2019-05-22 12:12:11 +00:00
|
|
|
# Portions of this file are derived from Pleroma:
|
|
|
|
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
# Upstream: https://git.pleroma.social/pleroma/pleroma/blob/develop/lib/pleroma/upload.ex
|
|
|
|
|
2020-01-26 20:36:50 +00:00
|
|
|
defmodule Mobilizon.Web.Upload do
|
2019-05-22 12:12:11 +00:00
|
|
|
@moduledoc """
|
|
|
|
Manage user uploads
|
|
|
|
|
|
|
|
Options:
|
2020-06-04 08:58:27 +00:00
|
|
|
* `:type`: presets for activity type (defaults to Document) and size limits from app configuration
|
|
|
|
* `:description`: upload alternative text
|
|
|
|
* `:base_url`: override base url
|
|
|
|
* `:uploader`: override uploader
|
|
|
|
* `:filters`: override filters
|
|
|
|
* `:size_limit`: override size limit
|
|
|
|
* `:activity_type`: override activity type
|
2019-05-22 12:12:11 +00:00
|
|
|
|
2020-01-26 20:36:50 +00:00
|
|
|
The `%Mobilizon.Web.Upload{}` struct: all documented fields are meant to be overwritten in filters:
|
2019-05-22 12:12:11 +00:00
|
|
|
|
2020-06-04 08:58:27 +00:00
|
|
|
* `:id` - the upload id.
|
|
|
|
* `:name` - the upload file name.
|
|
|
|
* `:path` - the upload path: set at first to `id/name` but can be changed. Keep in mind that the path
|
|
|
|
is once created permanent and changing it (especially in uploaders) is probably a bad idea!
|
|
|
|
* `:tempfile` - path to the temporary file. Prefer in-place changes on the file rather than changing the
|
|
|
|
path as the temporary file is also tracked by `Plug.Upload{}` and automatically deleted once the request is over.
|
2019-05-22 12:12:11 +00:00
|
|
|
|
|
|
|
Related behaviors:
|
|
|
|
|
2020-06-04 08:58:27 +00:00
|
|
|
* `Mobilizon.Web.Upload.Uploader`
|
|
|
|
* `Mobilizon.Web.Upload.Filter`
|
2019-05-22 12:12:11 +00:00
|
|
|
|
|
|
|
"""
|
2019-09-07 22:05:54 +00:00
|
|
|
|
2019-05-22 12:12:11 +00:00
|
|
|
alias Ecto.UUID
|
2019-09-07 22:05:54 +00:00
|
|
|
|
|
|
|
alias Mobilizon.Config
|
|
|
|
|
2020-01-28 18:18:33 +00:00
|
|
|
alias Mobilizon.Web.Endpoint
|
2020-01-26 20:36:50 +00:00
|
|
|
alias Mobilizon.Web.Upload.{Filter, MIME, Uploader}
|
2019-09-12 23:35:56 +00:00
|
|
|
|
2019-05-22 12:12:11 +00:00
|
|
|
require Logger
|
|
|
|
|
|
|
|
@type source ::
|
|
|
|
Plug.Upload.t()
|
|
|
|
| (data_uri_string :: String.t())
|
|
|
|
| {:from_local, name :: String.t(), id :: String.t(), path :: String.t()}
|
|
|
|
|
|
|
|
@type option ::
|
|
|
|
{:type, :avatar | :banner | :background}
|
|
|
|
| {:description, String.t()}
|
|
|
|
| {:activity_type, String.t()}
|
|
|
|
| {:size_limit, nil | non_neg_integer()}
|
|
|
|
| {:uploader, module()}
|
|
|
|
| {:filters, [module()]}
|
2021-09-10 09:27:59 +00:00
|
|
|
| {:allow_list_mime_types, boolean()}
|
2019-05-22 12:12:11 +00:00
|
|
|
|
|
|
|
@type t :: %__MODULE__{
|
|
|
|
id: String.t(),
|
|
|
|
name: String.t(),
|
|
|
|
tempfile: String.t(),
|
|
|
|
content_type: String.t(),
|
2019-06-03 15:13:47 +00:00
|
|
|
path: String.t(),
|
2021-08-05 10:48:22 +00:00
|
|
|
size: integer(),
|
|
|
|
width: integer(),
|
2021-08-12 08:29:40 +00:00
|
|
|
height: integer(),
|
|
|
|
blurhash: String.t()
|
2019-05-22 12:12:11 +00:00
