2013-11-06 02:04:47 +08:00
|
|
|
|
require "digest/sha1"
|
2014-04-15 04:55:57 +08:00
|
|
|
|
require_dependency "image_sizer"
|
|
|
|
|
require_dependency "file_helper"
|
2015-06-12 18:02:36 +08:00
|
|
|
|
require_dependency "url_helper"
|
|
|
|
|
require_dependency "db_helper"
|
2014-04-15 04:55:57 +08:00
|
|
|
|
require_dependency "validators/upload_validator"
|
2015-06-12 18:02:36 +08:00
|
|
|
|
require_dependency "file_store/local_store"
|
2013-02-06 03:16:51 +08:00
|
|
|
|
|
|
|
|
|
class Upload < ActiveRecord::Base
|
|
|
|
|
belongs_to :user
|
|
|
|
|
|
2013-11-06 02:04:47 +08:00
|
|
|
|
has_many :post_uploads, dependent: :destroy
|
2013-06-14 05:44:24 +08:00
|
|
|
|
has_many :posts, through: :post_uploads
|
2013-06-13 07:43:50 +08:00
|
|
|
|
|
2013-06-21 15:34:02 +08:00
|
|
|
|
has_many :optimized_images, dependent: :destroy
|
2013-06-16 16:39:48 +08:00
|
|
|
|
|
2016-03-01 05:39:24 +08:00
|
|
|
|
attr_accessor :is_attachment_for_group_message
|
|
|
|
|
|
2013-02-06 03:16:51 +08:00
|
|
|
|
validates_presence_of :filesize
|
|
|
|
|
validates_presence_of :original_filename
|
|
|
|
|
|
2014-04-15 04:55:57 +08:00
|
|
|
|
validates_with ::Validators::UploadValidator
|
|
|
|
|
|
2013-11-06 02:04:47 +08:00
|
|
|
|
def thumbnail(width = self.width, height = self.height)
|
2014-05-06 21:41:59 +08:00
|
|
|
|
optimized_images.find_by(width: width, height: height)
|
2013-06-17 07:00:25 +08:00
|
|
|
|
end
|
|
|
|
|
|
2013-11-06 02:04:47 +08:00
|
|
|
|
def has_thumbnail?(width, height)
|
2013-09-27 16:55:50 +08:00
|
|
|
|
thumbnail(width, height).present?
|
2013-06-17 07:00:25 +08:00
|
|
|
|
end
|
|
|
|
|
|
2016-05-23 22:18:30 +08:00
|
|
|
|
def create_thumbnail!(width, height, crop=false)
|
2013-06-17 07:00:25 +08:00
|
|
|
|
return unless SiteSetting.create_thumbnails?
|
2015-09-21 04:01:03 +08:00
|
|
|
|
|
2016-05-23 22:18:30 +08:00
|
|
|
|
opts = {
|
2015-09-21 04:01:03 +08:00
|
|
|
|
filename: self.original_filename,
|
2016-05-23 22:18:30 +08:00
|
|
|
|
allow_animation: SiteSetting.allow_animated_thumbnails,
|
2016-05-23 22:42:19 +08:00
|
|
|
|
crop: crop
|
2016-05-23 22:18:30 +08:00
|
|
|
|
}
|
2015-09-21 04:01:03 +08:00
|
|
|
|
|
2016-05-23 22:18:30 +08:00
|
|
|
|
if thumbnail = OptimizedImage.create_for(self, width, height, opts)
|
2013-09-27 16:55:50 +08:00
|
|
|
|
self.width = width
|
|
|
|
|
self.height = height
|
2015-06-27 07:26:16 +08:00
|
|
|
|
save(validate: false)
|
2013-09-27 16:55:50 +08:00
|
|
|
|
end
|
2013-06-17 07:00:25 +08:00
|
|
|
|
end
|
|
|
|
|
|
2013-06-21 15:34:02 +08:00
|
|
|
|
def destroy
|
2013-06-20 03:51:41 +08:00
|
|
|
|
Upload.transaction do
|
2013-08-14 04:08:29 +08:00
|
|
|
|
Discourse.store.remove_upload(self)
|
2013-06-20 03:51:41 +08:00
|
|
|
|
