2019-09-08 01:56:29 +00:00
|
|
|
const { promisify } = require('util')
|
2022-09-13 18:33:31 +00:00
|
|
|
const AbortController = require('abort-controller')
|
2022-06-29 10:52:16 +00:00
|
|
|
const fastq = require('fastq')
|
2018-09-23 16:28:15 +00:00
|
|
|
const fetch = require('node-fetch')
|
2018-04-13 16:20:57 +00:00
|
|
|
const ffmpeg = require('fluent-ffmpeg')
|
2022-10-03 22:33:25 +00:00
|
|
|
const jetpack = require('fs-jetpack')
|
2022-06-03 21:21:56 +00:00
|
|
|
const knex = require('knex')
|
2022-10-03 22:33:25 +00:00
|
|
|
const MarkdownIt = require('markdown-it')
|
2018-04-13 16:20:57 +00:00
|
|
|
const path = require('path')
|
2018-12-03 07:20:13 +00:00
|
|
|
const sharp = require('sharp')
|
Updates (very important to read)
Client-side CSS & JS files will now be processed with Gulp.
Gulp tasks are configured in gulpfile.js file.
CSS files will be optimized with postcss-preset-env, which will
auto-add vendor prefixes and convert any parts necessary for browsers
compatibility.
Afterwards they will be minified with cssnano.
JS files will be optimized with bublé,
likewise for browsers compatibility.
Afterwards they will be minified with terser.
Unprocessed CSS & JS files will now be located at src directory, while
the processed results will be located at dist directory.
Due to bublé, the JS files should now be compatible up to IE 11
at the minimum.
Previously the safe would not work in IE 11 due to extensive usage of
template literals.
Due to that as well, JS files in src directory will now extensively use
arrow functions for my personal comfort (as they will be converted too).
The server will use the processed files at dist directory by default.
If you want to rebuild the files by your own, you can run "yarn build".
Gulp is a development dependency, so make sure you have installed all
development dependencies (e.i. NOT using "yarn install --production").
---
yarn lint -> gulp lint
yarn build -> gulp default
yarn watch -> gulp watch
yarn develop -> env NODE_ENV=development yarn watch
---
Fixed not being able to demote staff into normal users.
/api/token/verify will no longer respond with 401 HTTP error code,
unless an error occurred (which will be 500 HTTP error code).
Fixed /nojs route not displaying file's original name when a duplicate
is found on the server.
Removed is-breeze CSS class name, in favor of Bulma's is-info.
Removed custom styling from auth page, in favor of global styling.
Removed all usage of style HTML attribute in favor of CSS classes.
Renamed js/s/ to js/misc/.
Use loading spinners on dashboard's sidebar menus.
Disable all other sidebar menus when something is loading.
Changed title HTML attribute of disabled control buttons in
uploads & users list.
Hid checkboxes and WIP controls from users list.
Better error messages handling.
Especially homepage will now support CF's HTTP error codes.
Updated various icons.
Also, added fontello config file at public/libs/fontello/config.json.
This should let you edit them more easily with fontello.
Use Gatsby icon for my blog's link in homepage's footer.
A bunch of other improvements here & there.
2019-09-15 06:20:11 +00:00
|
|
|
const paths = require('./pathsController')
|
|
|
|
|
const perms = require('./permissionController')
|
2021-01-08 03:48:08 +00:00
|
|
|
const ClientError = require('./utils/ClientError')
|
2022-10-05 20:26:19 +00:00
|
|
|
const Constants = require('./utils/Constants')
|
2021-01-31 23:13:37 +00:00
|
|
|
const ServerError = require('./utils/ServerError')
|
2022-07-06 10:51:34 +00:00
|
|
|
const SimpleDataStore = require('./utils/SimpleDataStore')
|
2022-10-05 19:42:36 +00:00
|
|
|
const StatsManager = require('./utils/StatsManager')
|
2022-10-05 19:39:51 +00:00
|
|
|
const config = require('./utils/ConfigManager')
|
Updates (very important to read)
Client-side CSS & JS files will now be processed with Gulp.
Gulp tasks are configured in gulpfile.js file.
CSS files will be optimized with postcss-preset-env, which will
auto-add vendor prefixes and convert any parts necessary for browsers
compatibility.
Afterwards they will be minified with cssnano.
JS files will be optimized with bublé,
likewise for browsers compatibility.
Afterwards they will be minified with terser.
Unprocessed CSS & JS files will now be located at src directory, while
the processed results will be located at dist directory.
Due to bublé, the JS files should now be compatible up to IE 11
at the minimum.
Previously the safe would not work in IE 11 due to extensive usage of
template literals.
Due to that as well, JS files in src directory will now extensively use
arrow functions for my personal comfort (as they will be converted too).
The server will use the processed files at dist directory by default.
If you want to rebuild the files by your own, you can run "yarn build".
Gulp is a development dependency, so make sure you have installed all
development dependencies (e.i. NOT using "yarn install --production").
---
yarn lint -> gulp lint
yarn build -> gulp default
yarn watch -> gulp watch
yarn develop -> env NODE_ENV=development yarn watch
---
Fixed not being able to demote staff into normal users.
/api/token/verify will no longer respond with 401 HTTP error code,
unless an error occurred (which will be 500 HTTP error code).
Fixed /nojs route not displaying file's original name when a duplicate
is found on the server.
Removed is-breeze CSS class name, in favor of Bulma's is-info.
Removed custom styling from auth page, in favor of global styling.
Removed all usage of style HTML attribute in favor of CSS classes.
Renamed js/s/ to js/misc/.
Use loading spinners on dashboard's sidebar menus.
Disable all other sidebar menus when something is loading.
Changed title HTML attribute of disabled control buttons in
uploads & users list.
Hid checkboxes and WIP controls from users list.
Better error messages handling.
Especially homepage will now support CF's HTTP error codes.
Updated various icons.
Also, added fontello config file at public/libs/fontello/config.json.
This should let you edit them more easily with fontello.
Use Gatsby icon for my blog's link in homepage's footer.
A bunch of other improvements here & there.
