Merge pull request #47211 from nextcloud/fix/core/limit-valid-avatar-sizes

skjnldsv · web-flow · commit 2c7f5dce7a64 · 2024-08-14T10:35:00.000+02:00
diff --git a/core/Controller/AvatarController.php b/core/Controller/AvatarController.php
@@ -55,7 +55,7 @@ public function __construct(
 	 * Get the dark avatar
 	 *
 	 * @param string $userId ID of the user
-	 * @param int $size Size of the avatar
+	 * @param 64|512 $size Size of the avatar
 	 * @param bool $guestFallback Fallback to guest avatar if not found
 	 * @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|JSONResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>
 	 *
@@ -89,7 +89,7 @@ public function getAvatarDark(string $userId, int $size, bool $guestFallback = f
 			);
 		} catch (\Exception $e) {
 			if ($guestFallback) {
-				return $this->guestAvatarController->getAvatarDark($userId, (string)$size);
+				return $this->guestAvatarController->getAvatarDark($userId, $size);
 			}
 			return new JSONResponse([], Http::STATUS_NOT_FOUND);
 		}
@@ -106,7 +106,7 @@ public function getAvatarDark(string $userId, int $size, bool $guestFallback = f
 	 * Get the avatar
 	 *
 	 * @param string $userId ID of the user
-	 * @param int $size Size of the avatar
+	 * @param 64|512 $size Size of the avatar
 	 * @param bool $guestFallback Fallback to guest avatar if not found
 	 * @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|JSONResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>
 	 *
@@ -140,7 +140,7 @@ public function getAvatar(string $userId, int $size, bool $guestFallback = false
 			);
 		} catch (\Exception $e) {
 			if ($guestFallback) {
-				return $this->guestAvatarController->getAvatar($userId, (string)$size);
+				return $this->guestAvatarController->getAvatar($userId, $size);
 			}
 			return new JSONResponse([], Http::STATUS_NOT_FOUND);
 		}
diff --git a/core/Controller/GuestAvatarController.php b/core/Controller/GuestAvatarController.php
@@ -36,7 +36,7 @@ public function __construct(
 	 * Returns a guest avatar image response
 	 *
 	 * @param string $guestName The guest name, e.g. "Albert"
-	 * @param string $size The desired avatar size, e.g. 64 for 64x64px
+	 * @param 64|512 $size The desired avatar size, e.g. 64 for 64x64px
 	 * @param bool|null $darkTheme Return dark avatar
 	 * @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>
 	 *
@@ -46,8 +46,7 @@ public function __construct(
 	#[PublicPage]
 	#[NoCSRFRequired]
 	#[FrontpageRoute(verb: 'GET', url: '/avatar/guest/{guestName}/{size}')]
-	public function getAvatar(string $guestName, string $size, ?bool $darkTheme = false) {
-		$size = (int) $size;
+	public function getAvatar(string $guestName, int $size, ?bool $darkTheme = false) {
 		$darkTheme = $darkTheme ?? false;
 
 		if ($size <= 64) {
@@ -89,7 +88,7 @@ public function getAvatar(string $guestName, string $size, ?bool $darkTheme = fa
 	 * Returns a dark guest avatar image response
 	 *
 	 * @param string $guestName The guest name, e.g. "Albert"
-	 * @param string $size The desired avatar size, e.g. 64 for 64x64px
+	 * @param 64|512 $size The desired avatar size, e.g. 64 for 64x64px
 	 * @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>
 	 *
 	 * 200: Custom avatar returned
@@ -98,7 +97,7 @@ public function getAvatar(string $guestName, string $size, ?bool $darkTheme = fa
 	#[PublicPage]
 	#[NoCSRFRequired]
 	#[FrontpageRoute(verb: 'GET', url: '/avatar/guest/{guestName}/{size}/dark')]
-	public function getAvatarDark(string $guestName, string $size) {
+	public function getAvatarDark(string $guestName, int $size) {
 		return $this->getAvatar($guestName, $size, true);
 	}
 }
diff --git a/core/openapi-full.json b/core/openapi-full.json
@@ -7567,7 +7567,11 @@
                         "required": true,
                         "schema": {
                             "type": "integer",
-                            "format": "int64"
+                            "format": "int64",
+                            "enum": [
+                                64,
+                                512
