From 2a3398181104e8cfa1aed84badd2fdf64428ec2b Mon Sep 17 00:00:00 2001 From: tamaina Date: Sun, 31 Dec 2023 09:45:35 +0900 Subject: chore: use summaly, browser-image-resizer, and sharp-read-bmp on registry.npmjs.org instead of git (#12856) * chore: use @misskey-dev/summaly on registry.npmjs.org instead of git * fix backend dependency * fic backend dependency * @misskey-dev/sharp-read-bmp * fix * use @misskey-dev/browser-image-resizer --- packages/backend/src/core/DriveService.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'packages/backend/src/core/DriveService.ts') diff --git a/packages/backend/src/core/DriveService.ts b/packages/backend/src/core/DriveService.ts index 484f4fc52e..04f0e38e6f 100644 --- a/packages/backend/src/core/DriveService.ts +++ b/packages/backend/src/core/DriveService.ts @@ -7,7 +7,7 @@ import { randomUUID } from 'node:crypto'; import * as fs from 'node:fs'; import { Inject, Injectable } from '@nestjs/common'; import sharp from 'sharp'; -import { sharpBmp } from 'sharp-read-bmp'; +import { sharpBmp } from '@misskey-dev/sharp-read-bmp'; import { IsNull } from 'typeorm'; import { DeleteObjectCommandInput, PutObjectCommandInput, NoSuchKey } from '@aws-sdk/client-s3'; import { DI } from '@/di-symbols.js'; -- cgit v1.2.3-freya From 618e2ba1d22f57efca25e5a4b2c1f0bea0e5ea21 Mon Sep 17 00:00:00 2001 From: zyoshoka <107108195+zyoshoka@users.noreply.github.com> Date: Mon, 8 Jan 2024 17:40:37 +0900 Subject: fix(backend): `drive/files/update`におけるファイル名のバリデーションが機能していない問題を修正 (#12923) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(backend): `drive/files/update`におけるファイル名のバリデーションが機能していない問題を修正 * Update CHANGELOG.md * refactor: `!== undefined` -> `!= null` * add test --- CHANGELOG.md | 1 + packages/backend/src/core/DriveService.ts | 2 +- packages/backend/test/e2e/endpoints.ts | 12 ++++++++++++ 3 files changed, 14 insertions(+), 1 deletion(-) (limited to 'packages/backend/src/core/DriveService.ts') diff --git a/CHANGELOG.md b/CHANGELOG.md index 474fcad674..7adeebb479 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -29,6 +29,7 @@ - Enhance: 連合先のレートリミットに引っかかった際にリトライするようになりました - Enhance: ActivityPub Deliver queueでBodyを事前処理するように (#12916) - Enhance: クリップをエクスポートできるように +- Fix: `drive/files/update`でファイル名のバリデーションが機能していない問題を修正 ## 2023.12.2 diff --git a/packages/backend/src/core/DriveService.ts b/packages/backend/src/core/DriveService.ts index 04f0e38e6f..075bc9d7f7 100644 --- a/packages/backend/src/core/DriveService.ts +++ b/packages/backend/src/core/DriveService.ts @@ -655,7 +655,7 @@ export class DriveService { public async updateFile(file: MiDriveFile, values: Partial, updater: MiUser) { const alwaysMarkNsfw = (await this.roleService.getUserPolicies(file.userId)).alwaysMarkNsfw; - if (values.name && !this.driveFileEntityService.validateFileName(file.name)) { + if (values.name != null && !this.driveFileEntityService.validateFileName(values.name)) { throw new DriveService.InvalidFileNameError(); } diff --git a/packages/backend/test/e2e/endpoints.ts b/packages/backend/test/e2e/endpoints.ts index bfd0b0272d..d75549c816 100644 --- a/packages/backend/test/e2e/endpoints.ts +++ b/packages/backend/test/e2e/endpoints.ts @@ -710,6 +710,18 @@ describe('Endpoints', () => { assert.strictEqual(res.status, 400); }); + test('不正なファイル名で怒られる', async () => { + const file = (await uploadFile(alice)).body; + const newName = ''; + + const res = await api('/drive/files/update', { + fileId: file.id, + name: newName, + }, alice); + + assert.strictEqual(res.status, 400); + }); + test('間違ったIDで怒られる', async () => { const res = await api('/drive/files/update', { fileId: 'kyoppie', -- cgit v1.2.3-freya