Draconai Documentation

dd_id_2e2a932cba
3. App Technical

File Handling

Table of Contents

Overview

  • Manages user uploads and stored files.
  • Upload metadata is stored in the uploads table.

Initiation

  • An uploads folder must exist and be non-web-accessible.
  • The uploads base path must be defined in the Paths service.
  • The uploads directory must allow upload/delete/view operations (read/write/execute permissions).
  • The init command must create the uploads folder structure first.
  • Verification test: python_custom_14 - uploads_storage (server/var_www/tests/custom_python/server_checks/uploads_storage.py).

Storage Rules

Storage

  • Store every upload under uploads/{userId}/ (per-user folders).
  • Stored filename must be the UUID from the uploads table (no original filenames in storage).
  • Original filename, extension, MIME type, and size are stored as metadata in the uploads row.
  • Uploads directory is non-public and lives at /var/www/symfony_be/uploads.
  • Profile pictures use two file types: profile_picture_original and profile_picture_cropped.
  • All uploaded images are converted to PNG during upload.
  • Verification test: python_custom_18 - profile picture upload (server/var_www/tests/custom_python/backend_profile_picture_upload.py).

User Registration

Registration

  • On user creation, ensure a per-user uploads directory exists under the uploads root.
  • Directory name must be the user UUID.
  • Create it if missing with permissions that allow upload/delete/view.
  • Log an error if creation fails.
  • Verification test: python_custom_16 - user uploads dir (server/var_www/tests/custom_python/backend_user_uploads.py).

User Deletion

Deletion

  • On user deletion, remove the per-user uploads directory (uploads/<userId>) recursively.
  • Delete all uploads table rows for that user after removing the folder.
  • Log an error if folder deletion or DB cleanup fails.
  • Reference: delete_user.md.
  • Verification test: python_custom_17 - user uploads cleanup (server/var_www/tests/custom_python/backend_user_delete_uploads.py).

Allowlist

  • Allowed file types: text files, common images, PDFs.
  • Disallowed: videos, apps/executables, archives.
  • General allowlist lives in server/var_www/symfony_be/src/Service/FileHandlingService.php.
  • Profile picture allowlist lives in server/var_www/symfony_be/src/Service/FileHandlingProfileImageService.php.
  • Max upload size: 10 MB.

Upload Profile Picture

  • Feature details live in upload_profile_picture.md (ID: DOC-FILE-HANDLING-PROFILE-PICTURE).