Merge branch 'main' into feature-monitoramento

controllers/DocumentUploadController.php

@@ -13,16 +13,33 @@ class DocumentUploadController
     private DocumentModel $documentModel;
     private DocumentStorageService $storage;
     private int $maxUploadBytes;
+    private bool $debug;
 
     public function __construct()
     {
         $this->documentModel = new DocumentModel();
         $this->storage = new DocumentStorageService();
         $this->maxUploadBytes = 30 * 1024 * 1024;
+        $this->debug = filter_var($_ENV['DOCUMENT_UPLOAD_DEBUG'] ?? 'true', FILTER_VALIDATE_BOOLEAN);
+    }
+
+    private function log(string $requestId, string $message, array $context = []): void
+    {
+        if (!$this->debug) {
+            return;
+        }
+
+        $json = '';
+        if (!empty($context)) {
+            $json = ' ' . json_encode($context, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
+        }
+
+        error_log('[documents.upload][' . $requestId . '] ' . $message . $json);
     }
 
     public function __invoke(ServerRequestInterface $request)
     {
+        $requestId = bin2hex(random_bytes(4));
         $userId = (int)($request->getAttribute('api_user_id') ?? 0);
         $companyId = (int)($request->getAttribute('api_company_id') ?? 0);
 
@@ -32,26 +49,90 @@ class DocumentUploadController
 
         $contentLength = (int)$request->getHeaderLine('Content-Length');
         if ($contentLength > 0 && $contentLength > $this->maxUploadBytes) {
-            return ResponseLib::sendFail('File too large. Max 30MB.', [], 'E_TOO_LARGE')->withStatus(413);
+            $this->log($requestId, 'content-length exceeded', [
+                'user_id' => $userId,
+                'company_id' => $companyId,
+                'content_length' => $contentLength,
+                'content_type' => $request->getHeaderLine('Content-Type'),
+                'user_agent' => $request->getHeaderLine('User-Agent'),
+                'x_forwarded_for' => $request->getHeaderLine('X-Forwarded-For'),
+                'x_forwarded_proto' => $request->getHeaderLine('X-Forwarded-Proto'),
+            ]);
+            return ResponseLib::sendFail('File too large. Max 30MB.', ['request_id' => $requestId], 'E_TOO_LARGE')->withStatus(413);
         }
 
         try {
             $parsed = MultipartFormDataParser::parse($request);
         } catch (\Throwable $e) {
-            return ResponseLib::sendFail('Invalid multipart form-data: ' . $e->getMessage(), [], 'E_VALIDATE')->withStatus(400);
+            $this->log($requestId, 'multipart parse failed', [
+                'user_id' => $userId,
+                'company_id' => $companyId,
+                'error' => $e->getMessage(),
+                'content_type' => $request->getHeaderLine('Content-Type'),
+                'content_length' => $request->getHeaderLine('Content-Length'),
+                'transfer_encoding' => $request->getHeaderLine('Transfer-Encoding'),
+                'user_agent' => $request->getHeaderLine('User-Agent'),
+                'x_forwarded_for' => $request->getHeaderLine('X-Forwarded-For'),
+                'x_forwarded_proto' => $request->getHeaderLine('X-Forwarded-Proto'),
+            ]);
+            return ResponseLib::sendFail('Invalid multipart form-data: ' . $e->getMessage(), ['request_id' => $requestId], 'E_VALIDATE')->withStatus(400);
         }
 
         $fields = $parsed['fields'] ?? [];
         $files = $parsed['files'] ?? [];
+        $meta = $parsed['meta'] ?? [];
 
         $documentType = isset($fields['document_type']) ? (string)$fields['document_type'] : '';
         if ($documentType === '') {
-            return ResponseLib::sendFail('Missing field: document_type', [], 'E_VALIDATE')->withStatus(400);
+            $this->log($requestId, 'missing document_type', [
+                'user_id' => $userId,
+                'company_id' => $companyId,
+                'field_names' => array_keys($fields),
+                'file_names' => array_keys($files),
+                'meta' => $meta,
+                'content_type' => $request->getHeaderLine('Content-Type'),
+                'content_length' => $request->getHeaderLine('Content-Length'),
+                'transfer_encoding' => $request->getHeaderLine('Transfer-Encoding'),
+                'user_agent' => $request->getHeaderLine('User-Agent'),
+                'x_forwarded_for' => $request->getHeaderLine('X-Forwarded-For'),
+                'x_forwarded_proto' => $request->getHeaderLine('X-Forwarded-Proto'),
+            ]);
+
+            $data = ['request_id' => $requestId];
+            if ($this->debug) {
+                $data['debug'] = [
+                    'field_names' => array_keys($fields),
+                    'file_names' => array_keys($files),
+                    'meta' => $meta,
+                    'content_type' => $request->getHeaderLine('Content-Type'),
+                    'content_length' => $request->getHeaderLine('Content-Length'),
+                    'transfer_encoding' => $request->getHeaderLine('Transfer-Encoding'),
+                ];
+            }
+
+            return ResponseLib::sendFail('Missing field: document_type', $data, 'E_VALIDATE')->withStatus(400);
         }
 
