#14 共通のサムネとタイトルの取得は完成

backend/Gemfile

@@ -51,3 +51,7 @@ end
 
 
 gem "mysql2", "~> 0.5.6"
+
+gem "image_processing", "~> 1.14"
+
+gem "nokogiri", "~> 1.18"

backend/Gemfile.lock

@@ -92,10 +92,21 @@ GEM
     drb (2.2.1)
     ed25519 (1.4.0)
     erubi (1.13.1)
+    ffi (1.17.2-aarch64-linux-gnu)
+    ffi (1.17.2-aarch64-linux-musl)
+    ffi (1.17.2-arm-linux-gnu)
+    ffi (1.17.2-arm-linux-musl)
+    ffi (1.17.2-arm64-darwin)
+    ffi (1.17.2-x86_64-darwin)
+    ffi (1.17.2-x86_64-linux-gnu)
+    ffi (1.17.2-x86_64-linux-musl)
     globalid (1.2.1)
       activesupport (>= 6.1)
     i18n (1.14.7)
       concurrent-ruby (~> 1.0)
+    image_processing (1.14.0)
+      mini_magick (>= 4.9.5, < 6)
+      ruby-vips (>= 2.0.17, < 3)
     io-console (0.8.0)
     irb (1.15.2)
       pp (>= 0.6.0)
@@ -127,6 +138,9 @@ GEM
       net-pop
       net-smtp
     marcel (1.0.4)
+    mini_magick (5.2.0)
+      benchmark
+      logger
     mini_mime (1.1.5)
     minitest (5.25.5)
     msgpack (1.8.0)
@@ -252,6 +266,9 @@ GEM
       rubocop-performance (>= 1.24)
       rubocop-rails (>= 2.30)
     ruby-progressbar (1.13.0)
+    ruby-vips (2.2.3)
+      ffi (~> 1.12)
+      logger
     securerandom (0.4.1)
     sprockets (4.2.2)
       concurrent-ruby (~> 1.0)
@@ -312,9 +329,11 @@ PLATFORMS
 DEPENDENCIES
   bootsnap
   brakeman
+  image_processing (~> 1.14)
   jwt
   kamal
   mysql2 (~> 0.5.6)
+  nokogiri (~> 1.18)
   puma (>= 5.0)
   rack-cors
   rails (~> 8.0.2)

backend/app/controllers/posts_controller.rb

@@ -1,3 +1,7 @@
+require 'open-uri'
+require 'nokogiri'
+
+
 class PostsController < ApplicationController
   before_action :set_post, only: %i[ show update destroy ]
 
@@ -7,48 +11,64 @@ class PostsController < ApplicationController
       tag_names = params[:tags].split(',')
       match_type = params[:match]
       if match_type == 'any'
-        @posts = Post.joins(:tags).where(tags: { name: tag_names }).distinct
+        posts = Post.joins(:tags).where(tags: { name: tag_names }).distinct
       else
-        @posts = Post.joins(:tags)
+        posts = Post.joins(:tags)
         tag_names.each do |tag|
-          @posts = @posts.where(id: Post.joins(:tags).where(tags: { name: tag }))
+          posts = posts.where(id: Post.joins(:tags).where(tags: { name: tag }))
         end
-        @posts = @posts.distinct
+        posts = posts.distinct
       end
     else
-      @posts = Post.all
+      posts = Post.all
     end
-    render json: @posts.as_json(include: { tags: { only: [:id, :name, :category] } })
+    render json: posts.as_json(include: { tags: { only: [:id, :name, :category] } })
   end
 
   # GET /posts/1
   def show
-    @post = Post.includes(:tags).find(params[:id])
-    viewed = current_user&.viewed?(@post)
-    render json: (@post
+    post = Post.includes(:tags).find(params[:id])
+    viewed = current_user&.viewed?(post)
+    render json: (post
                   .as_json(include: { tags: { only: [:id, :name, :category] } })
                   .merge(viewed: viewed))
   end
 
   # POST /posts
   def create
-    # TODO: current_user.role が 'admin' もしくは 'member' でなければ 403
+    return head :unauthorized unless current_user
+    return head :forbidden unless ['admin', 'member'].include?(current_user.role)
 
