Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/lib/file_store/base_store.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

218 lines
5.7 KiB
Ruby
Raw Normal View History

DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging
2019-05-02 18:17:27 -04:00
# frozen_string_literal: true
pull hotlinked images
2013-11-05 13:04:47 -05:00
module FileStore
class BaseStore
FEATURE: Use path from existing URL of uploads and optimized images (#13177) Discourse shouldn't dynamically calculate the path of uploads and optimized images after a file has been stored on disk or S3. Otherwise it might calculate the wrong path if the SHA1 or extension stored in the database doesn't match the actual file path.
2021-05-27 11:42:25 -04:00
UPLOAD_PATH_REGEX = %r|/(original/\d+X/.*)|
OPTIMIZED_IMAGE_PATH_REGEX = %r|/(optimized/\d+X/.*)|
FEATURE: Initial implementation of direct S3 uploads with uppy and stubs (#13787) This adds a few different things to allow for direct S3 uploads using uppy. **These changes are still not the default.** There are hidden `enable_experimental_image_uploader` and `enable_direct_s3_uploads` settings that must be turned on for any of this code to be used, and even if they are turned on only the User Card Background for the user profile actually uses uppy-image-uploader. A new `ExternalUploadStub` model and database table is introduced in this pull request. This is used to keep track of uploads that are uploaded to a temporary location in S3 with the direct to S3 code, and they are eventually deleted a) when the direct upload is completed and b) after a certain time period of not being used. ### Starting a direct S3 upload When an S3 direct upload is initiated with uppy, we first request a presigned PUT URL from the new `generate-presigned-put` endpoint in `UploadsController`. This generates an S3 key in the `temp` folder inside the correct bucket path, along with any metadata from the clientside (e.g. the SHA1 checksum described below). This will also create an `ExternalUploadStub` and store the details of the temp object key and the file being uploaded. Once the clientside has this URL, uppy will upload the file direct to S3 using the presigned URL. Once the upload is complete we go to the next stage. ### Completing a direct S3 upload Once the upload to S3 is done we call the new `complete-external-upload` route with the unique identifier of the `ExternalUploadStub` created earlier. Only the user who made the stub can complete the external upload. One of two paths is followed via the `ExternalUploadManager`. 1. If the object in S3 is too large (currently 100mb defined by `ExternalUploadManager::DOWNLOAD_LIMIT`) we do not download and generate the SHA1 for that file. Instead we create the `Upload` record via `UploadCreator` and simply copy it to its final destination on S3 then delete the initial temp file. Several modifications to `UploadCreator` have been made to accommodate this. 2. If the object in S3 is small enough, we download it. When the temporary S3 file is downloaded, we compare the SHA1 checksum generated by the browser with the actual SHA1 checksum of the file generated by ruby. The browser SHA1 checksum is stored on the object in S3 with metadata, and is generated via the `UppyChecksum` plugin. Keep in mind that some browsers will not generate this due to compatibility or other issues. We then follow the normal `UploadCreator` path with one exception. To cut down on having to re-upload the file again, if there are no changes (such as resizing etc) to the file in `UploadCreator` we follow the same copy + delete temp path that we do for files that are too large. 3. Finally we return the serialized upload record back to the client There are several errors that could happen that are handled by `UploadsController` as well. Also in this PR is some refactoring of `displayErrorForUpload` to handle both uppy and jquery file uploader errors.
2021-07-27 18:42:25 -04:00
TEMPORARY_UPLOAD_PREFIX ||= "temp/"
pull hotlinked images
2013-11-05 13:04:47 -05:00
BUGFIX: uploads to S3
2014-04-15 07:04:14 -04:00
def store_upload(file, upload, content_type = nil)
FEATURE: Use path from existing URL of uploads and optimized images (#13177) Discourse shouldn't dynamically calculate the path of uploads and optimized images after a file has been stored on disk or S3. Otherwise it might calculate the wrong path if the SHA1 or extension stored in the database doesn't match the actual file path.
