eliseuamaro/gnu-social
1
0
Fork 0
forked from GNUsocial/gnu-social
Code Issues Pull Requests Releases Wiki Activity

[ATTACHMENTS] Do not create thumbnails for attachments with mimetype different from 'image|video'

Browse Source
This commit is contained in:
Diogo Peralta Cordeiro
2021-05-02 00:50:16 +01:00
parent 6aea20db05
commit 2e943293e6
1 changed files with 12 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/Controller/Attachment.php
View File

@@ -34,6 +34,7 @@ use App\Util\Exception\ServerException;
use Symfony\Component\HttpFoundation\HeaderUtils; use Symfony\Component\HttpFoundation\HeaderUtils;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
use function App\Core\I18n\_m;
class Attachment extends Controller class Attachment extends Controller
{ {
@@ -46,7 +47,7 @@ class Attachment extends Controller
if (!empty($res)) { if (!empty($res)) {
return $handle($res); return $handle($res);
} else { } else {
throw new ClientException('No such attachment', 404); throw new ClientException(_m('No such attachment'), 404);
} }
} }
@@ -67,7 +68,7 @@ class Attachment extends Controller
]; ];
}); });
} catch (NotFoundException) { } catch (NotFoundException) {
throw new ClientException('No such attachment', 404); throw new ClientException(_m('No such attachment'), 404);
} }
} }
@@ -90,14 +91,18 @@ class Attachment extends Controller
* @param Request $request * @param Request $request
* @param int $id Attachment ID * @param int $id Attachment ID
* *
* @return Response
* @throws ClientException
* @throws NotFoundException * @throws NotFoundException
* @throws ServerException * @throws ServerException
* * @throws \App\Util\Exception\DuplicateFoundException
* @return Response
*/ */
public function attachment_thumbnail(Request $request, int $id): Response public function attachment_thumbnail(Request $request, int $id): Response
{ {
$attachment = DB::findOneBy('attachment', ['id' => $id]); $attachment = DB::findOneBy('attachment', ['id' => $id]);
if (preg_match('/^(image|video)/', $attachment->getMimeType()) !== 1) {
throw new ClientException(_m('Can not generate thumbnail for attachment with id={id}', ['id' => $id]));
}
if (!is_null($attachment->getScope())) { if (!is_null($attachment->getScope())) {
// && ($attachment->scope | VisibilityScope::PUBLIC) != 0 // && ($attachment->scope | VisibilityScope::PUBLIC) != 0
// $user = Common::ensureLoggedIn(); // $user = Common::ensureLoggedIn();
@@ -113,7 +118,7 @@ class Attachment extends Controller
Event::handle('GetAllowedThumbnailSizes', [&$sizes]); Event::handle('GetAllowedThumbnailSizes', [&$sizes]);
if (!in_array(['width' => $width, 'height' => $height], $sizes)) { if (!in_array(['width' => $width, 'height' => $height], $sizes)) {
throw new ClientException('The requested thumbnail dimensions are not allowed', 400); // 400 Bad Request throw new ClientException(_m('The requested thumbnail dimensions are not allowed'), 400); // 400 Bad Request
} }
$thumbnail = AttachmentThumbnail::getOrCreate(attachment: $attachment, width: $width, height: $height, crop: $crop); $thumbnail = AttachmentThumbnail::getOrCreate(attachment: $attachment, width: $width, height: $height, crop: $crop);