feat: ScannerManager

controllers/uploadController.js

@@ -10,6 +10,7 @@ const paths = require('./pathsController')
 const perms = require('./permissionController')
 const utils = require('./utilsController')
 const ClientError = require('./utils/ClientError')
+const ScannerManager = require('./utils/ScannerManager')
 const ServerError = require('./utils/ServerError')
 const config = require('./utils/ConfigManager')
 const logger = require('./../logger')
@@ -520,8 +521,8 @@ self.actuallyUpload = async (req, res, data = {}) => {
 
   const filesData = req.files
 
-  if (utils.scan.instance) {
-    const scanResult = await self.scanFiles(req, filesData)
+  if (ScannerManager.instance) {
+    const scanResult = await self.scanFiles(req.locals.user, filesData)
     if (scanResult) {
       throw new ClientError(scanResult)
     }
@@ -733,8 +734,8 @@ self.actuallyUploadUrls = async (req, res, data = {}) => {
     throw error
   })
 
-  if (utils.scan.instance) {
-    const scanResult = await self.scanFiles(req, filesData)
+  if (ScannerManager.instance) {
+    const scanResult = await self.scanFiles(req.locals.user, filesData)
     if (scanResult) {
       throw new ClientError(scanResult)
     }
@@ -856,8 +857,8 @@ self.actuallyFinishChunks = async (req, res, files) => {
     })
   }))
 
-  if (utils.scan.instance) {
-    const scanResult = await self.scanFiles(req, filesData)
+  if (ScannerManager.instance) {
+    const scanResult = await self.scanFiles(req.locals.user, filesData)
     if (scanResult) {
       throw new ClientError(scanResult)
     }
@@ -891,7 +892,7 @@ self.cleanUpChunks = async uuid => {
 /** Virus scanning (ClamAV) */
 
 self.assertScanUserBypass = (user, filenames) => {
-  if (!user || !utils.scan.groupBypass) {
+  if (!user || !ScannerManager.groupBypass) {
     return false
   }
 
@@ -899,8 +900,8 @@ self.assertScanUserBypass = (user, filenames) => {
     filenames = [filenames]
   }
 
-  logger.debug(`[ClamAV]: ${filenames.join(', ')}: Skipped, uploaded by ${user.username} (${utils.scan.groupBypass})`)
-  return perms.is(user, utils.scan.groupBypass)
+  logger.debug(`[ClamAV]: ${filenames.join(', ')}: Skipped, uploaded by ${user.username} (${ScannerManager.groupBypass})`)
+  return perms.is(user, ScannerManager.groupBypass)
 }
 
 self.assertScanFileBypass = data => {
@@ -909,22 +910,22 @@ self.assertScanFileBypass = data => {
   }
 
   const extname = data.extname || utils.extname(data.filename)
-  if (utils.scan.whitelistExtensions && utils.scan.whitelistExtensions.includes(extname)) {
+  if (ScannerManager.whitelistExtensions && ScannerManager.whitelistExtensions.includes(extname)) {
     logger.debug(`[ClamAV]: ${data.filename}: Skipped, extension whitelisted`)
     return true
   }
 
-  if (utils.scan.maxSize && data.size !== undefined && data.size > utils.scan.maxSize) {
-    logger.debug(`[ClamAV]: ${data.filename}: Skipped, size ${data.size} > ${utils.scan.maxSize}`)
+  if (ScannerManager.maxSize && data.size !== undefined && data.size > ScannerManager.maxSize) {
+    logger.debug(`[ClamAV]: ${data.filename}: Skipped, size ${data.size} > ${ScannerManager.maxSize}`)
     return true
   }
 
   return false
 }
 
-self.scanFiles = async (req, filesData) => {
+self.scanFiles = async (user, filesData) => {
   const filenames = filesData.map(file => file.filename)
-  if (self.assertScanUserBypass(req.locals.user, filenames)) {
+  if (self.assertScanUserBypass(user, filenames)) {
     return false
   }
 
@@ -934,7 +935,7 @@ self.scanFiles = async (req, filesData) => {
     if (self.assertScanFileBypass(file)) return
 
     logger.debug(`[ClamAV]: ${file.filename}: Scanning\u2026`)
-    const response = await utils.scan.instance.isInfected(file.path)
+    const response = await ScannerManager.instance.isInfected(file.path)
     if (response.isInfected) {
       logger.log(`[ClamAV]: ${file.filename}: ${response.viruses.join(', ')}`)
       foundThreats.push(...response.viruses)

controllers/utils/ScannerManager.js

@@ -0,0 +1,30 @@
+const NodeClam = require('clamscan')
+const config = require('./ConfigManager')
+const logger = require('./../../logger')
+
+const self = {
+  instance: null,
+  version: null,
+  groupBypass: config.uploads.scan.groupBypass || null,
+  whitelistExtensions:
+    (Array.isArray(config.uploads.scan.whitelistExtensions) && config.uploads.scan.whitelistExtensions.length)
+      ? config.uploads.scan.whitelistExtensions
+      : null,
+  maxSize: (parseInt(config.uploads.scan.maxSize) * 1e6) || null
+}
+
+self.init = async () => {
+  if (!config.uploads.scan || !config.uploads.scan.enabled) return
+
+  if (!config.uploads.scan.clamOptions) {
+    logger.error('Missing object config.uploads.scan.clamOptions (check config.sample.js)')
+    process.exit(1)
+  }
+
+  self.instance = await new NodeClam().init(config.uploads.scan.clamOptions)
+  self.version = await self.instance.getVersion().then(s => s.trim())
+
+  logger.log(`Connection established with ${self.version}`)
+}
+
+module.exports = self

controllers/utilsController.js

@@ -14,6 +14,7 @@ const perms = require('./permissionController')
 const ClientError = require('./utils/ClientError')
 const ServerError = require('./utils/ServerError')
 const SimpleDataStore = require('./utils/SimpleDataStore')
+const StatsManager = require('./utils/StatsManager')
 const config = require('./utils/ConfigManager')
 const logger = require('./../logger')
 
@@ -24,16 +25,6 @@ const self = {
   inspect: devmode && require('util').inspect,
 
   db: knex(config.database),
-  scan: {
-    instance: null,
-    version: null,
-    groupBypass: config.uploads.scan.groupBypass || null,
-    whitelistExtensions: (Array.isArray(config.uploads.scan.whitelistExtensions) &&
-      config.uploads.scan.whitelistExtensions.length)
-      ? config.uploads.scan.whitelistExtensions
-      : null,
-    maxSize: (parseInt(config.uploads.scan.maxSize) * 1e6) || null
-  },
   md: {
     instance: new MarkdownIt({
       // https://markdown-it.github.io/markdown-it/#MarkdownIt.new