mirror of
https://github.com/grocy/grocy.git
synced 2025-04-29 01:32:38 +00:00
Enforce file groups
This commit is contained in:
Bernd Bestel
parent
74d745cfc4
commit
34ffb96ae3
@ -11,6 +11,11 @@ class FilesApiController extends BaseApiController
|
||||
{
|
||||
try
|
||||
{
|
||||
if(!in_array($args['group'], $this->getOpenApiSpec()->components->internalSchemas->FileGroups->enum))
|
||||
{
|
||||
throw new \Exception('Invalid file group');
|
||||
}
|
||||
|
||||
if (IsValidFileName(base64_decode($args['fileName'])))
|
||||
{
|
||||
$fileName = base64_decode($args['fileName']);
|
||||
@ -39,8 +44,12 @@ class FilesApiController extends BaseApiController
|
||||
{
|
||||
try
|
||||
{
|
||||
$fileName = $this->checkFileName($args['fileName']);
|
||||
if(!in_array($args['group'], $this->getOpenApiSpec()->components->internalSchemas->FileGroups->enum))
|
||||
{
|
||||
throw new \Exception('Invalid file group');
|
||||
}
|
||||
|
||||
$fileName = $this->checkFileName($args['fileName']);
|
||||
$filePath = $this->getFilePath($args['group'], $fileName, $request->getQueryParams());
|
||||
|
||||
if (file_exists($filePath))
|
||||
@ -65,9 +74,13 @@ class FilesApiController extends BaseApiController
|
||||
{
|
||||
try
|
||||
{
|
||||
if(!in_array($args['group'], $this->getOpenApiSpec()->components->internalSchemas->FileGroups->enum))
|
||||
{
|
||||
throw new \Exception('Invalid file group');
|
||||
}
|
||||
|
||||
$fileInfo = explode('_', $args['fileName']);
|
||||
$fileName = $this->checkFileName($fileInfo[1]);
|
||||
|
||||
$filePath = $this->getFilePath($args['group'], base64_decode($fileInfo[0]), $request->getQueryParams());
|
||||
|
||||
if (file_exists($filePath))
|
||||
@ -92,9 +105,14 @@ class FilesApiController extends BaseApiController
|
||||
{
|
||||
try
|
||||
{
|
||||
$fileName = $this->checkFileName($args['fileName']);
|
||||
if(!in_array($args['group'], $this->getOpenApiSpec()->components->internalSchemas->FileGroups->enum))
|
||||
{
|
||||
throw new \Exception('Invalid file group');
|
||||
}
|
||||
|
||||
$fileName = $this->checkFileName($args['fileName']);
|
||||
$data = $request->getBody()->getContents();
|
||||
|
||||
file_put_contents($this->getFilesService()->GetFilePath($args['group'], $fileName), $data);
|
||||
|
||||
return $this->EmptyApiResponse($response);
|
||||
|
||||
@ -734,7 +734,7 @@
|
||||
"required": true,
|
||||
"description": "The file group",
|
||||
"schema": {
|
||||
"type": "string"
|
||||
"$ref": "#/components/internalSchemas/FileGroups"
|
||||
}
|
||||
},
|
||||
{
|
||||
@ -814,7 +814,7 @@
|
||||
"required": true,
|
||||
"description": "The file group",
|
||||
"schema": {
|
||||
"type": "string"
|
||||
"$ref": "#/components/internalSchemas/FileGroups"
|
||||
}
|
||||
},
|
||||
{
|
||||
@ -865,7 +865,7 @@
|
||||
"required": true,
|
||||
"description": "The file group",
|
||||
"schema": {
|
||||
"type": "string"
|
||||
"$ref": "#/components/internalSchemas/FileGroups"
|
||||
}
|
||||
},
|
||||
{
|
||||
@ -4184,6 +4184,16 @@
|
||||
"product-opened"
|
||||
]
|
||||
},
|
||||
"FileGroups": {
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"equipmentmanuals",
|
||||
"recipepictures",
|
||||
"productpictures",
|
||||
"userfiles",
|
||||
"userpictures"
|
||||
]
|
||||
},
|
||||
"StringEnumTemplate": {
|
||||
"type": "string",
|
||||
"enum": []
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user