2019-09-28 16:06:37 +02:00
|
|
|
<?php
|
|
|
|
/**
|
2019-11-09 00:47:20 +01:00
|
|
|
* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
|
2019-09-28 16:06:37 +02:00
|
|
|
*
|
2019-11-01 13:40:30 +01:00
|
|
|
* Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
|
2019-09-28 16:06:37 +02:00
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version 2
|
|
|
|
* of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace App\Services\Attachments;
|
|
|
|
|
|
|
|
use Symfony\Component\Filesystem\Filesystem;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* This service converts the relative pathes for attachments saved in database (like %MEDIA%/img.jpg) to real pathes
|
|
|
|
* an vice versa.
|
|
|
|
*/
|
|
|
|
class AttachmentPathResolver
|
|
|
|
{
|
|
|
|
protected $project_dir;
|
|
|
|
|
|
|
|
protected $media_path;
|
|
|
|
protected $footprints_path;
|
|
|
|
protected $models_path;
|
2019-10-19 17:13:13 +02:00
|
|
|
protected $secure_path;
|
2019-09-28 16:06:37 +02:00
|
|
|
|
|
|
|
protected $placeholders;
|
|
|
|
protected $pathes;
|
|
|
|
protected $placeholders_regex;
|
|
|
|
protected $pathes_regex;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* AttachmentPathResolver constructor.
|
2019-11-09 00:47:20 +01:00
|
|
|
*
|
2020-01-04 20:24:09 +01:00
|
|
|
* @param string $project_dir the kernel that should be used to resolve the project dir
|
|
|
|
* @param string $media_path the path where uploaded attachments should be stored
|
2019-09-28 16:06:37 +02:00
|
|
|
* @param string|null $footprints_path The path where builtin attachments are stored.
|
2019-11-09 00:47:20 +01:00
|
|
|
* Set to null if this ressource should be disabled.
|
2020-01-04 20:24:09 +01:00
|
|
|
* @param string|null $models_path set to null if this ressource should be disabled
|
2019-09-28 16:06:37 +02:00
|
|
|
*/
|
2019-10-19 17:13:13 +02:00
|
|
|
public function __construct(string $project_dir, string $media_path, string $secure_path, ?string $footprints_path, ?string $models_path)
|
2019-09-28 16:06:37 +02:00
|
|
|
{
|
|
|
|
$this->project_dir = $project_dir;
|
|
|
|
|
|
|
|
//Determine the path for our ressources
|
|
|
|
$this->media_path = $this->parameterToAbsolutePath($media_path);
|
|
|
|
$this->footprints_path = $this->parameterToAbsolutePath($footprints_path);
|
|
|
|
$this->models_path = $this->parameterToAbsolutePath($models_path);
|
2019-10-19 17:13:13 +02:00
|
|
|
$this->secure_path = $this->parameterToAbsolutePath($secure_path);
|
2019-09-28 16:06:37 +02:00
|
|
|
|
|
|
|
//Here we define the valid placeholders and their replacement values
|
2019-10-19 17:13:13 +02:00
|
|
|
$this->placeholders = ['%MEDIA%', '%BASE%/data/media', '%FOOTPRINTS%', '%FOOTPRINTS_3D%', '%SECURE%'];
|
|
|
|
$this->pathes = [$this->media_path, $this->media_path, $this->footprints_path, $this->models_path, $this->secure_path];
|
2019-09-28 16:06:37 +02:00
|
|
|
|
|
|
|
//Remove all disabled placeholders
|
|
|
|
foreach ($this->pathes as $key => $path) {
|
2019-11-09 00:47:20 +01:00
|
|
|
if (null === $path) {
|
2019-09-28 16:06:37 +02:00
|
|
|
unset($this->placeholders[$key], $this->pathes[$key]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
//Create the regex arrays
|
|
|
|
$this->placeholders_regex = $this->arrayToRegexArray($this->placeholders);
|
|
|
|
$this->pathes_regex = $this->arrayToRegexArray($this->pathes);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Converts a path passed by parameter from services.yaml (which can be an absolute path or relative to project dir)
|
|
|
|
* to an absolute path. When a relative path is passed, the directory must exist or null is returned.
