Skip to content

Fix image serving in direct editing #2059

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
julien-nc merged 1 commit into from
Jan 10, 2022
Merged

Fix image serving in direct editing #2059

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions js/editor.js
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion js/editor.js.map
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions js/text-files.js
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion js/text-files.js.map
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions js/text-public.js
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion js/text-public.js.map
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions js/text-text.js
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion js/text-text.js.map
View file
Open in desktop

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions js/text-viewer.js
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion js/text-viewer.js.map
View file
Open in desktop

Large diffs are not rendered by default.

34 changes: 19 additions & 15 deletions lib/Controller/ImageController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,10 +52,6 @@ class ImageController extends Controller {
'image/webp',
];

/**
* @var string|null
*/
private $userId;
/**
* @var ImageService
*/
Expand Down Expand Up @@ -83,10 +79,8 @@ public function __construct(string $appName,
LoggerInterface $logger,
IMimeTypeDetector $mimeTypeDetector,
ImageService $imageService,
SessionService $sessionService,
?string $userId) {
SessionService $sessionService) {
parent::__construct($appName, $request);
$this->userId = $userId;
$this->imageService = $imageService;
$this->request = $request;
$this->logger = $logger;
Expand All @@ -109,8 +103,7 @@ public function insertImageFile(int $documentId, int $sessionId, string $session
if (!$this->sessionService->isValidSession($documentId, $sessionId, $sessionToken)) {
return new DataResponse([], Http::STATUS_FORBIDDEN);
}
$session = $this->sessionService->getSession($documentId, $sessionId, $sessionToken);
$userId = $session->getUserId();
$userId = $this->getUserIdFromSession($documentId, $sessionId, $sessionToken);

try {
$insertResult = $this->imageService->insertImageFile($documentId, $imagePath, $userId);
Expand Down Expand Up @@ -141,8 +134,7 @@ public function insertImageLink(string $link, int $documentId, int $sessionId, s
if ($shareToken) {
$downloadResult = $this->imageService->insertImageLinkPublic($documentId, $link, $shareToken);
} else {
$session = $this->sessionService->getSession($documentId, $sessionId, $sessionToken);
$userId = $session->getUserId();
$userId = $this->getUserIdFromSession($documentId, $sessionId, $sessionToken);
$downloadResult = $this->imageService->insertImageLink($documentId, $link, $userId);
}
return new DataResponse($downloadResult);
Expand Down Expand Up @@ -173,7 +165,6 @@ public function uploadImage(int $documentId, int $sessionId, string $sessionToke
if (!in_array($file['type'], self::IMAGE_MIME_TYPES, true)) {
return new DataResponse(['error' => 'Image type not supported'], Http::STATUS_BAD_REQUEST);
}
$newFileContent = file_get_contents($file['tmp_name']);
$newFileResource = fopen($file['tmp_name'], 'rb');
if ($newFileResource === false) {
throw new Exception('Could not read file');
Expand All @@ -182,8 +173,7 @@ public function uploadImage(int $documentId, int $sessionId, string $sessionToke
if ($shareToken) {
$uploadResult = $this->imageService->uploadImagePublic($documentId, $newFileName, $newFileResource, $shareToken);
} else {
$session = $this->sessionService->getSession($documentId, $sessionId, $sessionToken);
$userId = $session->getUserId();
$userId = $this->getUserIdFromSession($documentId, $sessionId, $sessionToken);
$uploadResult = $this->imageService->uploadImage($documentId, $newFileName, $newFileResource, $userId);
}
return new DataResponse($uploadResult);
Expand Down Expand Up @@ -246,7 +236,8 @@ public function getImage(int $documentId, int $sessionId, string $sessionToken,
if ($shareToken) {
$imageFile = $this->imageService->getImagePublic($documentId, $imageFileName, $shareToken);
} else {
$imageFile = $this->imageService->getImage($documentId, $imageFileName, $this->userId);
$userId = $this->getUserIdFromSession($documentId, $sessionId, $sessionToken);
$imageFile = $this->imageService->getImage($documentId, $imageFileName, $userId);
Copy link
Member

@mejo- mejo- Jan 9, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mh, $userId seems to be needed in each public function of the controller. It gets injected into the constructor by DI, but in all functions but this one (getImage()), it's fetched again using $session->getUiserId(). So does this mean that $userId as injected by DI is not reliable? Then probably $this->userId should be removed from the class altogether?

Maybe a function like the following could work?

private function getUserId(int $documentId, int $sessionId, string $sessionToken): string {
        if ($this->userId === null) {
                $this->userId = $this->sessionService->getSession($documentId, $sessionId, $sessionToken)->getUserId();
        }

        return $this->userId;
}

Copy link
Member Author

@julien-nc julien-nc Jan 9, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's the same in all methods of ImageController. Whether the user is authenticated or not, we always choose to rely on the edition session rather than the "classic" authentication. This way it works with the mobile clients which are making unauthenticated requests but our UI passes the edition session ID and token.

This was suggested by @juliushaertl in #1900 (comment)

The unused $userId attribute has been removed.

Copy link
Member

@mejo- mejo- Jan 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me now 😊 You could still move the logic to get $userId into a dedicated private function to lower code-duplication, but that's really just nitpicking 😉

}
return $imageFile !== null
? new DataDisplayResponse(
Expand All @@ -260,4 +251,17 @@ public function getImage(int $documentId, int $sessionId, string $sessionToken,
return new DataDisplayResponse('', Http::STATUS_NOT_FOUND);
}
}

/**
* Extract the user ID from the edition session
*
* @param int $documentId
* @param int $sessionId
* @param string $sessionToken
* @return string
*/
private function getUserIdFromSession(int $documentId, int $sessionId, string $sessionToken): string {
$session = $this->sessionService->getSession($documentId, $sessionId, $sessionToken);
return $session->getUserId();
}
}
2 changes: 1 addition & 1 deletion src/nodes/ImageView.vue
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@ export default {
const sessionId = this.currentSession?.id
const sessionToken = this.currentSession?.token
const imageFileName = getQueryVariable(this.src, 'imageFileName')
if (getCurrentUser()) {
if (getCurrentUser() || !this.token) {
return generateUrl('/apps/text/image?documentId={documentId}&sessionId={sessionId}&sessionToken={sessionToken}&imageFileName={imageFileName}',
{
documentId,
Expand Down