btrc-hub/backend/app/controllers/wiki_assets_controller.rb

require 'digest'


class WikiAssetsController < ApplicationController
  def index
    page_id = params[:wiki_page_id].to_i
    page = WikiPage.find_by(id: page_id)
    return head :not_found unless page

    render json: page.assets
  end

  def create
    return head :unauthorized unless current_user
    return head :forbidden unless current_user.gte_member?

    wiki_page_id = params[:wiki_page_id].to_i
    page = WikiPage.find_by(id: wiki_page_id)
    return head :not_found unless page

    file = params[:file]
    return head :bad_request if file.blank?

    page.with_lock do
      no = page.next_asset_no
      alt_text = params[:alt_text].presence
      sha256 = Digest::SHA256.file(file.tempfile.path).digest

      asset = WikiAsset.new(wiki_page_id:, no:, alt_text:, sha256:, created_by_user: current_user)
      asset.file.attach(file)
      asset.save!

      page.update!(next_asset_no: no + 1)
    end

    render json: asset
  end
end