2019-09-15 06:20:11 +00:00
|
|
|
const logger = require('./../logger')
|
2017-03-17 04:14:10 +00:00
|
|
|
|
2022-09-23 23:33:58 +00:00
|
|
|
const devmode = process.env.NODE_ENV === 'development'
|
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
const self = {
|
2022-09-23 23:33:58 +00:00
|
|
|
devmode,
|
|
|
|
|
inspect: devmode && require('util').inspect,
|
|
|
|
|
|
2022-06-03 21:21:56 +00:00
|
|
|
db: knex(config.database),
|
2022-05-05 05:55:21 +00:00
|
|
|
md: {
|
|
|
|
|
instance: new MarkdownIt({
|
|
|
|
|
// https://markdown-it.github.io/markdown-it/#MarkdownIt.new
|
|
|
|
|
html: false,
|
|
|
|
|
breaks: true,
|
|
|
|
|
linkify: true
|
|
|
|
|
}),
|
|
|
|
|
defaultRenderers: {}
|
|
|
|
|
},
|
2019-09-08 01:56:29 +00:00
|
|
|
gitHash: null,
|
|
|
|
|
|
|
|
|
|
idMaxTries: config.uploads.maxTries || 1,
|
|
|
|
|
|
2021-01-31 23:13:37 +00:00
|
|
|
stripTagsBlacklistedExts: Array.isArray(config.uploads.stripTags.blacklistExtensions)
|
|
|
|
|
? config.uploads.stripTags.blacklistExtensions
|
|
|
|
|
: [],
|
|
|
|
|
|
2020-06-06 12:43:20 +00:00
|
|
|
thumbsSize: config.uploads.generateThumbs.size || 200,
|
2019-09-17 04:13:41 +00:00
|
|
|
ffprobe: promisify(ffmpeg.ffprobe),
|
|
|
|
|
|
2022-05-06 19:17:31 +00:00
|
|
|
timezoneOffset: new Date().getTimezoneOffset(),
|
|
|
|
|
|
|
|
|
|
retentions: {
|
|
|
|
|
enabled: false,
|
|
|
|
|
periods: {},
|
|
|
|
|
default: {}
|
2022-07-03 03:35:36 +00:00
|
|
|
},
|
|
|
|
|
|
2022-07-06 10:51:34 +00:00
|
|
|
albumRenderStore: new SimpleDataStore({
|
|
|
|
|
limit: 10,
|
|
|
|
|
strategy: SimpleDataStore.STRATEGIES[0]
|
|
|
|
|
}),
|
2022-07-03 03:35:36 +00:00
|
|
|
contentDispositionStore: null
|
2019-09-08 01:56:29 +00:00
|
|
|
}
|
|
|
|
|
|
2022-05-05 05:55:21 +00:00
|
|
|
// Remember old renderer, if overridden, or proxy to default renderer
|
|
|
|
|
self.md.defaultRenderers.link_open = self.md.instance.renderer.rules.link_open || function (tokens, idx, options, env, that) {
|
|
|
|
|
return that.renderToken(tokens, idx, options)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Add target="_blank" to URLs if applicable
|
|
|
|
|
self.md.instance.renderer.rules.link_open = function (tokens, idx, options, env, that) {
|
|
|
|
|
const aIndex = tokens[idx].attrIndex('target')
|
|
|
|
|
if (aIndex < 0) {
|
|
|
|
|
tokens[idx].attrPush(['target', '_blank'])
|
|
|
|
|
} else {
|
|
|
|
|
tokens[idx].attrs[aIndex][1] = '_blank'
|
|
|
|
|
}
|
|
|
|
|
return self.md.defaultRenderers.link_open(tokens, idx, options, env, that)
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-06 19:17:31 +00:00
|
|
|
if (typeof config.uploads.retentionPeriods === 'object' &&
|
2022-08-23 08:16:02 +00:00
|
|
|
Object.keys(config.uploads.retentionPeriods).length) {
|
2022-05-06 19:17:31 +00:00
|
|
|
// Build a temporary index of group values
|
|
|
|
|
const _retentionPeriods = Object.assign({}, config.uploads.retentionPeriods)
|
|
|
|
|
const _groups = { _: -1 }
|
|
|
|
|
Object.assign(_groups, perms.permissions)
|
|
|
|
|
|
|
|
|
|
// Sanitize config values
|
|
|
|
|
const names = Object.keys(_groups)
|
|
|
|
|
for (const name of names) {
|
|
|
|
|
if (Array.isArray(_retentionPeriods[name]) && _retentionPeriods[name].length) {
|
|
|
|
|
_retentionPeriods[name] = _retentionPeriods[name]
|
|
|
|
|
.filter((v, i, a) => (Number.isFinite(v) && v >= 0) || v === null)
|
|
|
|
|
} else {
|
|
|
|
|
_retentionPeriods[name] = []
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!_retentionPeriods._.length && !config.private) {
|
|
|
|
|
logger.error('Guests\' retention periods are missing, yet this installation is not set to private.')
|
|
|
|
|
process.exit(1)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Create sorted array of group names based on their values
|
|
|
|
|
const _sorted = Object.keys(_groups)
|
|
|
|
|
.sort((a, b) => _groups[a] - _groups[b])
|
|
|
|
|
|
|
|
|
|
// Build retention periods array for each groups
|
|
|
|
|
for (let i = 0; i < _sorted.length; i++) {
|
|
|
|
|
const current = _sorted[i]
|
|
|
|
|
const _periods = [..._retentionPeriods[current]]
|
|
|
|
|
self.retentions.default[current] = _periods.length ? _periods[0] : null
|
|
|
|
|
|
|
|
|
|
if (i > 0) {
|
|
|
|
|
// Inherit retention periods of lower-valued groups
|
|
|
|
|
for (let j = i - 1; j >= 0; j--) {
|
|
|
|
|
const lower = _sorted[j]
|
|
|
|
|
if (_groups[lower] < _groups[current]) {
|
|
|
|
|
_periods.unshift(..._retentionPeriods[lower])
|
|
|
|
|
if (self.retentions.default[current] === null) {
|
|
|
|
|
self.retentions.default[current] = self.retentions.default[lower]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
self.retentions.periods[current] = _periods
|
|
|
|
|
.filter((v, i, a) => v !== null && a.indexOf(v) === i) // re-sanitize & uniquify
|
|
|
|
|
.sort((a, b) => a - b) // sort from lowest to highest (zero/permanent will always be first)
|
|
|
|
|
|
|
|
|
|
// Mark the feature as enabled, if at least one group was configured
|
|
|
|
|
if (self.retentions.periods[current].length) {
|
|
|
|
|
self.retentions.enabled = true
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-10-05 19:39:51 +00:00
|
|
|
} else if (Array.isArray(config.uploads.temporaryUploadAges) && config.uploads.temporaryUploadAges.length) {
|
2022-05-06 19:17:31 +00:00
|
|
|
self.retentions.periods._ = config.uploads.temporaryUploadAges
|
|
|
|
|
.filter((v, i, a) => Number.isFinite(v) && v >= 0)
|
|
|
|
|
self.retentions.default._ = self.retentions.periods._[0]
|
|
|
|
|
|
|
|
|
|
for (const name of Object.keys(perms.permissions)) {
|
|
|
|
|
self.retentions.periods[name] = self.retentions.periods._
|
|
|
|
|
self.retentions.default[name] = self.retentions.default._
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
self.retentions.enabled = true
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-13 18:33:31 +00:00
|
|
|
// This helper function initiates fetch() with AbortController
|
|
|
|
|
// signal controller to handle per-instance global timeout.
|
|
|
|
|
// node-fetch's built-in timeout option resets on every redirect,
|
|
|
|
|
// and thus not reliable in certain cases.
