add dynamic profile update, connection helper, file download metadata

- replace UserSetColor/UserSetPronouns with single UserUpdateProfile that dynamically builds one UPDATE query from UserProfileUpdateList
- add getConnectionWithResponseOnFail helper to deduplicate connection ID parsing and validation across handlers
- rename file.go to attachmentFile.go and update handler names
- GetDownloadUrlAndMetadata now fetches object metadata via StatObject and returns it alongside the presigned URL
- file download endpoint returns JSON with url and originalName
- add description field to user and DB schema
- remove unused ConnectionState variants (GroupFellow, GroupFriend)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

packages/httpRequest/attachmentFile.go

@@ -1,15 +1,15 @@
 package httpRequest
 
 import (
+	json2 "encoding/json"
 	"net/http"
 	"strings"
 
-	"go-socket/packages/convertions"
 	"go-socket/packages/globals"
 	"go-socket/packages/minio"
 )
 
-func HandleFileUpload(response http.ResponseWriter, request *http.Request) {
+func HandleAttachmentFileUpload(response http.ResponseWriter, request *http.Request) {
 	if !postValidCheckWithResponseOnFail(&response, request, true) {
 		return
 	}
@@ -28,14 +28,8 @@ func HandleFileUpload(response http.ResponseWriter, request *http.Request) {
 		return
 	}
 
-	connectionId, err := convertions.ConvertStringUuid(request.FormValue("connectionid"))
-	if err != nil {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
-		return
-	}
-	_, ok := user.Connections[connectionId]
+	conn, ok := getConnectionWithResponseOnFail(&response, request, user)
 	if !ok {
-		http.Error(response, "no such connection", http.StatusUnauthorized)
 		return
 	}
 
@@ -47,7 +41,7 @@ func HandleFileUpload(response http.ResponseWriter, request *http.Request) {
 	defer file.Close()
 
 	contentType := header.Header.Get("Content-Type")
-	key := minio.GetKey(connectionId, contentType)
+	key := minio.GetKey(conn.Id, contentType, minio.File)
 
 	if err = minio.Upload(ctx, key, file, header.Size, contentType, map[string]string{
 		"originalName": header.Filename,
@@ -61,7 +55,7 @@ func HandleFileUpload(response http.ResponseWriter, request *http.Request) {
 	response.Write([]byte(key))
 }
 
-func HandleFileDownload(response http.ResponseWriter, request *http.Request) {
+func HandleAttachmentFileDownload(response http.ResponseWriter, request *http.Request) {
 	if !postValidCheckWithResponseOnFail(&response, request, false) {
 		return
 	}
@@ -73,28 +67,32 @@ func HandleFileDownload(response http.ResponseWriter, request *http.Request) {
 		return
 	}
 
-	connectionId, err := convertions.ConvertStringUuid(request.FormValue("connectionid"))
-	if err != nil {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
-		return
-	}
-	if _, ok := user.Connections[connectionId]; !ok {
-		http.Error(response, "no such connection", http.StatusUnauthorized)
+	conn, ok := getConnectionWithResponseOnFail(&response, request, user)
+	if !ok {
 		return
 	}
 
 	key := request.FormValue("key")
-	if !strings.HasPrefix(key, connectionId.String()+"/") {
+	if !strings.HasPrefix(key, conn.Id.String()+"/") {
 		http.Error(response, "no such file", http.StatusUnauthorized)
 		return
 	}
 
-	url, err := minio.GetDownloadUrl(ctx, key)
+	url, meta, err := minio.GetDownloadUrlAndMetadata(ctx, key)
 	if err != nil {
 		http.Error(response, "no such file", http.StatusUnauthorized)
 		return
 	}
 
+	json, err := json2.Marshal(map[string]string{
+		"url":          url.String(),
+		"originalName": meta["originalName"],
+	})
+	if err != nil {
+		http.Error(response, "metadata error", http.StatusInternalServerError)
+		return
+	}
+
 	response.WriteHeader(http.StatusOK)
-	response.Write([]byte(url.String()))
+	response.Write(json)
 }

packages/httpRequest/connectionsAndDms.go

@@ -32,14 +32,8 @@ func HandleDm(response http.ResponseWriter, request *http.Request) {
 		return
 	}
 
-	targetConnection, err := convertions.ConvertStringUuid(request.FormValue("connectionid"))
-	if err != nil {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
-		return
-	}
-	conn, ok := cache.CacheGetConnection(user, targetConnection)
+	conn, ok := getConnectionWithResponseOnFail(&response, request, user)
 	if !ok {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
 		return
 	}
 
@@ -51,7 +45,7 @@ func HandleDm(response http.ResponseWriter, request *http.Request) {
 		return
 	}
 
