byte5digital
diff --git a/‎.env.example‎
Lines changed: 9 additions & 0 deletions b/‎.env.example‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 49 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 49 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 1 addition & 0 deletions b/‎README.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎app/Http/Controllers/Api/MediaCollectionController.php‎
Lines changed: 200 additions & 0 deletions b/‎app/Http/Controllers/Api/MediaCollectionController.php‎
Lines changed: 200 additions & 0 deletions
@@ -83,3 +83,12 @@ AI_COST_MONTHLY_LIMIT=500
 AI_AUTO_PUBLISH_SCORE=80
 AI_HUMAN_GATE_TIMEOUT=48
 AI_CONTENT_REFRESH_DAYS=30
+
+# ── Media Library & DAM ──────────────────────────
+# MEDIA_AI_TAGGING: Enable automatic AI-based image tagging (default: false)
+# Uses Claude vision to analyze images and suggest tags.
+MEDIA_AI_TAGGING=false
+
+# CDN_ENABLED: Enable public API endpoints for CDN delivery (default: true)
+# Provides /v1/public/media/* endpoints for headless frontends
+CDN_ENABLED=true
@@ -42,6 +42,55 @@ One-click content repurposing to 8 formats with AI-powered tone preservation and
 ---
 ## [Unreleased]
 
+## [0.8.0] — 2026-03-15
+
+### Added
+
+**Media Library & Digital Asset Management** ([Discussion #4](https://github.com/byte5digital/numen/discussions/4))
+
+A complete digital asset management (DAM) system for organizing, tagging, editing, and serving media assets. Built for multi-format content delivery and CDN integration.
+
+**Features:**
+
+- **Folders & Collections** — Organize assets hierarchically using adjacency-list folders. Create smart collections with powerful filtering and bulk operations.
+- **Drag-and-drop Upload** — Metadata extraction (MIME type, dimensions, file size, duration) on ingest. Progress tracking and batch upload support.
+- **AI Auto-tagging (opt-in)** — Enable `MEDIA_AI_TAGGING` environment variable to automatically tag images using Claude vision. Powered by Anthropic API; all costs logged to `AIGenerationLog`.
+- **Image Editing** — Crop, rotate, and resize images via `MediaEditController`. Changes create new variants; originals are preserved.
+- **Automatic Variant Generation** — On upload, generate `thumb` (150×150), `medium` (600×600), and `large` (1600×1600) variants. WebP format with configurable quality. Stored locally or on S3 (via `FILESYSTEM_DISK`).
+- **Usage Tracking** — Query which content items reference a specific asset. Prevents accidental deletion of in-use media.
+- **Public Headless API** — `/v1/public/media` endpoints (no auth required) with throttle protection (120 req/min). Perfect for headless frontends and CDN edge caching.
+- **Full REST API** — Complete CRUD operations on assets, folders, and collections. Bearer token auth via Sanctum.
+- **MediaPicker Vue Component** — Integrates with content editor for seamless asset selection during content creation.
+
+**Environment Variables (new):**
+
+- `MEDIA_AI_TAGGING` — Enable automatic AI-based image tagging (default: `false`)
+- `CDN_ENABLED` — Enable public CDN delivery endpoints (default: `true`)
+
+**API Endpoints:**
+
+*Authenticated (requires Bearer token):*
+- `GET /v1/media` — List all assets
+- `POST /v1/media` — Upload asset (20 req/min throttle)
+- `GET /v1/media/{asset}` — Fetch asset details
+- `PATCH /v1/media/{asset}` — Update asset metadata
+- `DELETE /v1/media/{asset}` — Delete asset
+- `PATCH /v1/media/{asset}/move` — Move to folder
+- `GET /v1/media/{asset}/usage` — Show usage in content
+- `POST /v1/media/{asset}/edit` — Edit (crop/rotate/resize)
+- `GET /v1/media/{asset}/variants` — List generated variants
+- `GET|POST /v1/media/folders` — CRUD folders
+- `PATCH /v1/media/folders/{folder}/move` — Move folder
+- `GET|POST|PATCH|DELETE /v1/media/collections` — CRUD collections
+- `POST|DELETE /v1/media/collections/{collection}/items` — Manage collection items
+
+*Public (no auth):*
+- `GET /v1/public/media` — List public assets (120 req/min throttle)
+- `GET /v1/public/media/{asset}` — Fetch public asset
+- `GET /v1/public/media/collections/{collection}` — Fetch collection
+
+---
+
 ### Planned
 - Remove legacy `numen.anthropic` config block (duplicates `numen.providers.anthropic`)
 - `AgentContract` interface extracted from `Agent` abstract class
 
@@ -97,6 +97,7 @@ Role-based access control (Admin, Editor, Author, Viewer) with space-scoped perm
 
 - **Provider abstraction** — swap Anthropic ↔ OpenAI ↔ Azure without touching pipeline code. Fallback chain auto-retries on rate limits.