|
|
|
|
|
self.fetch = (url, options = {}) => {
|
|
|
|
|
if (options.timeout === undefined) {
|
|
|
|
|
return fetch(url, options)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Init AbortController
|
|
|
|
|
const abortController = new AbortController()
|
|
|
|
|
const timeout = setTimeout(() => {
|
|
|
|
|
abortController.abort()
|
|
|
|
|
}, options.timeout)
|
|
|
|
|
|
|
|
|
|
// Clean up options object
|
|
|
|
|
options.signal = abortController.signal
|
|
|
|
|
delete options.timeout
|
|
|
|
|
|
|
|
|
|
// Return instance with an attached Promise.finally() handler to clear timeout
|
|
|
|
|
return fetch(url, options)
|
|
|
|
|
.finally(() => {
|
|
|
|
|
clearTimeout(timeout)
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-26 06:48:15 +00:00
|
|
|
const cloudflareAuth = config.cloudflare && config.cloudflare.zoneId &&
|
|
|
|
|
(config.cloudflare.apiToken || config.cloudflare.userServiceKey ||
|
|
|
|
|
(config.cloudflare.apiKey && config.cloudflare.email))
|
2018-04-29 12:47:24 +00:00
|
|
|
|
2022-06-29 10:52:16 +00:00
|
|
|
const cloudflarePurgeCacheQueue = cloudflareAuth && fastq.promise(async chunk => {
|
|
|
|
|
const MAX_TRIES = 3
|
|
|
|
|
const url = `https://api.cloudflare.com/client/v4/zones/${config.cloudflare.zoneId}/purge_cache`
|
|
|
|
|
|
|
|
|
|
const result = {
|
|
|
|
|
success: false,
|
|
|
|
|
files: chunk,
|
|
|
|
|
errors: []
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const headers = {
|
|
|
|
|
'Content-Type': 'application/json'
|
|
|
|
|
}
|
|
|
|
|
if (config.cloudflare.apiToken) {
|
|
|
|
|
headers.Authorization = `Bearer ${config.cloudflare.apiToken}`
|
|
|
|
|
} else if (config.cloudflare.userServiceKey) {
|
|
|
|
|
headers['X-Auth-User-Service-Key'] = config.cloudflare.userServiceKey
|
|
|
|
|
} else if (config.cloudflare.apiKey && config.cloudflare.email) {
|
|
|
|
|
headers['X-Auth-Key'] = config.cloudflare.apiKey
|
|
|
|
|
headers['X-Auth-Email'] = config.cloudflare.email
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (let i = 0; i < MAX_TRIES; i++) {
|
|
|
|
|
const _log = message => {
|
|
|
|
|
let prefix = `[CF]: ${i + 1}/${MAX_TRIES}: ${path.basename(chunk[0])}`
|
|
|
|
|
if (chunk.length > 1) prefix += ',\u2026'
|
|
|
|
|
logger.log(`${prefix}: ${message}`)
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-14 07:41:55 +00:00
|
|
|
const response = await fetch(url, {
|
|
|
|
|
method: 'POST',
|
|
|
|
|
body: JSON.stringify({ files: chunk }),
|
|
|
|
|
headers
|
|
|
|
|
})
|
|
|
|
|
.then(res => res.json())
|
|
|
|
|
.catch(error => error)
|
|
|
|
|
|
|
|
|
|
// If fetch errors out, instead of API responding with API errors
|
|
|
|
|
if (response instanceof Error) {
|
|
|
|
|
const errorString = response.toString()
|
2022-06-29 10:52:16 +00:00
|
|
|
if (i < MAX_TRIES - 1) {
|
|
|
|
|
_log(`${errorString}. Retrying in 5 seconds\u2026`)
|
|
|
|
|
await new Promise(resolve => setTimeout(resolve, 5000))
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
result.errors = [errorString]
|
2022-07-14 07:41:55 +00:00
|
|
|
break
|
2022-06-29 10:52:16 +00:00
|
|
|
}
|
2022-07-14 07:41:55 +00:00
|
|
|
|
|
|
|
|
// If API reponds with API errors
|
|
|
|
|
const hasErrorsArray = Array.isArray(response.errors) && response.errors.length
|
|
|
|
|
if (hasErrorsArray) {
|
|
|
|
|
const rateLimit = response.errors.find(error => /rate limit/i.test(error.message))
|
|
|
|
|
if (rateLimit && i < MAX_TRIES - 1) {
|
|
|
|
|
_log(`${rateLimit.code}: ${rateLimit.message}. Retrying in a minute\u2026`)
|
|
|
|
|
await new Promise(resolve => setTimeout(resolve, 60000))
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// If succeeds or out of retries
|
|
|
|
|
result.success = response.success
|
|
|
|
|
result.errors = hasErrorsArray
|
|
|
|
|
? response.errors.map(error => `${error.code}: ${error.message}`)
|
|
|
|
|
: []
|
2022-06-29 10:52:16 +00:00
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return result
|
|
|
|
|
}, 1) // concurrency: 1
|
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
self.mayGenerateThumb = extname => {
|
2021-01-31 22:23:53 +00:00
|
|
|
extname = extname.toLowerCase()
|
2022-10-05 19:44:31 +00:00
|
|
|
return (config.uploads.generateThumbs.image && Constants.IMAGE_EXTS.includes(extname)) ||
|
|
|
|
|
(config.uploads.generateThumbs.video && Constants.VIDEO_EXTS.includes(extname))
|
2018-04-29 12:47:24 +00:00
|
|
|
}
|
|
|
|
|
|
2023-09-06 11:58:15 +00:00
|
|
|
self.isAnimatedThumb = extname => {
|
|
|
|
|
extname = extname.toLowerCase()
|
|
|
|
|
return (config.uploads.generateThumbs.animated && Constants.ANIMATED_EXTS.includes(extname))
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-29 16:17:56 +00:00
|
|
|
// Expand if necessary (should be case-insensitive)
|
2021-01-29 16:15:24 +00:00
|
|
|
const extPreserves = [
|
|
|
|
|
/\.tar\.\w+/i // tarballs
|
|
|
|
|
]
|
2018-09-17 19:32:27 +00:00
|
|
|
|
2021-01-31 22:23:53 +00:00
|
|
|
self.extname = (filename, lower) => {
|
2018-11-28 17:52:12 +00:00
|
|
|
// Always return blank string if the filename does not seem to have a valid extension
|
|
|
|
|
// Files such as .DS_Store (anything that starts with a dot, without any extension after) will still be accepted
|
2018-12-18 17:01:28 +00:00
|
|
|
if (!/\../.test(filename)) return ''
|
2018-11-28 17:52:12 +00:00
|
|
|
|
2018-09-17 19:32:27 +00:00
|
|
|
let multi = ''
|
|
|
|
|
let extname = ''
|
|
|
|
|
|
|
|
|
|
// check for multi-archive extensions (.001, .002, and so on)
|
2021-01-29 16:15:24 +00:00
|
|
|
if (/\.\d{3}$/.test(filename)) {
|
|
|
|
|
multi = filename.slice(filename.lastIndexOf('.') - filename.length)
|
|
|
|
|
filename = filename.slice(0, filename.lastIndexOf('.'))
|
2018-09-17 19:32:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// check against extensions that must be preserved
|
2020-10-30 18:12:09 +00:00
|
|
|
for (const extPreserve of extPreserves) {
|
2021-01-29 16:15:24 +00:00
|
|
|
const match = filename.match(extPreserve)
|
|
|
|
|
if (match && match[0]) {
|
|
|
|
|
extname = match[0]
|
2018-09-17 19:32:27 +00:00
|
|
|
break
|
|
|
|
|
}
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2018-09-17 19:32:27 +00:00
|
|
|
|
2020-10-30 18:12:09 +00:00
|
|
|
if (!extname) {
|
2021-01-29 16:15:24 +00:00
|
|
|
extname = filename.slice(filename.lastIndexOf('.') - filename.length)
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2018-09-17 19:32:27 +00:00
|
|
|
|
2021-01-31 22:23:53 +00:00
|
|
|
const str = extname + multi
|
|
|
|
|
return lower ? str.toLowerCase() : str
|
2018-09-17 19:32:27 +00:00
|
|
|
}
|
|
|
|
|
|
2023-12-05 22:55:50 +00:00
|
|
|
const escapeMap = {
|
|
|
|
|
'&': '&',
|
|
|
|
|
'"': '"',
|
|
|
|
|
'\'': ''',
|
|
|
|
|
'<': '<',
|
|
|
|
|
'>': '>',
|
|
|
|
|
'\\': '\'
|
|
|
|
|
}
|
2018-12-13 09:09:46 +00:00
|
|
|
|
2023-12-05 22:55:50 +00:00
|
|
|
const escapeRegex = /[&"'<>\\]/g
|
2018-12-13 09:09:46 +00:00
|
|
|
|
2023-12-05 22:55:50 +00:00
|
|
|
const unescapeMap = Object.keys(escapeMap).reduce((ret, key) => {
|
|
|
|
|
ret[escapeMap[key]] = key
|
|
|
|
|
return ret
|
|
|
|
|
}, {})
|
2018-12-13 09:09:46 +00:00
|
|
|
|
2023-12-05 22:55:50 +00:00
|
|
|
const unescapeRegex = /&(amp|quot|#39|lt|gt|#92);/g
|
2018-12-13 09:09:46 +00:00
|
|
|
|
2023-12-05 22:55:50 +00:00
|
|
|
self.escape = string => {
|
|
|
|
|
return string.replace(escapeRegex, key => escapeMap[key])
|
|
|
|
|
}
|
2018-12-13 09:09:46 +00:00
|
|
|
|
2023-12-05 22:55:50 +00:00
|
|
|
self.unescape = string => {
|
|
|
|
|
return string.replace(unescapeRegex, key => unescapeMap[key])
|
2018-12-13 09:09:46 +00:00
|
|
|
}
|
|
|
|
|
|
Updates (very important to read)
Client-side CSS & JS files will now be processed with Gulp.
