Controllers/api/v1/media/thumbnails.php

@@ -7,13 +7,13 @@
  */
 namespace Minds\Controllers\api\v1\media;
 
+use Minds\Api\Factory;
+use Minds\Common;
 use Minds\Core;
 use Minds\Core\Di\Di;
-use Minds\Helpers;
+use Minds\Core\Features\Manager as FeaturesManager;
 use Minds\Entities;
 use Minds\Interfaces;
-use Minds\Api\Factory;
-use Minds\Core\Features\Manager as FeaturesManager;
 
 class thumbnails implements Interfaces\Api, Interfaces\ApiIgnorePam
 {
@@ -29,24 +29,33 @@ class thumbnails implements Interfaces\Api, Interfaces\ApiIgnorePam
             exit;
         }
 
-        $featuresManager = new FeaturesManager();
+        $guid = $pages[0];
 
-        if ($featuresManager->has('cdn-jwt')) {
-            error_log("{$_SERVER['REQUEST_URI']} was hit, and should not have been");
+        Core\Security\ACL::$ignore = true;
+
+        $size = isset($pages[1]) ? $pages[1] : null;
+
+        $last_cache = isset($pages[2]) ? $pages[2] : time();
+
+        $entity = Entities\Factory::build($guid);
 
+        if (!$entity) {
             return Factory::response([
                 'status' => 'error',
-                'message' => 'This endpoint has been deprecated. Please use fs/v1/thumbnail',
+                'message' => 'Entity not found'
             ]);
         }
 
-        $guid = $pages[0];
-
-        Core\Security\ACL::$ignore = true;
+        $featuresManager = new FeaturesManager();
 
-        $size = isset($pages[1]) ? $pages[1] : null;
+        if ($entity->access_id !== Common\Access::PUBLIC && $featuresManager->has('cdn-jwt')) {
+            error_log("{$_SERVER['REQUEST_URI']} was hit, and should not have been");
 
-        $last_cache = isset($pages[2]) ? $pages[2] : time();
+            return Factory::response([
+                'status' => 'error',
+                'message' => 'This endpoint has been deprecated. Please use fs/v1/thumbnail',
+            ]);
+        }
 
         $etag = $last_cache . $guid;
         if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) == $etag) {
@@ -54,7 +63,7 @@ class thumbnails implements Interfaces\Api, Interfaces\ApiIgnorePam
             exit;
         }
 
-        $thumbnail = Di::_()->get('Media\Thumbnails')->get($guid, $size);
+        $thumbnail = Di::_()->get('Media\Thumbnails')->get($entity, $size);
 
         if ($thumbnail instanceof \ElggFile) {
             $thumbnail->open('read');

Controllers/fs/v1/thumbnail.php

@@ -4,10 +4,13 @@
  */
 namespace Minds\Controllers\fs\v1;
 
+use Minds\Api\Factory;
+use Minds\Common;
 use Minds\Core;
 use Minds\Core\Di\Di;
-use Minds\Interfaces;
 use Minds\Core\Features\Manager as FeaturesManager;
+use Minds\Entities;
+use Minds\Interfaces;
 use Minds\Helpers\File;
 
 class thumbnail extends Core\page implements Interfaces\page
@@ -18,9 +21,30 @@ class thumbnail extends Core\page implements Interfaces\page
             exit;
         }
 
+        Core\Security\ACL::$ignore = true;
+        $guid = $pages[0] ?? null;
+
+        if (!$guid) {
+            return Factory::response([
+                'status' => 'error',
+                'message' => 'guid must be provided'
+            ]);
+        }
+
+        $size = isset($pages[1]) ? $pages[1] : null;
+
+        $entity = Entities\Factory::build($guid);
+
+        if (!$entity) {
+            return Factory::response([
+                'status' => 'error',
+                'message' => 'Entity not found'
+            ]);
+        }
+
         $featuresManager = new FeaturesManager;
 
-        if ($featuresManager->has('cdn-jwt')) {
+        if ($entity->access_id !== Common\Access::PUBLIC && $featuresManager->has('cdn-jwt')) {
             $signedUri = new Core\Security\SignedUri();
             $uri = (string) \Zend\Diactoros\ServerRequestFactory::fromGlobals()->getUri();
             if (!$signedUri->confirm($uri)) {
@@ -31,9 +55,8 @@ class thumbnail extends Core\page implements Interfaces\page
         /** @var Core\Media\Thumbnails $mediaThumbnails */
         $mediaThumbnails = Di::_()->get('Media\Thumbnails');
 