2021-05-27 11:42:25 -04:00
upload.url = nil
storage engines refactor
2015-05-29 12:39:47 -04:00
path = get_path_for_upload(upload)
store_file(file, path)
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664) ### General Changes and Duplication * We now consider a post `with_secure_media?` if it is in a read-restricted category. * When uploading we now set an upload's secure status straight away. * When uploading if `SiteSetting.secure_media` is enabled, we do not check to see if the upload already exists using the `sha1` digest of the upload. The `sha1` column of the upload is filled with a `SecureRandom.hex(20)` value which is the same length as `Upload::SHA1_LENGTH`. The `original_sha1` column is filled with the _real_ sha1 digest of the file. * Whether an upload `should_be_secure?` is now determined by whether the `access_control_post` is `with_secure_media?` (if there is no access control post then we leave the secure status as is). * When serializing the upload, we now cook the URL if the upload is secure. This is so it shows up correctly in the composer preview, because we set secure status on upload. ### Viewing Secure Media * The secure-media-upload URL will take the post that the upload is attached to into account via `Guardian.can_see?` for access permissions * If there is no `access_control_post` then we just deliver the media. This should be a rare occurrance and shouldn't cause issues as the `access_control_post` is set when `link_post_uploads` is called via `CookedPostProcessor` ### Removed We no longer do any of these because we do not reuse uploads by sha1 if secure media is enabled. * We no longer have a way to prevent cross-posting of a secure upload from a private context to a public context. * We no longer have to set `secure: false` for uploads when uploading for a theme component.
2020-01-15 22:50:27 -05:00
def store_optimized_image(file, optimized_image, content_type = nil, secure: false)
FEATURE: Use path from existing URL of uploads and optimized images (#13177) Discourse shouldn't dynamically calculate the path of uploads and optimized images after a file has been stored on disk or S3. Otherwise it might calculate the wrong path if the SHA1 or extension stored in the database doesn't match the actual file path.
2021-05-27 11:42:25 -04:00
optimized_image.url = nil
storage engines refactor
2015-05-29 12:39:47 -04:00
path = get_path_for_optimized_image(optimized_image)
store_file(file, path)
end
def store_file(file, path, opts = {})
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
not_implemented
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
def remove_upload(upload)
FIX: Incorrect path being passed to `S3Store#remove_file`.
2016-08-14 23:21:24 -04:00
remove_file(upload.url, get_path_for_upload(upload))
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
def remove_optimized_image(optimized_image)
FIX: Incorrect path being passed to `S3Store#remove_file`.
2016-08-14 23:21:24 -04:00
remove_file(optimized_image.url, get_path_for_optimized_image(optimized_image))
storage engines refactor
2015-05-29 12:39:47 -04:00
end
FIX: Incorrect path being passed to `S3Store#remove_file`.
2016-08-14 23:21:24 -04:00
def remove_file(url, path)
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
not_implemented
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
FEATURE: Multisite support for S3 image stores (#6689) * FEATURE: Multisite support for S3 image stores * Use File.join to concatenate all paths & fix linting on multisite/s3_store_spec.rb
2018-11-28 23:11:48 -05:00
def upload_path
FIX: parallel spec system needs a dedicated upload folder for each worker. (#8547)
2019-12-18 00:51:57 -05:00
path = File.join("uploads", RailsMultisite::ConnectionManagement.current_db)
DEV: Use a tmp directory for storing uploads in tests (#9554) This avoids development-mode upload files from polluting the test environment
2020-04-28 09:03:04 -04:00
return path if !Rails.env.test?
