Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes #1473 #1475

Merged
merged 1 commit into from
Aug 21, 2022
Merged

Fixes #1473 #1475

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions app/Actions/Import/Exec.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,10 +128,41 @@ private static function normalizePath(string $path): string
}

// Skip folders of Lychee
// Currently we must check for each directory which might be used
// by Lychee below `uploads/` individually, because the folder
// `uploads/import` is a potential source for imports and also
// placed below `uploads`.
// This is a design error and needs to be changed, at last when
// the media is stored remotely on a network storage such as
// AWS S3.
// A much better folder structure would be
//
// ```
// |
// +-- staging // new directory which temporarily stores media which is not yet, but going to be added to Lychee
// | +-- imports // replaces the current `uploads/import`
// | +-- uploads // temporary storage location for images which have been uploaded via an HTTP POST request
// | +-- downloads // temporary storage location for images which have been downloaded from a remote URL
// +-- vault // replaces the current `uploads/` and could be outsourced to a remote network storage
// +-- original
// +-- medium2x
// +-- medium
// +-- small2x
// +-- small
// +-- thumb2x
// +-- thumb
// ```
//
// This way we could simply check if the path is anything below `vault`
if (
$realPath === Storage::path('big') ||
$realPath === Storage::path('raw') ||
$realPath === Storage::path('original') ||
$realPath === Storage::path('medium2x') ||
$realPath === Storage::path('medium') ||
$realPath === Storage::path('small2x') ||
$realPath === Storage::path('small') ||
$realPath === Storage::path('thumb2x') ||
$realPath === Storage::path('thumb')
) {
throw new ReservedDirectoryException('The given path is a reserved path of Lychee (' . $path . ')');
Expand Down
6 changes: 0 additions & 6 deletions app/Actions/Install/DefaultConfig.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,12 +64,6 @@ class DefaultConfig
'public/img/' => 'file_exists|is_readable|is_writable|is_executable',
'public/sym/' => 'file_exists|is_readable|is_writable|is_executable',
'public/uploads/' => 'file_exists|is_readable|is_writable|is_executable',
'public/uploads/big/' => 'file_exists|is_readable|is_writable|is_executable',
'public/uploads/import/' => 'file_exists|is_readable|is_writable|is_executable',
'public/uploads/medium/' => 'file_exists|is_readable|is_writable|is_executable',
'public/uploads/raw/' => 'file_exists|is_readable|is_writable|is_executable',
'public/uploads/small/' => 'file_exists|is_readable|is_writable|is_executable',
'public/uploads/thumb/' => 'file_exists|is_readable|is_writable|is_executable',
],
// This is from https://github.com/rashidlaasri/LaravelInstaller
// We keep it so we can make the .env edition a bit more friendly (later).
Expand Down