super
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2013-08-14 04:08:29 +08:00
|
|
|
|
def extension
|
|
|
|
|
File.extname(original_filename)
|
|
|
|
|
end
|
|
|
|
|
|
2015-07-15 23:15:43 +08:00
|
|
|
|
# list of image types that will be cropped
|
2017-02-02 17:41:57 +08:00
|
|
|
|
CROPPED_IMAGE_TYPES ||= %w{
|
|
|
|
|
avatar
|
|
|
|
|
profile_background
|
|
|
|
|
card_background
|
|
|
|
|
custom_emoji
|
|
|
|
|
}
|
2015-07-15 23:15:43 +08:00
|
|
|
|
|
2016-06-20 16:22:13 +08:00
|
|
|
|
WHITELISTED_SVG_ELEMENTS ||= %w{
|
|
|
|
|
circle
|
|
|
|
|
clippath
|
|
|
|
|
defs
|
|
|
|
|
ellipse
|
|
|
|
|
g
|
|
|
|
|
line
|
|
|
|
|
linearGradient
|
|
|
|
|
path
|
|
|
|
|
polygon
|
|
|
|
|
polyline
|
|
|
|
|
radialGradient
|
|
|
|
|
rect
|
|
|
|
|
stop
|
|
|
|
|
svg
|
|
|
|
|
text
|
|
|
|
|
textpath
|
|
|
|
|
tref
|
|
|
|
|
tspan
|
|
|
|
|
use
|
|
|
|
|
}
|
|
|
|
|
|
2016-09-02 14:50:13 +08:00
|
|
|
|
def self.generate_digest(path)
|
|
|
|
|
Digest::SHA1.file(path).hexdigest
|
|
|
|
|
end
|
|
|
|
|
|
2016-06-20 16:22:13 +08:00
|
|
|
|
def self.svg_whitelist_xpath
|
|
|
|
|
@@svg_whitelist_xpath ||= "//*[#{WHITELISTED_SVG_ELEMENTS.map { |e| "name()!='#{e}'" }.join(" and ") }]"
|
|
|
|
|
end
|
|
|
|
|
|
2014-04-15 23:15:47 +08:00
|
|
|
|
# options
|
|
|
|
|
# - content_type
|
2016-03-01 05:39:24 +08:00
|
|
|
|
# - origin (url)
|
2017-02-02 17:41:57 +08:00
|
|
|
|
# - image_type ("avatar", "profile_background", "card_background", "custom_emoji")
|
2016-03-01 05:39:24 +08:00
|
|
|
|
# - is_attachment_for_group_message (boolean)
|
2014-04-15 23:15:47 +08:00
|
|
|
|
def self.create_for(user_id, file, filename, filesize, options = {})
|
2017-01-12 06:37:12 +08:00
|
|
|
|
upload = Upload.new
|
|
|
|
|
|
2015-07-15 23:15:43 +08:00
|
|
|
|
DistributedMutex.synchronize("upload_#{user_id}_#{filename}") do
|
|
|
|
|
# do some work on images
|
2016-05-04 03:54:07 +08:00
|
|
|
|
if FileHelper.is_image?(filename) && is_actual_image?(file)
|
2017-04-17 23:14:27 +08:00
|
|
|
|
# retrieve image info
|
|
|
|
|
w, h = FastImage.size(file) || [0, 0]
|
|
|
|
|
|
2016-06-20 16:22:13 +08:00
|
|
|
|
if filename[/\.svg$/i]
|
|
|
|
|
# whitelist svg elements
|
|
|
|
|
doc = Nokogiri::XML(file)
|
|
|
|
|
doc.xpath(svg_whitelist_xpath).remove
|
|
|
|
|
File.write(file.path, doc.to_s)
|
|
|
|
|
file.rewind
|
2015-07-15 23:15:43 +08:00
|
|
|
|
else
|
2017-01-12 06:37:12 +08:00
|
|
|
|
if w * h >= SiteSetting.max_image_megapixels * 1_000_000
|
|
|
|
|
upload.errors.add(:base, I18n.t("upload.images.larger_than_x_megapixels", max_image_megapixels: SiteSetting.max_image_megapixels))
|
|
|
|
|
return upload
|
|
|
|
|
end
|
|
|
|
|
|
2016-02-22 19:57:24 +08:00
|
|
|
|
# fix orientation first
|
2017-04-17 23:14:27 +08:00
|