Gulp tasks are configured in gulpfile.js file.
CSS files will be optimized with postcss-preset-env, which will
auto-add vendor prefixes and convert any parts necessary for browsers
compatibility.
Afterwards they will be minified with cssnano.
JS files will be optimized with bublé,
likewise for browsers compatibility.
Afterwards they will be minified with terser.
Unprocessed CSS & JS files will now be located at src directory, while
the processed results will be located at dist directory.
Due to bublé, the JS files should now be compatible up to IE 11
at the minimum.
Previously the safe would not work in IE 11 due to extensive usage of
template literals.
Due to that as well, JS files in src directory will now extensively use
arrow functions for my personal comfort (as they will be converted too).
The server will use the processed files at dist directory by default.
If you want to rebuild the files by your own, you can run "yarn build".
Gulp is a development dependency, so make sure you have installed all
development dependencies (e.i. NOT using "yarn install --production").
---
yarn lint -> gulp lint
yarn build -> gulp default
yarn watch -> gulp watch
yarn develop -> env NODE_ENV=development yarn watch
---
Fixed not being able to demote staff into normal users.
/api/token/verify will no longer respond with 401 HTTP error code,
unless an error occurred (which will be 500 HTTP error code).
Fixed /nojs route not displaying file's original name when a duplicate
is found on the server.
Removed is-breeze CSS class name, in favor of Bulma's is-info.
Removed custom styling from auth page, in favor of global styling.
Removed all usage of style HTML attribute in favor of CSS classes.
Renamed js/s/ to js/misc/.
Use loading spinners on dashboard's sidebar menus.
Disable all other sidebar menus when something is loading.
Changed title HTML attribute of disabled control buttons in
uploads & users list.
Hid checkboxes and WIP controls from users list.
Better error messages handling.
Especially homepage will now support CF's HTTP error codes.
Updated various icons.
Also, added fontello config file at public/libs/fontello/config.json.
This should let you edit them more easily with fontello.
Use Gatsby icon for my blog's link in homepage's footer.
A bunch of other improvements here & there.
2019-09-15 06:20:11 +00:00
|
|
|
self.stripIndents = string => {
|
2022-07-30 01:37:57 +00:00
|
|
|
if (!string) return string
|
Updates (very important to read)
Client-side CSS & JS files will now be processed with Gulp.
Gulp tasks are configured in gulpfile.js file.
CSS files will be optimized with postcss-preset-env, which will
auto-add vendor prefixes and convert any parts necessary for browsers
compatibility.
Afterwards they will be minified with cssnano.
JS files will be optimized with bublé,
likewise for browsers compatibility.
Afterwards they will be minified with terser.
Unprocessed CSS & JS files will now be located at src directory, while
the processed results will be located at dist directory.
Due to bublé, the JS files should now be compatible up to IE 11
at the minimum.
Previously the safe would not work in IE 11 due to extensive usage of
template literals.
Due to that as well, JS files in src directory will now extensively use
arrow functions for my personal comfort (as they will be converted too).
The server will use the processed files at dist directory by default.
If you want to rebuild the files by your own, you can run "yarn build".
Gulp is a development dependency, so make sure you have installed all
development dependencies (e.i. NOT using "yarn install --production").
---
yarn lint -> gulp lint
yarn build -> gulp default
yarn watch -> gulp watch
yarn develop -> env NODE_ENV=development yarn watch
---
Fixed not being able to demote staff into normal users.
/api/token/verify will no longer respond with 401 HTTP error code,
unless an error occurred (which will be 500 HTTP error code).
Fixed /nojs route not displaying file's original name when a duplicate
is found on the server.
Removed is-breeze CSS class name, in favor of Bulma's is-info.
Removed custom styling from auth page, in favor of global styling.
Removed all usage of style HTML attribute in favor of CSS classes.
Renamed js/s/ to js/misc/.
Use loading spinners on dashboard's sidebar menus.
Disable all other sidebar menus when something is loading.
Changed title HTML attribute of disabled control buttons in
uploads & users list.
Hid checkboxes and WIP controls from users list.
Better error messages handling.
Especially homepage will now support CF's HTTP error codes.
Updated various icons.
Also, added fontello config file at public/libs/fontello/config.json.
This should let you edit them more easily with fontello.
Use Gatsby icon for my blog's link in homepage's footer.
A bunch of other improvements here & there.
2019-09-15 06:20:11 +00:00
|
|
|
const result = string.replace(/^[^\S\n]+/gm, '')
|
|
|
|
|
const match = result.match(/^[^\S\n]*(?=\S)/gm)
|
|
|
|
|
const indent = match && Math.min(...match.map(el => el.length))
|
|
|
|
|
if (indent) {
|
|
|
|
|
const regexp = new RegExp(`^.{${indent}}`, 'gm')
|
|
|
|
|
return result.replace(regexp, '')
|
|
|
|
|
}
|
|
|
|
|
return result
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-30 01:37:57 +00:00
|
|
|
self.mask = string => {
|
|
|
|
|
if (!string) return string
|
|
|
|
|
const max = Math.min(Math.floor(string.length / 2), 8)
|
|
|
|
|
const fragment = Math.floor(max / 2)
|
|
|
|
|
if (string.length <= fragment) {
|
|
|
|
|
return '*'.repeat(string.length)
|
|
|
|
|
} else {
|
|
|
|
|
return string.substring(0, fragment) +
|
|
|
|
|
'*'.repeat(Math.min(string.length - (fragment * 2), 4)) +
|
|
|
|
|
string.substring(string.length - fragment)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-04-08 21:13:29 +00:00
|
|
|
self.pathSafeIp = ip => {
|
|
|
|
|
// Mainly intended for IPv6 addresses
|
|
|
|
|
if (!ip) return ''
|
|
|
|
|
return ip.replace(/:/g, '-')
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-31 08:51:32 +00:00