File.join(path, "test_#{ENV['TEST_ENV_NUMBER'].presence || '0'}")
FEATURE: Multisite support for S3 image stores (#6689) * FEATURE: Multisite support for S3 image stores * Use File.join to concatenate all paths & fix linting on multisite/s3_store_spec.rb
2018-11-28 23:11:48 -05:00
end
FIX: Restructure temp/ folders for direct S3 uploads (#14137) Previously we had temp/ in the middle of the S3 key path like so * /uploads/default/temp/randomstring/test.png (normal site) * /sitename/uploads/default/temp/randomstring/test.png (s3 folder path site) * /standard10/uploads/sitename/temp/randomstring/test.png (multisite site) However this necessitates making a lifecycle rule to clean up incomplete S3 multipart uploads for every site, something which we cannot do. It makes much more sense to have a structure with /temp at the start of the key, which is what this commit does: * /temp/uploads/default/randomstring/test.png (normal site) * /temp/sitename/uploads/default/randomstring/test.png (s3 folder path site) * /temp/standard10/uploads/sitename/randomstring/test.png (multisite site)
2021-08-24 19:22:36 -04:00
def temporary_upload_path(file_name, folder_prefix: "")
FIX: Use random file name for temporary uploads (#14250) Other locale characters in file names (e.g. é, ä) as well as special characters can cause issues on S3, notably the S3 copy object operation does not support these special characters. Instead of storing the original file name in the key, which is unnecessary, we now generate a random file name with the original extension for the temporary file and use that for all external upload stub operations.
2021-09-05 20:21:20 -04:00
# We don't want to use the original file name as it can contain special
# characters, which can interfere with external providers operations and
# introduce other unexpected behaviour.
file_name_random = "#{SecureRandom.hex}#{File.extname(file_name)}"
FEATURE: Initial implementation of direct S3 uploads with uppy and stubs (#13787) This adds a few different things to allow for direct S3 uploads using uppy. **These changes are still not the default.** There are hidden `enable_experimental_image_uploader` and `enable_direct_s3_uploads` settings that must be turned on for any of this code to be used, and even if they are turned on only the User Card Background for the user profile actually uses uppy-image-uploader. A new `ExternalUploadStub` model and database table is introduced in this pull request. This is used to keep track of uploads that are uploaded to a temporary location in S3 with the direct to S3 code, and they are eventually deleted a) when the direct upload is completed and b) after a certain time period of not being used. ### Starting a direct S3 upload When an S3 direct upload is initiated with uppy, we first request a presigned PUT URL from the new `generate-presigned-put` endpoint in `UploadsController`. This generates an S3 key in the `temp` folder inside the correct bucket path, along with any metadata from the clientside (e.g. the SHA1 checksum described below). This will also create an `ExternalUploadStub` and store the details of the temp object key and the file being uploaded. Once the clientside has this URL, uppy will upload the file direct to S3 using the presigned URL. Once the upload is complete we go to the next stage. ### Completing a direct S3 upload Once the upload to S3 is done we call the new `complete-external-upload` route with the unique identifier of the `ExternalUploadStub` created earlier. Only the user who made the stub can complete the external upload. One of two paths is followed via the `ExternalUploadManager`. 1. If the object in S3 is too large (currently 100mb defined by `ExternalUploadManager::DOWNLOAD_LIMIT`) we do not download and generate the SHA1 for that file. Instead we create the `Upload` record via `UploadCreator` and simply copy it to its final destination on S3 then delete the initial temp file. Several modifications to `UploadCreator` have been made to accommodate this. 2. If the object in S3 is small enough, we download it. When the temporary S3 file is downloaded, we compare the SHA1 checksum generated by the browser with the actual SHA1 checksum of the file generated by ruby. The browser SHA1 checksum is stored on the object in S3 with metadata, and is generated via the `UppyChecksum` plugin. Keep in mind that some browsers will not generate this due to compatibility or other issues. We then follow the normal `UploadCreator` path with one exception. To cut down on having to re-upload the file again, if there are no changes (such as resizing etc) to the file in `UploadCreator` we follow the same copy + delete temp path that we do for files that are too large. 3. Finally we return the serialized upload record back to the client There are several errors that could happen that are handled by `UploadsController` as well. Also in this PR is some refactoring of `displayErrorForUpload` to handle both uppy and jquery file uploader errors.
