PTS/SkyArtShop
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
dev
SkyArtShop/docs/MEDIA_LIBRARY_DATABASE_VALIDATION.md
Local Server 017c6376fc updateweb
2025-12-24 00:13:23 -06:00

6.0 KiB
Raw Permalink Blame History

Media Library Database Validation Report

Date: December 19, 2025
Status: FULLY OPERATIONAL

Database Configuration

Tables

  1. uploads (13 columns)

    • Primary Key: id (auto-increment)
    • File Info: filename, original_name, file_path, file_size, mime_type
    • Relationships: folder_id (FK to media_folders), uploaded_by (user ID)
    • Timestamps: created_at, updated_at
    • Usage Tracking: used_in_type, used_in_id

  2. media_folders (7 columns)

    • Primary Key: id (auto-increment)
    • Folder Info: name, path
    • Hierarchy: parent_id (self-referencing FK)
    • Audit: created_by, created_at, updated_at

Foreign Key Constraints

uploads.folder_id → media_folders.id

  • Delete Rule: SET NULL (files remain if folder deleted)

media_folders.parent_id → media_folders.id

  • Delete Rule: CASCADE (subfolders deleted with parent)

Indexes (9 total)

Performance optimized with indexes on:

  • uploads: id (PK), filename (UNIQUE), folder_id, created_at
  • media_folders: id (PK), parent_id, path, (parent_id, name) UNIQUE

API Endpoints

File Operations

POST /api/admin/upload - Upload files

  • Saves to: /website/uploads/
  • Database: Inserts record with file metadata
  • Rollback: Deletes physical file if DB insert fails

GET /api/admin/uploads - List files

  • Query param: folder_id (optional)
  • Returns: All files or files in specific folder

PATCH /api/admin/uploads/move - Move files

  • Updates: folder_id in database
  • Validates: Target folder exists

POST /api/admin/uploads/bulk-delete - Delete files

  • Database: Removes records
  • Physical: Deletes files from disk
  • Transaction: Both must succeed

Folder Operations

POST /api/admin/folders - Create folder

  • Sanitizes: Folder name (removes special chars)
  • Builds: Full path hierarchy
  • Validation: Unique constraint on (parent_id, name)

GET /api/admin/folders - List folders

  • Includes: File count, subfolder count
  • Sorted: By path (hierarchical order)

DELETE /api/admin/folders/:id - Delete folder

  • Option 1: Fail if not empty
  • Option 2: Cascade delete with ?delete_contents=true
  • Physical: Deletes associated files from disk

Current Database State

Statistics

  • Total Files: 2
  • Total Folders: 0
  • Database Size: Efficient (indexed)

Recent Files

  1. ID: 3 - "18496.jpg" (3.85 MB) - Root folder
  2. ID: 2 - "WhatsApp Image 2025-12-16 at 1.23.36 PM.jpeg" (110 KB) - Root folder

Data Integrity Checks

Referential Integrity

  • All folder_id references point to existing folders or NULL
  • Parent folder hierarchy is consistent
  • No orphaned records

Unique Constraints

  • Filename uniqueness enforced
  • Folder names unique within parent folder
  • Prevents duplicate uploads

Cascade Rules

  • Deleting folder sets files' folder_id to NULL (files preserved)
  • Deleting folder cascades to subfolders
  • Prevents orphaned folder structures

Transaction Safety

File Upload

1. Multer saves physical file
2. Database insert with metadata
3. IF DB fails → Physical file deleted (rollback)
4. IF success → Return file info to client

File Delete

1. Query database for filenames
2. Delete from database
3. Delete physical files
4. Success notification

Folder Delete

1. Check if folder exists
2. IF delete_contents=true:
   - Get all files in folder + subfolders
   - Delete physical files
   - Database CASCADE handles records
3. IF delete_contents=false:
   - Check for contents
   - Fail if not empty
   - Delete only if empty

Error Handling

Upload Failures

  • Invalid file type → Rejected by multer
  • DB insert fails → Physical file cleaned up
  • Disk full → Error returned, no DB record

Delete Failures

  • File not found → Logged as warning, continues
  • DB error → Transaction rolled back
  • Folder not empty → Error message returned

Move Failures

  • Invalid folder ID → 404 error
  • DB constraint violation → Descriptive error
  • No files selected → 400 error

Testing Results

Connection Test

Database connection: SUCCESSFUL

Schema Validation

uploads table: 13 columns configured correctly media_folders table: 7 columns configured correctly Foreign keys: 2 constraints properly configured Indexes: 9 indexes for optimal performance

Data Operations

Insert: Files properly saved with metadata Update: Folder assignments working Delete: Cascade rules functioning correctly Query: File counts accurate

Security

Authentication

  • All endpoints require requireAuth middleware
  • User ID tracked in uploaded_by field

Input Validation

  • File types restricted (images only)
  • File size limited (5MB per file)
  • Folder names sanitized (special chars removed)
  • SQL injection prevented (parameterized queries)

File System

  • Unique filenames prevent overwrites
  • Path traversal prevented (sanitized names)
  • Upload directory properly scoped

Performance

Database Queries

  • Indexed columns for fast lookups
  • JOIN queries optimized
  • File counts calculated efficiently

File Operations

  • Batch uploads supported (10 files max)
  • Bulk delete optimized
  • Move operations instant (DB only)

Recommendations

Current Status

All features working correctly Database properly configured Data integrity maintained Error handling comprehensive

Best Practices Implemented

Foreign key constraints Unique constraints Index optimization Transaction safety Cascade rules Soft deletes (folder_id SET NULL) Audit trail (created_at, uploaded_by)

Conclusion

<EFBFBD><EFBFBD> Media Library Database: FULLY VALIDATED

The media library is properly integrated with the PostgreSQL database. All CRUD operations (Create, Read, Update, Delete) are working correctly with proper:

  • Data persistence
  • Referential integrity
  • Transaction safety
  • Error handling
  • Performance optimization

Status: Production Ready

Reference in New Issue View Git Blame Copy Permalink