|
|
|
self.filterUniquifySqlArray = (value, index, array) => {
|
|
|
|
|
return value !== null &&
|
|
|
|
|
value !== undefined &&
|
|
|
|
|
value !== '' &&
|
|
|
|
|
array.indexOf(value) === index
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-04 17:54:44 +00:00
|
|
|
self.unlistenEmitters = (emitters, eventName, listener) => {
|
|
|
|
|
emitters.forEach(emitter => {
|
|
|
|
|
if (!emitter) return
|
|
|
|
|
emitter.off(eventName, listener)
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-22 01:40:40 +00:00
|
|
|
self.assertRequestType = (req, type) => {
|
|
|
|
|
if (!req.is(type)) {
|
2022-07-24 23:12:55 +00:00
|
|
|
throw new ClientError(`Request Content-Type must be ${type}.`)
|
2022-07-22 01:40:40 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-04 14:59:06 +00:00
|
|
|
self.assertJSON = async (req, res) => {
|
|
|
|
|
// Assert Request Content-Type
|
|
|
|
|
self.assertRequestType(req, 'application/json')
|
|
|
|
|
// Parse JSON payload
|
|
|
|
|
req.body = await req.json()
|
2018-01-23 20:06:30 +00:00
|
|
|
}
|
2017-10-04 00:13:38 +00:00
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
self.generateThumbs = async (name, extname, force) => {
|
2021-01-31 22:23:53 +00:00
|
|
|
extname = extname.toLowerCase()
|
2023-09-06 11:45:50 +00:00
|
|
|
const thumbname = name.slice(0, -extname.length)
|
|
|
|
|
let thumbext = '.png'
|
2023-09-06 11:58:15 +00:00
|
|
|
if (self.isAnimatedThumb(extname)) thumbext = '.gif'
|
2023-09-06 11:45:50 +00:00
|
|
|
|
|
|
|
|
const thumbfile = path.join(paths.thumbs, thumbname + thumbext)
|
2019-09-08 01:56:29 +00:00
|
|
|
|
|
|
|
|
try {
|
2023-09-06 11:45:50 +00:00
|
|
|
// Check if old static thumbnail exists, then unlink it
|
|
|
|
|
if (thumbext === '.gif') {
|
|
|
|
|
const staticthumb = path.join(paths.thumbs, thumbname + '.png')
|
|
|
|
|
const stat = await jetpack.inspectAsync(staticthumb)
|
|
|
|
|
if (stat) {
|
|
|
|
|
await jetpack.removeAsync(staticthumb)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
// Check if thumbnail already exists
|
2023-09-06 11:45:50 +00:00
|
|
|
const stat = await jetpack.inspectAsync(thumbfile)
|
2022-10-03 22:33:25 +00:00
|
|
|
if (stat) {
|
|
|
|
|
if (stat.type === 'symlink') {
|
2019-09-08 01:56:29 +00:00
|
|
|
// Unlink if symlink (should be symlink to the placeholder)
|
2023-09-06 11:45:50 +00:00
|
|
|
await jetpack.removeAsync(thumbfile)
|
2020-10-30 18:12:09 +00:00
|
|
|
} else if (!force) {
|
2019-09-08 01:56:29 +00:00
|
|
|
// Continue only if it does not exist, unless forced to
|
|
|
|
|
return true
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
}
|
2018-05-12 14:01:14 +00:00
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
// Full path to input file
|
|
|
|
|
const input = path.join(paths.uploads, name)
|
|
|
|
|
|
|
|
|
|
// If image extension
|
2022-10-05 19:44:31 +00:00
|
|
|
if (Constants.IMAGE_EXTS.includes(extname)) {
|
2023-09-06 11:45:50 +00:00
|
|
|
const sharpOptions = {}
|
|
|
|
|
if (thumbext === '.gif') {
|
|
|
|
|
sharpOptions.animated = true
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
const resizeOptions = {
|
2020-06-06 12:43:20 +00:00
|
|
|
width: self.thumbsSize,
|
|
|
|
|
height: self.thumbsSize,
|
2019-09-08 01:56:29 +00:00
|
|
|
fit: 'contain',
|
|
|
|
|
background: {
|
|
|
|
|
r: 0,
|
|
|
|
|
g: 0,
|
|
|
|
|
b: 0,
|
|
|
|
|
alpha: 0
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-09-06 11:45:50 +00:00
|
|
|
|
|
|
|
|
const image = sharp(input, sharpOptions)
|
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
const metadata = await image.metadata()
|
|
|
|
|
if (metadata.width > resizeOptions.width || metadata.height > resizeOptions.height) {
|
|
|
|
|
await image
|
|
|
|
|
.resize(resizeOptions)
|
2023-09-06 11:45:50 +00:00
|
|
|
.toFile(thumbfile)
|
2019-09-08 01:56:29 +00:00
|
|
|
} else if (metadata.width === resizeOptions.width && metadata.height === resizeOptions.height) {
|
|
|
|
|
await image
|
2023-09-06 11:45:50 +00:00
|
|
|
.toFile(thumbfile)
|
2019-09-08 01:56:29 +00:00
|
|
|
} else {
|
|
|
|
|
const x = resizeOptions.width - metadata.width
|
|
|
|
|
const y = resizeOptions.height - metadata.height
|
|
|
|
|
await image
|
|
|
|
|
.extend({
|
|
|
|
|
top: Math.floor(y / 2),
|
|
|
|
|
bottom: Math.ceil(y / 2),
|
|
|
|
|
left: Math.floor(x / 2),
|
|
|
|
|
right: Math.ceil(x / 2),
|
|
|
|
|
background: resizeOptions.background
|
2018-09-04 17:29:53 +00:00
|
|
|
})
|
2023-09-06 11:45:50 +00:00
|
|
|
.toFile(thumbfile)
|
2018-09-04 17:29:53 +00:00
|
|
|
}
|
2022-10-05 19:44:31 +00:00
|
|
|
} else if (Constants.VIDEO_EXTS.includes(extname)) {
|
2019-09-08 01:56:29 +00:00
|
|
|
const metadata = await self.ffprobe(input)
|
2020-06-15 14:04:30 +00:00
|
|
|
|
2019-10-15 10:53:23 +00:00
|
|
|
const duration = parseInt(metadata.format.duration)
|
2020-10-30 18:12:09 +00:00
|
|
|
if (isNaN(duration)) {
|
2021-01-08 02:56:01 +00:00
|
|
|
throw new Error('File does not have valid duration metadata')
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2018-09-04 17:29:53 +00:00
|
|
|
|
2020-06-15 14:04:30 +00:00
|
|
|
const videoStream = metadata.streams && metadata.streams.find(s => s.codec_type === 'video')
|
2020-10-30 18:12:09 +00:00
|
|
|
if (!videoStream || !videoStream.width || !videoStream.height) {
|
2021-01-08 02:56:01 +00:00
|
|
|
throw new Error('File does not have valid video stream metadata')
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2019-08-23 13:31:44 +00:00
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
await new Promise((resolve, reject) => {
|
|
|
|
|
ffmpeg(input)
|
2020-06-15 14:04:30 +00:00
|
|
|
.on('error', error => reject(error))
|
|
|
|
|
.on('end', () => resolve())
|
|
|
|
|
.screenshots({
|
|
|
|
|
folder: paths.thumbs,
|
|
|
|
|
filename: name.slice(0, -extname.length) + '.png',
|
2022-09-23 23:24:56 +00:00
|
|
|
timemarks: [
|
|
|
|
|
config.uploads.generateThumbs.videoTimemark || '20%'
|
|
|
|
|
],
|
2020-06-15 14:04:30 +00:00
|
|
|
size: videoStream.width >= videoStream.height