-        Core\Security\ACL::$ignore = true;
-        $size = isset($pages[1]) ? $pages[1] : null;
-        $thumbnail = $mediaThumbnails->get($pages[0], $size);
+
+        $thumbnail = $mediaThumbnails->get($entity, $size);
 
         if ($thumbnail instanceof \ElggFile) {
             $thumbnail->open('read');

Core/Media/Image/Manager.php

@@ -64,7 +64,10 @@ class Manager
         }
 
         $uri = $this->config->get('cdn_url') . 'fs/v1/thumbnail/' . $asset_guid . '/' . $size;
-        $uri = $this->signUri($uri);
+
+        if ($entity->access_id !== ACCESS_PUBLIC) {
+            $uri = $this->signUri($uri);
+        }
 
         return $uri;
     }

Core/Media/Thumbnails.php

@@ -8,16 +8,27 @@ use Minds\Entities;
 
 class Thumbnails
 {
+    /** @var Core\Config */
     protected $config;
+    /** @var Core\EntitiesBuilder */
+    protected $entitiesBuilder;
 
-    public function __construct($config = null)
+    public function __construct($config = null, $entitiesBuilder = null)
     {
         $this->config = $config ?: Di::_()->get('Config');
+        $this->entitiesBuilder = $entitiesBuilder ?: Di::_()->get('EntitiesBuilder');
     }
 
-    public function get($guid, $size)
+    /**
+     * @param $entity Entities\Entity|string
+     * @param $size
+     * @return bool|\ElggFile|mixed|string
+     */
+    public function get($entity, $size)
     {
-        $entity = Entities\Factory::build($guid);
+        if (is_string($entity)) {
+            $entity = $this->entitiesBuilder->build($entity);
+        }
         if (!$entity || !Core\Security\ACL::_()->read($entity)) {
             return false;
         }

Core/Media/Video/Manager.php

@@ -4,15 +4,13 @@
  */
 namespace Minds\Core\Media\Video;
 
+use Aws\S3\S3Client;
+use Minds\Common;
 use Minds\Core\Config;
 use Minds\Core\Di\Di;
-use Minds\Core\Session;
-use Minds\Entities\Entity;
 use Minds\Entities\Activity;
-use Minds\Entities\Image;
+use Minds\Entities\Entity;
 use Minds\Entities\Video;
-use Minds\Core\Comments\Comment;
-use Aws\S3\S3Client;
 
 class Manager
 {
@@ -64,7 +62,12 @@ class Manager
         if (!$cmd) {
             return null;
         }
+        if ($entity->access_id !== Common\Access::PUBLIC) {
+            $url = (string)$this->s3->createPresignedRequest($cmd, '+48 hours')->getUri();
+        } else {
+            $url = $this->config->get('cinemr_url') . $entity->cinemr_guid . '/' . $size;
+        }
 
-        return (string) $this->s3->createPresignedRequest($cmd, '+48 hours')->getUri();
+        return $url;
     }
 }

Spec/Core/Media/Image/ManagerSpec.php

@@ -33,6 +33,7 @@ class ManagerSpec extends ObjectBehavior
     {
         $activity = new Activity();
         $activity->set('entity_guid', 123);
+        $activity->set('access_id', ACCESS_PRIVATE);
         $this->config->get('cdn_url')
             ->willReturn('https://minds.dev/');
         $uri = 'https://minds.dev/fs/v1/thumbnail/123/xlarge';
@@ -42,10 +43,22 @@ class ManagerSpec extends ObjectBehavior
             ->shouldBe('signed url will be here');
     }
 
+    public function it_should_return_unsigned_public_asset_uri()
+    {
+        $activity = new Activity();
+        $activity->set('entity_guid', 123);
+        $activity->set('access_id', ACCESS_PUBLIC);
+        $this->config->get('cdn_url')
+            ->willReturn('https://minds.dev/');
+        $this->getPublicAssetUri($activity)
+            ->shouldBe('https://minds.dev/fs/v1/thumbnail/123/xlarge');
+    }
+
     public function it_should_return_public_asset_uri_for_image()
     {
         $entity = new Image();
         $entity->set('guid', 123);
+        $entity->set('access_id', ACCESS_PRIVATE);
         $this->config->get('cdn_url')
             ->willReturn('https://minds.dev/');
         $uri = 'https://minds.dev/fs/v1/thumbnail/123/xlarge';
@@ -55,10 +68,22 @@ class ManagerSpec extends ObjectBehavior
             ->shouldBe('signed url will be here');
     }
 