+                            ]
                         }
                     }
                 ],
@@ -7674,7 +7678,11 @@
                         "required": true,
                         "schema": {
                             "type": "integer",
-                            "format": "int64"
+                            "format": "int64",
+                            "enum": [
+                                64,
+                                512
+                            ]
                         }
                     }
                 ],
@@ -7914,7 +7922,12 @@
                         "description": "The desired avatar size, e.g. 64 for 64x64px",
                         "required": true,
                         "schema": {
-                            "type": "string"
+                            "type": "integer",
+                            "format": "int64",
+                            "enum": [
+                                64,
+                                512
+                            ]
                         }
                     }
                 ],
@@ -7995,7 +8008,12 @@
                         "description": "The desired avatar size, e.g. 64 for 64x64px",
                         "required": true,
                         "schema": {
-                            "type": "string"
+                            "type": "integer",
+                            "format": "int64",
+                            "enum": [
+                                64,
+                                512
+                            ]
                         }
                     }
                 ],
diff --git a/core/openapi.json b/core/openapi.json
@@ -7567,7 +7567,11 @@
                         "required": true,
                         "schema": {
                             "type": "integer",
-                            "format": "int64"
+                            "format": "int64",
+                            "enum": [
+                                64,
+                                512
+                            ]
                         }
                     }
                 ],
@@ -7674,7 +7678,11 @@
                         "required": true,
                         "schema": {
                             "type": "integer",
-                            "format": "int64"
+                            "format": "int64",
+                            "enum": [
+                                64,
+                                512
+                            ]
                         }
                     }
                 ],
@@ -7914,7 +7922,12 @@
                         "description": "The desired avatar size, e.g. 64 for 64x64px",
                         "required": true,
                         "schema": {
-                            "type": "string"
+                            "type": "integer",
+                            "format": "int64",
+                            "enum": [
+                                64,
+                                512
+                            ]
                         }
                     }
                 ],
@@ -7995,7 +8008,12 @@
                         "description": "The desired avatar size, e.g. 64 for 64x64px",
                         "required": true,
                         "schema": {
-                            "type": "string"
+                            "type": "integer",
+                            "format": "int64",
+                            "enum": [
+                                64,
+                                512
+                            ]
                         }
                     }
                 ],

Original file line number	Diff line number	Diff line change
`@@ -55,7 +55,7 @@ public function __construct(`
`55`	`55`	`* Get the dark avatar`
`56`	`56`	`*`
`57`	`57`	`* @param string $userId ID of the user`
`58`		`- * @param int $size Size of the avatar`
	`58`	`+ * @param 64\|512 $size Size of the avatar`