|
|
|
|
|
? `${self.thumbsSize}x?`
|
|
|
|
|
: `?x${self.thumbsSize}`
|
2018-05-12 14:01:14 +00:00
|
|
|
})
|
2019-09-08 01:56:29 +00:00
|
|
|
})
|
2020-06-15 14:04:30 +00:00
|
|
|
.catch(error => error) // Error passthrough
|
|
|
|
|
.then(async error => {
|
|
|
|
|
// FFMPEG would just warn instead of exiting with errors when dealing with incomplete files
|
|
|
|
|
// Sometimes FFMPEG would throw errors but actually somehow succeeded in making the thumbnails
|
|
|
|
|
// (this could be a fallback mechanism of fluent-ffmpeg library instead)
|
|
|
|
|
// So instead we check if the thumbnail exists to really make sure
|
2023-09-06 11:45:50 +00:00
|
|
|
if (await jetpack.existsAsync(thumbfile)) {
|
2020-06-15 14:04:30 +00:00
|
|
|
return true
|
2022-10-03 22:33:25 +00:00
|
|
|
} else {
|
|
|
|
|
throw error || new Error('FFMPEG exited with empty output file')
|
2020-06-15 14:04:30 +00:00
|
|
|
}
|
|
|
|
|
})
|
2019-09-08 01:56:29 +00:00
|
|
|
} else {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
} catch (error) {
|
2021-01-31 23:13:37 +00:00
|
|
|
logger.error(`[${name}]: generateThumbs(): ${error.toString().trim()}`)
|
2023-09-06 11:45:50 +00:00
|
|
|
await jetpack.removeAsync(thumbfile) // try to unlink incomplete thumbs first
|
2019-09-08 01:56:29 +00:00
|
|
|
try {
|
2023-09-06 11:45:50 +00:00
|
|
|
await jetpack.symlinkAsync(paths.thumbPlaceholder, thumbfile)
|
2019-09-08 01:56:29 +00:00
|
|
|
return true
|
|
|
|
|
} catch (err) {
|
2022-10-03 22:33:25 +00:00
|
|
|
logger.error(`[${name}]: generateThumbs(): ${err.toString().trim()}`)
|
2019-09-08 01:56:29 +00:00
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true
|
2018-01-23 20:06:30 +00:00
|
|
|
}
|
2017-03-17 04:14:10 +00:00
|
|
|
|
2019-11-29 13:42:53 +00:00
|
|
|
self.stripTags = async (name, extname) => {
|
2021-01-31 22:23:53 +00:00
|
|
|
extname = extname.toLowerCase()
|
2021-01-31 23:13:37 +00:00
|
|
|
if (self.stripTagsBlacklistedExts.includes(extname)) return false
|
|
|
|
|
|
2022-10-03 22:33:25 +00:00
|
|
|
const fullPath = path.join(paths.uploads, name)
|
|
|
|
|
let tmpPath
|
|
|
|
|
let isError
|
2019-11-29 13:42:53 +00:00
|
|
|
|
2021-01-08 03:48:08 +00:00
|
|
|
try {
|
2022-10-05 19:44:31 +00:00
|
|
|
if (Constants.IMAGE_EXTS.includes(extname)) {
|
2022-10-03 22:33:25 +00:00
|
|
|
const tmpName = `tmp-${name}`
|
|
|
|
|
tmpPath = path.join(paths.uploads, tmpName)
|
|
|
|
|
await jetpack.renameAsync(fullPath, tmpName)
|
|
|
|
|
await sharp(tmpPath)
|
|
|
|
|
.toFile(fullPath)
|
2022-10-05 19:44:31 +00:00
|
|
|
} else if (config.uploads.stripTags.video && Constants.VIDEO_EXTS.includes(extname)) {
|
2022-10-03 22:33:25 +00:00
|
|
|
const tmpName = `tmp-${name}`
|
|
|
|
|
tmpPath = path.join(paths.uploads, tmpName)
|
|
|
|
|
await jetpack.renameAsync(fullPath, tmpName)
|
2019-11-29 13:42:53 +00:00
|
|
|
await new Promise((resolve, reject) => {
|
2022-10-03 22:33:25 +00:00
|
|
|
ffmpeg(tmpPath)
|
|
|
|
|
.output(fullPath)
|
2019-11-29 13:42:53 +00:00
|
|
|
.outputOptions([
|
|
|
|
|
// Experimental.
|
|
|
|
|
'-c copy',
|
|
|
|
|
'-map_metadata:g -1:g',
|
|
|
|
|
'-map_metadata:s:v -1:g',
|
|
|
|
|
'-map_metadata:s:a -1:g'
|
|
|
|
|
])
|
|
|
|
|
.on('error', error => reject(error))
|
|
|
|
|
.on('end', () => resolve(true))
|
|
|
|
|
.run()
|
|
|
|
|
})
|
2021-01-31 23:13:37 +00:00
|
|
|
} else {
|
|
|
|
|
return false
|
2021-01-08 03:48:08 +00:00
|
|
|
}
|
|
|
|
|
} catch (error) {
|
2021-01-31 23:13:37 +00:00
|
|
|
logger.error(`[${name}]: stripTags(): ${error.toString().trim()}`)
|
|
|
|
|
isError = true
|
2021-01-08 03:48:08 +00:00
|
|
|
}
|
|
|
|
|
|
2022-10-03 22:33:25 +00:00
|
|
|
if (tmpPath) {
|
|
|
|
|
await jetpack.removeAsync(tmpPath)
|
2019-11-29 13:42:53 +00:00
|
|
|
}
|
|
|
|
|
|
2021-01-31 23:13:37 +00:00
|
|
|
if (isError) {
|
|
|
|
|
throw new ServerError('An error occurred while stripping tags. The format may not be supported.')
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-03 22:42:00 +00:00
|
|
|
return jetpack.inspectAsync(fullPath)
|
2019-11-29 13:42:53 +00:00
|
|
|
}
|
|
|
|
|
|
2022-10-16 04:08:53 +00:00
|
|
|
self.unlinkFile = async filename => {
|
2022-10-03 22:33:25 +00:00
|
|
|
await jetpack.removeAsync(path.join(paths.uploads, filename))
|
2019-09-08 01:56:29 +00:00
|
|
|
|
|
|
|
|
const identifier = filename.split('.')[0]
|
2021-01-31 22:23:53 +00:00
|
|
|
const extname = self.extname(filename, true)
|
2022-07-29 02:14:55 +00:00
|
|
|
|
2022-10-05 19:44:31 +00:00
|
|
|
if (Constants.IMAGE_EXTS.includes(extname) || Constants.VIDEO_EXTS.includes(extname)) {
|
2022-10-03 22:33:25 +00:00
|
|
|
await jetpack.removeAsync(path.join(paths.thumbs, `${identifier}.png`))
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2018-03-30 02:39:53 +00:00
|
|
|
}
|
|
|
|
|
|
2023-02-25 11:16:11 +00:00
|
|
|
self.bulkDeleteFromDb = async (field, values = [], user, permissionBypass = false) => {
|
|
|
|
|
// NOTE: permissionBypass should not be set unless used by lolisafe's automated service.
|
|
|
|
|
|
|
|
|
|
if ((!user && !permissionBypass) || !['id', 'name'].includes(field) || !values.length) {
|
|
|
|
|
return values
|
2022-08-04 14:59:50 +00:00
|
|
|
}
|
2018-05-10 17:25:52 +00:00
|
|
|
|
2019-02-05 03:36:14 +00:00
|
|
|
// SQLITE_LIMIT_VARIABLE_NUMBER, which defaults to 999
|
|
|
|
|
// Read more: https://www.sqlite.org/limits.html
|
|
|
|
|
const MAX_VARIABLES_CHUNK_SIZE = 999
|
|
|
|
|
const chunks = []
|
2020-10-30 18:12:09 +00:00
|
|
|
while (values.length) {
|
2019-09-08 01:56:29 +00:00
|
|
|
chunks.push(values.splice(0, MAX_VARIABLES_CHUNK_SIZE))
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2019-02-05 03:36:14 +00:00
|
|
|
|
2020-10-11 10:32:22 +00:00
|
|
|
const failed = []
|
2023-02-25 11:16:11 +00:00
|
|
|
const ismoderator = permissionBypass || perms.is(user, 'moderator')
|
2018-05-10 17:25:52 +00:00
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
try {
|
2020-10-11 10:32:22 +00:00
|
|
|
const unlinkeds = []
|
2019-09-08 01:56:29 +00:00
|
|
|
const albumids = []
|
