Mirror/filesafe
1
0
Fork 0
mirror of https://github.com/BobbyWibowo/lolisafe.git synced 2025-01-18 17:21:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Extended configuration for virus scanning

Browse Source 
Added whitelist extensions
Added max size limit
This commit is contained in:
Bobby Wibowo 2020-04-04 21:20:01 +07:00
parent 6741798085
commit 46fa9677ff
No known key found for this signature in database
GPG Key ID: 51C3A1E1E22D26CF
3 changed files with 34 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
config.sample.js
View File

@ -296,15 +296,33 @@ module.exports = {
groupBypass: Name of the lowest ranked group whose files will not be scanned.
Lowest ranked meanning that group AND any groups higher than it are included.
Example: 'moderator' = moderators, admins & superadmins.
More about groups at controllers/permissionController.js.
*/
scan: {
enabled: false,
ip: '127.0.0.1',
port: 3310,
timeout: 180 * 1000,
chunkSize: 64 * 1024,
groupBypass: 'admin'
groupBypass: 'admin', // Other group names in controllers/permissionController.js
whitelistExtensions: null, /* [
'.webp',
'.jpg',
'.jpeg',
'.gif',
'.png',
'.tiff',
'.tif',
'.svg',
'.webm',
'.mp4',
'.wmv',
'.avi',
'.mov',
'.mkv'
], */
maxSize: null // '25MB' // Needs to be in MB
},
/*

11
controllers/uploadController.js
View File

@ -536,11 +536,20 @@ self.cleanUpChunks = async (uuid) => {
}
self.scanFiles = async (req, user, infoMap) => {
if (user && utils.clamd.groupBypass && perms.is(user, utils.clamd.groupBypass))
// eslint-disable-next-line curly
if (user && utils.clamd.groupBypass && perms.is(user, utils.clamd.groupBypass)) {
// logger.log(`[ClamAV]: Skipping ${infoMap.length} file(s), ${utils.clamd.groupBypass} group bypass`)
return false
}
const foundThreats = []
const results = await Promise.all(infoMap.map(async info => {
if (utils.clamd.whitelistExtensions && utils.clamd.whitelistExtensions.includes(info.data.extname))
return // logger.log(`[ClamAV]: Skipping ${info.data.filename}, extension whitelisted`)
if (utils.clamd.maxSize && info.data.size > utils.clamd.maxSize)
return // logger.log(`[ClamAV]: Skipping ${info.data.filename}, size ${info.data.size} > ${utils.clamd.maxSize}`)
const reply = await utils.clamd.scanner.scanFile(info.path, utils.clamd.timeout, utils.clamd.chunkSize)
if (!reply.includes('OK') || reply.includes('FOUND')) {
// eslint-disable-next-line no-control-regex

5
controllers/utilsController.js
View File

@ -16,7 +16,10 @@ const self = {
scanner: null,
timeout: config.uploads.scan.timeout || 5000,
chunkSize: config.uploads.scan.chunkSize || 64 * 1024,
groupBypass: config.uploads.scan.groupBypass || null
groupBypass: config.uploads.scan.groupBypass || null,
whitelistExtensions: (Array.isArray(config.uploads.scan.whitelistExtensions) &&
config.uploads.scan.whitelistExtensions.length) ? config.uploads.scan.whitelistExtensions : null,
maxSize: (parseInt(config.uploads.scan.maxSize) * 1e6) || null
},
gitHash: null,
idSet: null,