|
|
|
fix_image_orientation(file.path) if should_optimize?(file.path, [w, h])
|
2015-07-15 23:15:43 +08:00
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# default size
|
|
|
|
|
width, height = ImageSizer.resize(w, h)
|
|
|
|
|
|
|
|
|
|
# make sure we're at the beginning of the file (both FastImage and Nokogiri move the pointer)
|
|
|
|
|
file.rewind
|
|
|
|
|
|
|
|
|
|
# crop images depending on their type
|
|
|
|
|
if CROPPED_IMAGE_TYPES.include?(options[:image_type])
|
2015-07-22 23:10:42 +08:00
|
|
|
|
allow_animation = SiteSetting.allow_animated_thumbnails
|
2015-07-15 23:15:43 +08:00
|
|
|
|
max_pixel_ratio = Discourse::PIXEL_RATIOS.max
|
|
|
|
|
|
|
|
|
|
case options[:image_type]
|
|
|
|
|
when "avatar"
|
|
|
|
|
allow_animation = SiteSetting.allow_animated_avatars
|
|
|
|
|
width = height = Discourse.avatar_sizes.max
|
2015-09-25 03:04:06 +08:00
|
|
|
|
OptimizedImage.resize(file.path, file.path, width, height, filename: filename, allow_animation: allow_animation)
|
2015-07-15 23:15:43 +08:00
|
|
|
|
when "profile_background"
|
|
|
|
|
max_width = 850 * max_pixel_ratio
|
|
|
|
|
width, height = ImageSizer.resize(w, h, max_width: max_width, max_height: max_width)
|
2015-09-25 03:04:06 +08:00
|
|
|
|
OptimizedImage.downsize(file.path, file.path, "#{width}x#{height}", filename: filename, allow_animation: allow_animation)
|
2015-07-15 23:15:43 +08:00
|
|
|
|
when "card_background"
|
|
|
|
|
max_width = 590 * max_pixel_ratio
|
|
|
|
|
width, height = ImageSizer.resize(w, h, max_width: max_width, max_height: max_width)
|
2015-09-25 03:04:06 +08:00
|
|
|
|
OptimizedImage.downsize(file.path, file.path, "#{width}x#{height}", filename: filename, allow_animation: allow_animation)
|
2017-02-02 17:41:57 +08:00
|
|
|
|
when "custom_emoji"
|
|
|
|
|
OptimizedImage.downsize(file.path, file.path, "100x100", filename: filename, allow_animation: allow_animation)
|
2015-07-15 23:15:43 +08:00
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2016-06-20 16:22:13 +08:00
|
|
|
|
# optimize image (except GIFs, SVGs and large PNGs)
|
2017-04-17 23:14:27 +08:00
|
|
|
|
if should_optimize?(file.path, [w, h])
|
2017-04-20 15:18:42 +08:00
|
|
|
|
begin
|
|
|
|
|
ImageOptim.new.optimize_image!(file.path)
|
|
|
|
|
rescue ImageOptim::Worker::TimeoutExceeded
|
|
|
|
|
# Don't optimize if it takes too long
|
|
|
|
|
Rails.logger.warn("ImageOptim timed out while optimizing #{filename}")
|
|
|
|
|
end
|
2015-11-27 01:16:47 +08:00
|
|
|
|
# update the file size
|
|
|
|
|
filesize = File.size(file.path)
|
|
|
|
|
end
|
2015-07-15 23:15:43 +08:00
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# compute the sha of the file
|
2016-09-02 14:50:13 +08:00
|
|
|
|
sha1 = Upload.generate_digest(file)
