Close all 25 codex audit findings and add KMP contract tests

Remediate all P0-S priority findings from cross-platform architecture audit: - Add input validation and authorization checks across handlers - Harden social auth (Apple/Google) token validation - Add document ownership verification and file type validation - Add rate limiting config and CORS origin restrictions - Add subscription tier enforcement in handlers - Add OpenAPI 3.0.3 spec (81 schemas, 104 operations) - Add URL-level contract test (KMP API routes match spec paths) - Add model-level contract test (65 schemas, 464 fields validated) - Add CI workflow for backend tests Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-18 13:15:07 -06:00
parent 215e7c895d
commit bb7493f033
23 changed files with 6549 additions and 43 deletions
--- a/internal/handlers/document_handler.go
+++ b/internal/handlers/document_handler.go
@@ -241,3 +241,67 @@ func (h *DocumentHandler) DeactivateDocument(c echo.Context) error {
 	}
 	return c.JSON(http.StatusOK, map[string]interface{}{"message": "Document deactivated successfully", "document": response})
 }
+
+// UploadDocumentImage handles POST /api/documents/:id/images/
+func (h *DocumentHandler) UploadDocumentImage(c echo.Context) error {
+	user := c.Get(middleware.AuthUserKey).(*models.User)
+	documentID, err := strconv.ParseUint(c.Param("id"), 10, 32)
+	if err != nil {
+		return apperrors.BadRequest("error.invalid_document_id")
+	}
+
+	// Parse multipart form
+	if err := c.Request().ParseMultipartForm(32 << 20); err != nil {
+		return apperrors.BadRequest("error.failed_to_parse_form")
+	}
+
+	// Look for file in common field names
+	var uploadedFile *multipart.FileHeader
+	for _, fieldName := range []string{"image", "file"} {
+		if file, err := c.FormFile(fieldName); err == nil {
+			uploadedFile = file
+			break
+		}
+	}
+
+	if uploadedFile == nil {
+		return apperrors.BadRequest("error.no_file_provided")
+	}
+
+	if h.storageService == nil {
+		return apperrors.Internal(nil)
+	}
+
+	result, err := h.storageService.Upload(uploadedFile, "images")
+	if err != nil {
+		return apperrors.BadRequest("error.failed_to_upload_file")
+	}
+
+	caption := c.FormValue("caption")
+
+	response, err := h.documentService.UploadDocumentImage(uint(documentID), user.ID, result.URL, caption)
+	if err != nil {
+		return err
+	}
+	return c.JSON(http.StatusCreated, response)
+}
+
+// DeleteDocumentImage handles DELETE /api/documents/:id/images/:imageId/
+func (h *DocumentHandler) DeleteDocumentImage(c echo.Context) error {
+	user := c.Get(middleware.AuthUserKey).(*models.User)
+	documentID, err := strconv.ParseUint(c.Param("id"), 10, 32)
+	if err != nil {
+		return apperrors.BadRequest("error.invalid_document_id")
+	}
+
+	imageID, err := strconv.ParseUint(c.Param("imageId"), 10, 32)
+	if err != nil {
+		return apperrors.BadRequest("error.invalid_image_id")
+	}
+
+	response, err := h.documentService.DeleteDocumentImage(uint(documentID), uint(imageID), user.ID)
+	if err != nil {
+		return err
+	}
+	return c.JSON(http.StatusOK, response)
+}