`59`	`59`	`* @param bool $guestFallback Fallback to guest avatar if not found`
`60`	`60`	`* @return FileDisplayResponse<Http::STATUS_OK\|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>\|JSONResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>\|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>`
`61`	`61`	`*`
`@@ -89,7 +89,7 @@ public function getAvatarDark(string $userId, int $size, bool $guestFallback = f`
`89`	`89`	`);`
`90`	`90`	`} catch (\Exception $e) {`
`91`	`91`	`if ($guestFallback) {`
`92`		`- return $this->guestAvatarController->getAvatarDark($userId, (string)$size);`
	`92`	`+ return $this->guestAvatarController->getAvatarDark($userId, $size);`
`93`	`93`	`}`
`94`	`94`	`return new JSONResponse([], Http::STATUS_NOT_FOUND);`
`95`	`95`	`}`
`@@ -106,7 +106,7 @@ public function getAvatarDark(string $userId, int $size, bool $guestFallback = f`
`106`	`106`	`* Get the avatar`
`107`	`107`	`*`
`108`	`108`	`* @param string $userId ID of the user`
`109`		`- * @param int $size Size of the avatar`
	`109`	`+ * @param 64\|512 $size Size of the avatar`
`110`	`110`	`* @param bool $guestFallback Fallback to guest avatar if not found`
`111`	`111`	`* @return FileDisplayResponse<Http::STATUS_OK\|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>\|JSONResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>\|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>`
`112`	`112`	`*`
`@@ -140,7 +140,7 @@ public function getAvatar(string $userId, int $size, bool $guestFallback = false`
`140`	`140`	`);`
`141`	`141`	`} catch (\Exception $e) {`
`142`	`142`	`if ($guestFallback) {`
`143`		`- return $this->guestAvatarController->getAvatar($userId, (string)$size);`
	`143`	`+ return $this->guestAvatarController->getAvatar($userId, $size);`
`144`	`144`	`}`
`145`	`145`	`return new JSONResponse([], Http::STATUS_NOT_FOUND);`
`146`	`146`	`}`
Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,7 @@ public function __construct(`
`36`	`36`	`* Returns a guest avatar image response`
`37`	`37`	`*`
`38`	`38`	`* @param string $guestName The guest name, e.g. "Albert"`
`39`		`- * @param string $size The desired avatar size, e.g. 64 for 64x64px`
	`39`	`+ * @param 64\|512 $size The desired avatar size, e.g. 64 for 64x64px`
`40`	`40`	`* @param bool\|null $darkTheme Return dark avatar`
`41`	`41`	`* @return FileDisplayResponse<Http::STATUS_OK\|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>\|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>`
`42`	`42`	`*`
`@@ -46,8 +46,7 @@ public function __construct(`
`46`	`46`	`#[PublicPage]`
`47`	`47`	`#[NoCSRFRequired]`
`48`	`48`	`#[FrontpageRoute(verb: 'GET', url: '/avatar/guest/{guestName}/{size}')]`
`49`		`- public function getAvatar(string $guestName, string $size, ?bool $darkTheme = false) {`
`50`		`- $size = (int) $size;`
	`49`	`+ public function getAvatar(string $guestName, int $size, ?bool $darkTheme = false) {`
`51`	`50`	`$darkTheme = $darkTheme ?? false;`
`52`	`51`
`53`	`52`	`if ($size <= 64) {`
`@@ -89,7 +88,7 @@ public function getAvatar(string $guestName, string $size, ?bool $darkTheme = fa`
`89`	`88`	`* Returns a dark guest avatar image response`
`90`	`89`	`*`
`91`	`90`	`* @param string $guestName The guest name, e.g. "Albert"`
`92`		`- * @param string $size The desired avatar size, e.g. 64 for 64x64px`
	`91`	`+ * @param 64\|512 $size The desired avatar size, e.g. 64 for 64x64px`
`93`	`92`	`* @return FileDisplayResponse<Http::STATUS_OK\|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>\|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>`
`94`	`93`	`*`
`95`	`94`	`* 200: Custom avatar returned`
`@@ -98,7 +97,7 @@ public function getAvatar(string $guestName, string $size, ?bool $darkTheme = fa`
`98`	`97`	`#[PublicPage]`
`99`	`98`	`#[NoCSRFRequired]`
`100`	`99`	`#[FrontpageRoute(verb: 'GET', url: '/avatar/guest/{guestName}/{size}/dark')]`
`101`		`- public function getAvatarDark(string $guestName, string $size) {`
	`100`	`+ public function getAvatarDark(string $guestName, int $size) {`
`102`	`101`	`return $this->getAvatar($guestName, $size, true);`
`103`	`102`	`}`
`104`	`103`	`}`