 - **Multi-provider image generation** — Four image providers supported: OpenAI (GPT Image 1.5 / DALL-E 3), Together AI (FLUX models), fal.ai (FLUX / SD3.5 / Recraft), and Replicate (any model). An `ImagePromptBuilder` (powered by Haiku) crafts optimized prompts from content metadata; images are downloaded, stored as `MediaAsset` records, and attached to content. The active provider is configured per-persona via `generator_provider` / `generator_model`.
+- **Media Library & Digital Asset Management** — Organize media assets into folders and collections with drag-and-drop upload. Automatic metadata extraction (MIME, dimensions, file size), optional AI auto-tagging via Claude vision, and image editing (crop/rotate/resize). Automatic variant generation (thumbnail, medium, large) for web delivery. Public headless API (`/v1/public/media`) for CDN edge caching; full REST API with Sanctum auth. MediaPicker Vue component for seamless integration with content editor. Usage tracking prevents accidental deletion of in-use assets.
 - **RBAC with AI governance** — role-based access control (Admin, Editor, Author, Viewer) with space-scoped permissions, AI budget limits per role, and immutable audit logs. Tokens inherit a subset of user permissions. No external dependencies — Numen's own implementation.
 - **Pipeline-as-config** — stages defined in DB, not hardcoded. Add/remove/reorder stages without deploying code. Supports `human_gate` stages for manual review checkpoints.
 - **Block-based content** — every piece of content is a collection of typed `ContentBlock` records. Flexible for headless delivery.
 
@@ -0,0 +1,200 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Http\Controllers\Controller;
+use App\Models\MediaAsset;
+use App\Services\AuthorizationService;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Str;
+
+class MediaCollectionController extends Controller
+{
+    public function __construct(private readonly AuthorizationService $authz) {}
+
+    /**
+     * List all collections for a space.
+     * GET /v1/media/collections?space_id=...
+     */
+    public function index(Request $request): JsonResponse
+    {
+        $request->validate([
+            'space_id' => ['required', 'ulid', 'exists:spaces,id'],
+        ]);
+
+        $spaceId = $request->input('space_id');
+        $this->authz->authorize($request->user(), 'media.read', $spaceId);
+
+        $collections = DB::table('media_collections')
+            ->where('space_id', $spaceId)
+            ->orderBy('name')
+            ->get()
+            ->map(function ($col) {
+                $col->items_count = DB::table('media_collection_items')
+                    ->where('collection_id', $col->id)
+                    ->count();
+
+                return $col;
+            });
+
+        return response()->json(['data' => $collections]);
+    }
+
+    /**
+     * Create a new collection.
+     * POST /v1/media/collections
+     */
+    public function store(Request $request): JsonResponse
+    {
+        $data = $request->validate([
+            'space_id' => ['required', 'ulid', 'exists:spaces,id'],
+            'name' => ['required', 'string', 'max:255'],
+            'description' => ['nullable', 'string', 'max:1000'],
+            'is_smart' => ['boolean'],
+            'criteria' => ['nullable', 'array'],
+        ]);
+
+        $this->authz->authorize($request->user(), 'media.update', $data['space_id']);
+
+        $id = DB::table('media_collections')->insertGetId([
+            'space_id' => $data['space_id'],
+            'name' => $data['name'],
+            'slug' => Str::slug($data['name']),
+            'description' => $data['description'] ?? null,
+            'is_smart' => $data['is_smart'] ?? false,
+            'criteria' => isset($data['criteria']) ? json_encode($data['criteria']) : null,
+            'created_at' => now(),
+            'updated_at' => now(),
+        ]);
+
+        $collection = DB::table('media_collections')->find($id);
+
+        return response()->json(['data' => $collection], 201);
+    }
+
+    /**
+     * Get a single collection with its items.
