feat: restored image upload
* only use readonly id when storing image to prevent leaking of the editable id
This commit is contained in:
parent
14e1ee5391
commit
2c2c104bbf
@ -89,32 +89,37 @@ function startBackendServer(port) {
|
|||||||
|
|
||||||
function progressUploadFormData(formData, callback) {
|
function progressUploadFormData(formData, callback) {
|
||||||
console.log("Progress new Form Data");
|
console.log("Progress new Form Data");
|
||||||
var fields = escapeAllContentStrings(formData.fields);
|
const fields = escapeAllContentStrings(formData.fields);
|
||||||
var files = formData.files;
|
const wid = fields["whiteboardId"];
|
||||||
var whiteboardId = fields["whiteboardId"];
|
if (ReadOnlyBackendService.isReadOnly(wid)) return;
|
||||||
|
|
||||||
var name = fields["name"] || "";
|
const readOnlyWid = ReadOnlyBackendService.getReadOnlyId(wid);
|
||||||
var date = fields["date"] || +new Date();
|
|
||||||
var filename = whiteboardId + "_" + date + ".png";
|
const name = fields["name"] || "";
|
||||||
var webdavaccess = fields["webdavaccess"] || false;
|
const date = fields["date"] || +new Date();
|
||||||
|
const filename = `${readOnlyWid}_${date}.png`;
|
||||||
|
let webdavaccess = fields["webdavaccess"] || false;
|
||||||
try {
|
try {
|
||||||
webdavaccess = JSON.parse(webdavaccess);
|
webdavaccess = JSON.parse(webdavaccess);
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
webdavaccess = false;
|
webdavaccess = false;
|
||||||
}
|
}
|
||||||
fs.ensureDir("./public/uploads", function (err) {
|
|
||||||
|
const savingDir = path.join("./public/uploads", readOnlyWid);
|
||||||
|
fs.ensureDir(savingDir, function (err) {
|
||||||
if (err) {
|
if (err) {
|
||||||
console.log("Could not create upload folder!", err);
|
console.log("Could not create upload folder!", err);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
var imagedata = fields["imagedata"];
|
let imagedata = fields["imagedata"];
|
||||||
if (imagedata && imagedata != "") {
|
if (imagedata && imagedata != "") {
|
||||||
//Save from base64 data
|
//Save from base64 data
|
||||||
imagedata = imagedata
|
imagedata = imagedata
|
||||||
.replace(/^data:image\/png;base64,/, "")
|
.replace(/^data:image\/png;base64,/, "")
|
||||||
.replace(/^data:image\/jpeg;base64,/, "");
|
.replace(/^data:image\/jpeg;base64,/, "");
|
||||||
console.log(filename, "uploaded");
|
console.log(filename, "uploaded");
|
||||||
fs.writeFile("./public/uploads/" + filename, imagedata, "base64", function (err) {
|
const savingPath = path.join(savingDir, filename);
|
||||||
|
fs.writeFile(savingPath, imagedata, "base64", function (err) {
|
||||||
if (err) {
|
if (err) {
|
||||||
console.log("error", err);
|
console.log("error", err);
|
||||||
callback(err);
|
callback(err);
|
||||||
@ -122,19 +127,16 @@ function startBackendServer(port) {
|
|||||||
if (webdavaccess) {
|
if (webdavaccess) {
|
||||||
//Save image to webdav
|
//Save image to webdav
|
||||||
if (enableWebdav) {
|
if (enableWebdav) {
|
||||||
saveImageToWebdav(
|
saveImageToWebdav(savingPath, filename, webdavaccess, function (
|
||||||
"./public/uploads/" + filename,
|
err
|
||||||
filename,
|
) {
|
||||||
webdavaccess,
|
|
||||||
function (err) {
|
|
||||||
if (err) {
|
if (err) {
|
||||||
console.log("error", err);
|
console.log("error", err);
|
||||||
callback(err);
|
callback(err);
|
||||||
} else {
|
} else {
|
||||||
callback();
|
callback();
|
||||||
}
|
}
|
||||||
}
|
});
|
||||||
);
|
|
||||||
} else {
|
} else {
|
||||||
callback("Webdav is not enabled on the server!");
|
callback("Webdav is not enabled on the server!");
|
||||||
}
|
}
|
||||||
@ -152,10 +154,10 @@ function startBackendServer(port) {
|
|||||||
|
|
||||||
function saveImageToWebdav(imagepath, filename, webdavaccess, callback) {
|
function saveImageToWebdav(imagepath, filename, webdavaccess, callback) {
|
||||||
if (webdavaccess) {
|
if (webdavaccess) {
|
||||||
var webdavserver = webdavaccess["webdavserver"] || "";
|
const webdavserver = webdavaccess["webdavserver"] || "";
|
||||||
var webdavpath = webdavaccess["webdavpath"] || "/";
|
const webdavpath = webdavaccess["webdavpath"] || "/";
|
||||||
var webdavusername = webdavaccess["webdavusername"] || "";
|
const webdavusername = webdavaccess["webdavusername"] || "";
|
||||||
var webdavpassword = webdavaccess["webdavpassword"] || "";
|
