ct/bmc_hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: harden case files endpoints when sag_files table/schema is missing

Browse Source
This commit is contained in:
Christian 2026-04-02 00:22:05 +02:00
parent c99790a710
commit 0edb78f2ea
1 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
app/modules/sag/backend/router.py
View File

@ -3158,11 +3158,17 @@ def _store_upload_file(upload_file: UploadFile, subdir: str):
async def list_sag_files(sag_id: int): async def list_sag_files(sag_id: int):
"""List files attached to a case.""" """List files attached to a case."""
try: try:
if not _table_exists("sag_files"):
logger.warning("⚠️ sag_files table missing - returning empty file list for SAG-%s", sag_id)
return []
order_expr = "created_at DESC" if table_has_column("sag_files", "created_at") else "id DESC"
query = """ query = """
SELECT * FROM sag_files SELECT * FROM sag_files
WHERE sag_id = %s WHERE sag_id = %s
ORDER BY created_at DESC ORDER BY {order_expr}
""" """
query = query.format(order_expr=order_expr)
files = execute_query(query, (sag_id,)) files = execute_query(query, (sag_id,))
# Add download URL # Add download URL
if files: if files:
@ -3176,6 +3182,9 @@ async def list_sag_files(sag_id: int):
@router.post("/sag/{sag_id}/files") @router.post("/sag/{sag_id}/files")
async def upload_sag_files(sag_id: int, files: List[UploadFile] = File(...)): async def upload_sag_files(sag_id: int, files: List[UploadFile] = File(...)):
"""Upload files to a case.""" """Upload files to a case."""
if not _table_exists("sag_files"):
raise HTTPException(status_code=503, detail="sag_files table is missing. Run database migrations first")
check = execute_query("SELECT id FROM sag_sager WHERE id = %s AND deleted_at IS NULL", (sag_id,)) check = execute_query("SELECT id FROM sag_sager WHERE id = %s AND deleted_at IS NULL", (sag_id,))
if not check: if not check:
raise HTTPException(status_code=404, detail="Case not found") raise HTTPException(status_code=404, detail="Case not found")
@ -3211,6 +3220,9 @@ async def download_sag_file(sag_id: int, file_id: int, download: bool = False):
Args: Args:
download: If True, force download. If False (default), display inline in browser. download: If True, force download. If False (default), display inline in browser.
""" """
if not _table_exists("sag_files"):
raise HTTPException(status_code=503, detail="sag_files table is missing. Run database migrations first")
query = "SELECT * FROM sag_files WHERE id = %s AND sag_id = %s" query = "SELECT * FROM sag_files WHERE id = %s AND sag_id = %s"
result = execute_query(query, (file_id, sag_id)) result = execute_query(query, (file_id, sag_id))
@ -3241,6 +3253,9 @@ async def download_sag_file(sag_id: int, file_id: int, download: bool = False):
@router.get("/sag/{sag_id}/files/{file_id}/preview-image") @router.get("/sag/{sag_id}/files/{file_id}/preview-image")
async def preview_sag_pdf_as_image(sag_id: int, file_id: int, page: int = Query(1, ge=1), scale: float = Query(2.8, ge=1.0, le=5.0)): async def preview_sag_pdf_as_image(sag_id: int, file_id: int, page: int = Query(1, ge=1), scale: float = Query(2.8, ge=1.0, le=5.0)):
"""Render a PDF page as PNG for consistent in-app preview sizing.""" """Render a PDF page as PNG for consistent in-app preview sizing."""
if not _table_exists("sag_files"):
raise HTTPException(status_code=503, detail="sag_files table is missing. Run database migrations first")
query = "SELECT * FROM sag_files WHERE id = %s AND sag_id = %s" query = "SELECT * FROM sag_files WHERE id = %s AND sag_id = %s"
result = execute_query(query, (file_id, sag_id)) result = execute_query(query, (file_id, sag_id))
@ -3287,6 +3302,9 @@ async def preview_sag_pdf_as_image(sag_id: int, file_id: int, page: int = Query(
@router.delete("/sag/{sag_id}/files/{file_id}") @router.delete("/sag/{sag_id}/files/{file_id}")
async def delete_sag_file(sag_id: int, file_id: int): async def delete_sag_file(sag_id: int, file_id: int):
"""Delete a file.""" """Delete a file."""
if not _table_exists("sag_files"):
raise HTTPException(status_code=503, detail="sag_files table is missing. Run database migrations first")
query = "DELETE FROM sag_files WHERE id = %s AND sag_id = %s RETURNING stored_name" query = "DELETE FROM sag_files WHERE id = %s AND sag_id = %s RETURNING stored_name"
result = execute_query(query, (file_id, sag_id)) result = execute_query(query, (file_id, sag_id))