Apps/ImageApi
1
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

feature/handle-duplicate-file-name-upload #22

Merged
cameron merged 5 commits from feature/handle-duplicate-file-name-upload into master 2024-01-18 03:40:23 +00:00
Conversation 0 Commits 5 Files Changed 6 +25 -5
2 changed files with 25 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 9e8f02240f - Show all commits

5
src/files.rs
View File

@@ -459,7 +459,10 @@ mod tests {
#[test]
fn directory_traversal_test() {
let base = env::temp_dir();
assert_eq!(None, is_valid_full_path(&base, &PathBuf::from("../"), false));
assert_eq!(
None,
is_valid_full_path(&base, &PathBuf::from("../"), false)
);
assert_eq!(None, is_valid_full_path(&base, &PathBuf::from(".."), false));
assert_eq!(
None,

25
src/main.rs
View File

@@ -26,11 +26,12 @@ use actix_web::{
web::{self, BufMut, BytesMut},
App, HttpRequest, HttpResponse, HttpServer, Responder,
};
use chrono::Utc;
use diesel::sqlite::Sqlite;
use notify::{watcher, DebouncedEvent, RecursiveMode, Watcher};
use rayon::prelude::*;
use log::{debug, error, info};
use log::{debug, error, info, warn};
use crate::auth::login;
use crate::data::*;
@@ -165,8 +166,21 @@ async fn upload_image(
let mut file = File::create(full_path).unwrap();
file.write_all(&file_content).unwrap();
} else {
error!("File already exists: {:?}", full_path);
return HttpResponse::BadRequest().body("File already exists");
warn!("File already exists: {:?}", full_path);
let new_path = format!(
"{:?}_{}.{:?}",
full_path.file_stem(),
Utc::now(),
full_path
.extension()
.expect("Uploaded file should have an extension")
);
let mut file = File::create(new_path).unwrap();
file.write_all(&file_content).unwrap();
create_thumbnails();
return HttpResponse::Ok().finish();
}
} else {
error!("Invalid path for upload: {:?}", full_path);
@@ -175,6 +189,8 @@ async fn upload_image(
} else {
return HttpResponse::BadRequest().body("No file body read");
}
create_thumbnails();
HttpResponse::Ok().finish()
}
@@ -217,7 +233,8 @@ async fn stream_video(
debug!("Playlist: {}", playlist);
// Extract video playlist dir to dotenv
if !playlist.starts_with("tmp") && is_valid_full_path(&app_state.base_path, playlist, false).is_some()
if !playlist.starts_with("tmp")
&& is_valid_full_path(&app_state.base_path, playlist, false).is_some()
{
HttpResponse::BadRequest().finish()
} else if let Ok(file) = NamedFile::open(playlist) {