOSFODNN7EXAMPLE%2F20230115%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230115T103000Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=abc123&hash=def456
CreatePresignedUploadRequest:
type: object
required:
- access_key
properties:
access_key:
type: string
example: "AKIAIOSFODNN7EXAMPLE"
expires_in:
type: integer
minimum: 1
maximum: 604800
default: 3600
example: 3600
content_type:
type: string
default: "application/octet-stream"
example: "image/jpeg"
ObjectSummary: ObjectSummary:
type: object type: object
properties: properties:

26
templates/openapi/paths.yaml
View File

@@ -580,3 +580,29 @@
application/json: application/json:
schema: schema:
$ref: './schemas.yaml#/CreatePresignedUrlResponse' $ref: './schemas.yaml#/CreatePresignedUrlResponse'
/api/buckets/{bucketName}/objects/{objectKey}/presigned-upload:
parameters:
- $ref: './parameters.yaml#/BucketName'
- $ref: './parameters.yaml#/ObjectKey'
post:
operationId: createPresignedUpload
tags:
- Management - Presigned URLs
summary: Create presigned upload URL
description: Creates an empty object and returns a presigned URL for uploading content
security:
- ApiKey: []
requestBody:
required: true
content:
application/json:
schema:
$ref: './schemas.yaml#/CreatePresignedUploadRequest'
responses:
'201':
description: Presigned URL created
content:
application/json:
schema:
$ref: './schemas.yaml#/CreatePresignedUrlResponse'

19
templates/openapi/schemas.yaml
View File

@@ -628,6 +628,25 @@ CreatePresignedUrlRequest:
type: string type: string
example: "AKIAIOSFODNN7EXAMPLE" example: "AKIAIOSFODNN7EXAMPLE"
CreatePresignedUploadRequest:
type: object
required:
- access_key
properties:
access_key:
type: string
example: "AKIAIOSFODNN7EXAMPLE"
expires_in:
type: integer
minimum: 1
maximum: 604800
default: 3600
example: 3600
content_type:
type: string
default: "application/octet-stream"
example: "image/jpeg"
CreatePresignedUrlResponse: CreatePresignedUrlResponse:
type: object type: object
properties: properties: