2021-04-18 02:17:57 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
// {{{ License
|
|
|
|
|
|
|
|
// This file is part of GNU social - https://www.gnu.org/software/social
|
|
|
|
//
|
|
|
|
// GNU social is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// GNU social is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
// }}}
|
|
|
|
|
|
|
|
namespace App\Core;
|
|
|
|
|
|
|
|
use App\Core\DB\DB;
|
2021-07-22 20:56:29 +01:00
|
|
|
use function App\Core\I18n\_m;
|
2021-04-18 02:17:57 +01:00
|
|
|
use App\Entity\Attachment;
|
|
|
|
use App\Util\Common;
|
|
|
|
use App\Util\Exception\ClientException;
|
2021-07-20 21:17:53 +01:00
|
|
|
use App\Util\Exception\DuplicateFoundException;
|
2021-04-18 02:17:57 +01:00
|
|
|
use App\Util\Exception\NoSuchFileException;
|
2021-05-02 16:46:12 +01:00
|
|
|
use App\Util\Exception\NotFoundException;
|
2021-05-01 14:02:14 +01:00
|
|
|
use App\Util\Exception\ServerException;
|
2021-08-03 11:22:55 +01:00
|
|
|
use App\Util\Formatting;
|
2021-07-20 21:17:53 +01:00
|
|
|
use InvalidArgumentException;
|
|
|
|
use SplFileInfo;
|
2021-04-18 02:17:57 +01:00
|
|
|
use Symfony\Component\HttpFoundation\BinaryFileResponse;
|
|
|
|
use Symfony\Component\HttpFoundation\HeaderUtils;
|
|
|
|
use Symfony\Component\HttpFoundation\Response;
|
2021-07-22 20:56:29 +01:00
|
|
|
use Symfony\Component\Mime\MimeTypes;
|
2021-04-18 02:17:57 +01:00
|
|
|
|
2021-07-20 21:17:53 +01:00
|
|
|
/**
|
|
|
|
* GNU social's File Abstraction
|
|
|
|
*
|
|
|
|
* @category Files
|
|
|
|
* @package GNUsocial
|
|
|
|
*
|
|
|
|
* @author Hugo Sales <hugo@hsal.es>
|
|
|
|
* @author Diogo Peralta Cordeiro <mail@diogo.site>
|
|
|
|
* @copyright 2020-2021 Free Software Foundation, Inc http://www.fsf.org
|
|
|
|
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
|
|
|
|
*/
|
2021-04-18 02:17:57 +01:00
|
|
|
class GSFile
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Perform file validation (checks and normalization) and store the given file
|
2021-07-20 21:17:53 +01:00
|
|
|
*
|
|
|
|
* @param SplFileInfo $file
|
2021-07-22 20:56:29 +01:00
|
|
|
* @param string $dest_dir
|
2021-07-20 21:17:53 +01:00
|
|
|
* @param null|string $title
|
2021-07-22 20:56:29 +01:00
|
|
|
* @param bool $is_local
|
|
|
|
* @param null|int $actor_id
|
2021-07-20 21:17:53 +01:00
|
|
|
*
|
|
|
|
* @throws DuplicateFoundException
|
2021-07-22 20:56:29 +01:00
|
|
|
*
|
|
|
|
* @return Attachment
|
2021-04-18 02:17:57 +01:00
|
|
|
*/
|
2021-07-20 21:17:53 +01:00
|
|
|
public static function validateAndStoreFileAsAttachment(SplFileInfo $file,
|
2021-05-01 22:14:38 +01:00
|
|
|
string $dest_dir,
|
2021-08-03 11:11:48 +01:00
|
|
|
int $actor_id,
|
2021-05-01 22:14:38 +01:00
|
|
|
?string $title = null,
|
2021-08-03 11:11:48 +01:00
|
|
|
bool $is_local = true): Attachment
|
2021-04-18 02:17:57 +01:00
|
|
|
{
|
2021-08-04 19:26:48 +01:00
|
|
|
if (!Formatting::startsWith($dest_dir, Common::config('storage', 'dir'))) {
|
|
|
|
throw new \InvalidArgumentException("Attempted to store a file in a directory outside the GNU social files location: {$dest_dir}");
|
2021-08-03 11:22:55 +01:00
|
|
|
}
|
|
|
|
|
2021-07-20 21:17:53 +01:00
|
|
|
$hash = null;
|
|
|
|
Event::handle('HashFile', [$file->getPathname(), &$hash]);
|
2021-05-02 16:46:12 +01:00
|
|
|
try {
|
|
|
|
return DB::findOneBy('attachment', ['file_hash' => $hash]);
|
|
|
|
} catch (NotFoundException) {
|
|
|
|
// The following properly gets the mimetype with `file` or other
|
|
|
|
// available methods, so should be safe
|
2021-07-20 21:17:53 +01:00
|
|
|
$mimetype = $file->getMimeType();
|
2021-07-22 20:56:29 +01:00
|
|
|
$width = $height = null;
|
|
|
|
Event::handle('AttachmentSanitization', [&$file, &$mimetype, &$title, &$width, &$height]);
|
|
|
|
if ($is_local) {
|
|
|
|
$filesize = $file->getSize();
|
|
|
|
Event::handle('EnforceQuota', [$actor_id, $filesize]);
|
|
|
|
}
|
2021-05-02 16:46:12 +01:00
|
|
|
$attachment = Attachment::create([
|
2021-07-22 20:56:29 +01:00
|
|
|
'file_hash' => $hash,
|
2021-05-02 16:46:12 +01:00
|
|
|
'gsactor_id' => $actor_id,
|
2021-07-22 20:56:29 +01:00
|
|
|
'mimetype' => $mimetype,
|
|
|
|
'title' => $title,
|
2021-08-03 18:51:23 +01:00
|
|
|
'filename' => Formatting::removePrefix($dest_dir, Common::config('attachments', 'dir')) . $hash,
|
2021-07-22 20:56:29 +01:00
|
|
|
'is_local' => $is_local,
|
|
|
|
'size' => $file->getSize(),
|
|
|
|
'width' => $width,
|
|
|
|
'height' => $height,
|
2021-05-02 16:46:12 +01:00
|
|
|
]);
|
2021-07-20 21:17:53 +01:00
|
|
|
$file->move($dest_dir, $hash);
|
2021-05-02 16:46:12 +01:00
|
|
|
DB::persist($attachment);
|
|
|
|
Event::handle('AttachmentStoreNew', [&$attachment]);
|
|
|
|
return $attachment;
|
|
|
|
}
|
2021-04-18 05:47:16 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-04-25 22:14:35 +01:00
|
|
|
* Create an attachment for the given URL, fetching the mimetype
|
|
|
|
*
|
2021-07-20 21:17:53 +01:00
|
|
|
* @throws InvalidArgumentException
|
2021-04-18 05:47:16 +01:00
|
|
|
*/
|
2021-05-01 22:14:38 +01:00
|
|
|
public static function validateAndStoreURLAsAttachment(string $url): Attachment
|
2021-04-18 05:47:16 +01:00
|
|
|
{
|
2021-04-25 22:14:35 +01:00
|
|
|
if (Common::isValidHttpUrl($url)) {
|
2021-05-02 16:46:12 +01:00
|
|
|
$head = HTTPClient::head($url);
|
2021-05-01 22:55:33 +01:00
|
|
|
// This must come before getInfo given that Symfony HTTPClient is lazy (thus forcing curl exec)
|
2021-07-22 20:56:29 +01:00
|
|
|
$headers = $head->getHeaders();
|
|
|
|
$url = $head->getInfo('url'); // The last effective url (after getHeaders so it follows redirects)
|
2021-05-01 22:55:33 +01:00
|
|
|
$url_hash = hash(Attachment::URLHASH_ALGO, $url);
|
|
|
|
try {
|
|
|
|
return DB::findOneBy('attachment', ['remote_url_hash' => $url_hash]);
|
|
|
|
} catch (NotFoundException) {
|
2021-07-22 20:56:29 +01:00
|
|
|
$headers = array_change_key_case($headers, CASE_LOWER);
|
2021-05-01 22:55:33 +01:00
|
|
|
$attachment = Attachment::create([
|
2021-07-22 20:56:29 +01:00
|
|
|
'remote_url' => $url,
|
2021-05-01 22:55:33 +01:00
|
|
|
'remote_url_hash' => $url_hash,
|
2021-07-22 20:56:29 +01:00
|
|
|
'mimetype' => $headers['content-type'][0],
|
|
|
|
'is_local' => false,
|
2021-05-01 22:55:33 +01:00
|
|
|
]);
|
|
|
|
DB::persist($attachment);
|
|
|
|
Event::handle('AttachmentStoreNew', [&$attachment]);
|
|
|
|
return $attachment;
|
|
|
|
}
|
2021-04-25 22:14:35 +01:00
|
|
|
} else {
|
2021-07-20 21:17:53 +01:00
|
|
|
throw new InvalidArgumentException();
|
2021-04-25 22:14:35 +01:00
|
|
|
}
|
2021-04-18 02:17:57 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Include $filepath in the response, for viewing or downloading.
|
|
|
|
*
|
|
|
|
* @throws ServerException
|
|
|
|
*/
|
|
|
|
public static function sendFile(string $filepath, string $mimetype, ?string $output_filename, string $disposition = 'inline'): Response
|
|
|
|
{
|
2021-05-01 14:02:14 +01:00
|
|
|
if (is_file($filepath)) {
|
|
|
|
$response = new BinaryFileResponse(
|
|
|
|
$filepath,
|
|
|
|
Response::HTTP_OK,
|
|
|
|
[
|
|
|
|
'Content-Description' => 'File Transfer',
|
2021-07-22 20:56:29 +01:00
|
|
|
'Content-Type' => $mimetype,
|
|
|
|
'Content-Disposition' => HeaderUtils::makeDisposition($disposition, $output_filename ?? _m('Untitled attachment') . '.' . MimeTypes::getDefault()->getExtensions($mimetype)[0]),
|
|
|
|
'Cache-Control' => 'public',
|
2021-05-01 14:02:14 +01:00
|
|
|
],
|
2021-07-22 20:56:29 +01:00
|
|
|
public: true,
|
|
|
|
// contentDisposition: $disposition,
|
|
|
|
autoEtag: true,
|
|
|
|
autoLastModified: true
|
2021-05-01 14:02:14 +01:00
|
|
|
);
|
|
|
|
if (Common::config('site', 'x_static_delivery')) {
|
|
|
|
$response->trustXSendfileTypeHeader();
|
|
|
|
}
|
|
|
|
return $response;
|
|
|
|
} else {
|
|
|
|
throw new ServerException(_m('This attachment is not stored locally'));
|
2021-04-18 02:17:57 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Throw a client exception if the cache key $id doesn't contain
|
|
|
|
* exactly one entry
|
|
|
|
*
|
|
|
|
* @param mixed $except
|
|
|
|
* @param mixed $id
|
|
|
|
*/
|
|
|
|
public static function error($except, $id, array $res)
|
|
|
|
{
|
|
|
|
switch (count($res)) {
|
|
|
|
case 0:
|
|
|
|
throw new $except();
|
|
|
|
case 1:
|
|
|
|
return $res[0];
|
|
|
|
default:
|
|
|
|
Log::error('Media query returned more than one result for identifier: \"' . $id . '\"');
|
|
|
|
throw new ClientException(_m('Internal server error'));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the file info by id
|
|
|
|
*
|
|
|
|
* Returns the file's hash, mimetype and title
|
|
|
|
*/
|
|
|
|
public static function getFileInfo(int $id)
|
|
|
|
{
|
|
|
|
return self::error(NoSuchFileException::class,
|
|
|
|
$id,
|
|
|
|
Cache::get("file-info-{$id}",
|
|
|
|
function () use ($id) {
|
2021-08-03 18:51:23 +01:00
|
|
|
return DB::dql('select at.filename, at.mimetype, at.title ' .
|
2021-04-18 02:17:57 +01:00
|
|
|
'from App\\Entity\\Attachment at ' .
|
|
|
|
'where at.id = :id',
|
|
|
|
['id' => $id]);
|
|
|
|
}));
|
|
|
|
}
|
|
|
|
|
|
|
|
// ----- Attachment ------
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the attachment file info by id
|
|
|
|
*
|
|
|
|
* Returns the attachment file's hash, mimetype, title and path
|
|
|
|
*/
|
|
|
|
public static function getAttachmentFileInfo(int $id): array
|
|
|
|
{
|
2021-07-22 20:56:29 +01:00
|
|
|
$res = self::getFileInfo($id);
|
2021-08-03 18:51:23 +01:00
|
|
|
$res['filepath'] = Common::config('attachments', 'dir') . $res['filename'];
|
2021-04-18 02:17:57 +01:00
|
|
|
return $res;
|
|
|
|
}
|
|
|
|
|
|
|
|
// ------------------------
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the minor part of a mimetype. image/webp -> image
|
|
|
|
*/
|
2021-07-28 22:10:32 +01:00
|
|
|
public static function mimetypeMajor(string $mime): string
|
2021-04-18 02:17:57 +01:00
|
|
|
{
|
2021-04-25 22:14:35 +01:00
|
|
|
return explode('/', self::mimetypeBare($mime))[0];
|
2021-04-18 02:17:57 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the minor part of a mimetype. image/webp -> webp
|
|
|
|
*/
|
2021-07-28 22:10:32 +01:00
|
|
|
public static function mimetypeMinor(string $mime): string
|
2021-04-18 02:17:57 +01:00
|
|
|
{
|
2021-04-25 22:14:35 +01:00
|
|
|
return explode('/', self::mimetypeBare($mime))[1];
|
2021-04-18 02:17:57 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get only the mimetype and not additional info (separated from bare mime with semi-colon)
|
|
|
|
*/
|
2021-07-28 22:10:32 +01:00
|
|
|
public static function mimetypeBare(string $mimetype): string
|
2021-04-18 02:17:57 +01:00
|
|
|
{
|
|
|
|
$mimetype = mb_strtolower($mimetype);
|
|
|
|
if (($semicolon = mb_strpos($mimetype, ';')) !== false) {
|
|
|
|
$mimetype = mb_substr($mimetype, 0, $semicolon);
|
|
|
|
}
|
|
|
|
return trim($mimetype);
|
|
|
|
}
|
2021-07-22 20:56:29 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Given an attachment title and mimetype allows to generate the most appropriate filename.
|
|
|
|
*
|
|
|
|
* @param string $title
|
|
|
|
* @param string $mimetype
|
|
|
|
* @param null|string $ext
|
|
|
|
* @param bool $force
|
|
|
|
*
|
|
|
|
* @return null|string
|
|
|
|
*/
|
|
|
|
public static function titleToFilename(string $title, string $mimetype, ?string &$ext = null, bool $force = false): string | null
|
|
|
|
{
|
|
|
|
$valid_extensions = MimeTypes::getDefault()->getExtensions($mimetype);
|
|
|
|
|
|
|
|
// If title seems to be a filename with an extension
|
|
|
|
if (preg_match('/\.[a-z0-9]/i', $title) === 1) {
|
|
|
|
$title_without_extension = substr($title, 0, strrpos($title, '.'));
|
|
|
|
$original_extension = substr($title, strrpos($title, '.') + 1);
|
|
|
|
if (empty(MimeTypes::getDefault()->getMimeTypes($original_extension)) || !in_array($original_extension, $valid_extensions)) {
|
|
|
|
unset($title_without_extension, $original_extension);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($force) {
|
|
|
|
return ($title_without_extension ?? $title) . ".{$ext}";
|
|
|
|
} else {
|
|
|
|
if (isset($original_extension)) {
|
|
|
|
return $title;
|
|
|
|
} else {
|
|
|
|
if (!empty($valid_extensions)) {
|
|
|
|
return "{$title}.{$valid_extensions[0]}";
|
|
|
|
} else {
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2021-04-18 02:17:57 +01:00
|
|
|
}
|