mirror of
https://git.asonix.dog/asonix/pict-rs
synced 2024-12-22 19:31:35 +00:00
Magick on tmp files, allow tmp files in policy
This commit is contained in:
parent
4703cc0098
commit
98ec2c5a90
5 changed files with 10 additions and 25 deletions
2
Cargo.lock
generated
2
Cargo.lock
generated
|
@ -995,7 +995,7 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "pict-rs"
|
name = "pict-rs"
|
||||||
version = "0.3.0-alpha.15"
|
version = "0.3.0-alpha.16"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"actix-form-data",
|
"actix-form-data",
|
||||||
"actix-fs",
|
"actix-fs",
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
[package]
|
[package]
|
||||||
name = "pict-rs"
|
name = "pict-rs"
|
||||||
description = "A simple image hosting service"
|
description = "A simple image hosting service"
|
||||||
version = "0.3.0-alpha.15"
|
version = "0.3.0-alpha.16"
|
||||||
authors = ["asonix <asonix@asonix.dog>"]
|
authors = ["asonix <asonix@asonix.dog>"]
|
||||||
license = "AGPL-3.0"
|
license = "AGPL-3.0"
|
||||||
readme = "README.md"
|
readme = "README.md"
|
||||||
|
|
|
@ -1,20 +0,0 @@
|
||||||
<policymap>
|
|
||||||
<policy domain="resource" name="memory" value="256MiB" />
|
|
||||||
<policy domain="resource" name="list-length" value="32" />
|
|
||||||
<policy domain="resource" name="width" value="10KP" />
|
|
||||||
<policy domain="resource" name="height" value="10KP" />
|
|
||||||
<policy domain="resource" name="map" value="512MiB" />
|
|
||||||
<policy domain="resource" name="area" value="16KP" />
|
|
||||||
<policy domain="resource" name="disk" value="1GiB" />
|
|
||||||
<policy domain="resource" name="file" value="768" />
|
|
||||||
<policy domain="resource" name="thread" value="2" />
|
|
||||||
<policy domain="coder" rights="none" pattern="*" />
|
|
||||||
<policy domain="coder" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP}" />
|
|
||||||
<policy domain="filter" rights="none" pattern="*" />
|
|
||||||
<policy domain="path" rights="none" pattern="@*" />
|
|
||||||
<policy domain="delegate" rights="none" pattern="*" />
|
|
||||||
<policy domain="module" rights="none" pattern="*" />
|
|
||||||
<policy domain="module" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP}" />
|
|
||||||
<!-- indirect reads not permitted -->
|
|
||||||
<policy domain="system" name="precision" value="6" />
|
|
||||||
</policymap>
|
|
|
@ -9,12 +9,12 @@
|
||||||
<policy domain="resource" name="file" value="768" />
|
<policy domain="resource" name="file" value="768" />
|
||||||
<policy domain="resource" name="thread" value="2" />
|
<policy domain="resource" name="thread" value="2" />
|
||||||
<policy domain="coder" rights="none" pattern="*" />
|
<policy domain="coder" rights="none" pattern="*" />
|
||||||
<policy domain="coder" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP}" />
|
<policy domain="coder" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP,MP4,TMP}" />
|
||||||
<policy domain="filter" rights="none" pattern="*" />
|
<policy domain="filter" rights="none" pattern="*" />
|
||||||
<policy domain="path" rights="none" pattern="@*" />
|
<policy domain="path" rights="none" pattern="@*" />
|
||||||
<policy domain="delegate" rights="none" pattern="*" />
|
<policy domain="delegate" rights="none" pattern="*" />
|
||||||
<policy domain="module" rights="none" pattern="*" />
|
<policy domain="module" rights="none" pattern="*" />
|
||||||
<policy domain="module" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP}" />
|
<policy domain="module" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP,MP4,TMP}" />
|
||||||
<!-- indirect reads not permitted -->
|
<!-- indirect reads not permitted -->
|
||||||
<policy domain="system" name="precision" value="6" />
|
<policy domain="system" name="precision" value="6" />
|
||||||
</policymap>
|
</policymap>
|
||||||
|
|
|
@ -400,7 +400,12 @@ async fn process(
|
||||||
safe_create_parent(&thumbnail_path).await?;
|
safe_create_parent(&thumbnail_path).await?;
|
||||||
|
|
||||||
// apply chain to the provided image
|
// apply chain to the provided image
|
||||||
magick::process_image(&original_path, &thumbnail_path, thumbnail_args, format).await?;
|
let dest_file = tmp_file();
|
||||||
|
let orig_file = tmp_file();
|
||||||
|
actix_fs::copy(original_path, orig_file.clone()).await?;
|
||||||
|
magick::process_image(&orig_file, &dest_file, thumbnail_args, format).await?;
|
||||||
|
actix_fs::remove_file(orig_file).await?;
|
||||||
|
actix_fs::rename(dest_file, thumbnail_path.clone()).await?;
|
||||||
|
|
||||||
let details = if let Some(details) = details {
|
let details = if let Some(details) = details {
|
||||||
details
|
details
|
||||||
|
|
Loading…
Reference in a new issue