const webdavpassword = webdavaccess["webdavpassword"] || "";
|
||||||
|
|
||||||
const client = createClient(webdavserver, {
|
const client = createClient(webdavserver, {
|
||||||
username: webdavusername,
|
username: webdavusername,
|
||||||
@ -164,7 +166,7 @@ function startBackendServer(port) {
|
|||||||
client
|
client
|
||||||
.getDirectoryContents(webdavpath)
|
.getDirectoryContents(webdavpath)
|
||||||
.then((items) => {
|
.then((items) => {
|
||||||
var cloudpath = webdavpath + "" + filename;
|
const cloudpath = webdavpath + "" + filename;
|
||||||
console.log("webdav saving to:", cloudpath);
|
console.log("webdav saving to:", cloudpath);
|
||||||
fs.createReadStream(imagepath).pipe(client.createWriteStream(cloudpath));
|
fs.createReadStream(imagepath).pipe(client.createWriteStream(cloudpath));
|
||||||
callback();
|
callback();
|
||||||
@ -244,7 +246,9 @@ function startBackendServer(port) {
|
|||||||
socket.emit("whiteboardConfig", {
|
socket.emit("whiteboardConfig", {
|
||||||
common: config.frontend,
|
common: config.frontend,
|
||||||
whiteboardSpecific: {
|
whiteboardSpecific: {
|
||||||
correspondingReadOnlyId: ReadOnlyBackendService.getReadOnlyId(whiteboardId),
|
correspondingReadOnlyWid: ReadOnlyBackendService.getReadOnlyId(
|
||||||
|
whiteboardId
|
||||||
|
),
|
||||||
isReadOnly: ReadOnlyBackendService.isReadOnly(whiteboardId),
|
isReadOnly: ReadOnlyBackendService.isReadOnly(whiteboardId),
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
|
@ -706,7 +706,7 @@ function initWhiteboard() {
|
|||||||
);
|
);
|
||||||
|
|
||||||
function uploadImgAndAddToWhiteboard(base64data) {
|
function uploadImgAndAddToWhiteboard(base64data) {
|
||||||
var date = +new Date();
|
const date = +new Date();
|
||||||
$.ajax({
|
$.ajax({
|
||||||
type: "POST",
|
type: "POST",
|
||||||
url: document.URL.substr(0, document.URL.lastIndexOf("/")) + "/api/upload",
|
url: document.URL.substr(0, document.URL.lastIndexOf("/")) + "/api/upload",
|
||||||
@ -717,9 +717,11 @@ function initWhiteboard() {
|
|||||||
at: accessToken,
|
at: accessToken,
|
||||||
},
|
},
|
||||||
success: function (msg) {
|
success: function (msg) {
|
||||||
var filename = whiteboardId + "_" + date + ".png";
|
const { correspondingReadOnlyWid } = ConfigService;
|
||||||
|
const filename = `${correspondingReadOnlyWid}_${date}.png`;
|
||||||
|
const rootUrl = document.URL.substr(0, document.URL.lastIndexOf("/"));
|
||||||
whiteboard.addImgToCanvasByUrl(
|
whiteboard.addImgToCanvasByUrl(
|
||||||
document.URL.substr(0, document.URL.lastIndexOf("/")) + "/uploads/" + filename
|
`${rootUrl}/uploads/${correspondingReadOnlyWid}/${filename}`
|
||||||
); //Add image to canvas
|
); //Add image to canvas
|
||||||
console.log("Image uploaded!");
|
console.log("Image uploaded!");
|
||||||
},
|
},
|
||||||
|
@ -12,6 +12,23 @@ class ConfigService {
|
|||||||
return this.#configFromServer;
|
return this.#configFromServer;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Associated read-only id for this whiteboad
|
||||||
|
* @type {string}
|
||||||
|
*/
|
||||||
|
#correspondingReadOnlyWid = "";
|
||||||
|
get correspondingReadOnlyWid() {
|
||||||
|
return this.#correspondingReadOnlyWid;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @type {boolean}
|
||||||
|
*/
|
||||||
|
#isReadOnly = true;
|
||||||
|
get isReadOnly() {
|
||||||
|
return this.#isReadOnly;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @type {{displayInfo: boolean, setReadOnly: boolean}}
|
* @type {{displayInfo: boolean, setReadOnly: boolean}}
|
||||||
* @readonly
|
* @readonly
|
||||||
@ -97,6 +114,12 @@ class ConfigService {
|
|||||||
this.#backgroundGridImage = backgroundGridImage;
|
this.#backgroundGridImage = backgroundGridImage;
|
||||||
this.#refreshInfoInterval = 1000 / performance.refreshInfoFreq;
|
this.#refreshInfoInterval = 1000 / performance.refreshInfoFreq;
|
||||||
|
|
||||||
|
const { whiteboardSpecific } = configFromServer;
|
||||||
|
const { correspondingReadOnlyWid, isReadOnly } = whiteboardSpecific;
|
||||||
|
|
||||||
|
this.#correspondingReadOnlyWid = correspondingReadOnlyWid;
|
||||||
|
this.#isReadOnly = isReadOnly;
|
||||||
|
|
||||||
console.log("Whiteboard config from server:", configFromServer, "parsed:", this);
|
console.log("Whiteboard config from server:", configFromServer, "parsed:", this);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user