2021-07-27 18:42:25 -04:00
File.join(
TEMPORARY_UPLOAD_PREFIX,
FIX: Restructure temp/ folders for direct S3 uploads (#14137) Previously we had temp/ in the middle of the S3 key path like so * /uploads/default/temp/randomstring/test.png (normal site) * /sitename/uploads/default/temp/randomstring/test.png (s3 folder path site) * /standard10/uploads/sitename/temp/randomstring/test.png (multisite site) However this necessitates making a lifecycle rule to clean up incomplete S3 multipart uploads for every site, something which we cannot do. It makes much more sense to have a structure with /temp at the start of the key, which is what this commit does: * /temp/uploads/default/randomstring/test.png (normal site) * /temp/sitename/uploads/default/randomstring/test.png (s3 folder path site) * /temp/standard10/uploads/sitename/randomstring/test.png (multisite site)
2021-08-24 19:22:36 -04:00
folder_prefix,
upload_path,
FEATURE: Initial implementation of direct S3 uploads with uppy and stubs (#13787) This adds a few different things to allow for direct S3 uploads using uppy. **These changes are still not the default.** There are hidden `enable_experimental_image_uploader` and `enable_direct_s3_uploads` settings that must be turned on for any of this code to be used, and even if they are turned on only the User Card Background for the user profile actually uses uppy-image-uploader. A new `ExternalUploadStub` model and database table is introduced in this pull request. This is used to keep track of uploads that are uploaded to a temporary location in S3 with the direct to S3 code, and they are eventually deleted a) when the direct upload is completed and b) after a certain time period of not being used. ### Starting a direct S3 upload When an S3 direct upload is initiated with uppy, we first request a presigned PUT URL from the new `generate-presigned-put` endpoint in `UploadsController`. This generates an S3 key in the `temp` folder inside the correct bucket path, along with any metadata from the clientside (e.g. the SHA1 checksum described below). This will also create an `ExternalUploadStub` and store the details of the temp object key and the file being uploaded. Once the clientside has this URL, uppy will upload the file direct to S3 using the presigned URL. Once the upload is complete we go to the next stage. ### Completing a direct S3 upload Once the upload to S3 is done we call the new `complete-external-upload` route with the unique identifier of the `ExternalUploadStub` created earlier. Only the user who made the stub can complete the external upload. One of two paths is followed via the `ExternalUploadManager`. 1. If the object in S3 is too large (currently 100mb defined by `ExternalUploadManager::DOWNLOAD_LIMIT`) we do not download and generate the SHA1 for that file. Instead we create the `Upload` record via `UploadCreator` and simply copy it to its final destination on S3 then delete the initial temp file. Several modifications to `UploadCreator` have been made to accommodate this. 2. If the object in S3 is small enough, we download it. When the temporary S3 file is downloaded, we compare the SHA1 checksum generated by the browser with the actual SHA1 checksum of the file generated by ruby. The browser SHA1 checksum is stored on the object in S3 with metadata, and is generated via the `UppyChecksum` plugin. Keep in mind that some browsers will not generate this due to compatibility or other issues. We then follow the normal `UploadCreator` path with one exception. To cut down on having to re-upload the file again, if there are no changes (such as resizing etc) to the file in `UploadCreator` we follow the same copy + delete temp path that we do for files that are too large. 3. Finally we return the serialized upload record back to the client There are several errors that could happen that are handled by `UploadsController` as well. Also in this PR is some refactoring of `displayErrorForUpload` to handle both uppy and jquery file uploader errors.
2021-07-27 18:42:25 -04:00
SecureRandom.hex,
FIX: Use random file name for temporary uploads (#14250) Other locale characters in file names (e.g. é, ä) as well as special characters can cause issues on S3, notably the S3 copy object operation does not support these special characters. Instead of storing the original file name in the key, which is unnecessary, we now generate a random file name with the original extension for the temporary file and use that for all external upload stub operations.