2018-05-09 09:53:27 +00:00
|
|
|
|
2022-08-09 10:18:56 +00:00
|
|
|
// NOTE: Not wrapped within a Transaction because
|
|
|
|
|
// we cannot rollback files physically unlinked from the storage
|
2019-09-23 08:09:15 +00:00
|
|
|
await Promise.all(chunks.map(async chunk => {
|
2022-06-03 21:21:56 +00:00
|
|
|
const files = await self.db.table('files')
|
2019-09-23 08:09:15 +00:00
|
|
|
.whereIn(field, chunk)
|
2019-09-08 01:56:29 +00:00
|
|
|
.where(function () {
|
2020-10-30 18:12:09 +00:00
|
|
|
if (!ismoderator) {
|
2019-09-08 18:33:07 +00:00
|
|
|
this.where('userid', user.id)
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Push files that could not be found in db
|
2020-10-11 10:32:22 +00:00
|
|
|
failed.push(...chunk.filter(value => !files.find(file => file[field] === value)))
|
2019-09-08 01:56:29 +00:00
|
|
|
|
|
|
|
|
// Unlink all found files
|
|
|
|
|
const unlinked = []
|
2019-09-23 08:09:15 +00:00
|
|
|
|
|
|
|
|
await Promise.all(files.map(async file => {
|
2019-09-08 01:56:29 +00:00
|
|
|
try {
|
2022-10-16 04:08:53 +00:00
|
|
|
await self.unlinkFile(file.name)
|
2019-09-08 01:56:29 +00:00
|
|
|
unlinked.push(file)
|
|
|
|
|
} catch (error) {
|
|
|
|
|
logger.error(error)
|
|
|
|
|
failed.push(file[field])
|
2019-08-20 02:16:34 +00:00
|
|
|
}
|
2019-09-23 08:09:15 +00:00
|
|
|
}))
|
2019-08-20 02:16:34 +00:00
|
|
|
|
2019-09-23 08:09:15 +00:00
|
|
|
if (!unlinked.length) return
|
2019-09-08 01:56:29 +00:00
|
|
|
|
|
|
|
|
// Delete all unlinked files from db
|
2022-06-03 21:21:56 +00:00
|
|
|
await self.db.table('files')
|
2019-09-08 01:56:29 +00:00
|
|
|
.whereIn('id', unlinked.map(file => file.id))
|
|
|
|
|
.del()
|
|
|
|
|
self.invalidateStatsCache('uploads')
|
|
|
|
|
|
|
|
|
|
unlinked.forEach(file => {
|
2022-07-03 03:35:36 +00:00
|
|
|
// Push album ids
|
2020-10-30 18:12:09 +00:00
|
|
|
if (file.albumid && !albumids.includes(file.albumid)) {
|
2019-09-08 01:56:29 +00:00
|
|
|
albumids.push(file.albumid)
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2022-08-09 10:18:56 +00:00
|
|
|
// Delete from Content-Disposition store if used
|
2022-07-03 03:35:36 +00:00
|
|
|
if (self.contentDispositionStore) {
|
|
|
|
|
self.contentDispositionStore.delete(file.name)
|
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Push unlinked files
|
2020-10-11 10:32:22 +00:00
|
|
|
unlinkeds.push(...unlinked)
|
2019-09-23 08:09:15 +00:00
|
|
|
}))
|
2019-09-08 01:56:29 +00:00
|
|
|
|
|
|
|
|
if (unlinkeds.length) {
|
|
|
|
|
// Update albums if necessary, but do not wait
|
Improved albums public page cache and more
Removed its dependency towards albums' editedAt property.
Editing album's metas (name, description, etc) will no longer update
its editedAt property.
Instead it will now ONLY be updated when adding/removing files to/from
it. Just like how it was meant to be, which was to be used to check
whether it's necessary to re-generate their downloadable ZIPs.
Albums public page cache will still be properly invalidated when
adding/removing files to/from it, as well as after editing their metas.
Added views/album-notice.njk to be used to render okay-ish notice when
an album's public page is still being generated.
I was originally thinking of using it for disabled albums as well, but
I refrained from it to reduce the possibility of disabled album IDs from
being easily scanned (as it just returns 404 now).
Removed invalidatedAt property from stats cache. Instead their caches
will immediately be nullified as they should (thus frees up memory
slightly as well).
Stats cache for albums will now only be cleared when truly necessary.
As in, adding/removing files to/from albums will no longer clear them.
Updated Nunjucks files to properly use h1, h2, h3 tags in actual
hierarchical orders.
Elements that don't need to use hX tags will now use P instead.
Nothing changes visually, only structurally.
Fixed some elements in Nunjucks using single quotes instead of
double quotes. They'd have worked the same, but consistency.
Added h1 title in FAQ page.
Make text for no JS warning a bit bigger, and improved the phrasing
a little bit.
2020-06-03 03:44:24 +00:00
|
|
|
if (albumids.length) {
|
2022-06-03 21:21:56 +00:00
|
|
|
self.db.table('albums')
|
2019-09-08 01:56:29 +00:00
|
|
|
.whereIn('id', albumids)
|
|
|
|
|
.update('editedAt', Math.floor(Date.now() / 1000))
|
|
|
|
|
.catch(logger.error)
|
2022-07-06 10:51:34 +00:00
|
|
|
self.deleteStoredAlbumRenders(albumids)
|
Improved albums public page cache and more
Removed its dependency towards albums' editedAt property.
Editing album's metas (name, description, etc) will no longer update
its editedAt property.
Instead it will now ONLY be updated when adding/removing files to/from
it. Just like how it was meant to be, which was to be used to check
whether it's necessary to re-generate their downloadable ZIPs.
Albums public page cache will still be properly invalidated when
adding/removing files to/from it, as well as after editing their metas.
Added views/album-notice.njk to be used to render okay-ish notice when
an album's public page is still being generated.
I was originally thinking of using it for disabled albums as well, but
I refrained from it to reduce the possibility of disabled album IDs from
being easily scanned (as it just returns 404 now).
Removed invalidatedAt property from stats cache. Instead their caches
will immediately be nullified as they should (thus frees up memory
slightly as well).
Stats cache for albums will now only be cleared when truly necessary.
As in, adding/removing files to/from albums will no longer clear them.
Updated Nunjucks files to properly use h1, h2, h3 tags in actual
hierarchical orders.
Elements that don't need to use hX tags will now use P instead.
Nothing changes visually, only structurally.
Fixed some elements in Nunjucks using single quotes instead of
double quotes. They'd have worked the same, but consistency.
Added h1 title in FAQ page.
Make text for no JS warning a bit bigger, and improved the phrasing
a little bit.
