Mirror/filesafe
1
0
Fork 0
mirror of https://github.com/BobbyWibowo/lolisafe.git synced 2025-01-31 07:11:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Extended configuration for virus scanning

Browse Source 
Added whitelist extensions
Added max size limit
This commit is contained in:
Bobby Wibowo 2020-04-04 21:20:01 +07:00
parent 6741798085
commit 46fa9677ff
No known key found for this signature in database
GPG Key ID: 51C3A1E1E22D26CF
3 changed files with 34 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
config.sample.js
View File

@ -296,15 +296,33 @@ module.exports = {
groupBypass: Name of the lowest ranked group whose files will not be scanned. groupBypass: Name of the lowest ranked group whose files will not be scanned.
Lowest ranked meanning that group AND any groups higher than it are included. Lowest ranked meanning that group AND any groups higher than it are included.
Example: 'moderator' = moderators, admins & superadmins. Example: 'moderator' = moderators, admins & superadmins.
More about groups at controllers/permissionController.js.
*/ */
scan: { scan: {
enabled: false, enabled: false,
ip: '127.0.0.1', ip: '127.0.0.1',
port: 3310, port: 3310,
timeout: 180 * 1000, timeout: 180 * 1000,
chunkSize: 64 * 1024, chunkSize: 64 * 1024,
groupBypass: 'admin'
groupBypass: 'admin', // Other group names in controllers/permissionController.js
whitelistExtensions: null, /* [
'.webp',
'.jpg',
'.jpeg',
'.gif',
'.png',
'.tiff',
'.tif',
'.svg',
'.webm',
'.mp4',
'.wmv',
'.avi',
'.mov',
'.mkv'
], */
maxSize: null // '25MB' // Needs to be in MB
}, },
/* /*

11
controllers/uploadController.js
View File

@ -536,11 +536,20 @@ self.cleanUpChunks = async (uuid) => {
} }
self.scanFiles = async (req, user, infoMap) => { self.scanFiles = async (req, user, infoMap) => {
if (user && utils.clamd.groupBypass && perms.is(user, utils.clamd.groupBypass)) // eslint-disable-next-line curly
if (user && utils.clamd.groupBypass && perms.is(user, utils.clamd.groupBypass)) {
// logger.log(`[ClamAV]: Skipping ${infoMap.length} file(s), ${utils.clamd.groupBypass} group bypass`)
return false return false
}
const foundThreats = [] const foundThreats = []
const results = await Promise.all(infoMap.map(async info => { const results = await Promise.all(infoMap.map(async info => {
if (utils.clamd.whitelistExtensions && utils.clamd.whitelistExtensions.includes(info.data.extname))
return // logger.log(`[ClamAV]: Skipping ${info.data.filename}, extension whitelisted`)
if (utils.clamd.maxSize && info.data.size > utils.clamd.maxSize)
return // logger.log(`[ClamAV]: Skipping ${info.data.filename}, size ${info.data.size} > ${utils.clamd.maxSize}`)
const reply = await utils.clamd.scanner.scanFile(info.path, utils.clamd.timeout, utils.clamd.chunkSize) const reply = await utils.clamd.scanner.scanFile(info.path, utils.clamd.timeout, utils.clamd.chunkSize)
if (!reply.includes('OK') || reply.includes('FOUND')) { if (!reply.includes('OK') || reply.includes('FOUND')) {
// eslint-disable-next-line no-control-regex // eslint-disable-next-line no-control-regex

5
controllers/utilsController.js
View File

@ -16,7 +16,10 @@ const self = {
scanner: null, scanner: null,
timeout: config.uploads.scan.timeout || 5000, timeout: config.uploads.scan.timeout || 5000,
chunkSize: config.uploads.scan.chunkSize || 64 * 1024, chunkSize: config.uploads.scan.chunkSize || 64 * 1024,
groupBypass: config.uploads.scan.groupBypass || null groupBypass: config.uploads.scan.groupBypass || null,
whitelistExtensions: (Array.isArray(config.uploads.scan.whitelistExtensions) &&
config.uploads.scan.whitelistExtensions.length) ? config.uploads.scan.whitelistExtensions : null,
maxSize: (parseInt(config.uploads.scan.maxSize) * 1e6) || null
}, },
gitHash: null, gitHash: null,
idSet: null, idSet: null,