Initial commit medias platformHEADmain

1 files changed, 122 insertions, 0 deletions

diff --git a/viewer-bff/public/app.js b/viewer-bff/public/app.js
new file mode 100644
index 0000000..ecbe3fb
--- /dev/null
+++ b/viewer-bff/public/app.js
@@ -0,0 +1,122 @@
+const tokenInput = document.getElementById("tokenInput");

+const objectKeysInput = document.getElementById("objectKeysInput");

+const permissionsOutput = document.getElementById("permissionsOutput");

+const gallery = document.getElementById("gallery");

+

+const loadPermissionsBtn = document.getElementById("loadPermissionsBtn");

+const buildGalleryBtn = document.getElementById("buildGalleryBtn");

+

+let currentPermissions = null;

+

+function getToken() {

+  return tokenInput.value.trim();

+}

+

+function parseObjectKeys() {

+  return objectKeysInput.value

+    .split("\n")

+    .map((line) => line.trim())

+    .filter(Boolean);

+}

+

+function isAllowedByPermissions(objectKey, permissions) {

+  if (!permissions) return false;

+  if (permissions.allowAll) return true;

+  const prefixes = permissions.allowedPrefixes || [];

+  return prefixes.some((prefix) => objectKey.startsWith(prefix));

+}

+

+async function callJson(url, options = {}) {

+  const token = getToken();

+  const headers = {

+    "Content-Type": "application/json",

+    ...(options.headers || {})

+  };

+  if (token) {

+    headers.Authorization = `Bearer ${token}`;

+  }

+

+  const response = await fetch(url, { ...options, headers });

+  const payload = await response.json().catch(() => ({}));

+  if (!response.ok) {

+    throw new Error(payload.message || `HTTP ${response.status}`);

+  }

+  return payload;

+}

+

+loadPermissionsBtn.addEventListener("click", async () => {

+  try {

+    const perms = await callJson("/api/me/permissions");

+    currentPermissions = perms;

+    permissionsOutput.textContent = JSON.stringify(perms, null, 2);

+  } catch (error) {

+    permissionsOutput.textContent = `Erreur: ${error.message}`;

+  }

+});

+

+buildGalleryBtn.addEventListener("click", async () => {

+  gallery.innerHTML = "";

+  const keys = parseObjectKeys();

+

+  if (!currentPermissions) {

+    permissionsOutput.textContent = "Charger d'abord les permissions.";

+    return;

+  }

+

+  if (!keys.length) {

+    permissionsOutput.textContent = "Ajouter au moins une objectKey.";

+    return;

+  }

+

+  for (const objectKey of keys) {

+    const card = document.createElement("article");

+    card.className = "card";

+

+    const img = document.createElement("img");

+    img.className = "thumb";

+    img.alt = objectKey;

+

+    const keyP = document.createElement("p");

+    keyP.className = "key";

+    keyP.textContent = objectKey;

+

+    const openBtn = document.createElement("button");

+    openBtn.textContent = "Ouvrir";

+    openBtn.disabled = !isAllowedByPermissions(objectKey, currentPermissions);

+

+    openBtn.addEventListener("click", async () => {

+      try {

+        const presign = await callJson("/api/media/presign", {

+          method: "POST",

+          body: JSON.stringify({ objectKey })

+        });

+        const signedUrl = presign.url;

+        img.src = signedUrl;

+        window.open(signedUrl, "_blank", "noopener,noreferrer");

+      } catch (error) {

+        alert(`Presign refuse: ${error.message}`);

+      }

+    });

+

+    if (!openBtn.disabled) {

+      // Previsualisation opportuniste pour les objets autorises.

+      callJson("/api/media/presign", {

+        method: "POST",

+        body: JSON.stringify({ objectKey })

+      })

+        .then((presign) => {

+          img.src = presign.url;

+        })

+        .catch(() => {

+          img.alt = "Previsualisation indisponible";

+        });

+    } else {

+      img.alt = "Acces refuse (roles)";

+    }

+

+    card.appendChild(img);

+    card.appendChild(keyP);

+    card.appendChild(openBtn);

+    gallery.appendChild(card);

+  }

+});