open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #47211 from nextcloud/fix/core/limit-valid-avatar-sizes

Browse Source
pull/46618/merge
John Molakvoæ 3 months ago committed by GitHub
parent 4585c71a5e e77d6c913d
commit 2c7f5dce7a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 52 additions and 17 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      core/Controller/AvatarController.php
  2. 9
      core/Controller/GuestAvatarController.php
  3. 26
      core/openapi-full.json
  4. 26
      core/openapi.json

8
core/Controller/AvatarController.php
Unescape View File

@ -55,7 +55,7 @@ class AvatarController extends Controller {
* Get the dark avatar
*
* @param string $userId ID of the user
* @param int $size Size of the avatar
* @param 64|512 $size Size of the avatar
* @param bool $guestFallback Fallback to guest avatar if not found
* @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|JSONResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>
*
@ -89,7 +89,7 @@ class AvatarController extends Controller {
);
} catch (\Exception $e) {
if ($guestFallback) {
return $this->guestAvatarController->getAvatarDark($userId, (string)$size);
return $this->guestAvatarController->getAvatarDark($userId, $size);
}
return new JSONResponse([], Http::STATUS_NOT_FOUND);
}
@ -106,7 +106,7 @@ class AvatarController extends Controller {
* Get the avatar
*
* @param string $userId ID of the user
* @param int $size Size of the avatar
* @param 64|512 $size Size of the avatar
* @param bool $guestFallback Fallback to guest avatar if not found
* @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|JSONResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>
*
@ -140,7 +140,7 @@ class AvatarController extends Controller {
);
} catch (\Exception $e) {
if ($guestFallback) {
return $this->guestAvatarController->getAvatar($userId, (string)$size);
return $this->guestAvatarController->getAvatar($userId, $size);
}
return new JSONResponse([], Http::STATUS_NOT_FOUND);
}

9
core/Controller/GuestAvatarController.php
Unescape View File

@ -36,7 +36,7 @@ class GuestAvatarController extends Controller {
* Returns a guest avatar image response
*
* @param string $guestName The guest name, e.g. "Albert"
* @param string $size The desired avatar size, e.g. 64 for 64x64px
* @param 64|512 $size The desired avatar size, e.g. 64 for 64x64px
* @param bool|null $darkTheme Return dark avatar
* @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>
*
@ -46,8 +46,7 @@ class GuestAvatarController extends Controller {
#[PublicPage]
#[NoCSRFRequired]
#[FrontpageRoute(verb: 'GET', url: '/avatar/guest/{guestName}/{size}')]
public function getAvatar(string $guestName, string $size, ?bool $darkTheme = false) {
$size = (int) $size;
public function getAvatar(string $guestName, int $size, ?bool $darkTheme = false) {
$darkTheme = $darkTheme ?? false;
if ($size <= 64) {
@ -89,7 +88,7 @@ class GuestAvatarController extends Controller {
* Returns a dark guest avatar image response
*
* @param string $guestName The guest name, e.g. "Albert"
* @param string $size The desired avatar size, e.g. 64 for 64x64px
* @param 64|512 $size The desired avatar size, e.g. 64 for 64x64px
* @return FileDisplayResponse<Http::STATUS_OK|Http::STATUS_CREATED, array{Content-Type: string, X-NC-IsCustomAvatar: int}>|Response<Http::STATUS_INTERNAL_SERVER_ERROR, array{}>
*
* 200: Custom avatar returned
@ -98,7 +97,7 @@ class GuestAvatarController extends Controller {
#[PublicPage]
#[NoCSRFRequired]
#[FrontpageRoute(verb: 'GET', url: '/avatar/guest/{guestName}/{size}/dark')]
public function getAvatarDark(string $guestName, string $size) {
public function getAvatarDark(string $guestName, int $size) {
return $this->getAvatar($guestName, $size, true);
}
}

26
core/openapi-full.json
Unescape View File

@ -7567,7 +7567,11 @@
"required": true,
"schema": {
"type": "integer",
"format": "int64"
"format": "int64",
"enum": [
64,
512
]
}
}
],
@ -7674,7 +7678,11 @@
"required": true,
"schema": {
"type": "integer",
"format": "int64"
"format": "int64",
"enum": [
64,
512
]
}
}
],
@ -7914,7 +7922,12 @@
"description": "The desired avatar size, e.g. 64 for 64x64px",
"required": true,
"schema": {
"type": "string"
"type": "integer",
"format": "int64",
"enum": [
64,
512
]
}
}
],
@ -7995,7 +8008,12 @@
"description": "The desired avatar size, e.g. 64 for 64x64px",
"required": true,
"schema": {
"type": "string"
"type": "integer",
"format": "int64",
"enum": [
64,
512
]
}
}
],

26
core/openapi.json
Unescape View File

@ -7567,7 +7567,11 @@
"required": true,
"schema": {
"type": "integer",
"format": "int64"
"format": "int64",
"enum": [
64,
512
]
}
}
],
@ -7674,7 +7678,11 @@
"required": true,
"schema": {
"type": "integer",
"format": "int64"
"format": "int64",
"enum": [
64,
512
]
}
}
],
@ -7914,7 +7922,12 @@
"description": "The desired avatar size, e.g. 64 for 64x64px",
"required": true,
"schema": {
"type": "string"
"type": "integer",
"format": "int64",
"enum": [
64,
512
]
}
}
],
@ -7995,7 +8008,12 @@
"description": "The desired avatar size, e.g. 64 for 64x64px",
"required": true,
"schema": {
"type": "string"
"type": "integer",
"format": "int64",
"enum": [
64,
512
]
}
}
],

Write Preview
Loading…
Cancel
Save