6 дней назад · 1975bc6339
--- a/internal/api/enclosure_handlers.go
+++ b/internal/api/enclosure_handlers.go
@@ -22,7 +22,7 @@ func (h *handler) getEnclosureByIDHandler(w http.ResponseWriter, r *http.Request
 
				 		return
			
 
				 	}
			
 
				 
			
 
				-	enclosure, err := h.store.GetEnclosure(enclosureID)
			
 
				+	enclosure, err := h.store.EnclosureByID(request.UserID(r), enclosureID)
			
 
				 	if err != nil {
			
 
				 		response.JSONServerError(w, r, err)
			
 
				 		return
			
@@ -33,12 +33,6 @@ func (h *handler) getEnclosureByIDHandler(w http.ResponseWriter, r *http.Request
 
				 		return
			
 
				 	}
			
 
				 
			
 
				-	userID := request.UserID(r)
			
 
				-	if enclosure.UserID != userID {
			
 
				-		response.JSONNotFound(w, r)
			
 
				-		return
			
 
				-	}
			
 
				-
			
 
				 	enclosure.ProxifyEnclosureURL(config.Opts.MediaProxyMode(), config.Opts.MediaProxyResourceTypes())
			
 
				 
			
 
				 	response.JSON(w, r, enclosure)
			
@@ -62,7 +56,7 @@ func (h *handler) updateEnclosureByIDHandler(w http.ResponseWriter, r *http.Requ
 
				 		return
			
 
				 	}
			
 
				 
			
 
				-	enclosure, err := h.store.GetEnclosure(enclosureID)
			
 
				+	enclosure, err := h.store.EnclosureByID(request.UserID(r), enclosureID)
			
 
				 	if err != nil {
			
 
				 		response.JSONServerError(w, r, err)
			
 
				 		return
			
@@ -73,12 +67,6 @@ func (h *handler) updateEnclosureByIDHandler(w http.ResponseWriter, r *http.Requ
 
				 		return
			
 
				 	}
			
 
				 
			
 
				-	userID := request.UserID(r)
			
 
				-	if enclosure.UserID != userID {
			
 
				-		response.JSONNotFound(w, r)
			
 
				-		return
			
 
				-	}
			
 
				-
			
 
				 	enclosure.MediaProgression = enclosureUpdateRequest.MediaProgression
			
 
				 	if err := h.store.UpdateEnclosure(enclosure); err != nil {
			
 
				 		response.JSONServerError(w, r, err)
			
--- a/internal/storage/enclosure.go
+++ b/internal/storage/enclosure.go
@@ -14,8 +14,8 @@ import (
 
				 	"github.com/lib/pq"
			
 
				 )
			
 
				 
			
 
				-// GetEnclosures returns all attachments for the given entry.
			
 
				-func (s *Storage) GetEnclosures(entryID int64) (model.EnclosureList, error) {
			
 
				+// EnclosuresByEntryID returns all enclosures for the given entry.
			
 
				+func (s *Storage) EnclosuresByEntryID(entryID int64) (model.EnclosureList, error) {
			
 
				 	query := `
			
 
				 		SELECT
			
 
				 			id,
			
@@ -61,7 +61,8 @@ func (s *Storage) GetEnclosures(entryID int64) (model.EnclosureList, error) {
 
				 	return enclosures, nil
			
 
				 }
			
 
				 
			
 
				-func (s *Storage) GetEnclosuresForEntries(entryIDs []int64) (map[int64]model.EnclosureList, error) {
			
 
				+// EnclosuresByEntryIDs returns enclosures for the given entries, grouped by entry ID.
			
 
				+func (s *Storage) EnclosuresByEntryIDs(entryIDs []int64) (map[int64]model.EnclosureList, error) {
			
 
				 	query := `
			
 
				 		SELECT
			
 
				 			id,
			
@@ -106,7 +107,8 @@ func (s *Storage) GetEnclosuresForEntries(entryIDs []int64) (map[int64]model.Enc
 
				 	return enclosuresMap, nil
			
 
				 }
			
 
				 
			
 
				-func (s *Storage) GetEnclosure(enclosureID int64) (*model.Enclosure, error) {
			
 
				+// EnclosureByID returns the enclosure for the given user and enclosure ID.
			
 
				+func (s *Storage) EnclosureByID(userID, enclosureID int64) (*model.Enclosure, error) {
			
 
				 	query := `
			
 
				 		SELECT
			
 
				 			id,
			
@@ -119,10 +121,10 @@ func (s *Storage) GetEnclosure(enclosureID int64) (*model.Enclosure, error) {
 
				 		FROM
			
 
				 			enclosures
			
 
				 		WHERE
			
 
				-			id = $1
			
 
				+			id = $1 AND user_id = $2
			
 
				 	`
			
 
				 
			
 
				-	row := s.db.QueryRow(query, enclosureID)
			
 
				+	row := s.db.QueryRow(query, enclosureID, userID)
			
 
				 
			
 
				 	var enclosure model.Enclosure
			
 
				 	err := row.Scan(
			
@@ -215,6 +217,7 @@ func (s *Storage) updateEnclosures(tx *sql.Tx, entry *model.Entry) error {
 
				 	return nil
			
 
				 }
			
 
				 
			
 
				+// UpdateEnclosure persists changes to the given enclosure.
			
 
				 func (s *Storage) UpdateEnclosure(enclosure *model.Enclosure) error {
			
 
				 	query := `
			
 
				 		UPDATE
			
--- a/internal/storage/entry_query_builder.go
+++ b/internal/storage/entry_query_builder.go
@@ -258,7 +258,7 @@ func (e *EntryQueryBuilder) GetEntry() (*model.Entry, error) {
 
				 		return nil, nil
			
 
				 	}
			
 
				 
			
 
				-	entries[0].Enclosures, err = e.store.GetEnclosures(entries[0].ID)
			
 
				+	entries[0].Enclosures, err = e.store.EnclosuresByEntryID(entries[0].ID)
			
 
				 	if err != nil {
			
 
				 		return nil, err
			
 
				 	}
			
@@ -433,7 +433,7 @@ func (e *EntryQueryBuilder) fetchEntries(withCount bool) (model.Entries, int, er
 
				 	}
			
 
				 
			
 
				 	if e.fetchEnclosures && len(entryIDs) > 0 {
			
 
				-		enclosures, err := e.store.GetEnclosuresForEntries(entryIDs)
			
 
				+		enclosures, err := e.store.EnclosuresByEntryIDs(entryIDs)
			
 
				 		if err != nil {
			
 
				 			return nil, 0, fmt.Errorf("store: unable to fetch enclosures: %w", err)
			
 
				 		}
			
--- a/internal/ui/entry_enclosure_save_position.go
+++ b/internal/ui/entry_enclosure_save_position.go
@@ -13,7 +13,7 @@ import (
 
				 
			
 
				 func (h *handler) saveEnclosureProgression(w http.ResponseWriter, r *http.Request) {
			
 
				 	enclosureID := request.RouteInt64Param(r, "enclosureID")
			
 
				-	enclosure, err := h.store.GetEnclosure(enclosureID)
			
 
				+	enclosure, err := h.store.EnclosureByID(request.UserID(r), enclosureID)
			
 
				 	if err != nil {
			
 
				 		response.JSONServerError(w, r, err)
			
 
				 		return