Add an opt-in FileAccessControl middleware that resolves the warehouse file
and enforces File::canBeAccessedBy() (default public, so existing consumers
are unaffected) when files.access_control.enabled is set. Resolution is
delegated to a configurable files.warehouse.resolver (ResolvesWarehouseFiles)
and the resolved file is stashed on the request so the controller reuses it.
Exposed as the `files.access` route-middleware alias and auto-attached to the
package warehouse route. Adds the FileAccessControl unit suite.
The suite silently exercised a drifted workbench schema (bigint id()/morphs())
instead of the shipped uuid('id')/uuidMorphs() schema, so every UUID-keyed test
errored with SQLite "datatype mismatch" (39/104 errors). Add a shared
tests/TestCase that loads the package's real database/migrations as the single
source of truth (drift-proof) and centralizes the per-test boilerplate; fix one
ordering test that violated the real filables_unique constraint.
WarehouseService::searchAssetPath now clears the realpath/stat cache and retries
once on a miss, so an asset written by another process (image command, queue
worker) is servable without a restart. Hits are unaffected.
Suite: 105 tests, 235 assertions, green.
- Write resized output to a sibling temp file and atomically rename into the
cache path so concurrent requests never observe a half-written file (was
surfacing as IDAT CRC / truncated-zlib errors on first load).
- Attempt a lenient PNG re-encode via GD then Imagick's
png:preserve-corrupt-image before Spatie, so pedantically-invalid-but-
intact uploads still resize instead of 500ing.
- Fall back to serving the original bytes on unrecoverable decode errors
(typically truncated uploads) instead of throwing — matches what the
browser already tolerates and avoids 500s on damaged sources.
- Backfill extension via MIME sniff when the model lacks one, early-return
for gif/svg, touch cache hits for LRU-style cleanup, and accept
canvasX/canvasY/offsetX/offsetY for padded-canvas resizes.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Fabian @ Blax Software