hobbyhimmel/Project-Image-Uploader
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(upload): Add consent validation and storage to batch upload

Browse Source 
- Parse consent data from request body (workshopConsent, socialMediaConsents)
- Validate workshop consent is required (400 error if missing)
- Use createGroupWithConsent() instead of createGroup()
- Pass consent data to repository for database storage
- Maintains backward compatibility with existing upload flow
- GDPR-compliant: no upload without explicit workshop consent
This commit is contained in:
Matthias Lotz 2025-11-09 21:04:50 +01:00
parent 2f86158821
commit 6ba7f7bd33
1 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
backend/src/routes/batchUpload.js
View File

@ -24,13 +24,24 @@ router.post(endpoints.UPLOAD_BATCH, async (req, res) => {
// Metadaten aus dem Request body // Metadaten aus dem Request body
let metadata = {}; let metadata = {};
let descriptions = []; let descriptions = [];
let consents = {};
try { try {
metadata = req.body.metadata ? JSON.parse(req.body.metadata) : {}; metadata = req.body.metadata ? JSON.parse(req.body.metadata) : {};
descriptions = req.body.descriptions ? JSON.parse(req.body.descriptions) : []; descriptions = req.body.descriptions ? JSON.parse(req.body.descriptions) : [];
consents = req.body.consents ? JSON.parse(req.body.consents) : {};
} catch (e) { } catch (e) {
console.error('Error parsing metadata/descriptions:', e); console.error('Error parsing metadata/descriptions/consents:', e);
metadata = { description: req.body.description || "" }; metadata = { description: req.body.description || "" };
descriptions = []; descriptions = [];
consents = {};
}
// Validiere Workshop Consent (Pflichtfeld)
if (!consents.workshopConsent) {
return res.status(400).json({
error: 'Workshop consent required',
message: 'Die Zustimmung zur Anzeige in der Werkstatt ist erforderlich'
});
} }
// Erstelle neue Upload-Gruppe mit erweiterten Metadaten // Erstelle neue Upload-Gruppe mit erweiterten Metadaten
@ -100,8 +111,8 @@ router.post(endpoints.UPLOAD_BATCH, async (req, res) => {
console.error('Preview generation failed:', err); console.error('Preview generation failed:', err);
}); });
// Speichere Gruppe in SQLite // Speichere Gruppe mit Consents in SQLite
await groupRepository.createGroup({ await groupRepository.createGroupWithConsent({
groupId: group.groupId, groupId: group.groupId,
year: group.year, year: group.year,
title: group.title, title: group.title,
@ -130,7 +141,10 @@ router.post(endpoints.UPLOAD_BATCH, async (req, res) => {
imageDescription: imageDescription ? imageDescription.slice(0, 200) : null imageDescription: imageDescription ? imageDescription.slice(0, 200) : null
}; };
}) })
}); },
consents.workshopConsent,
consents.socialMediaConsents || []
);
console.log(`Successfully saved group ${group.groupId} with ${files.length} images to database`); console.log(`Successfully saved group ${group.groupId} with ${files.length} images to database`);