|
|
|
}
|
2021-09-10 09:27:59 +00:00
|
|
|
defstruct [:id, :name, :url, :tempfile, :content_type, :path, :size, :width, :height, :blurhash]
|
|
|
|
|
|
|
|
@typep internal_options :: %{
|
|
|
|
activity_type: String.t() | nil,
|
|
|
|
size_limit: integer(),
|
|
|
|
uploader: module(),
|
|
|
|
filters: [module()],
|
|
|
|
description: String.t(),
|
|
|
|
allow_list_mime_types: list(String.t()),
|
|
|
|
base_url: String.t()
|
|
|
|
}
|
|
|
|
|
|
|
|
@spec store(source, options :: [option()]) ::
|
2021-09-24 14:46:42 +00:00
|
|
|
{:ok, t()} | {:error, String.t()} | {:error, atom()}
|
2019-05-22 12:12:11 +00:00
|
|
|
def store(upload, opts \\ []) do
|
|
|
|
opts = get_opts(opts)
|
|
|
|
|
2021-09-10 09:27:59 +00:00
|
|
|
case prepare_upload(upload, opts) do
|
|
|
|
{:ok, upload} ->
|
|
|
|
upload
|
|
|
|
|> set_default_upload_path()
|
|
|
|
|> perform_filter_and_put_file(opts)
|
2019-05-22 12:12:11 +00:00
|
|
|
|
2021-09-10 09:27:59 +00:00
|
|
|
{:error, error} ->
|
2021-09-24 14:46:42 +00:00
|
|
|
{:error, error}
|
2019-05-22 12:12:11 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-10-05 13:29:06 +00:00
|
|
|
@spec remove(String.t()) :: {:ok, String.t()} | {:error, atom}
|
|
|
|
def remove(url) do
|
|
|
|
%{uploader: uploader} = get_opts([])
|
|
|
|
|
|
|
|
case URI.parse(url) do
|
|
|
|
%URI{path: "/media/" <> path, host: host} ->
|
|
|
|
if host == Endpoint.host() do
|
|
|
|
Uploader.remove_file(uploader, path)
|
|
|
|
else
|
|
|
|
Logger.error("Media can't be deleted because its URL doesn't match current host")
|
|
|
|
{:error, :not_same_host}
|
|
|
|
end
|
2019-07-23 16:06:22 +00:00
|
|
|
|
2021-10-05 13:29:06 +00:00
|
|
|
%URI{} = _uri ->
|
|
|
|
{:error, :url_invalid}
|
2019-06-05 16:29:39 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-10 09:27:59 +00:00
|
|
|
@spec char_unescaped?(byte()) :: boolean()
|
|
|
|
defp char_unescaped?(char) do
|
2019-05-22 12:12:11 +00:00
|
|
|
URI.char_unreserved?(char) or char == ?/
|
|
|
|
end
|
|
|
|
|
2021-09-10 09:27:59 +00:00
|
|
|
@spec set_default_upload_path(t) :: t
|
|
|
|
defp set_default_upload_path(%__MODULE__{} = upload) do
|
|
|
|
%__MODULE__{
|
|
|
|
upload
|
|
|
|
| path: upload.path || "#{upload.id}/#{upload.name}"
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
@spec perform_filter_and_put_file(t, map) ::
|
|
|
|
{:ok, t} | {:error, String.t()} | {:error, atom()}
|
|
|
|
defp perform_filter_and_put_file(%__MODULE__{} = upload, opts) do
|
|
|
|
case Filter.filter(opts.filters, upload) do
|
|
|
|
{:ok, upload} ->
|
|
|
|
perform_put_file(upload, opts)
|
|
|
|
|
|
|
|
{:error, error} ->
|
|
|
|
{:error, error}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@spec perform_put_file(t, map) :: {:ok, t} | {:error, atom()}
|
|
|
|
defp perform_put_file(%__MODULE__{} = upload, opts) do
|
|
|
|
case Uploader.put_file(opts.uploader, upload) do
|
|
|
|
{:ok, url_spec} ->
|
|
|
|
{:ok,
|
|
|
|
%__MODULE__{
|
|
|
|
upload
|
|
|
|
| name: Map.get(opts, :description) || upload.name,
|
|
|
|
url: url_from_spec(upload, opts.base_url, url_spec)
|
|
|
|
}}
|
|
|
|
|
|
|
|
{:error, error} ->
|
|
|
|
Logger.error(
|