+    public function it_should_return_an_unsigned_url_for_an_image()
+    {
+        $entity = new Image();
+        $entity->set('guid', 123);
+        $entity->set('access_id', ACCESS_PUBLIC);
+        $this->config->get('cdn_url')
+            ->willReturn('https://minds.dev/');
+        $this->getPublicAssetUri($entity)
+            ->shouldBe('https://minds.dev/fs/v1/thumbnail/123/xlarge');
+    }
+
     public function it_should_return_public_asset_uri_for_video()
     {
         $entity = new Video();
         $entity->set('guid', 123);
+        $entity->set('access_id', ACCESS_PRIVATE);
         $this->config->get('cdn_url')
             ->willReturn('https://minds.dev/');
         $uri = 'https://minds.dev/fs/v1/thumbnail/123/xlarge';
@@ -68,6 +93,19 @@ class ManagerSpec extends ObjectBehavior
             ->shouldBe('signed url will be here');
     }
 
+    public function it_should_return_unsigned_public_asset_uri_for_video()
+    {
+        $entity = new Video();
+        $entity->set('guid', 123);
+        $entity->set('access_id', ACCESS_PUBLIC);
+        $this->config->get('cdn_url')
+            ->willReturn('https://minds.dev/');
+        $uri = 'https://minds.dev/fs/v1/thumbnail/123/xlarge';
+        $this->getPublicAssetUri($entity)
+            ->shouldBe('https://minds.dev/fs/v1/thumbnail/123/xlarge');
+    }
+
+
     public function it_should_return_public_asset_uri_for_comment()
     {
         $entity = new Comment();
@@ -80,4 +118,15 @@ class ManagerSpec extends ObjectBehavior
         $this->getPublicAssetUri($entity)
             ->shouldBe('signed url will be here');
     }
+
+    public function it_should_return_unsigned_public_asset_uri_for_comment()
+    {
+        $entity = new Comment();
+        $entity->setAttachment('attachment_guid', '123');
+        $entity->access_id = ACCESS_PUBLIC;
+        $this->config->get('cdn_url')
+            ->willReturn('https://minds.dev/');
+        $this->getPublicAssetUri($entity)
+            ->shouldBe('https://minds.dev/fs/v1/thumbnail/123/xlarge');
+    }
 }

Spec/Core/Media/Video/ManagerSpec.php

@@ -27,7 +27,7 @@ class ManagerSpec extends ObjectBehavior
         $this->shouldHaveType(Manager::class);
     }
 
-    public function it_should_get_a_720p_video(RequestInterface $request, \Aws\CommandInterface $cmd)
+    public function it_should_get_a_signed_720p_video_url(RequestInterface $request, \Aws\CommandInterface $cmd)
     {
         $this->config->get('transcoder')
             ->willReturn([
@@ -39,22 +39,60 @@ class ManagerSpec extends ObjectBehavior
                 'useRoles' => true,
             ]);
 
+        $this->config->get('cinemr_url')
+            ->willReturn('https://url.com/cinemr');
+
         $this->s3->getCommand('GetObject', [
             'Bucket' => 'cinemr',
             'Key' => 'dir/123/720.mp4'
         ])
             ->shouldBeCalled()
             ->willReturn($cmd);
-        
+
         $request->getUri()
             ->willReturn('s3-signed-url-here');
-            
+
         $this->s3->createPresignedRequest(Argument::any(), Argument::any())
             ->willReturn($request);
 
         $video = new Video();
         $video->set('cinemr_guid', 123);
+        $video->set('access_id', ACCESS_PRIVATE);
         $this->getPublicAssetUri($video, '720.mp4')
             ->shouldBe('s3-signed-url-here');
     }
+
+    public function it_should_get_an_unsigned_720p_video_url(RequestInterface $request, \Aws\CommandInterface $cmd)
+    {
+        $this->config->get('transcoder')
+            ->willReturn([
+                'dir' => 'dir',
+            ]);
+        $this->config->get('aws')
+            ->willReturn([
+                'region' => 'us-east-1',
+                'useRoles' => true,
+            ]);
+
+        $this->config->get('cinemr_url')
+            ->willReturn('https://url.com/cinemr');
+
+        $this->s3->getCommand('GetObject', [
+            'Bucket' => 'cinemr',
+            'Key' => 'dir/123/720.mp4'
+        ])
+            ->shouldBeCalled()
+            ->willReturn($cmd);
+
+        $request->getUri()
+            ->willReturn('s3-signed-url-here');
+
+        $this->s3->createPresignedRequest(Argument::any(), Argument::any())
+            ->willReturn($request);
+
+        $video = new Video();
+        $video->set('cinemr_guid', 123);
+        $this->getPublicAssetUri($video, '720.mp4')
+            ->shouldBe('https://url.com/cinemr123/720.mp4');
+    }
 }