From a603946868597b9dd176f2fb5f96e6288e85f3b1 Mon Sep 17 00:00:00 2001 From: Armored Dragon Date: Fri, 12 Jul 2024 13:46:48 -0500 Subject: [PATCH] Limit uploaded media resolution size for profile pictures. Signed-off-by: Armored Dragon --- backend/core/core.js | 6 ++++-- backend/core/internal_api.js | 5 ++++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/backend/core/core.js b/backend/core/core.js index 01d48a6..ddbf3c4 100644 --- a/backend/core/core.js +++ b/backend/core/core.js @@ -19,6 +19,8 @@ const md = require("markdown-it")() }), }); +/* global Buffer */ + let settings = { SETUP_COMPLETE: false, ACCOUNT_REGISTRATION: false, @@ -393,10 +395,10 @@ async function updateBiography({ requester_id, author_id, biography_content }) { return _r(true); } -async function uploadMedia({ parent_id, parent_type, file_buffer, content_type }) { +async function uploadMedia({ parent_id, parent_type, file_buffer, content_type }, { resolution_override }) { if (!use_s3_storage) return null; const content_name = crypto.randomUUID(); - let maximum_image_resolution = { width: 1920, height: 1080 }; + let maximum_image_resolution = resolution_override || { width: 1920, height: 1080 }; // Images const compressed_image = await sharp(Buffer.from(file_buffer.split(",")[1], "base64"), { animated: true }) diff --git a/backend/core/internal_api.js b/backend/core/internal_api.js index 272365e..0d00b0c 100644 --- a/backend/core/internal_api.js +++ b/backend/core/internal_api.js @@ -47,7 +47,10 @@ async function postImage(request, response) { // TODO: Permissions for uploading images // TODO: Verification for image uploading // FIXME: Naming - return response.json(await core.uploadMedia({ parent_id: request.body.post_id || request.body.parent_id, parent_type: request.body.parent_type, file_buffer: request.body.buffer, content_type: request.body.content_type })); + let resolution_override; + if (request.body.parent_type === "user") resolution_override = { width: 500, height: 500 }; + + return response.json(await core.uploadMedia({ parent_id: request.body.post_id || request.body.parent_id, parent_type: request.body.parent_type, file_buffer: request.body.buffer, content_type: request.body.content_type }, { resolution_override: resolution_override })); } async function deleteImage(req, res) { // TODO: Permissions for deleting image