|
|
|
"#{__MODULE__} store (using #{inspect(opts.uploader)}) failed: #{inspect(error)}"
|
|
|
|
)
|
|
|
|
|
|
|
|
{:error, error}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
@spec get_opts(Keyword.t()) :: internal_options()
|
2019-05-22 12:12:11 +00:00
|
|
|
defp get_opts(opts) do
|
|
|
|
{size_limit, activity_type} =
|
|
|
|
case Keyword.get(opts, :type) do
|
|
|
|
:banner ->
|
2019-09-07 22:05:54 +00:00
|
|
|
{Config.get!([:instance, :banner_upload_limit]), "Image"}
|
2019-05-22 12:12:11 +00:00
|
|
|
|
|
|
|
:avatar ->
|
2019-09-07 22:05:54 +00:00
|
|
|
{Config.get!([:instance, :avatar_upload_limit]), "Image"}
|
2019-05-22 12:12:11 +00:00
|
|
|
|
|
|
|
_ ->
|
2019-09-07 22:05:54 +00:00
|
|
|
{Config.get!([:instance, :upload_limit]), nil}
|
2019-05-22 12:12:11 +00:00
|
|
|
end
|
|
|
|
|
2021-09-24 14:46:42 +00:00
|
|
|
activity_type = Keyword.get(opts, :activity_type, activity_type)
|
|
|
|
size_limit = Keyword.get(opts, :size_limit, size_limit)
|
|
|
|
uploader = Keyword.get(opts, :uploader, Config.get([__MODULE__, :uploader]))
|
|
|
|
filters = Keyword.get(opts, :filters, Config.get([__MODULE__, :filters]))
|
|
|
|
description = Keyword.get(opts, :description)
|
|
|
|
|
|
|
|
allow_list_mime_types =
|
|
|
|
Keyword.get(
|
|
|
|
opts,
|
|
|
|
:allow_list_mime_types,
|
|
|
|
Config.get([__MODULE__, :allow_list_mime_types])
|
|
|
|
)
|
|
|
|
|
|
|
|
base_url =
|
|
|
|
Keyword.get(
|
|
|
|
opts,
|
|
|
|
:base_url,
|
|
|
|
Config.get([__MODULE__, :base_url], Endpoint.url())
|
|
|
|
)
|
|
|
|
|
2019-05-22 12:12:11 +00:00
|
|
|
%{
|
2021-09-24 14:46:42 +00:00
|
|
|
activity_type: activity_type,
|
|
|
|
size_limit: size_limit,
|
|
|
|
uploader: uploader,
|
|
|
|
filters: filters,
|
|
|
|
description: description,
|
|
|
|
allow_list_mime_types: allow_list_mime_types,
|
|
|
|
base_url: base_url
|
2019-05-22 12:12:11 +00:00
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2021-09-24 14:46:42 +00:00
|
|
|
@spec prepare_upload(t(), internal_options()) :: {:ok, t()} | {:error, atom()}
|
2019-05-22 12:12:11 +00:00
|
|
|
defp prepare_upload(%Plug.Upload{} = file, opts) do
|
2019-06-03 15:13:47 +00:00
|
|
|
with {:ok, size} <- check_file_size(file.path, opts.size_limit),
|
2020-10-09 17:29:12 +00:00
|
|
|
{:ok, content_type, name} <- MIME.file_mime_type(file.path, file.filename),
|
|
|
|
:ok <- check_allowed_mime_type(content_type, opts.allow_list_mime_types) do
|
2019-05-22 12:12:11 +00:00
|
|
|
{:ok,
|
|
|
|
%__MODULE__{
|
|
|
|
id: UUID.generate(),
|
|
|
|
name: name,
|
|
|
|
tempfile: file.path,
|
2019-06-03 15:13:47 +00:00
|
|
|
content_type: content_type,
|
|
|
|
size: size
|
2019-05-22 12:12:11 +00:00
|
|
|
}}
|
2021-09-24 14:46:42 +00:00
|
|
|
else
|
|
|
|
{:error, err} ->
|
|
|
|
{:error, err}
|
2019-05-22 12:12:11 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-24 14:46:42 +00:00
|
|
|
@spec prepare_upload(%{body: String.t(), name: String.t()}, internal_options()) ::
|
|
|
|
{:ok, t()} | {:error, :mime_type_not_allowed}
|
2019-12-03 10:29:51 +00:00
|
|
|
defp prepare_upload(%{body: body, name: name} = _file, opts) do
|
|
|
|
with :ok <- check_binary_size(body, opts.size_limit),