|
2015-02-04 01:44:18 +08:00
|
|
|
|
|
2015-05-12 22:45:33 +08:00
|
|
|
|
# do we already have that upload?
|
|
|
|
|
upload = find_by(sha1: sha1)
|
|
|
|
|
|
|
|
|
|
# make sure the previous upload has not failed
|
2015-12-21 23:08:14 +08:00
|
|
|
|
if upload && (upload.url.blank? || is_dimensionless_image?(filename, upload.width, upload.height))
|
2015-05-12 22:45:33 +08:00
|
|
|
|
upload.destroy
|
|
|
|
|
upload = nil
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# return the previous upload if any
|
|
|
|
|
return upload unless upload.nil?
|
|
|
|
|
|
|
|
|
|
# create the upload otherwise
|
|
|
|
|
upload = Upload.new
|
|
|
|
|
upload.user_id = user_id
|
|
|
|
|
upload.original_filename = filename
|
|
|
|
|
upload.filesize = filesize
|
|
|
|
|
upload.sha1 = sha1
|
|
|
|
|
upload.url = ""
|
2015-07-15 23:15:43 +08:00
|
|
|
|
upload.width = width
|
|
|
|
|
upload.height = height
|
2015-05-12 22:45:33 +08:00
|
|
|
|
upload.origin = options[:origin][0...1000] if options[:origin]
|
|
|
|
|
|
2016-03-01 05:39:24 +08:00
|
|
|
|
if options[:is_attachment_for_group_message]
|
|
|
|
|
upload.is_attachment_for_group_message = true
|
|
|
|
|
end
|
|
|
|
|
|
2015-12-21 23:08:14 +08:00
|
|
|
|
if is_dimensionless_image?(filename, upload.width, upload.height)
|
2015-07-15 23:15:43 +08:00
|
|
|
|
upload.errors.add(:base, I18n.t("upload.images.size_not_found"))
|
2015-12-21 23:08:14 +08:00
|
|
|
|
return upload
|
2015-05-29 21:57:24 +08:00
|
|
|
|
end
|
2015-05-12 22:45:33 +08:00
|
|
|
|
|
|
|
|
|
return upload unless upload.save
|
|
|
|
|
|
|
|
|
|
# store the file and update its url
|
2015-05-29 21:57:24 +08:00
|
|
|
|
File.open(file.path) do |f|
|
|
|
|
|
url = Discourse.store.store_upload(f, upload, options[:content_type])
|
|
|
|
|
if url.present?
|
|
|
|
|
upload.url = url
|
|
|
|
|
upload.save
|
|
|
|
|
else
|
|
|
|
|
upload.errors.add(:url, I18n.t("upload.store_failure", { upload_id: upload.id, user_id: user_id }))
|
|
|
|
|
end
|
2015-05-12 22:45:33 +08:00
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
upload
|
2013-06-15 16:33:57 +08:00
|
|
|
|
end
|
2013-04-07 23:52:46 +08:00
|
|
|
|
end
|
|
|
|
|
|
2016-05-04 03:54:07 +08:00
|
|
|
|
def self.is_actual_image?(file)
|
|
|
|
|
# due to ImageMagick CVE-2016–3714, use FastImage to check the magic bytes
|
|
|
|
|
# cf. https://meta.discourse.org/t/imagemagick-cve-2016-3714/43624
|
|
|
|
|
FastImage.size(file, raise_on_failure: true)
|
|
|
|
|
rescue
|
|
|
|
|
false
|
|
|
|
|
end
|
|
|
|
|
|
2016-02-22 19:57:24 +08:00
|
|
|
|
LARGE_PNG_SIZE ||= 3.megabytes
|
|
|
|
|
|
2017-04-17 23:14:27 +08:00
|
|
|
|
def self.should_optimize?(path, dimensions = nil)
|
2016-06-20 16:22:13 +08:00
|
|
|
|
# don't optimize GIFs or SVGs
|
|
|
|
|
return false if path =~ /\.(gif|svg)$/i
|
2016-02-22 19:57:24 +08:00
