Add Transmission/NZBGet and per-client paths and much more

Extend multi-download-client support to include Transmission and NZBGet and introduce per-client custom download paths. Adds protocol mapping and new client types, Transmission/NZBGet integration services, API CRUD and validation changes, UI components/modal updates and live path previews, and manager routing by protocol. Includes DB migrations (download_path on download_history, interactive_search_access on users), schema updates, and related processor/service fixes and tests to ensure backward compatibility and proper path resolution.

src/app/api/admin/settings/download-clients/[id]/route.ts

@@ -37,6 +37,7 @@ export async function PUT(
           remotePath,
           localPath,
           category,
+          customPath,
         } = body;
 
         const config = await getConfigService();
@@ -53,6 +54,14 @@ export async function PUT(
 
         const existingClient = clients[clientIndex];
 
+        // Validate customPath: reject paths containing ".."
+        if (customPath && customPath.includes('..')) {
+          return NextResponse.json(
+            { error: 'Custom path cannot contain ".."' },
+            { status: 400 }
+          );
+        }
+
         // Build updated client (preserve fields not in request)
         const updatedClient: DownloadClientConfig = {
           ...existingClient,
@@ -66,6 +75,7 @@ export async function PUT(
           remotePath: remotePath !== undefined ? remotePath : existingClient.remotePath,
           localPath: localPath !== undefined ? localPath : existingClient.localPath,
           category: category !== undefined ? category : existingClient.category,
+          customPath: customPath !== undefined ? (customPath || undefined) : existingClient.customPath,
         };
 
         // Validate path mapping if enabled

src/app/api/admin/settings/download-clients/route.ts

@@ -6,8 +6,8 @@
 import { NextRequest, NextResponse } from 'next/server';
 import { requireAuth, requireAdmin, AuthenticatedRequest } from '@/lib/middleware/auth';
 import { getConfigService } from '@/lib/services/config.service';
-import { getDownloadClientManager, invalidateDownloadClientManager } from '@/lib/services/download-client-manager.service';
-import { DownloadClientConfig } from '@/lib/services/download-client-manager.service';
+import { getDownloadClientManager, invalidateDownloadClientManager, DownloadClientConfig } from '@/lib/services/download-client-manager.service';
+import { SUPPORTED_CLIENT_TYPES, CLIENT_PROTOCOL_MAP, DownloadClientType, getClientDisplayName } from '@/lib/interfaces/download-client.interface';
 import { getEncryptionService } from '@/lib/services/encryption.service';
 import { RMABLogger } from '@/lib/utils/logger';
 import { randomUUID } from 'crypto';
@@ -62,12 +62,13 @@ export async function POST(request: NextRequest) {
           remotePath,
           localPath,
           category,
+          customPath,
         } = body;
 
         // Validate type
-        if (type !== 'qbittorrent' && type !== 'sabnzbd') {
+        if (!SUPPORTED_CLIENT_TYPES.includes(type)) {
           return NextResponse.json(
-            { error: 'Invalid client type. Must be qbittorrent or sabnzbd' },
+            { error: `Invalid client type. Must be one of: ${SUPPORTED_CLIENT_TYPES.join(', ')}` },
             { status: 400 }
           );
         }
@@ -99,21 +100,30 @@ export async function POST(request: NextRequest) {
           }
         }
 
-        // Check for duplicate type (only one client per type for now)
+        // Check for duplicate protocol (only one client per protocol)
         const config = await getConfigService();
         const manager = getDownloadClientManager(config);
         const existingClients = await manager.getAllClients();
 
-        const duplicateType = existingClients.find(c => c.type === type && c.enabled);
-        if (duplicateType) {
+        const protocol = CLIENT_PROTOCOL_MAP[type as DownloadClientType];
+        const duplicateProtocol = existingClients.find(c => CLIENT_PROTOCOL_MAP[c.type] === protocol);
+        if (duplicateProtocol) {
           return NextResponse.json(
-            { error: `A ${type} client is already configured. Please disable or remove it first.` },
+            { error: `A ${protocol} client (${getClientDisplayName(duplicateProtocol.type)}) is already configured. Remove it first to add a different ${protocol} client.` },
             { status: 400 }
           );
         }
 
         // Create new client config for testing (with plaintext password)
         // qBittorrent credentials are optional (supports IP whitelist auth)
+        // Validate customPath: reject paths containing ".."
+        if (customPath && customPath.includes('..')) {
+          return NextResponse.json(
+            { error: 'Custom path cannot contain ".."' },
+            { status: 400 }
+          );
+        }
+
         const newClient: DownloadClientConfig = {
           id: randomUUID(),
           type,
@@ -127,6 +137,7 @@ export async function POST(request: NextRequest) {
           remotePath: remotePath || undefined,
           localPath: localPath || undefined,
           category: category || 'readmeabook',
+          customPath: customPath || undefined,
         };
 
         // Test connection before saving

src/app/api/admin/settings/download-clients/test/route.ts

@@ -6,8 +6,8 @@
 import { NextRequest, NextResponse } from 'next/server';
 import { requireAuth, requireAdmin, AuthenticatedRequest } from '@/lib/middleware/auth';
 import { getConfigService } from '@/lib/services/config.service';
-import { getDownloadClientManager } from '@/lib/services/download-client-manager.service';
-import { DownloadClientConfig } from '@/lib/services/download-client-manager.service';
+import { getDownloadClientManager, DownloadClientConfig } from '@/lib/services/download-client-manager.service';
+import { SUPPORTED_CLIENT_TYPES } from '@/lib/interfaces/download-client.interface';
 import { RMABLogger } from '@/lib/utils/logger';
 
 const logger = RMABLogger.create('API.Admin.Settings.DownloadClients.Test');
@@ -23,6 +23,7 @@ export async function POST(request: NextRequest) {
         const {
           clientId, // Optional: existing client ID to use stored password
           type,
+          name: clientName,
           url,
           username,
           password,
@@ -33,9 +34,9 @@ export async function POST(request: NextRequest) {
         } = body;
 
         // Validate type
-        if (type !== 'qbittorrent' && type !== 'sabnzbd') {
+        if (!SUPPORTED_CLIENT_TYPES.includes(type)) {
           return NextResponse.json(
-            { error: 'Invalid client type. Must be qbittorrent or sabnzbd' },
+            { error: `Invalid client type. Must be one of: ${SUPPORTED_CLIENT_TYPES.join(', ')}` },
             { status: 400 }
           );
         }
@@ -87,7 +88,7 @@ export async function POST(request: NextRequest) {
         const testConfig: DownloadClientConfig = {
           id: 'test',
           type,
-          name: 'Test Client',
+          name: clientName || type,
           enabled: true,
           url,
           username: effectiveUsername || '',