|
2019-11-09 00:47:20 +01:00
|
|
|
*
|
2019-09-28 16:06:37 +02:00
|
|
|
* @internal
|
2019-11-09 00:47:20 +01:00
|
|
|
*
|
2019-09-28 16:06:37 +02:00
|
|
|
* @param string|null $param_path The parameter value that should be converted to a absolute path
|
|
|
|
*/
|
2019-11-09 00:47:20 +01:00
|
|
|
public function parameterToAbsolutePath(?string $param_path): ?string
|
2019-09-28 16:06:37 +02:00
|
|
|
{
|
2019-11-09 00:47:20 +01:00
|
|
|
if (null === $param_path) {
|
2019-09-28 16:06:37 +02:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
$fs = new Filesystem();
|
|
|
|
//If current string is already an absolute path, then we have nothing to do
|
|
|
|
if ($fs->isAbsolutePath($param_path)) {
|
|
|
|
$tmp = realpath($param_path);
|
|
|
|
//Disable ressource if path is not existing
|
2019-11-09 00:47:20 +01:00
|
|
|
if (false === $tmp) {
|
2019-09-28 16:06:37 +02:00
|
|
|
return null;
|
|
|
|
}
|
2019-11-09 00:47:20 +01:00
|
|
|
|
2019-09-28 16:06:37 +02:00
|
|
|
return $tmp;
|
|
|
|
}
|
|
|
|
|
|
|
|
//Otherwise prepend the project path
|
2019-11-09 00:47:20 +01:00
|
|
|
$tmp = realpath($this->project_dir.\DIRECTORY_SEPARATOR.$param_path);
|
2019-09-28 16:06:37 +02:00
|
|
|
|
|
|
|
//If path does not exist then disable the placeholder
|
2019-11-09 00:47:20 +01:00
|
|
|
if (false === $tmp) {
|
2019-09-28 16:06:37 +02:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
//Otherwise return resolved path
|
|
|
|
return $tmp;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Create an array usable for preg_replace out of an array of placeholders or pathes.
|
|
|
|
* Slashes and other chars become escaped.
|
|
|
|
* For example: '%TEST%' becomes '/^%TEST%/'.
|
|
|
|
*/
|
2019-11-09 00:47:20 +01:00
|
|
|
protected function arrayToRegexArray(array $array): array
|
2019-09-28 16:06:37 +02:00
|
|
|
{
|
|
|
|
$ret = [];
|
|
|
|
|
|
|
|
foreach ($array as $item) {
|
|
|
|
$item = str_replace(['\\'], ['/'], $item);
|
2019-11-09 00:47:20 +01:00
|
|
|
$ret[] = '/'.preg_quote($item, '/').'/';
|
2019-09-28 16:06:37 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return $ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Converts an relative placeholder filepath (with %MEDIA% or older %BASE%) to an absolute filepath on disk.
|
2019-11-09 00:47:20 +01:00
|
|
|
* The directory separator is always /. Relative pathes are not realy possible (.. is striped).
|
|
|
|
*
|
2020-01-04 20:24:09 +01:00
|
|
|
* @param string $placeholder_path the filepath with placeholder for which the real path should be determined
|
2019-11-09 00:47:20 +01:00
|
|
|
*
|
2019-09-28 16:06:37 +02:00
|
|
|
* @return string|null The absolute real path of the file, or null if the placeholder path is invalid
|
|
|
|
*/
|
2019-11-09 00:47:20 +01:00
|
|
|
public function placeholderToRealPath(string $placeholder_path): ?string
|
2019-09-28 16:06:37 +02:00
|
|
|
{
|
|
|
|
//The new attachments use %MEDIA% as placeholders, which is the directory set in media_directory
|
|
|
|
//Older path entries are given via %BASE% which was the project root
|
|
|
|
|
|
|
|
$count = 0;
|
2019-11-09 00:47:20 +01:00
|
|
|
$placeholder_path = preg_replace($this->placeholders_regex, $this->pathes, $placeholder_path, -1, $count);
|
2019-09-28 16:06:37 +02:00
|
|
|
|
|
|
|
//A valid placeholder can have only one
|
2019-11-09 00:47:20 +01:00
|
|
|
if (1 !== $count) {
|
2019-09-28 16:06:37 +02:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
//If we have now have a placeholder left, the string is invalid:
|
|
|
|
if (preg_match('/%\w+%/', $placeholder_path)) {
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
//Path is invalid if path is directory traversal
|
2019-11-09 00:47:20 +01:00
|
|
|
if (false !== strpos($placeholder_path, '..')) {
|
2019-09-28 16:06:37 +02:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
//Normalize path and remove .. (to prevent directory traversal attack)
|
|
|
|
$placeholder_path = str_replace(['\\'], ['/'], $placeholder_path);
|
|
|
|
|
|
|
|
return $placeholder_path;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Converts an real absolute filepath to a placeholder version.