         $file = $files['file'] ?? null;
         if (!is_array($file) || !isset($file['content'])) {
-            return ResponseLib::sendFail('Missing file field: file', [], 'E_VALIDATE')->withStatus(400);
+            $this->log($requestId, 'missing file', [
+                'user_id' => $userId,
+                'company_id' => $companyId,
+                'field_names' => array_keys($fields),
+                'file_names' => array_keys($files),
+                'meta' => $meta,
+            ]);
+
+            $data = ['request_id' => $requestId];
+            if ($this->debug) {
+                $data['debug'] = [
+                    'field_names' => array_keys($fields),
+                    'file_names' => array_keys($files),
+                    'meta' => $meta,
+                ];
+            }
+
+            return ResponseLib::sendFail('Missing file field: file', $data, 'E_VALIDATE')->withStatus(400);
         }
 
         $originalFilename = (string)($file['filename'] ?? 'upload.bin');
@@ -59,7 +140,7 @@ class DocumentUploadController
         $content = (string)$file['content'];
 
         if (strlen($content) > $this->maxUploadBytes) {
-            return ResponseLib::sendFail('File too large. Max 30MB.', [], 'E_TOO_LARGE')->withStatus(413);
+            return ResponseLib::sendFail('File too large. Max 30MB.', ['request_id' => $requestId], 'E_TOO_LARGE')->withStatus(413);
         }
 
         try {
@@ -72,6 +153,11 @@ class DocumentUploadController
 
             return ResponseLib::sendOk($created, 'S_CREATED');
         } catch (\Throwable $e) {
+            $this->log($requestId, 'upload failed', [
+                'user_id' => $userId,
+                'company_id' => $companyId,
+                'error' => $e->getMessage(),
+            ]);
             return ResponseLib::sendFail('Upload failed: ' . $e->getMessage(), [], 'E_INTERNAL')->withStatus(500);
         }
     }

libs/MultipartFormDataParser.php

@@ -9,18 +9,34 @@ class MultipartFormDataParser
     public static function parse(ServerRequestInterface $request): array
     {
         $contentType = $request->getHeaderLine('Content-Type');
-        if (!preg_match('/multipart\/form-data;\s*boundary=(?:(?:"([^"]+)")|([^;\s]+))/i', $contentType, $m)) {
-            throw new \RuntimeException('Invalid multipart Content-Type');
-        }
-
-        $boundary = (isset($m[1]) && $m[1] !== '') ? $m[1] : ($m[2] ?? '');
-        if ($boundary === '') {
-            throw new \RuntimeException('Missing multipart boundary');
-        }
 
         $rawBody = '';
         $stream = $request->getBody();
+        $streamMeta = [];
+        if (is_object($stream)) {
+            if (method_exists($stream, 'isSeekable')) {
+                $streamMeta['seekable'] = (bool)$stream->isSeekable();
+            }
+            if (method_exists($stream, 'isReadable')) {
+                $streamMeta['readable'] = (bool)$stream->isReadable();
+            }
+            if (method_exists($stream, 'getSize')) {
+                $streamMeta['size'] = $stream->getSize();
+            }
+            if (method_exists($stream, 'tell')) {
+                try {
+                    $streamMeta['tell'] = $stream->tell();
+                } catch (\Throwable $e) {
+                }
+            }
+        }
         if (is_object($stream) && method_exists($stream, 'getContents')) {
+            if (method_exists($stream, 'rewind')) {
+                try {
+                    $stream->rewind();
+                } catch (\Throwable $e) {
+                }
+            }
             $rawBody = (string)$stream->getContents();
             if (method_exists($stream, 'rewind')) {
                 try {
@@ -36,11 +52,33 @@ class MultipartFormDataParser
             $rawBody = (string)file_get_contents('php://input');
         }
 