2021-09-05 20:21:20 -04:00
file_name_random
FEATURE: Initial implementation of direct S3 uploads with uppy and stubs (#13787) This adds a few different things to allow for direct S3 uploads using uppy. **These changes are still not the default.** There are hidden `enable_experimental_image_uploader` and `enable_direct_s3_uploads` settings that must be turned on for any of this code to be used, and even if they are turned on only the User Card Background for the user profile actually uses uppy-image-uploader. A new `ExternalUploadStub` model and database table is introduced in this pull request. This is used to keep track of uploads that are uploaded to a temporary location in S3 with the direct to S3 code, and they are eventually deleted a) when the direct upload is completed and b) after a certain time period of not being used. ### Starting a direct S3 upload When an S3 direct upload is initiated with uppy, we first request a presigned PUT URL from the new `generate-presigned-put` endpoint in `UploadsController`. This generates an S3 key in the `temp` folder inside the correct bucket path, along with any metadata from the clientside (e.g. the SHA1 checksum described below). This will also create an `ExternalUploadStub` and store the details of the temp object key and the file being uploaded. Once the clientside has this URL, uppy will upload the file direct to S3 using the presigned URL. Once the upload is complete we go to the next stage. ### Completing a direct S3 upload Once the upload to S3 is done we call the new `complete-external-upload` route with the unique identifier of the `ExternalUploadStub` created earlier. Only the user who made the stub can complete the external upload. One of two paths is followed via the `ExternalUploadManager`. 1. If the object in S3 is too large (currently 100mb defined by `ExternalUploadManager::DOWNLOAD_LIMIT`) we do not download and generate the SHA1 for that file. Instead we create the `Upload` record via `UploadCreator` and simply copy it to its final destination on S3 then delete the initial temp file. Several modifications to `UploadCreator` have been made to accommodate this. 2. If the object in S3 is small enough, we download it. When the temporary S3 file is downloaded, we compare the SHA1 checksum generated by the browser with the actual SHA1 checksum of the file generated by ruby. The browser SHA1 checksum is stored on the object in S3 with metadata, and is generated via the `UppyChecksum` plugin. Keep in mind that some browsers will not generate this due to compatibility or other issues. We then follow the normal `UploadCreator` path with one exception. To cut down on having to re-upload the file again, if there are no changes (such as resizing etc) to the file in `UploadCreator` we follow the same copy + delete temp path that we do for files that are too large. 3. Finally we return the serialized upload record back to the client There are several errors that could happen that are handled by `UploadsController` as well. Also in this PR is some refactoring of `displayErrorForUpload` to handle both uppy and jquery file uploader errors.
2021-07-27 18:42:25 -04:00
)
end
pull hotlinked images
2013-11-05 13:04:47 -05:00
def has_been_uploaded?(url)
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
not_implemented
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
storage engines refactor
2015-05-29 12:39:47 -04:00
def download_url(upload)
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
not_implemented
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
storage engines refactor
2015-05-29 12:39:47 -04:00
def cdn_url(url)
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
not_implemented
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
storage engines refactor
2015-05-29 12:39:47 -04:00
def absolute_base_url
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
not_implemented
storage engines refactor
2015-05-29 12:39:47 -04:00
end
def relative_base_url
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
not_implemented
FEATURE: use original filename when clicking the download link in the lightbox
2014-10-15 13:20:04 -04:00
end
FEATURE: Add support for secure media (#7888) This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. A few notes: - the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads - the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured - upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status - when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error - when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-17 20:25:42 -05:00
def s3_upload_host
not_implemented
end
pull hotlinked images
2013-11-05 13:04:47 -05:00
def external?
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
not_implemented
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
def internal?
storage engines refactor
2015-05-29 12:39:47 -04:00
!external?
