Updates galore. Improved folder structure, componentized, and notifications upon completion.

app/config.py

@@ -0,0 +1,51 @@
+"""
+app/config.py
+=============
+Central configuration and the path-jail helper used by every other module.
+
+All tuneable values can be overridden via environment variables:
+
+  MEDIA_ROOT    Root directory the application may read/write (default: /media)
+  DB_PATH       Path to the SQLite database file (default: <project>/videopress.db)
+  PORT          TCP port Gunicorn listens on (default: 8080)
+  LOG_LEVEL     Gunicorn log verbosity (default: info)
+"""
+
+import os
+from pathlib import Path
+
+# ---------------------------------------------------------------------------
+# Paths
+# ---------------------------------------------------------------------------
+
+PACKAGE_DIR = Path(__file__).resolve().parent   # …/app/
+BASE_DIR    = PACKAGE_DIR.parent                 # …/videocompressor/
+
+# Every file-system operation in the application is restricted to MEDIA_ROOT.
+MEDIA_ROOT  = Path(os.environ.get('MEDIA_ROOT', '/media')).resolve()
+
+# ---------------------------------------------------------------------------
+# Path-jail helper
+# ---------------------------------------------------------------------------
+
+def safe_path(raw: str) -> Path:
+    """
+    Resolve *raw* to an absolute path and assert it is inside MEDIA_ROOT.
+
+    Returns the resolved Path on success.
+    Raises PermissionError if the path would escape MEDIA_ROOT (including
+    symlink traversal and  ../../  attacks).
+    """
+    try:
+        resolved = Path(raw).resolve()
+    except Exception:
+        raise PermissionError(f"Invalid path: {raw!r}")
+
+    root_str = str(MEDIA_ROOT)
+    path_str = str(resolved)
+    if path_str != root_str and not path_str.startswith(root_str + os.sep):
+        raise PermissionError(
+            f"Access denied: '{resolved}' is outside the allowed "
+            f"media root ({MEDIA_ROOT})."
+        )
+    return resolved