Application documents (upload / download / delete) #132
Labels
No labels
area:auth
area:ci
area:db
area:infra
area:native
area:pwa
area:service
epic
feature
foundation
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
james/carol#132
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Let a user attach documents to an application — résumés sent, cover letters, supporting material, offer letters, correspondence — and download or delete them later.
Builds on the Application core ticket and the
lib/storageblob interface from ADR-0018 (the same primitive Profile picture upload uses today).Scope
application_documentstable:(id, user_id, application_id, filename, content_type, size_bytes, storage_key, uploaded_at).user_idandapplication_idboth FK + indexed.storage_keyis the opaque path returned bylib/storage.user_idinto the prefix per the ADR-0018 convention (e.g.applications/{user_id}/{application_id}/{uuid}-{filename}) so a leak oflib/storagecan't cross users.app/api/applications/[id]/documents/:POST— multipart upload, returns the document record (no plaintext storage key in the response).GET— list documents for the application.GET /[docId]— stream the file with the originalcontent_typeand a sensibleContent-Disposition.DELETE /[docId]— remove the DB row and the blob.Acceptance criteria
application_documentsmigration applies on startup, both engines.Part of epic #129. Depends on the Application core ticket landing first.