|
|
|
|
tmp_path <- tempfile_for_image(body),
|
2020-10-09 17:29:12 +00:00
|
|
|
{:ok, content_type, name} <- MIME.file_mime_type(tmp_path, name),
|
|
|
|
:ok <- check_allowed_mime_type(content_type, opts.allow_list_mime_types) do
|
2019-12-03 10:29:51 +00:00
|
|
|
{:ok,
|
|
|
|
%__MODULE__{
|
|
|
|
id: UUID.generate(),
|
|
|
|
name: name,
|
|
|
|
tempfile: tmp_path,
|
|
|
|
content_type: content_type,
|
|
|
|
size: byte_size(body)
|
|
|
|
}}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-10 09:27:59 +00:00
|
|
|
@spec check_file_size(String.t(), non_neg_integer()) ::
|
|
|
|
{:ok, non_neg_integer()} | {:error, :file_too_large} | {:error, :file.posix()}
|
2019-05-22 12:12:11 +00:00
|
|
|
defp check_file_size(path, size_limit) when is_integer(size_limit) and size_limit > 0 do
|
2021-09-10 09:27:59 +00:00
|
|
|
with {:ok, %File.Stat{size: size}} <- File.stat(path),
|
2019-05-22 12:12:11 +00:00
|
|
|
true <- size <= size_limit do
|
2019-06-03 15:13:47 +00:00
|
|
|
{:ok, size}
|
2019-05-22 12:12:11 +00:00
|
|
|
else
|
|
|
|
false -> {:error, :file_too_large}
|
|
|
|
error -> error
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-10 09:27:59 +00:00
|
|
|
@spec check_binary_size(String.t(), non_neg_integer()) :: :ok | {:error, :file_too_large}
|
2019-12-03 10:29:51 +00:00
|
|
|
defp check_binary_size(binary, size_limit)
|
|
|
|
when is_integer(size_limit) and size_limit > 0 and byte_size(binary) >= size_limit do
|
|
|
|
{:error, :file_too_large}
|
|
|
|
end
|
|
|
|
|
|
|
|
defp check_binary_size(_, _), do: :ok
|
|
|
|
|
|
|
|
# Creates a tempfile using the Plug.Upload Genserver which cleans them up
|
|
|
|
# automatically.
|
2021-09-10 09:27:59 +00:00
|
|
|
@spec tempfile_for_image(iodata) :: String.t()
|
2019-12-03 10:29:51 +00:00
|
|
|
defp tempfile_for_image(data) do
|
|
|
|
{:ok, tmp_path} = Plug.Upload.random_file("temp_files")
|
|
|
|
{:ok, tmp_file} = File.open(tmp_path, [:write, :raw, :binary])
|
|
|
|
IO.binwrite(tmp_file, data)
|
|
|
|
|
|
|
|
tmp_path
|
|
|
|
end
|
|
|
|
|
2021-09-10 09:27:59 +00:00
|
|
|
@spec url_from_spec(t, String.t(), {:file | :url, String.t()}) :: String.t()
|
2019-05-22 12:12:11 +00:00
|
|
|
defp url_from_spec(%__MODULE__{name: name}, base_url, {:file, path}) do
|
|
|
|
path =
|
|
|
|
URI.encode(path, &char_unescaped?/1) <>
|
2019-09-07 22:05:54 +00:00
|
|
|
if Config.get([__MODULE__, :link_name], false) do
|
2019-05-22 12:12:11 +00:00
|
|
|
"?name=#{URI.encode(name, &char_unescaped?/1)}"
|
|
|
|
else
|
|
|
|
""
|
|
|
|
end
|
|
|
|
|
|
|
|
[base_url, "media", path]
|
|
|
|
|> Path.join()
|
|
|
|
end
|
|
|
|
|
|
|
|
defp url_from_spec(_upload, _base_url, {:url, url}), do: url
|
2020-10-09 17:29:12 +00:00
|
|
|
|
2021-09-24 14:46:42 +00:00
|
|
|
@spec check_allowed_mime_type(String.t(), List.t()) :: :ok | {:error, :mime_type_not_allowed}
|
2020-10-09 17:29:12 +00:00
|
|
|
defp check_allowed_mime_type(content_type, allow_list_mime_types) do
|
|
|
|
if Enum.any?(allow_list_mime_types, &(&1 == content_type)),
|
|
|
|
do: :ok,
|
|
|
|
else: {:error, :mime_type_not_allowed}
|
|
|
|
end
|
2019-05-22 12:12:11 +00:00
|
|
|
end
|