Docker/planka
Docker/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-07-19 05:09:43 +02:00
Code Issues Releases Activity

fix: Secure S3 attachments, bump SDK, refactoring

Browse source 
Closes #673
This commit is contained in:
Maksim Eltyshev 2024-11-12 15:58:22 +01:00
parent f20a3d50f5
commit 97f4c0ab0d
27 changed files with 2180 additions and 702 deletions
Download patch file Download diff file Expand all files Collapse all files

29
server/api/models/Attachment.js
View file

@ -26,17 +26,6 @@ module.exports = {
type: 'string',
required: true,
},
type: {
type: 'string',
},
url: {
type: 'string',
allowNull: true,
},
thumb: {
type: 'string',
allowNull: true,
},
// ╔═╗╔╦╗╔╗ ╔═╗╔╦╗╔═╗
// ║╣ ║║║╠╩╗║╣ ║║╚═╗
@ -59,20 +48,12 @@ module.exports = {
},
customToJSON() {
let { url, thumb } = this;
if (!url) {
url = `${sails.config.custom.attachmentsUrl}/${this.id}/download/${this.filename}`;
}
if (!thumb) {
thumb = this.image
? `${sails.config.custom.attachmentsUrl}/${this.id}/download/thumbnails/cover-256.${this.image.thumbnailsExtension}`
: null;
}
return {
..._.omit(this, ['type', 'dirname', 'filename', 'image.thumbnailsExtension']),
url,
coverUrl: thumb,
..._.omit(this, ['dirname', 'filename', 'image.thumbnailsExtension']),
url: `${sails.config.custom.baseUrl}/attachments/${this.id}/download/${this.filename}`,
coverUrl: this.image
? `${sails.config.custom.baseUrl}/attachments/${this.id}/download/thumbnails/cover-256.${this.image.thumbnailsExtension}`
: null,
};
},
};

19
server/api/models/Project.js
View file

@ -79,26 +79,13 @@ module.exports = {
},
customToJSON() {
let url = '';
let coverUrl = '';
if (this.backgroundImage) {
if (this.backgroundImage.original) {
url = this.backgroundImage.original;
} else {
url = `${sails.config.custom.projectBackgroundImagesUrl}/${this.backgroundImage.dirname}/original.${this.backgroundImage.extension}`;
}
if (this.backgroundImage.thumb) {
coverUrl = this.backgroundImage.thumb;
} else {
coverUrl = `${sails.config.custom.projectBackgroundImagesUrl}/${this.backgroundImage.dirname}/cover-336.${this.backgroundImage.extension}`;
}
}
const fileManager = sails.hooks['file-manager'].getInstance();
return {
..._.omit(this, ['backgroundImage']),
backgroundImage: this.backgroundImage && {
url,
coverUrl,
url: `${fileManager.buildUrl(`${sails.config.custom.projectBackgroundImagesPathSegment}/${this.backgroundImage.dirname}/original.${this.backgroundImage.extension}`)}`,
coverUrl: `${fileManager.buildUrl(`${sails.config.custom.projectBackgroundImagesPathSegment}/${this.backgroundImage.dirname}/cover-336.${this.backgroundImage.extension}`)}`,
},
};
},

13
server/api/models/User.js
View file

@ -147,15 +147,8 @@ module.exports = {
tableName: 'user_account',
customToJSON() {
const fileManager = sails.hooks['file-manager'].getInstance();
const isDefaultAdmin = this.email === sails.config.custom.defaultAdminEmail;
let avatarUrl = '';
if (this.avatar) {
if (this.avatar.square) {
avatarUrl = this.avatar.square;
} else {
avatarUrl = `${sails.config.custom.userAvatarsUrl}/${this.avatar.dirname}/square-100.${this.avatar.extension}`;
}
}
return {
..._.omit(this, ['password', 'isSso', 'avatar', 'passwordChangedAt']),
@ -163,7 +156,9 @@ module.exports = {
isRoleLocked: (this.isSso && !sails.config.custom.oidcIgnoreRoles) || isDefaultAdmin,
isUsernameLocked: (this.isSso && !sails.config.custom.oidcIgnoreUsername) || isDefaultAdmin,
isDeletionLocked: isDefaultAdmin,
avatarUrl,
avatarUrl:
this.avatar &&
`${fileManager.buildUrl(`${sails.config.custom.userAvatarsPathSegment}/${this.avatar.dirname}/square-100.${this.avatar.extension}`)}`,
};
},
};