feat(backend): add GET /api/documents/{id}/thumbnail endpoint

Streams the JPEG thumbnail from S3 with Cache-Control: private, max-age=31536000, immutable — `private` (not `public`) prevents shared caches from leaking one user's thumbnail to another (CWE-525). `immutable` is safe because the URL carries ?v=<thumbnailGeneratedAt> as a cache-buster that changes whenever the file is replaced. Authentication falls back to the global .anyRequest().authenticated() rule, matching the existing /file endpoint's permission model. Refs #307 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-22 22:10:01 +02:00
parent 323ec1ec54
commit f11a29504a
2 changed files with 82 additions and 0 deletions
--- a/backend/src/main/java/org/raddatz/familienarchiv/controller/DocumentController.java
+++ b/backend/src/main/java/org/raddatz/familienarchiv/controller/DocumentController.java
@@ -94,6 +94,31 @@ public class DocumentController {
        }
    }

+    // --- THUMBNAIL ---
+    @GetMapping("/{id}/thumbnail")
+    public ResponseEntity<InputStreamResource> getDocumentThumbnail(@PathVariable UUID id) {
+        Document doc = documentService.getDocumentById(id);
+
+        if (doc.getThumbnailKey() == null) {
+            throw DomainException.notFound(ErrorCode.FILE_NOT_FOUND, "No thumbnail for document: " + id);
+        }
+
+        try {
+            FileService.S3FileDownload download = fileService.downloadFile(doc.getThumbnailKey());
+            return ResponseEntity.ok()
+                    .contentType(MediaType.IMAGE_JPEG)
+                    // `private` (not `public`) prevents shared caches from serving one user's
+                    // thumbnail to another (CWE-525). `immutable` is safe because the URL
+                    // carries a ?v=<thumbnailGeneratedAt> cache-buster that changes whenever
+                    // the underlying file is replaced.
+                    .header(HttpHeaders.CACHE_CONTROL, "private, max-age=31536000, immutable")
+                    .body(download.resource());
+        } catch (FileService.StorageFileNotFoundException e) {
+            throw DomainException.notFound(ErrorCode.FILE_NOT_FOUND,
+                    "Thumbnail missing in storage: " + doc.getThumbnailKey());
+        }
+    }
+
    // --- METADATA ---
    @GetMapping("/{id}")
    public Document getDocument(@PathVariable UUID id) {