|
|
|
|
return true if path !~ /\.png$/i
|
2017-04-17 23:14:27 +08:00
|
|
|
|
|
|
|
|
|
dimensions ||= (FastImage.size(path) || [0, 0])
|
|
|
|
|
w, h = dimensions
|
2016-02-22 19:57:24 +08:00
|
|
|
|
# don't optimize large PNGs
|
|
|
|
|
w > 0 && h > 0 && w * h < LARGE_PNG_SIZE
|
|
|
|
|
end
|
|
|
|
|
|
2015-12-21 23:08:14 +08:00
|
|
|
|
def self.is_dimensionless_image?(filename, width, height)
|
|
|
|
|
FileHelper.is_image?(filename) && (width.blank? || width == 0 || height.blank? || height == 0)
|
|
|
|
|
end
|
|
|
|
|
|
2013-07-08 07:39:08 +08:00
|
|
|
|
def self.get_from_url(url)
|
2014-07-18 23:54:18 +08:00
|
|
|
|
return if url.blank?
|
2013-07-22 06:37:23 +08:00
|
|
|
|
# we store relative urls, so we need to remove any host/cdn
|
2016-06-30 22:55:01 +08:00
|
|
|
|
url = url.sub(Discourse.asset_host, "") if Discourse.asset_host.present?
|
2015-05-26 17:47:33 +08:00
|
|
|
|
# when using s3, we need to replace with the absolute base url
|
2016-06-30 22:55:01 +08:00
|
|
|
|
url = url.sub(SiteSetting.s3_cdn_url, Discourse.store.absolute_base_url) if SiteSetting.s3_cdn_url.present?
|
2016-10-18 15:58:45 +08:00
|
|
|
|
|
|
|
|
|
# always try to get the path
|
2016-10-20 18:34:42 +08:00
|
|
|
|
uri = URI(url) rescue nil
|
|
|
|
|
url = uri.path if uri.try(:scheme)
|
2016-10-18 15:58:45 +08:00
|
|
|
|
|
2015-06-02 02:08:41 +08:00
|
|
|
|
Upload.find_by(url: url)
|
2013-07-08 07:39:08 +08:00
|
|
|
|
end
|
|
|
|
|
|
2014-07-10 05:59:57 +08:00
|
|
|
|
def self.fix_image_orientation(path)
|
2017-03-17 14:21:30 +08:00
|
|
|
|
Discourse::Utils.execute_command('convert', path, '-auto-orient', path)
|
2014-07-10 05:59:57 +08:00
|
|
|
|
end
|
|
|
|
|
|
2016-09-02 10:55:11 +08:00
|
|
|
|
def self.migrate_to_new_scheme(limit=nil)
|
2015-06-12 18:02:36 +08:00
|
|
|
|
problems = []
|
|
|
|
|
|
|
|
|
|
if SiteSetting.migrate_to_new_scheme
|
|
|
|
|
max_file_size_kb = [SiteSetting.max_image_size_kb, SiteSetting.max_attachment_size_kb].max.kilobytes
|
|
|
|
|
local_store = FileStore::LocalStore.new
|
|
|
|
|
|
2016-09-02 10:55:11 +08:00
|
|
|
|
scope = Upload.where("url NOT LIKE '%/original/_X/%'").order(id: :desc)
|
|
|
|
|
scope.limit(limit) if limit
|
|
|
|
|
|
|
|
|
|
scope.each do |upload|
|
2015-06-12 18:02:36 +08:00
|
|
|
|
begin
|
|
|
|
|
# keep track of the url
|
|
|
|
|
previous_url = upload.url.dup
|
|
|
|
|
# where is the file currently stored?
|
|
|
|
|
external = previous_url =~ /^\/\//
|
|
|
|
|
# download if external
|
|
|
|
|
if external
|
|
|
|
|
url = SiteSetting.scheme + ":" + previous_url
|
|
|
|
|
file = FileHelper.download(url, max_file_size_kb, "discourse", true) rescue nil
|
|
|
|
|
path = file.path
|
|
|
|
|
else
|
|
|
|
|
path = local_store.path_for(upload)
|
|
|
|
|
end
|
|
|
|
|
# compute SHA if missing
|
|
|
|
|
if upload.sha1.blank?