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
def path_for(upload)
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
not_implemented
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
FEATURE: Make uploads:missing task compatible with s3 uploads
2018-11-26 14:24:51 -05:00
def list_missing_uploads(skip_optimized: false)
not_implemented
end
FIX: `OptimizedImage#filesize` (#10095) `OptimizedImage#filesize` calls `Discourse.store.download` with an OptimizedImage as an argument. It would in turn attempt to call `#original_filename` and `#secure?` on that object. Both would fail as these methods do not exist on OptimizedImage, only on Upload. We didn't know about these issues because: 1. `#calculate_filesize` is not called often, because the filesize is saved on OptimizedImage creation, so it's used mostly for manual filesize recalculation 2. we were using `rescue nil` which swallows all errors
2020-07-06 11:01:29 -04:00
def download(object, max_file_size_kb: nil)
DistributedMutex.synchronize("download_#{object.sha1}", validity: 3.minutes) do
extension = File.extname(object.respond_to?(:original_filename) ? object.original_filename : object.url)
filename = "#{object.sha1}#{extension}"
FIX: optimized images fail if source is remote and S3 is disabled
2015-06-01 05:13:56 -04:00
file = get_from_cache(filename)
if !file
FIX: Improvements and fixes to the image downsizing script (#9950) Fixed bugs, added specs, extracted the upload downsizing code to a class, added support for non-S3 setups, changed it so that images aren't downloaded twice. This code has been tested on production and successfully resized ~180k uploads. Includes: * DEV: Extract upload downsizing logic * DEV: Add support for non-S3 uploads * DEV: Process only images uploaded by users * FIX: Incorrect usage of `count` and `exist?` typo * DEV: Spec S3 image downsizing * DEV: Avoid downloading images twice * DEV: Update filesizes earlier in the process * DEV: Return false on invalid upload * FIX: Download images that currently above the limit (If the image size limit is decreased, then there was no way to resize those images that now fall outside the allowed size range) * Update script/downsize_uploads.rb (Co-authored-by: Régis Hanol <regis@hanol.fr>)
2020-06-11 08:47:59 -04:00
max_file_size_kb ||= [SiteSetting.max_image_size_kb, SiteSetting.max_attachment_size_kb].max.kilobytes
FEATURE: Add support for secure media (#7888) This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. A few notes: - the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads - the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured - upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status - when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error - when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-17 20:25:42 -05:00
FIX: `OptimizedImage#filesize` (#10095) `OptimizedImage#filesize` calls `Discourse.store.download` with an OptimizedImage as an argument. It would in turn attempt to call `#original_filename` and `#secure?` on that object. Both would fail as these methods do not exist on OptimizedImage, only on Upload. We didn't know about these issues because: 1. `#calculate_filesize` is not called often, because the filesize is saved on OptimizedImage creation, so it's used mostly for manual filesize recalculation 2. we were using `rescue nil` which swallows all errors
2020-07-06 11:01:29 -04:00
secure = object.respond_to?(:secure) ? object.secure? : object.upload.secure?
url = secure ?
Discourse.store.signed_url_for_path(object.url) :
Discourse.store.cdn_url(object.url)
FEATURE: Add support for secure media (#7888) This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. A few notes: - the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads - the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured - upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status - when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error - when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-17 20:25:42 -05:00
DEV: use cdn url to download the external uploads to local.
2019-06-06 09:47:19 -04:00
url = SiteSetting.scheme + ":" + url if url =~ /^\/\//
Refactor `FileHelper` to use keyword arguments.
