forked from GNUsocial/gnu-social
[ImageEncoder] Implement attachment validation for images. This limits the maximum dimensions of the file, enforces a per file, per user and per user-month size quota and fixes the title if it's a filename, by replacing the extension to the new one
This commit is contained in:
parent
93e1e4b7a9
commit
365a7b436f
@ -19,13 +19,17 @@
|
|||||||
|
|
||||||
namespace Plugin\ImageEncoder;
|
namespace Plugin\ImageEncoder;
|
||||||
|
|
||||||
|
use App\Core\Cache;
|
||||||
|
use App\Core\DB\DB;
|
||||||
use App\Core\Event;
|
use App\Core\Event;
|
||||||
|
use App\Core\GSFile;
|
||||||
use function App\Core\I18n\_m;
|
use function App\Core\I18n\_m;
|
||||||
use App\Core\Log;
|
use App\Core\Log;
|
||||||
use App\Core\Modules\Plugin;
|
use App\Core\Modules\Plugin;
|
||||||
use App\Entity\Attachment;
|
use App\Entity\Attachment;
|
||||||
use App\Entity\AttachmentThumbnail;
|
use App\Entity\AttachmentThumbnail;
|
||||||
use App\Util\Common;
|
use App\Util\Common;
|
||||||
|
use App\Util\TemporaryFile;
|
||||||
use Exception;
|
use Exception;
|
||||||
use Jcupitt\Vips;
|
use Jcupitt\Vips;
|
||||||
|
|
||||||
@ -47,11 +51,80 @@ class ImageEncoder extends Plugin
|
|||||||
*
|
*
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function onAttachmentValidation(\SplFileInfo &$file, ?string &$mimetype = null): bool
|
public function onAttachmentValidation(\SplFileInfo &$file, ?string &$mimetype, ?string &$title): bool
|
||||||
{
|
{
|
||||||
$original_mimetype = $mimetype;
|
$original_mimetype = $mimetype;
|
||||||
// TODO: Encode in place
|
if (GSFile::mimetypeMajor($original_mimetype) != 'image') {
|
||||||
//$mimetype = self::preferredType();
|
// Nothing concerning us
|
||||||
|
return Event::next;
|
||||||
|
}
|
||||||
|
|
||||||
|
$type = self::preferredType();
|
||||||
|
$extension = image_type_to_extension($type, include_dot: true);
|
||||||
|
$temp = new TemporaryFile(prefix: null, suffix: $extension); // This handles deleting the file if some error occurs
|
||||||
|
$mimetype = image_type_to_mime_type($type);
|
||||||
|
if ($mimetype != $original_mimetype) {
|
||||||
|
// If title seems to be a filename with an extension
|
||||||
|
if (preg_match('/\.[a-z0-9]/i', $title) === 1) {
|
||||||
|
$title = substr($title, 0, strrpos($title, '.') - 1) . $extension;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$image = Vips\Image::newFromFile($file->getRealPath(), ['access' => 'sequential']);
|
||||||
|
$width = Common::clamp($image->width, 0, Common::config('attachments', 'max_width'));
|
||||||
|
$height = Common::clamp($image->height, 0, Common::config('attachments', 'max_height'));
|
||||||
|
$image = $image->crop(0, 0, $width, $height);
|
||||||
|
$image->writeToFile($temp->getRealPath());
|
||||||
|
|
||||||
|
$filesize = $temp->getSize();
|
||||||
|
$filepath = $file->getRealPath();
|
||||||
|
@unlink($filepath);
|
||||||
|
|
||||||
|
$file_quota = Common::config('attachments', 'file_quota');
|
||||||
|
if ($filesize > $file_quota) {
|
||||||
|
// TRANS: Message given if an upload is larger than the configured maximum.
|
||||||
|
throw new ClientException(_m('No file may be larger than {quota} bytes and the file you sent was {size} bytes. ' .
|
||||||
|
'Try to upload a smaller version.', ['quota' => $file_quota, 'size' => $filesize]));
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = Common::user();
|
||||||
|
$query = <<<END
|
||||||
|
select sum(at.size) as total
|
||||||
|
from attachment at
|
||||||
|
join attachment_to_note an with at.id = an.attachment_id
|
||||||
|
join note n with an.note_id = n.id
|
||||||
|
where n.gsactor_id = :actor_id and at.size is not null
|
||||||
|
END;
|
||||||
|
|
||||||
|
$user_quota = Common::config('attachments', 'user_quota');
|
||||||
|
if ($user_quota != false) {
|
||||||
|
$cache_key_user_total = 'user-' . $user->getId() . 'file-quota';
|
||||||
|
$user_total = Cache::get($cache_key_user_total, fn () => DB::dql($query, ['actor_id' => $user->getId()])[0]['total']);
|
||||||
|
Cache::set($cache_key_user_total, $user_total + $filesize);
|
||||||
|
|
||||||
|
if ($user_total + $filesize > $user_quota) {
|
||||||
|
// TRANS: Message given if an upload would exceed user quota.
|
||||||
|
throw new ClientException(_m('A file this large would exceed your user quota of {quota} bytes.', ['quota' => $user_quota]));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$query .= ' AND MONTH(at.modified) = MONTH(CURRENT_DATE())'
|
||||||
|
. ' AND YEAR(at.modified) = YEAR(CURRENT_DATE())';
|
||||||
|
|
||||||
|
$monthly_quota = Common::config('attachments', 'monthly_quota');
|
||||||
|
if ($monthly_quota != false) {
|
||||||
|
$cache_key_user_monthly = 'user-' . $user->getId() . 'monthly-file-quota';
|
||||||
|
$monthly_total = Cache::get($cache_key_user_monthly, fn () => DB::dql($query, ['actor_id' => $user->getId()])[0]['total']);
|
||||||
|
Cache::set($cache_key_user_monthly, $monthly_total + $filesize);
|
||||||
|
|
||||||
|
if ($monthly_total + $filesize > $monthly_quota) {
|
||||||
|
// TRANS: Message given if an upload would exceed user quota.
|
||||||
|
throw new ClientException(_m('A file this large would exceed your monthly quota of {quota} bytes.', ['quota' => $monthly_quota]));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$temp->commit($filepath);
|
||||||
|
|
||||||
return Event::stop;
|
return Event::stop;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -86,8 +159,6 @@ class ImageEncoder extends Plugin
|
|||||||
$old_limit = ini_set('memory_limit', Common::config('attachments', 'memory_limit'));
|
$old_limit = ini_set('memory_limit', Common::config('attachments', 'memory_limit'));
|
||||||
try {
|
try {
|
||||||
try {
|
try {
|
||||||
// -1 means load all pages, 'sequential' access means decode pixels on demand
|
|
||||||
// $image = Vips\Image::newFromFile(self::getPath($attachment), ['n' => -1, 'access' => 'sequential']);
|
|
||||||
$image = Vips\Image::thumbnail($source, $width, ['height' => $height]);
|
$image = Vips\Image::thumbnail($source, $width, ['height' => $height]);
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
Log::error(__METHOD__ . ' encountered exception: ' . print_r($e, true));
|
Log::error(__METHOD__ . ' encountered exception: ' . print_r($e, true));
|
||||||
|
Loading…
Reference in New Issue
Block a user