mirror of
https://github.com/discourse/discourse.git
synced 2024-11-28 11:04:59 +08:00
6f782d8e45
This commit adds limits to themes and theme components on the: - file size of about.json and .discourse-compatibility - file size of theme assets - number of files in a theme
48 lines
1.0 KiB
Ruby
48 lines
1.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module ThemeStore
|
|
class BaseImporter
|
|
def import!
|
|
raise "Not implemented"
|
|
end
|
|
|
|
def [](value)
|
|
fullpath = real_path(value)
|
|
return nil unless fullpath
|
|
File.read(fullpath)
|
|
end
|
|
|
|
def real_path(relative)
|
|
fullpath = "#{temp_folder}/#{relative}"
|
|
return nil unless File.exist?(fullpath)
|
|
|
|
# careful to handle symlinks here, don't want to expose random data
|
|
fullpath = Pathname.new(fullpath).realpath.to_s
|
|
|
|
if fullpath && fullpath.start_with?(temp_folder)
|
|
fullpath
|
|
else
|
|
nil
|
|
end
|
|
end
|
|
|
|
def file_size(path)
|
|
fullpath = real_path(path)
|
|
return -1 unless fullpath
|
|
File.size(fullpath)
|
|
end
|
|
|
|
def all_files
|
|
Dir.glob("**/**", base: temp_folder).reject { |f| File.directory?(File.join(temp_folder, f)) }
|
|
end
|
|
|
|
def cleanup!
|
|
FileUtils.rm_rf(temp_folder)
|
|
end
|
|
|
|
def temp_folder
|
|
@temp_folder ||= "#{Pathname.new(Dir.tmpdir).realpath}/discourse_theme_#{SecureRandom.hex}"
|
|
end
|
|
end
|
|
end
|