2017-05-24 13:42:52 -04:00
file = FileHelper.download(
url,
max_file_size: max_file_size_kb,
tmp_file_name: "discourse-download",
follow_redirect: true
)
FIX: `OptimizedImage#filesize` (#10095) `OptimizedImage#filesize` calls `Discourse.store.download` with an OptimizedImage as an argument. It would in turn attempt to call `#original_filename` and `#secure?` on that object. Both would fail as these methods do not exist on OptimizedImage, only on Upload. We didn't know about these issues because: 1. `#calculate_filesize` is not called often, because the filesize is saved on OptimizedImage creation, so it's used mostly for manual filesize recalculation 2. we were using `rescue nil` which swallows all errors
2020-07-06 11:01:29 -04:00
FIX: optimized images fail if source is remote and S3 is disabled
2015-06-01 05:13:56 -04:00
cache_file(file, filename)
FIX: Return consistent character encodings when downloading S3 uploads Net::HTTP always returns ASCII-8BIT encoding. File.read auto-detects the encoding. This leads to an encoding inconsistency between a fresh download, and a cached download. This commit ensures all downloaded files are treated equally, by always returning the cached version from the filesystem, even during initial download. One symptom of this problem is during theme exports: https://meta.discourse.org/t/116907 Related ruby ticket: https://bugs.ruby-lang.org/issues/2567
2019-05-17 06:26:08 -04:00
file = get_from_cache(filename)
FIX: optimized images fail if source is remote and S3 is disabled
2015-06-01 05:13:56 -04:00
end
file
end
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
add a tombstone for extra safety
2013-11-27 16:01:41 -05:00
def purge_tombstone(grace_period)
end
FIX: automatically growing uploads tree
2015-05-27 19:03:24 -04:00
def get_path_for(type, id, sha, extension)
FIX: Tests would fail if your test db's optimized image ids were high
2015-10-16 17:08:16 -04:00
depth = get_depth_for(id)
PERF: new 'migrate_to_s3' rake task
2018-12-26 11:34:49 -05:00
tree = File.join(*sha[0, depth].chars, "")
FIX: automatically growing uploads tree
2015-05-27 19:03:24 -04:00
"#{type}/#{depth + 1}X/#{tree}#{sha}#{extension}"
end
def get_path_for_upload(upload)
FEATURE: Use path from existing URL of uploads and optimized images (#13177) Discourse shouldn't dynamically calculate the path of uploads and optimized images after a file has been stored on disk or S3. Otherwise it might calculate the wrong path if the SHA1 or extension stored in the database doesn't match the actual file path.
2021-05-27 11:42:25 -04:00
# try to extract the path from the URL instead of calculating it,
# because the calculated path might differ from the actual path
if upload.url.present? && (path = upload.url[UPLOAD_PATH_REGEX, 1])
return prefix_path(path)
end
Maintain backwards compatibility before `Jobs::MigrateUploadExtensions` runs.
2017-08-02 22:56:55 -04:00
extension =
if upload.extension
".#{upload.extension}"
else
PERF: new 'migrate_to_s3' rake task
2018-12-26 11:34:49 -05:00
# Maintain backward compatibility before Jobs::MigrateUploadExtensions runs
Maintain backwards compatibility before `Jobs::MigrateUploadExtensions` runs.
2017-08-02 22:56:55 -04:00
File.extname(upload.original_filename)
end
DEV: stop freezing frozen strings We have the `# frozen_string_literal: true` comment on all our files. This means all string literals are frozen. There is no need to call #freeze on any literals. For files with `# frozen_string_literal: true` ``` puts %w{a b}[0].frozen? => true puts "hi".frozen? => true puts "a #{1} b".frozen? => true puts ("a " + "b").frozen? => false puts (-("a " + "b")).frozen? => true ``` For more details see: https://samsaffron.com/archive/2018/02/16/reducing-string-duplication-in-ruby
2020-04-30 02:48:34 -04:00
get_path_for("original", upload.id, upload.sha1, extension)
FIX: automatically growing uploads tree
2015-05-27 19:03:24 -04:00
end
def get_path_for_optimized_image(optimized_image)
FEATURE: Use path from existing URL of uploads and optimized images (#13177) Discourse shouldn't dynamically calculate the path of uploads and optimized images after a file has been stored on disk or S3. Otherwise it might calculate the wrong path if the SHA1 or extension stored in the database doesn't match the actual file path.