+     * GET /v1/media/collections/{collection}
+     */
+    public function show(Request $request, int $collection): JsonResponse
+    {
+        $col = DB::table('media_collections')->where('id', $collection)->first();
+        abort_unless($col !== null, 404);
+
+        $this->authz->authorize($request->user(), 'media.read', $col->space_id);
+
+        $items = MediaAsset::join('media_collection_items', 'media_assets.id', '=', 'media_collection_items.media_asset_id')
+            ->where('media_collection_items.collection_id', $collection)
+            ->orderBy('media_collection_items.sort_order')
+            ->select('media_assets.*', 'media_collection_items.sort_order', 'media_collection_items.added_at')
+            ->get()
+            ->map(fn ($a) => array_merge($a->toArray(), ['url' => $a->url]));
+
+        return response()->json([
+            'data' => $col,
+            'items' => $items,
+        ]);
+    }
+
+    /**
+     * Rename / update a collection.
+     * PATCH /v1/media/collections/{collection}
+     */
+    public function update(Request $request, int $collection): JsonResponse
+    {
+        $col = DB::table('media_collections')->where('id', $collection)->first();
+        abort_unless($col !== null, 404);
+
+        $this->authz->authorize($request->user(), 'media.update', $col->space_id);
+
+        $data = $request->validate([
+            'name' => ['sometimes', 'string', 'max:255'],
+            'description' => ['nullable', 'string', 'max:1000'],
+            'criteria' => ['nullable', 'array'],
+        ]);
+
+        $patch = ['updated_at' => now()];
+        if (isset($data['name'])) {
+            $patch['name'] = $data['name'];
+            $patch['slug'] = Str::slug($data['name']);
+        }
+        if (array_key_exists('description', $data)) {
+            $patch['description'] = $data['description'];
+        }
+        if (array_key_exists('criteria', $data)) {
+            $patch['criteria'] = json_encode($data['criteria']);
+        }
+
+        DB::table('media_collections')->where('id', $collection)->update($patch);
+
+        return response()->json(['data' => DB::table('media_collections')->find($collection)]);
+    }
+
+    /**
+     * Delete a collection.
+     * DELETE /v1/media/collections/{collection}
+     */
+    public function destroy(Request $request, int $collection): JsonResponse
+    {
+        $col = DB::table('media_collections')->where('id', $collection)->first();
+        abort_unless($col !== null, 404);
+
+        $this->authz->authorize($request->user(), 'media.delete', $col->space_id);
+
+        DB::table('media_collections')->where('id', $collection)->delete();
+
+        return response()->json(null, 204);
+    }
+
+    /**
+     * Add an asset to a collection.
+     * POST /v1/media/collections/{collection}/items
+     */
+    public function addItem(Request $request, int $collection): JsonResponse
+    {
+        $col = DB::table('media_collections')->where('id', $collection)->first();
+        abort_unless($col !== null, 404);
+
+        $this->authz->authorize($request->user(), 'media.update', $col->space_id);
+
+        $data = $request->validate([
+            'media_asset_id' => ['required', 'string', 'exists:media_assets,id'],
+            'sort_order' => ['integer'],
+        ]);
+
+        // Verify asset belongs to the same space as the collection
+        MediaAsset::where('id', $data['media_asset_id'])
+            ->where('space_id', $col->space_id)
+            ->firstOrFail();
+
+        DB::table('media_collection_items')->insertOrIgnore([
+            'collection_id' => $collection,
+            'media_asset_id' => $data['media_asset_id'],
+            'sort_order' => $data['sort_order'] ?? 0,
+            'added_at' => now(),
+        ]);
+
+        return response()->json(['message' => 'Asset added to collection.'], 201);
+    }
+
+    /**
+     * Remove an asset from a collection.
+     * DELETE /v1/media/collections/{collection}/items/{asset}
+     */
+    public function removeItem(Request $request, int $collection, string $asset): JsonResponse
+    {
+        $col = DB::table('media_collections')->where('id', $collection)->first();
+        abort_unless($col !== null, 404);
+
+        $this->authz->authorize($request->user(), 'media.update', $col->space_id);
+
+        DB::table('media_collection_items')
+            ->where('collection_id', $collection)
+            ->where('media_asset_id', $asset)
+            ->delete();
+
+        return response()->json(null, 204);
+    }
+}