+        return self::parseBody($contentType, $rawBody, $streamMeta);
+    }
+
+    public static function parseBody(string $contentType, string $rawBody, array $streamMeta = []): array
+    {
+        if (!preg_match('/multipart\/form-data;\s*boundary=(?:(?:"([^"]+)")|([^;\s]+))/i', $contentType, $m)) {
+            throw new \RuntimeException('Invalid multipart Content-Type');
+        }
+
+        $boundary = (isset($m[1]) && $m[1] !== '') ? $m[1] : ($m[2] ?? '');
+        if ($boundary === '') {
+            throw new \RuntimeException('Missing multipart boundary');
+        }
+
         $delimiter = "--" . $boundary;
         $parts = explode($delimiter, $rawBody);
 
         $fields = [];
         $files = [];
+        $meta = [
+            'content_type' => $contentType,
+            'boundary' => $boundary,
+            'stream' => $streamMeta,
+            'raw_length' => strlen($rawBody),
+            'parts_count' => count($parts),
+            'detected_parts' => [],
+        ];
 
         foreach ($parts as $part) {
             $part = ltrim($part, "\r\n\n");
@@ -69,6 +107,13 @@ class MultipartFormDataParser
                 $filename = $fm[1];
             }
 
+            $meta['detected_parts'][] = [
+                'name' => $name,
+                'has_filename' => $filename !== null && $filename !== '',
+                'filename' => ($filename !== null && $filename !== '') ? $filename : null,
+                'content_type' => $headers['content-type'] ?? null,
+            ];
+
             $body = preg_replace("/\r\n\z/", '', $body);
 
             if ($filename !== null && $filename !== '') {
@@ -83,7 +128,7 @@ class MultipartFormDataParser
             }
         }
 
-        return ['fields' => $fields, 'files' => $files];
+        return ['fields' => $fields, 'files' => $files, 'meta' => $meta];
     }
 
     private static function parseHeaders(string $rawHeaders): array

services/DocumentStorageService.php

@@ -8,7 +8,24 @@ class DocumentStorageService
 
     public function __construct(?string $rootDir = null)
     {
-        $this->rootDir = $rootDir ?? ($_ENV['DOCUMENTS_ROOT'] ?? '/data/documents');
+        if (is_string($rootDir) && trim($rootDir) !== '') {
+            $this->rootDir = $rootDir;
+            return;
+        }
+
+        $documentsRoot = (string)($_ENV['DOCUMENTS_ROOT'] ?? '');
+        if (trim($documentsRoot) !== '') {
+            $this->rootDir = $documentsRoot;
+            return;
+        }
+
+        $appRootDir = (string)($_ENV['ROOT_DIR'] ?? '');
+        if (trim($appRootDir) !== '') {
+            $this->rootDir = rtrim($appRootDir, '/') . '/data/documents';
+            return;
+        }
+
+        $this->rootDir = dirname(__DIR__) . '/data/documents';
     }
 
     public function sanitizeDocumentType(string $documentType): string
@@ -35,7 +52,27 @@ class DocumentStorageService
 
         if (!is_dir($dir)) {
             if (!@mkdir($dir, 0775, true) && !is_dir($dir)) {
-                throw new \RuntimeException('Failed to create documents directory');
+                $lastError = error_get_last();
+                $root = rtrim($this->rootDir, '/');
+                $rootParent = dirname($root);
+
+                $debug = [
+                    'root_dir' => $root,
+                    'root_dir_exists' => is_dir($root),
+                    'root_dir_writable' => is_writable($root),
+                    'root_parent' => $rootParent,
+                    'root_parent_exists' => is_dir($rootParent),
+                    'root_parent_writable' => is_writable($rootParent),
+                    'target_dir' => $dir,
+                    'target_parent' => dirname($dir),
+                    'target_parent_exists' => is_dir(dirname($dir)),
+                    'target_parent_writable' => is_writable(dirname($dir)),
+                    'php_user' => get_current_user(),
+                    'euid' => function_exists('posix_geteuid') ? posix_geteuid() : null,
+                    'last_error' => $lastError,
+                ];
+
+                throw new \RuntimeException('Failed to create documents directory: ' . json_encode($debug, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE));
             }
         }
 
@@ -64,7 +101,14 @@ class DocumentStorageService
 
         $bytes = @file_put_contents($path, $content, LOCK_EX);
         if ($bytes === false) {
-            throw new \RuntimeException('Failed to write file');
+            $lastError = error_get_last();
+            $debug = [
+                'path' => $path,
+                'dir_exists' => is_dir($dir),
+                'dir_writable' => is_writable($dir),
+                'last_error' => $lastError,
+            ];
+            throw new \RuntimeException('Failed to write file: ' . json_encode($debug, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE));
         }
 
         return $path;