2021-05-27 11:42:25 -04:00
# try to extract the path from the URL instead of calculating it,
# because the calculated path might differ from the actual path
if optimized_image.url.present? && (path = optimized_image.url[OPTIMIZED_IMAGE_PATH_REGEX, 1])
return prefix_path(path)
end
FIX: automatically growing uploads tree
2015-05-27 19:03:24 -04:00
upload = optimized_image.upload
FIX: Use correct version when generating file path for optimized image (#6871)
2019-01-11 08:05:38 -05:00
version = optimized_image.version || 1
extension = "_#{version}_#{optimized_image.width}x#{optimized_image.height}#{optimized_image.extension}"
DEV: stop freezing frozen strings We have the `# frozen_string_literal: true` comment on all our files. This means all string literals are frozen. There is no need to call #freeze on any literals. For files with `# frozen_string_literal: true` ``` puts %w{a b}[0].frozen? => true puts "hi".frozen? => true puts "a #{1} b".frozen? => true puts ("a " + "b").frozen? => false puts (-("a " + "b")).frozen? => true ``` For more details see: https://samsaffron.com/archive/2018/02/16/reducing-string-duplication-in-ruby
2020-04-30 02:48:34 -04:00
get_path_for("optimized", upload.id, upload.sha1, extension)
FIX: automatically growing uploads tree
2015-05-27 19:03:24 -04:00
end
FIX: optimized images fail if source is remote and S3 is disabled
2015-06-01 05:13:56 -04:00
CACHE_DIR ||= "#{Rails.root}/tmp/download_cache/"
CACHE_MAXIMUM_SIZE ||= 500
def get_cache_path_for(filename)
"#{CACHE_DIR}#{filename}"
end
def get_from_cache(filename)
path = get_cache_path_for(filename)
File.open(path) if File.exists?(path)
end
def cache_file(file, filename)
path = get_cache_path_for(filename)
dir = File.dirname(path)
FIX: properly delete files in the download cache
2018-07-04 12:18:39 -04:00
FileUtils.mkdir_p(dir) unless Dir.exist?(dir)
FIX: optimized images fail if source is remote and S3 is disabled
2015-06-01 05:13:56 -04:00
FileUtils.cp(file.path, path)
DEV: Ignore `ls` errors when clearing FileStore cache (#8780) A race condition issue is possible when multiple thread/processes are calling this method. `ls` prints out to stderr "cannot access '...': No such file or directory" if any of the files it's currently trying to list are being removed by the `xargs rm -rf` in an another process. That doesn't affect the result, but it did raise an error before this change. Tested on a production instance where the original issue was observed. Co-Authored-By: Régis Hanol <regis@hanol.fr>
2020-01-26 20:59:54 -05:00
FIX: Improve clearing store cache (#9568) 1. Shorter 2. Simpler 3. Doesn't depend on external binaries 4. Doesn't fail on large amounts of files 5. Hopefully eliminates flaky spec errors
2020-04-28 11:24:04 -04:00
# Remove all but CACHE_MAXIMUM_SIZE most recent files
files = Dir.glob("#{CACHE_DIR}*")
DEV: Rubocop fix
2020-06-01 00:07:07 -04:00
files.sort_by! do |f|
FIX: Handle files removed between `glob` and `mtime`
2020-05-31 08:35:08 -04:00
begin
DEV: Rubocop fix
2020-06-01 00:07:07 -04:00
File.mtime(f)
FIX: Handle files removed between `glob` and `mtime`
2020-05-31 08:35:08 -04:00
rescue Errno::ENOENT
Time.new(0)
end
end
files.pop(CACHE_MAXIMUM_SIZE)
FIX: Improve clearing store cache (#9568) 1. Shorter 2. Simpler 3. Doesn't depend on external binaries 4. Doesn't fail on large amounts of files 5. Hopefully eliminates flaky spec errors
2020-04-28 11:24:04 -04:00
FileUtils.rm(files, force: true)
FIX: optimized images fail if source is remote and S3 is disabled
2015-06-01 05:13:56 -04:00
end
FIX: Make sure we raise an error when method is not implemented.
2016-08-11 23:43:57 -04:00
private
def not_implemented
raise "Not implemented."
end
FIX: Properly support defaults for upload site settings.
2019-01-02 02:29:17 -05:00
def get_depth_for(id)
depths = [0]
depths << Math.log(id / 1_000.0, 16).ceil if id.positive?
depths.max
end
FEATURE: Use path from existing URL of uploads and optimized images (#13177) Discourse shouldn't dynamically calculate the path of uploads and optimized images after a file has been stored on disk or S3. Otherwise it might calculate the wrong path if the SHA1 or extension stored in the database doesn't match the actual file path.
2021-05-27 11:42:25 -04:00
def prefix_path(path)
path
end
pull hotlinked images
2013-11-05 13:04:47 -05:00
end
end