Adding optional random-generated IDs for anonymous access to uploaded files.

Author: krulis-martin

app/model/entity/ExerciseFile.php

@@ -76,8 +76,8 @@ public function __construct(
         int $fileSize,
         string $hashName,
         ?User $user,
-        Exercise $exercise = null,
-        Pipeline $pipeline = null
+        ?Exercise $exercise = null,
+        ?Pipeline $pipeline = null
     ) {
         parent::__construct($name, $uploadedAt, $fileSize, $user);
         $this->hashName = $hashName;

app/model/entity/UploadedFile.php

@@ -47,9 +47,19 @@ public function getFileExtension(): string
 
     /**
      * @ORM\Column(type="boolean")
+     * If true, the file is accessible to all logged-in users.
+     * This is useful for files associated with entries like exercises.
      */
     protected $isPublic;
 
+    /**
+     * External identification (used in URL) that allows for accessing the file without authentication.
+     * If empty, the file is not accessible this way.
+     * The identifier should be a generated random string.
+     * @ORM\Column(type="string", length=16, nullable=true, unique=true)
+     */
+    protected $external = null;
+
     /**
      * @ORM\Column(type="integer")
      */
@@ -113,6 +123,31 @@ public function isPublic()
         return $this->isPublic;
     }
 
+    public function setPublic(bool $isPublic): void
+    {
+        $this->isPublic = $isPublic;
+    }
+
+    public function getExternal(): ?string
+    {
+        return $this->external;
+    }
+
+    public function setExternal(?string $external): void
+    {
+        $this->external = $external;
+    }
+
+    /**
+     * Generate a random external ID for this file which uses only URL-safe characters.
+     */
+    public function generateRandomExternalId(): void
+    {
+        // the + and / characters are replaced to make the string URL-safe without the need for encoding
+        // (base64 encoding uses A-Z, a-z, 0-9, +, /)
+        $this->external = str_replace(['+', '/'], ['-', '$'], base64_encode(random_bytes(12)));
+    }
+
     /**
      * Retrieve a corresponding file object from file storage.
      * @param FileStorageManager $manager the storage that retrieves the file

migrations/Version20251113182809.php

@@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Migrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Auto-generated Migration: Please modify to your needs!
+ */
+final class Version20251113182809 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return '';
+    }
+
+    public function up(Schema $schema): void
+    {
+        // this up() migration is auto-generated, please modify it to your needs
+        $this->addSql('ALTER TABLE uploaded_file ADD external VARCHAR(16) DEFAULT NULL');
+        $this->addSql('CREATE UNIQUE INDEX UNIQ_B40DF75D5852A1B8 ON uploaded_file (external)');
+    }
+
+    public function down(Schema $schema): void
+    {
+        // this down() migration is auto-generated, please modify it to your needs
+        $this->addSql('DROP INDEX UNIQ_B40DF75D5852A1B8 ON `uploaded_file`');
+        $this->addSql('ALTER TABLE `uploaded_file` DROP external');
+    }
+}