|
2016-09-02 14:50:13 +08:00
|
|
|
|
upload.sha1 = Upload.generate_digest(path)
|
2015-06-12 18:02:36 +08:00
|
|
|
|
end
|
|
|
|
|
# optimize if image
|
|
|
|
|
if FileHelper.is_image?(File.basename(path))
|
|
|
|
|
ImageOptim.new.optimize_image!(path)
|
|
|
|
|
end
|
|
|
|
|
# store to new location & update the filesize
|
|
|
|
|
File.open(path) do |f|
|
2016-09-02 11:58:56 +08:00
|
|
|
|
upload.url = Discourse.store.store_upload(f, upload)
|
|
|
|
|
upload.filesize = f.size
|
2016-09-02 11:59:03 +08:00
|
|
|
|
upload.save!
|
2015-06-12 18:02:36 +08:00
|
|
|
|
end
|
|
|
|
|
# remap the URLs
|
|
|
|
|
DbHelper.remap(UrlHelper.absolute(previous_url), upload.url) unless external
|
|
|
|
|
DbHelper.remap(previous_url, upload.url)
|
|
|
|
|
# remove the old file (when local)
|
|
|
|
|
unless external
|
|
|
|
|
FileUtils.rm(path, force: true) rescue nil
|
|
|
|
|
end
|
|
|
|
|
rescue => e
|
|
|
|
|
problems << { upload: upload, ex: e }
|
|
|
|
|
ensure
|
|
|
|
|
file.try(:unlink) rescue nil
|
|
|
|
|
file.try(:close) rescue nil
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
problems
|
|
|
|
|
end
|
|
|
|
|
|
2013-02-06 03:16:51 +08:00
|
|
|
|
end
|
2013-05-24 10:48:32 +08:00
|
|
|
|
|
|
|
|
|
# == Schema Information
|
|
|
|
|
#
|
|
|
|
|
# Table name: uploads
|
|
|
|
|
#
|
|
|
|
|
# id :integer not null, primary key
|
|
|
|
|
# user_id :integer not null
|
2016-02-23 07:33:53 +08:00
|
|
|
|
# original_filename :string not null
|
2013-05-24 10:48:32 +08:00
|
|
|
|
# filesize :integer not null
|
|
|
|
|
# width :integer
|
|
|
|
|
# height :integer
|
2016-02-23 07:33:53 +08:00
|
|
|
|
# url :string not null
|
2014-08-27 13:19:25 +08:00
|
|
|
|
# created_at :datetime not null
|
|
|
|
|
# updated_at :datetime not null
|
2013-06-18 04:16:14 +08:00
|
|
|
|
# sha1 :string(40)
|
2013-12-05 14:40:35 +08:00
|
|
|
|
# origin :string(1000)
|
2014-11-20 11:53:15 +08:00
|
|
|
|
# retain_hours :integer
|
2013-05-24 10:48:32 +08:00
|
|
|
|
#
|
|
|
|
|
# Indexes
|
|
|
|
|
#
|
2013-10-04 11:28:49 +08:00
|
|
|
|
# index_uploads_on_id_and_url (id,url)
|
|
|
|
|
# index_uploads_on_sha1 (sha1) UNIQUE
|
|
|
|
|
# index_uploads_on_url (url)
|
|
|
|
|
# index_uploads_on_user_id (user_id)
|
2013-05-24 10:48:32 +08:00
|
|
|
|
#
|