Docker/planka
Docker/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-07-19 13:19:44 +02:00
Code Issues Releases Activity

fix: Secure S3 attachments, bump SDK, refactoring

Browse source 
Closes #673
This commit is contained in:
Maksim Eltyshev 2024-11-12 15:58:22 +01:00
parent 950a070589
commit 850f6df0ac
27 changed files with 2180 additions and 702 deletions
Download patch file Download diff file Expand all files Collapse all files

27
server/api/helpers/attachments/delete-one.js
View file

@ -1,6 +1,3 @@
const path = require('path');
const rimraf = require('rimraf');
module.exports = {
inputs: {
record: {
@ -50,26 +47,12 @@ module.exports = {
const attachment = await Attachment.archiveOne(inputs.record.id);
if (attachment) {
const fileManager = sails.hooks['file-manager'].getInstance();
try {
const type = attachment.type || 'local';
if (type === 's3') {
const client = await sails.helpers.utils.getSimpleStorageServiceClient();
if (client) {
if (attachment.url) {
const parsedUrl = new URL(attachment.url);
await client.delete({ Key: parsedUrl.pathname.replace(/^\/+/, '') });
}
if (attachment.thumb) {
const parsedUrl = new URL(attachment.thumb);
await client.delete({ Key: parsedUrl.pathname.replace(/^\/+/, '') });
}
}
}
} catch (error) {
console.warn(error.stack); // eslint-disable-line no-console
}
try {
rimraf.sync(path.join(sails.config.custom.attachmentsPath, attachment.dirname));
await fileManager.deleteFolder(
`${sails.config.custom.attachmentsPathSegment}/${attachment.dirname}`,
);
} catch (error) {
console.warn(error.stack); // eslint-disable-line no-console
}