discourse/lib/topic_upload_security_manager.rb
Bianca Nenciu 9db8f00b3d
FEATURE: Create upload_references table (#16146)
This table holds associations between uploads and other models. This can be used to prevent removing uploads that are still in use.

* DEV: Create upload_references
* DEV: Use UploadReference instead of PostUpload
* DEV: Use UploadReference for SiteSetting
* DEV: Use UploadReference for Badge
* DEV: Use UploadReference for Category
* DEV: Use UploadReference for CustomEmoji
* DEV: Use UploadReference for Group
* DEV: Use UploadReference for ThemeField
* DEV: Use UploadReference for ThemeSetting
* DEV: Use UploadReference for User
* DEV: Use UploadReference for UserAvatar
* DEV: Use UploadReference for UserExport
* DEV: Use UploadReference for UserProfile
* DEV: Add method to extract uploads from raw text
* DEV: Use UploadReference for Draft
* DEV: Use UploadReference for ReviewableQueuedPost
* DEV: Use UploadReference for UserProfile's bio_raw
* DEV: Do not copy user uploads to upload references
* DEV: Copy post uploads again after deploy
* DEV: Use created_at and updated_at from uploads table
* FIX: Check if upload site setting is empty
* DEV: Copy user uploads to upload references
* DEV: Make upload extraction less strict
2022-06-09 09:24:30 +10:00

94 lines
3.6 KiB
Ruby

# frozen_string_literal: true
##
# There are certain conditions with secure media when the security of
# uploads will need to change depending on the context they reside in.
#
# For example on these conditions:
# * Topic category change
# * Topic switching between PM and public topic
# * Post moving between topics
#
# We need to go through all of the posts in that topic that
# own uploads via access_control_post_id, then for those uploads determine
# if they still need to be secure or not. For example an upload could be
# secure if it is in a PM, and then when the topic gets converted to a public
# topic the upload no longer needs to remain secure as it is no longer in
# a secure context.
class TopicUploadSecurityManager
def initialize(topic)
@topic = topic
end
def run
Rails.logger.debug("Updating upload security in topic #{@topic.id}")
posts_owning_uploads.each do |post|
Post.transaction do
Rails.logger.debug("Updating upload security in topic #{@topic.id} - post #{post.id}")
post.topic = @topic
secure_status_did_change = post.owned_uploads_via_access_control.any? do |upload|
# we have already got the post preloaded so we may as well
# attach it here to avoid another load in UploadSecurity
upload.access_control_post = post
upload.update_secure_status(source: "topic upload security")
end
post.rebake! if secure_status_did_change
Rails.logger.debug("Security updated & rebake complete in topic #{@topic.id} - post #{post.id}")
end
end
return if !SiteSetting.secure_media
# we only want to do this if secure media is enabled. if
# the setting is turned on after a site has been running
# already, we want to make sure that any post moves after
# this are handled and upload secure statuses and ACLs
# are updated appropriately, as well as setting the access control
# post for secure uploads missing it.
#
# examples (all after secure media is enabled):
#
# -> a public topic is moved to a private category after
# -> a PM is converted to a public topic
# -> a public topic is converted to a PM
# -> a topic is moved from a private to a public category
posts_with_unowned_uploads.each do |post|
Post.transaction do
Rails.logger.debug("Setting upload access control posts in topic #{@topic.id} - post #{post.id}")
post.topic = @topic
secure_status_did_change = post.uploads.any? do |upload|
first_post_upload_appeared_in = upload.upload_references.where(target_type: 'Post').first.target
if first_post_upload_appeared_in == post
upload.update(access_control_post: post)
upload.update_secure_status(source: "topic upload security")
else
false
end
end
post.rebake! if secure_status_did_change
Rails.logger.debug("Completed changing access control posts #{secure_status_did_change ? 'and rebaking' : ''} in topic #{@topic.id} - post #{post.id}")
end
end
Rails.logger.debug("Completed updating upload security in topic #{@topic.id}!")
end
private
def posts_owning_uploads
Post.where(topic_id: @topic.id).joins('INNER JOIN uploads ON access_control_post_id = posts.id')
end
def posts_with_unowned_uploads
Post
.where(topic_id: @topic.id)
.joins("INNER JOIN upload_references ON upload_references.target_type = 'Post' AND upload_references.target_id = posts.id")
.joins('INNER JOIN uploads ON upload_references.upload_id = uploads.id')
.where('uploads.access_control_post_id IS NULL')
.includes(:uploads)
end
end