-	if attachedFile != "" && !strings.HasPrefix(attachedFile, targetConnection.String()+"/") {
+	if attachedFile != "" && !strings.HasPrefix(attachedFile, conn.Id.String()+"/") {
 		http.Error(response, "invalid attachedFile", http.StatusBadRequest)
 		return
 	}
@@ -105,9 +99,8 @@ func HandleUserGetConnectionMessages(response http.ResponseWriter, request *http
 		return
 	}
 
-	connectionId, err := convertions.ConvertStringUuid(request.FormValue("connectionid"))
-	if err != nil {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
+	conn, ok := getConnectionWithResponseOnFail(&response, request, user)
+	if !ok {
 		return
 	}
 
@@ -121,12 +114,6 @@ func HandleUserGetConnectionMessages(response http.ResponseWriter, request *http
 		messagesCap = globals.MaxDirectMsgCache
 	}
 
-	conn, ok := cache.CacheGetConnection(user, connectionId)
-	if !ok {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
-		return
-	}
-
 	buffer, bufferSize := conn.GetSortedMessagesBuff()
 
 	var validBufCount uint32
@@ -148,7 +135,7 @@ func HandleUserGetConnectionMessages(response http.ResponseWriter, request *http
 		if validBufCount > 0 {
 			cutoff = buffer[0].CreatedAt
 		}
-		dbMessages, err := postgresql.ConnectionGetMessagesBefore(ctx, cutoff, connectionId, remaining)
+		dbMessages, err := postgresql.ConnectionGetMessagesBefore(ctx, cutoff, conn.Id, remaining)
 		if err != nil {
 			http.Error(response, "internal server error", http.StatusInternalServerError)
 			return
@@ -241,15 +228,8 @@ func HandleUserDeleteConnection(response http.ResponseWriter, request *http.Requ
 		return
 	}
 
-	connectionId, err := convertions.ConvertStringUuid(request.FormValue("connectionid"))
-	if err != nil {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
-		return
-	}
-
-	conn, ok := cache.CacheGetConnection(user, connectionId)
+	conn, ok := getConnectionWithResponseOnFail(&response, request, user)
 	if !ok {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
 		return
 	}
 
@@ -279,10 +259,10 @@ func HandleUserDeleteConnection(response http.ResponseWriter, request *http.Requ
 		return
 	}
 
-	cache.CacheDeleteConnection(user, user2, connectionId)
+	cache.CacheDeleteConnection(user, user2, conn.Id)
 	wsServer.WsSendMessageCloseIfTimeout(user2, types.WsEventMessage{
 		Type:  WsEventType.ConnectionDeleted,
-		Event: connectionId,
+		Event: conn.Id,
 	})
 
 	response.WriteHeader(http.StatusAccepted)
@@ -298,14 +278,8 @@ func HandleUserElevateConnection(response http.ResponseWriter, request *http.Req
 		http.Error(response, "invalid token", http.StatusUnauthorized)
 		return
 	}
-	connectionId, err := convertions.ConvertStringUuid(request.FormValue("connectionid"))
-	if err != nil {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
-		return
-	}
-	conn, ok := cache.CacheGetConnection(user, connectionId)
+	conn, ok := getConnectionWithResponseOnFail(&response, request, user)
 	if !ok {
-		http.Error(response, "invalid connectionid", http.StatusBadRequest)
 		return
 	}
 
@@ -316,9 +290,6 @@ func HandleUserElevateConnection(response http.ResponseWriter, request *http.Req
 		case ConnectionState.Stranger:
 			conn.State = ConnectionState.Friend
 			break
-		case ConnectionState.GroupFellow:
-			conn.State = ConnectionState.Stranger
-			break
 		default:
 			http.Error(response, "cannot elevate further", http.StatusBadRequest)
 			return
@@ -345,7 +316,7 @@ func HandleUserElevateConnection(response http.ResponseWriter, request *http.Req
 		wsServer.WsSendMessageCloseIfTimeout(user2, types.WsEventMessage{
 			Type: WsEventType.ConnectionElevated,
 			Event: types.ConnectionElevationData{
-				Id:       connectionId,
+				Id:       conn.Id,
 				NewState: conn.State,
 			},
 		})

packages/httpRequest/get.go

@@ -2,6 +2,8 @@ package httpRequest
 
 import (
 	"context"
+	"go-socket/packages/convertions"
+	"net/http"
 
 	"go-socket/packages/cache"
 	"go-socket/packages/postgresql"
@@ -31,3 +33,16 @@ func getUserByToken(ctx context.Context, token string) (*types.User, error) {
 	}
 	return getUserById(ctx, userId)
 }
+func getConnectionWithResponseOnFail(response *http.ResponseWriter, request *http.Request, user *types.User) (*types.Connection, bool) {
+	connectionId, err := convertions.ConvertStringUuid(request.FormValue("connectionid"))
+	if err != nil {
+		http.Error(*response, "invalid connectionid", http.StatusBadRequest)
+		return nil, false
+	}
+	conn, ok := cache.CacheGetConnection(user, connectionId)
+	if !ok {
+		http.Error(*response, "invalid connectionid", http.StatusBadRequest)
+		return nil, false
+	}
+	return conn, true
+}

packages/httpRequest/user.go

@@ -2,11 +2,13 @@ package httpRequest
 
 import (
 	json2 "encoding/json"
+	"go-socket/packages/convertions"
+	"go-socket/packages/globals"
+	"go-socket/packages/minio"
 	"net/http"
 	"time"
 