+    # TODO: URL が正規のものがチェック，不正ならエラー
     title = params[:title]
     unless title.present?
-      # TODO:
-      # 既知サイトなら決まったフォーマットで，
-      # 未知サイトならページ名をセットする．
+      # TODO: # 既知サイトなら決まったフォーマットで title 取得するやぅに．
+      begin
+        html = URI.open(params[:url], open_timeout: 5, read_timeout: 5).read
+        doc = Nokogiri::HTML.parse(html)
+        title = doc.at('title')&.text&.strip || ''
+      rescue
+        title = ''
+      end
     end
     post = Post.new(title: title, url: params[:url], thumbnail_base: '', uploaded_user: current_user)
     if params[:thumbnail].present?
       post.thumbnail.attach(params[:thumbnail])
     else
-      # TODO:
-      # 既知ドメインであれば，指定のアドレスからサムネール取得，
-      # それ以外なら URL のスクショ・イメージをサムネールに登録．
+      # TODO: 既知ドメインであれば指定のアドレスからサムネールを取得するやぅにする．
+      path = Rails.root.join('tmp', "thumb_#{ SecureRandom.hex }.png")
+      system("node #{ Rails.root }/lib/screenshot.js #{ Shellwords.escape(params[:url]) } #{ path }")
+      if File.exist?(path)
+        image = MiniMagick::Image.open(path)
+        image.resize '180x180'
+        post.thumbnail.attach(io:           File.open(image.path),
+                              filename:     'thumbnail.png',
+                              content_type: 'image/png')
+        File.delete(path) rescue nil
+      end
     end
     if post.save
+      post.resized_thumbnail!
       if params[:tags].present?
         tag_ids = JSON.parse(params[:tags])
         post.tags = Tag.where(id: tag_ids)
@@ -88,13 +108,14 @@ class PostsController < ApplicationController
   end
 
   private
-    # Use callbacks to share common setup or constraints between actions.
-    def set_post
-      @post = Post.find(params.expect(:id))
-    end
 
-    # Only allow a list of trusted parameters through.
-    def post_params
-      params.expect(post: [ :title, :body ])
-    end
+  # Use callbacks to share common setup or constraints between actions.
+  def set_post
+    @post = Post.find(params.expect(:id))
+  end
+
+  # Only allow a list of trusted parameters through.
+  def post_params
+    params.expect(post: [ :title, :body ])
+  end
 end

backend/app/models/post.rb

@@ -1,3 +1,6 @@
+require 'mini_magick'
+
+
 class Post < ApplicationRecord
   belongs_to :parent, class_name: 'Post', optional: true, foreign_key: 'parent_id'
   belongs_to :uploaded_user, class_name: 'User', optional: true
@@ -12,4 +15,15 @@ class Post < ApplicationRecord
                                           thumbnail, only_path: false) :
                                       nil })
   end
+
+  def resized_thumbnail!
+    return unless thumbnail.attached?
+
+    image = MiniMagick::Image.read(thumbnail.download)
+    image.resize '180x180'
+    thumbnail.purge
+    thumbnail.attach(io:            File.open(image.path),
+                     filename:      'resized_thumbnail.jpg',
+                     content_type:  'image/jpeg')
+  end
 end

backend/lib/package.json

@@ -0,0 +1,15 @@
+{
+  "name": "lib",
+  "version": "1.0.0",
+  "main": "screenshot.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "description": "",
+  "dependencies": {
+    "puppeteer": "^24.10.0"
+  }
+}

backend/lib/screenshot.js

@@ -0,0 +1,18 @@
+const puppeteer = require ('puppeteer')
+const fs = require ('fs')
+
+
+void (async () => {
+  const url = process.argv[2]
+  const output = process.argv[3]
+
+  const browser = await puppeteer.launch ({
+      args: ['--no-sandbox', '--disable-setuid-sandbox'] })
+
+  const page = await browser.newPage ()
+  await page.setViewport ({ width: 960, height: 960 })
+  await page.goto (url, { waitUntil: 'networkidle2', timeout: 10000 })
+
+  await page.screenshot ({ path: output })
+  await browser.close ()
+}) ()

frontend/src/pages/PostNewPage.tsx

@@ -37,10 +37,12 @@ const PostNewPage = () => {
 
   const handleSubmit = () => {
     const formData = new FormData ()
-    formData.append ('title', title || null)
+    if (title)
+      formData.append ('title', title)
     formData.append ('url', url)
     formData.append ('tags', JSON.stringify (tagIds))
-    formData.append ('thumbnail', thumbnailAutoFlg ? null : thumbnailFile)
+    if (!(thumbnailAutoFlg) && thumbnailFile)
+      formData.append ('thumbnail', thumbnailFile)
 
     void (axios.post (`${ API_BASE_URL }/posts`, formData, { headers: {
               'Content-Type':     'multipart/form-data',