Conversation
* Update environment variable for photo storage location * Modify ApiController and UploadService to use new path * Adjust tests and documentation to reflect changes
* Adjust memory limit in composer.json for PHPStan command * Set memory limit in GrumPHP configuration for PHPStan
* Implemented a new route for fetching photos. * Added access control for authenticated users. * Returns a BinaryFileResponse for valid photo requests. * Throws a 404 error if the photo does not exist.
* Implements SecureImage to fetch and display images with authorization. * Replaces direct image tag in UserCard with SecureImage for enhanced security.
* Change environment variable for upload folder to use lowercase * Update ApiController and UploadService to use new upload folder format * Ensure correct path concatenation for file operations
* Replace <img> tag with <SecureImage> for enhanced image security * Ensure consistent styling and functionality in PhotoUploadModal
* Add imageCache utility to manage cached image URLs * Modify SecureImage to utilize imageCache for improved performance * Prevent unnecessary fetches by checking cache before loading images
* Add session storage caching for users list * Clear image cache when updating or deleting user photos * Update user state management to reflect changes in cache
* Implement cache expiration for user data in sessionStorage * Store timestamp alongside user data to manage cache validity * Prevent unnecessary fetches when cache is still valid
* Enhanced photo management section to include upload and deletion capabilities. * Added details on secure photo serving via JWT. * Clarified user permissions for profile photo modifications. * Updated caching information for user data and images. * Improved descriptions for search and infinite scroll functionalities. * Included new environment variables for application configuration.
* Adjust temporary directory structure for uploads * Ensure saved paths are correctly set for uploaded photos
* Changed the upload directory path to use a parameterized value. * Improved code maintainability by avoiding hardcoded paths.
* Implement test for successful photo retrieval * Implement test for 404 response when photo not found
* Implement tests for voting logic in UserPhotoVoter * Cover scenarios for unauthenticated users, admins, owners, and other users
* Update test for unauthorized access to return JSON response with error details. * Add tests for path traversal attempts to ensure no sensitive files are leaked. * Verify correct MIME type for WebP images in photo retrieval.
* Set UPLOAD_FOLDER in .env.test for test environment * Refactor ApiControllerTest to use the new upload folder parameter * Clean up uploaded files after each test
Cold-FR
added a commit
that referenced
this pull request
Mar 16, 2026
* feat(upload): change photo storage path to var/uploads/photos * Update environment variable for photo storage location * Modify ApiController and UploadService to use new path * Adjust tests and documentation to reflect changes * feat(grumphp): update memory limit for PHPStan analysis * Adjust memory limit in composer.json for PHPStan command * Set memory limit in GrumPHP configuration for PHPStan * feat(api): add endpoint to retrieve photos by filename * Implemented a new route for fetching photos. * Added access control for authenticated users. * Returns a BinaryFileResponse for valid photo requests. * Throws a 404 error if the photo does not exist. * feat(ui): add SecureImage component for protected images * Implements SecureImage to fetch and display images with authorization. * Replaces direct image tag in UserCard with SecureImage for enhanced security. * feat(upload): update upload folder configuration and paths * Change environment variable for upload folder to use lowercase * Update ApiController and UploadService to use new upload folder format * Ensure correct path concatenation for file operations * feat(ui): integrate SecureImage component for previews * Replace <img> tag with <SecureImage> for enhanced image security * Ensure consistent styling and functionality in PhotoUploadModal * feat(ui): implement image caching for SecureImage component * Add imageCache utility to manage cached image URLs * Modify SecureImage to utilize imageCache for improved performance * Prevent unnecessary fetches by checking cache before loading images * feat(users): implement user caching and image cache invalidation * Add session storage caching for users list * Clear image cache when updating or deleting user photos * Update user state management to reflect changes in cache * feat(users): add caching with TTL for user data * Implement cache expiration for user data in sessionStorage * Store timestamp alongside user data to manage cache validity * Prevent unnecessary fetches when cache is still valid * feat(ui): update footer to use consistent app title * feat(docs): update README with new features and clarifications * Enhanced photo management section to include upload and deletion capabilities. * Added details on secure photo serving via JWT. * Clarified user permissions for profile photo modifications. * Updated caching information for user data and images. * Improved descriptions for search and infinite scroll functionalities. * Included new environment variables for application configuration. * test(upload): update UploadServiceTest for photo uploads * Adjust temporary directory structure for uploads * Ensure saved paths are correctly set for uploaded photos * refactor(test): update upload directory path in ApiControllerTest * Changed the upload directory path to use a parameterized value. * Improved code maintainability by avoiding hardcoded paths. * test(api): add tests for photo retrieval and 404 handling * Implement test for successful photo retrieval * Implement test for 404 response when photo not found * test(api): add test for unauthorized photo access * test(security): add tests for UserPhotoVoter functionality * Implement tests for voting logic in UserPhotoVoter * Cover scenarios for unauthenticated users, admins, owners, and other users * test(api): enhance photo access tests for security * Update test for unauthorized access to return JSON response with error details. * Add tests for path traversal attempts to ensure no sensitive files are leaked. * Verify correct MIME type for WebP images in photo retrieval. * chore(test): update upload folder configuration in tests * Set UPLOAD_FOLDER in .env.test for test environment * Refactor ApiControllerTest to use the new upload folder parameter * Clean up uploaded files after each test
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.