 	"go-socket/packages/cache"
-	"go-socket/packages/convertions"
 	"go-socket/packages/passwords"
 	"go-socket/packages/postgresql"
 	"go-socket/packages/tokens"
@@ -137,8 +139,7 @@ func HandleUserDelete(response http.ResponseWriter, request *http.Request) {
 	response.WriteHeader(http.StatusAccepted)
 }
 
-// HandleUserModifyAppearance currently just color
-func HandleUserModifyAppearance(response http.ResponseWriter, request *http.Request) {
+func HandleUserModProfile(response http.ResponseWriter, request *http.Request) {
 	if !postValidCheckWithResponseOnFail(&response, request, false) {
 		return
 	}
@@ -150,13 +151,37 @@ func HandleUserModifyAppearance(response http.ResponseWriter, request *http.Requ
 		return
 	}
 
-	color, err := convertions.StringToRgba(request.FormValue("color"))
-	if err != nil {
-		http.Error(response, "invalid color", http.StatusBadRequest)
-		return
+	var updateList types.UserProfileUpdateList
+
+	if pronouns := request.FormValue("pronouns"); pronouns != "" {
+		if len(pronouns) > 32 {
+			http.Error(response, "pronouns too long", http.StatusBadRequest)
+			return
+		}
+		user.Pronouns = pronouns
+		updateList.Pronouns = true
 	}
-	user.Color = color
-	err = postgresql.UserSetColor(ctx, user)
+
+	if description := request.FormValue("description"); description != "" {
+		if len(description) > 256 {
+			http.Error(response, "description too long", http.StatusBadRequest)
+			return
+		}
+		user.Description = description
+		updateList.Description = true
+	}
+
+	if colorStr := request.FormValue("color"); colorStr != "" {
+		color, err := convertions.StringToRgba(colorStr)
+		if err != nil {
+			http.Error(response, "invalid color", http.StatusBadRequest)
+			return
+		}
+		user.Color = color
+		updateList.Color = true
+	}
+
+	err = postgresql.UserUpdateProfile(ctx, user, updateList)
 	if err != nil {
 		http.Error(response, "internal server error", http.StatusInternalServerError)
 		return
@@ -164,30 +189,46 @@ func HandleUserModifyAppearance(response http.ResponseWriter, request *http.Requ
 	response.WriteHeader(http.StatusAccepted)
 }
 
-// HandleUserModifyAbout currently just pronouns
-func HandleUserModifyAbout(response http.ResponseWriter, request *http.Request) {
-	if !postValidCheckWithResponseOnFail(&response, request, false) {
+func HandleUserModAvatar(response http.ResponseWriter, request *http.Request) {
+
+	if !postValidCheckWithResponseOnFail(&response, request, true) {
 		return
 	}
-
 	ctx := request.Context()
-	user, err := getUserByToken(ctx, request.FormValue("token"))
+
+	user, err := getUserByToken(ctx, request.Header.Get("token"))
 	if err != nil {
 		http.Error(response, "invalid token", http.StatusUnauthorized)
 		return
 	}
 
-	pronouns := request.FormValue("pronouns")
-	if len(pronouns) > 25 || len(pronouns) < 2 {
-		http.Error(response, "invalid pronouns", http.StatusBadRequest)
+	request.Body = http.MaxBytesReader(response, request.Body, int64(globals.MaxPostWithFileBytes))
+
+	if err = request.ParseMultipartForm(int64(globals.MaxPostBytes)); err != nil {
+		http.Error(response, "invalid multipart form", http.StatusBadRequest)
 		return
 	}
 
-	user.Pronouns = pronouns
-	err = postgresql.UserSetPronouns(ctx, user)
-	if err != nil {
-		http.Error(response, "internal server error", http.StatusInternalServerError)
+	conn, ok := getConnectionWithResponseOnFail(&response, request, user)
+	if !ok {
+		return
+	}
+
+	file, header, err := request.FormFile("file")
+	if err != nil {
+		http.Error(response, "missing file", http.StatusBadRequest)
+		return
+	}
+	defer file.Close()
+
+	contentType := header.Header.Get("Content-Type")
+	key := minio.GetKey(conn.Id, contentType, minio.File)
+
+	if err = minio.Upload(ctx, key, file, header.Size, contentType, map[string]string{
+		"originalName": header.Filename,
+		"uploaderId":   user.Id.String(),
+	}); err != nil {
+		http.Error(response, "upload failed", http.StatusInternalServerError)
 		return
 	}
-	response.WriteHeader(http.StatusAccepted)
 }