2020-06-03 03:44:24 +00:00
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
|
|
|
|
|
// Purge Cloudflare's cache if necessary, but do not wait
|
2020-10-30 18:12:09 +00:00
|
|
|
if (config.cloudflare.purgeCache) {
|
2019-09-08 01:56:29 +00:00
|
|
|
self.purgeCloudflareCache(unlinkeds.map(file => file.name), true, true)
|
|
|
|
|
.then(results => {
|
2020-10-30 18:12:09 +00:00
|
|
|
for (const result of results) {
|
|
|
|
|
if (result.errors.length) {
|
2019-09-08 01:56:29 +00:00
|
|
|
result.errors.forEach(error => logger.error(`[CF]: ${error}`))
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
})
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
}
|
|
|
|
|
} catch (error) {
|
|
|
|
|
logger.error(error)
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-05 19:44:58 +00:00
|
|
|
return failed
|
2018-03-30 02:39:53 +00:00
|
|
|
}
|
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
self.purgeCloudflareCache = async (names, uploads, thumbs) => {
|
2020-06-26 06:48:15 +00:00
|
|
|
const errors = []
|
2020-10-30 18:12:09 +00:00
|
|
|
if (!cloudflareAuth) {
|
2020-06-26 06:48:15 +00:00
|
|
|
errors.push('Cloudflare auth is incomplete or missing')
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
|
|
|
|
if (!Array.isArray(names) || !names.length) {
|
2020-06-26 06:48:15 +00:00
|
|
|
errors.push('Names array is invalid or empty')
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
|
|
|
|
if (errors.length) {
|
2020-06-26 06:48:15 +00:00
|
|
|
return [{ success: false, files: [], errors }]
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2019-01-06 06:27:17 +00:00
|
|
|
|
2022-10-05 21:20:02 +00:00
|
|
|
let domain = config.domain
|
|
|
|
|
if (!uploads) domain = config.homeDomain
|
2018-05-09 09:53:27 +00:00
|
|
|
|
2019-01-18 03:40:15 +00:00
|
|
|
const thumbNames = []
|
2018-05-09 09:53:27 +00:00
|
|
|
names = names.map(name => {
|
2019-01-06 08:26:43 +00:00
|
|
|
if (uploads) {
|
|
|
|
|
const url = `${domain}/${name}`
|
2019-09-08 01:56:29 +00:00
|
|
|
const extname = self.extname(name)
|
2020-10-30 18:12:09 +00:00
|
|
|
if (thumbs && self.mayGenerateThumb(extname)) {
|
2019-01-18 03:40:15 +00:00
|
|
|
thumbNames.push(`${domain}/thumbs/${name.slice(0, -extname.length)}.png`)
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2019-01-06 08:26:43 +00:00
|
|
|
return url
|
|
|
|
|
} else {
|
|
|
|
|
return name === 'home' ? domain : `${domain}/${name}`
|
|
|
|
|
}
|
2018-05-09 09:53:27 +00:00
|
|
|
})
|
2020-10-11 10:32:22 +00:00
|
|
|
names.push(...thumbNames)
|
2019-01-31 09:29:34 +00:00
|
|
|
|
|
|
|
|
// Split array into multiple arrays with max length of 30 URLs
|
|
|
|
|
// https://api.cloudflare.com/#zone-purge-files-by-url
|
|
|
|
|
const MAX_LENGTH = 30
|
2019-09-08 01:56:29 +00:00
|
|
|
const chunks = []
|
2020-10-30 18:12:09 +00:00
|
|
|
while (names.length) {
|
2019-09-08 01:56:29 +00:00
|
|
|
chunks.push(names.splice(0, MAX_LENGTH))
|
2020-10-30 18:12:09 +00:00
|
|
|
}
|
2019-01-31 09:29:34 +00:00
|
|
|
|
|
|
|
|
const results = []
|
2022-07-14 07:41:55 +00:00
|
|
|
for (const chunk of chunks) {
|
|
|
|
|
const result = await cloudflarePurgeCacheQueue.push(chunk)
|
|
|
|
|
results.push(result)
|
|
|
|
|
}
|
2019-01-31 09:29:34 +00:00
|
|
|
return results
|
2018-05-09 09:53:27 +00:00
|
|
|
}
|
|
|
|
|
|
2020-05-16 14:45:14 +00:00
|
|
|
self.bulkDeleteExpired = async (dryrun, verbose) => {
|
2019-09-08 01:56:29 +00:00
|
|
|
const timestamp = Date.now() / 1000
|
2020-05-16 14:45:14 +00:00
|
|
|
const fields = ['id']
|
|
|
|
|
if (verbose) fields.push('name')
|
2019-09-08 01:56:29 +00:00
|
|
|
|
|
|
|
|
const result = {}
|
2022-06-03 21:21:56 +00:00
|
|
|
result.expired = await self.db.table('files')
|
2019-09-08 01:56:29 +00:00
|
|
|
.where('expirydate', '<=', timestamp)
|
2020-05-16 14:45:14 +00:00
|
|
|
.select(fields)
|
2019-09-08 01:56:29 +00:00
|
|
|
|
|
|
|
|
if (!dryrun) {
|
2020-05-16 14:45:14 +00:00
|
|
|
// Make a shallow copy
|
|
|
|
|
const field = fields[0]
|
|
|
|
|
const values = result.expired.slice().map(row => row[field])
|
2023-02-25 11:16:11 +00:00
|
|
|
// NOTE: 4th parameter set to true to bypass permission check
|
|
|
|
|
result.failed = await self.bulkDeleteFromDb(field, values, null, true)
|
2022-05-06 19:01:33 +00:00
|
|
|
if (verbose && result.failed.length) {
|
|
|
|
|
result.failed = result.failed
|
|
|
|
|
.map(failed => result.expired.find(file => file[fields[0]] === failed))
|
|
|
|
|
}
|
2019-09-08 01:56:29 +00:00
|
|
|
}
|
|
|
|
|
return result
|
2019-04-05 17:32:52 +00:00
|
|
|
}
|
|
|
|
|
|
2022-07-06 10:51:34 +00:00
|
|
|
self.deleteStoredAlbumRenders = albumids => {
|
2019-09-17 04:13:41 +00:00
|
|
|
for (const albumid of albumids) {
|
2022-07-06 10:51:34 +00:00
|
|
|
self.albumRenderStore.delete(`${albumid}`)
|
|
|
|
|
self.albumRenderStore.delete(`${albumid}-nojs`)
|
2019-09-17 04:13:41 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-05 19:46:49 +00:00
|
|
|
/** Statistics API **/
|
2019-04-12 00:45:33 +00:00
|
|
|
|
2022-10-05 19:46:49 +00:00
|
|
|
self.invalidateStatsCache = StatsManager.invalidateStatsCache
|
|
|
|
|
|
2022-10-08 09:39:28 +00:00
|
|
|
self.buildStatsPayload = name => {
|
|
|
|
|
return {
|
|
|
|
|
...((StatsManager.cachedStats[name] && StatsManager.cachedStats[name].cache) || {}),
|
|
|
|
|
meta: {
|
|
|
|
|
key: name,
|
|
|
|
|
...(StatsManager.cachedStats[name]
|
|
|
|
|
? {
|
|
|
|
|
cached: Boolean(StatsManager.cachedStats[name].cache),
|
|
|
|
|
generatedOn: StatsManager.cachedStats[name].generatedOn || 0,
|
|
|
|
|
maxAge: typeof StatsManager.statGenerators[name].maxAge === 'number'
|
|
|
|
|
? StatsManager.statGenerators[name].maxAge
|
|
|
|
|
: null
|
|
|
|
|
}
|
|
|
|
|
: {
|
|
|
|
|
cached: false
|
|
|
|
|
}),
|
|
|
|
|
type: StatsManager.Type.HIDDEN
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-05 19:46:49 +00:00
|
|
|
self.stats = async (req, res) => {
|
2022-08-04 14:59:06 +00:00
|
|
|
const isadmin = perms.is(req.locals.user, 'admin')
|
|
|
|
|
if (!isadmin) {
|
|
|
|
|
return res.status(403).end()
|
|
|
|
|
}
|
2021-01-27 16:50:45 +00:00
|
|
|
|
2022-07-10 12:46:25 +00:00
|
|
|
const hrstart = process.hrtime()
|
2019-04-05 17:32:52 +00:00
|
|
|
|
2022-10-08 09:39:28 +00:00
|
|
|
await StatsManager.generateStats(self.db)
|
|
|
|
|
|
|
|
|
|
// Ensures object payload has its keys matching the required ordering
|
|
|
|
|
const stats = StatsManager.statNames.reduce((acc, name) => {
|
|
|
|
|
const title = StatsManager.statGenerators[name].title
|
|
|
|
|
acc[title] = self.buildStatsPayload(name)
|
|
|
|
|
return acc
|
|
|
|
|
}, {})
|
|
|
|
|
|
|
|
|
|
return res.json({ success: true, stats, hrtime: process.hrtime(hrstart) })
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
self.statsCategory = async (req, res) => {
|
|
|
|
|
const isadmin = perms.is(req.locals.user, 'admin')
|
|
|
|
|
if (!isadmin) {
|
|
|
|
|
return res.status(403).end()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const category = req.path_parameters && req.path_parameters.category
|
|
|
|
|
if (!category || !StatsManager.statNames.includes(category)) {
|
|
|
|
|
throw new ClientError('Bad request.')
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const hrstart = process.hrtime()
|
|
|
|
|
|
|
|
|
|
// Generate required stats category, forced
|
|
|
|
|
await StatsManager.generateStats(self.db, [category], true)
|
|
|
|
|
|
|
|
|
|
const title = StatsManager.statGenerators[category].title
|
|
|
|
|
const stats = {
|
|
|
|
|
[title]: self.buildStatsPayload(category)
|
|
|
|
|
}
|
2022-07-10 12:46:25 +00:00
|
|
|
|
|
|
|
|
return res.json({ success: true, stats, hrtime: process.hrtime(hrstart) })
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-08 01:56:29 +00:00
|
|
|
module.exports = self
|