|
2019-11-09 00:47:20 +01:00
|
|
|
*
|
2020-01-04 20:24:09 +01:00
|
|
|
* @param string $real_path the absolute path, for which the placeholder version should be generated
|
2019-11-09 00:47:20 +01:00
|
|
|
* @param bool $old_version By default the %MEDIA% placeholder is used, which is directly replaced with the
|
|
|
|
* media directory. If set to true, the old version with %BASE% will be used, which is the project directory.
|
|
|
|
*
|
2019-09-28 16:06:37 +02:00
|
|
|
* @return string The placeholder version of the filepath
|
|
|
|
*/
|
2019-11-09 00:47:20 +01:00
|
|
|
public function realPathToPlaceholder(string $real_path, bool $old_version = false): ?string
|
2019-09-28 16:06:37 +02:00
|
|
|
{
|
|
|
|
$count = 0;
|
|
|
|
|
|
|
|
//Normalize path
|
|
|
|
$real_path = str_replace('\\', '/', $real_path);
|
|
|
|
|
|
|
|
if ($old_version) {
|
|
|
|
//We need to remove the %MEDIA% placeholder (element 0)
|
|
|
|
$pathes = $this->pathes_regex;
|
|
|
|
$placeholders = $this->placeholders;
|
|
|
|
unset($pathes[0], $placeholders[0]);
|
|
|
|
$real_path = preg_replace($pathes, $placeholders, $real_path, -1, $count);
|
|
|
|
} else {
|
|
|
|
$real_path = preg_replace($this->pathes_regex, $this->placeholders, $real_path, -1, $count);
|
|
|
|
}
|
|
|
|
|
2019-11-09 00:47:20 +01:00
|
|
|
if (1 !== $count) {
|
2019-09-28 16:06:37 +02:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
//If the new string does not begin with a placeholder, it is invalid
|
|
|
|
if (!preg_match('/^%\w+%/', $real_path)) {
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
return $real_path;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The path where uploaded attachments is stored.
|
2019-11-09 00:47:20 +01:00
|
|
|
*
|
2020-01-04 20:24:09 +01:00
|
|
|
* @return string the absolute path to the media folder
|
2019-09-28 16:06:37 +02:00
|
|
|
*/
|
2019-11-09 00:47:20 +01:00
|
|
|
public function getMediaPath(): string
|
2019-09-28 16:06:37 +02:00
|
|
|
{
|
|
|
|
return $this->media_path;
|
|
|
|
}
|
|
|
|
|
2019-10-19 17:13:13 +02:00
|
|
|
/**
|
|
|
|
* The path where secured attachments are stored. Must not be located in public/ folder, so it can only be accessed
|
|
|
|
* via the attachment controller.
|
2019-11-09 00:47:20 +01:00
|
|
|
*
|
2020-01-04 20:24:09 +01:00
|
|
|
* @return string the absolute path to the secure path
|
2019-10-19 17:13:13 +02:00
|
|
|
*/
|
2019-11-09 00:47:20 +01:00
|
|
|
public function getSecurePath(): string
|
2019-10-19 17:13:13 +02:00
|
|
|
{
|
|
|
|
return $this->secure_path;
|
|
|
|
}
|
|
|
|
|
2019-09-28 16:06:37 +02:00
|
|
|
/**
|
2019-11-09 00:47:20 +01:00
|
|
|
* The string where the builtin footprints are stored.
|
|
|
|
*
|
2019-09-28 16:06:37 +02:00
|
|
|
* @return string|null The absolute path to the footprints folder. Null if built footprints were disabled.
|
|
|
|
*/
|
2019-11-09 00:47:20 +01:00
|
|
|
public function getFootprintsPath(): ?string
|
2019-09-28 16:06:37 +02:00
|
|
|
{
|
|
|
|
return $this->footprints_path;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2019-11-09 00:47:20 +01:00
|
|
|
* The string where the builtin 3D models are stored.
|
|
|
|
*
|
2019-09-28 16:06:37 +02:00
|
|
|
* @return string|null The absolute path to the models folder. Null if builtin models were disabled.
|
|
|
|
*/
|
2019-11-09 00:47:20 +01:00
|
|
|
public function getModelsPath(): ?string
|
2019-09-28 16:06:37 +02:00
|
|
|
{
|
|
|
|
return $this->models_path;
|
|
|
|
}
|
2019-11-09 00:47:20 +01:00
|
|
|
}
|