package api import ( "encoding/json" "errors" "net/http" "strconv" "github.com/go-chi/chi/v5" "git.fabledsword.com/bvandeusen/minstrel/internal/auth" "git.fabledsword.com/bvandeusen/minstrel/internal/lidarr" "git.fabledsword.com/bvandeusen/minstrel/internal/lidarrrequests" ) // validRequestStatuses is the set of allowed values for the ?status= param. var validRequestStatuses = map[string]bool{ "pending": true, "approved": true, "rejected": true, "completed": true, "failed": true, } // handleListAdminRequests implements GET /api/admin/requests. // ?status= defaults to "pending"; ?limit= defaults to 50, max 200. func (h *handlers) handleListAdminRequests(w http.ResponseWriter, r *http.Request) { status := r.URL.Query().Get("status") if status == "" { status = "pending" } if !validRequestStatuses[status] { writeAdminJSONErr(w, http.StatusBadRequest, "invalid_status") return } limitStr := r.URL.Query().Get("limit") limit := 50 if limitStr != "" { v, err := strconv.Atoi(limitStr) if err != nil || v <= 0 { writeAdminJSONErr(w, http.StatusBadRequest, "invalid_limit") return } if v > 200 { v = 200 } limit = v } rows, err := h.lidarrRequests.ListByStatus(r.Context(), status, int32(limit)) if err != nil { h.logger.Error("admin: list requests", "err", err) writeAdminJSONErr(w, http.StatusInternalServerError, "server_error") return } out := make([]requestView, 0, len(rows)) for _, row := range rows { out = append(out, requestViewFrom(row)) } writeJSON(w, http.StatusOK, out) } // approveRequestBody is the optional JSON body for POST /api/admin/requests/:id/approve. type approveRequestBody struct { QualityProfileID int `json:"quality_profile_id"` RootFolderPath string `json:"root_folder_path"` } // handleApproveRequest implements POST /api/admin/requests/:id/approve. func (h *handlers) handleApproveRequest(w http.ResponseWriter, r *http.Request) { admin, ok := auth.UserFromContext(r.Context()) if !ok { writeAdminJSONErr(w, http.StatusUnauthorized, "unauthorized") return } id, ok := parseUUID(chi.URLParam(r, "id")) if !ok { writeAdminJSONErr(w, http.StatusBadRequest, "invalid_id") return } var body approveRequestBody // Body is entirely optional; ignore decode errors. _ = json.NewDecoder(r.Body).Decode(&body) row, err := h.lidarrRequests.Approve(r.Context(), id, admin.ID, lidarrrequests.ApproveOverrides{ QualityProfileID: body.QualityProfileID, RootFolderPath: body.RootFolderPath, }) if err != nil { switch { case errors.Is(err, lidarrrequests.ErrLidarrDisabled): writeAdminJSONErr(w, http.StatusServiceUnavailable, "lidarr_disabled") case errors.Is(err, lidarrrequests.ErrDefaultsIncomplete): writeAdminJSONErr(w, http.StatusBadRequest, "lidarr_defaults_incomplete") case errors.Is(err, lidarrrequests.ErrNotFound): writeAdminJSONErr(w, http.StatusNotFound, "request_not_found") case errors.Is(err, lidarrrequests.ErrNotPending): writeAdminJSONErr(w, http.StatusConflict, "request_not_pending") case errors.Is(err, lidarr.ErrUnreachable): writeAdminJSONErr(w, http.StatusServiceUnavailable, "lidarr_unreachable") case errors.Is(err, lidarr.ErrAuthFailed): writeAdminJSONErr(w, http.StatusServiceUnavailable, "lidarr_auth_failed") case errors.Is(err, lidarr.ErrServerError): // Lidarr itself 5xx'd — its response body is in err's wrapped // message (see lidarr.readBodySnippet). Logged below for ops. h.logger.Error("admin: approve request: lidarr 5xx", "err", err) writeAdminJSONErr(w, http.StatusBadGateway, "lidarr_server_error") case errors.Is(err, lidarr.ErrLookupFailed): // Lidarr returned 4xx — usually "artist already exists" or // "no metadata found." Log so ops can see the actual reason. h.logger.Warn("admin: approve request: lidarr 4xx", "err", err) writeAdminJSONErr(w, http.StatusBadGateway, "lidarr_rejected") default: h.logger.Error("admin: approve request", "err", err) writeAdminJSONErr(w, http.StatusInternalServerError, "server_error") } return } writeJSON(w, http.StatusOK, requestViewFrom(row)) } // rejectRequestBody is the optional JSON body for POST /api/admin/requests/:id/reject. type rejectRequestBody struct { Notes string `json:"notes"` } // handleRejectRequest implements POST /api/admin/requests/:id/reject. func (h *handlers) handleRejectRequest(w http.ResponseWriter, r *http.Request) { admin, ok := auth.UserFromContext(r.Context()) if !ok { writeAdminJSONErr(w, http.StatusUnauthorized, "unauthorized") return } id, ok := parseUUID(chi.URLParam(r, "id")) if !ok { writeAdminJSONErr(w, http.StatusBadRequest, "invalid_id") return } var body rejectRequestBody _ = json.NewDecoder(r.Body).Decode(&body) row, err := h.lidarrRequests.Reject(r.Context(), id, admin.ID, body.Notes) if err != nil { switch { case errors.Is(err, lidarrrequests.ErrNotFound): writeAdminJSONErr(w, http.StatusNotFound, "request_not_found") case errors.Is(err, lidarrrequests.ErrNotPending): writeAdminJSONErr(w, http.StatusConflict, "request_not_pending") default: h.logger.Error("admin: reject request", "err", err) writeAdminJSONErr(w, http.StatusInternalServerError, "server_error") } return } writeJSON(w, http.StatusOK, requestViewFrom(row)) }