mirror of
https://github.com/go-gitea/gitea.git
synced 2025-10-31 07:21:36 +01:00
cda44750cb
* Attachments: Add extension support, allow all types for releases - Add support for file extensions, matching the `accept` attribute of `<input type="file">` - Add support for type wildcard mime types, e.g. `image/*` - Create repository.release.ALLOWED_TYPES setting (default unrestricted) - Change default for attachment.ALLOWED_TYPES to a list of extensions - Split out POST /attachments into two endpoints for issue/pr and releases to prevent circumvention of allowed types check Fixes: https://github.com/go-gitea/gitea/pull/10172 Fixes: https://github.com/go-gitea/gitea/issues/7266 Fixes: https://github.com/go-gitea/gitea/pull/12460 Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers * rename function * extract GET routes out of RepoMustNotBeArchived Co-authored-by: Lauris BH <lauris@nix.lv>
72 lines
2.4 KiB
Go
72 lines
2.4 KiB
Go
// Copyright 2020 The Gitea Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package setting
|
|
|
|
import (
|
|
"path/filepath"
|
|
|
|
"code.gitea.io/gitea/modules/log"
|
|
)
|
|
|
|
var (
|
|
// Attachment settings
|
|
Attachment = struct {
|
|
Storage
|
|
AllowedTypes string
|
|
MaxSize int64
|
|
MaxFiles int
|
|
Enabled bool
|
|
}{
|
|
Storage: Storage{
|
|
Type: LocalStorageType,
|
|
ServeDirect: false,
|
|
},
|
|
AllowedTypes: "image/jpeg,image/png,application/zip,application/gzip",
|
|
MaxSize: 4,
|
|
MaxFiles: 5,
|
|
Enabled: true,
|
|
}
|
|
)
|
|
|
|
func newAttachmentService() {
|
|
sec := Cfg.Section("attachment")
|
|
Attachment.Storage.Type = sec.Key("STORAGE_TYPE").MustString("")
|
|
if Attachment.Storage.Type == "" {
|
|
Attachment.Storage.Type = "default"
|
|
}
|
|
|
|
if Attachment.Storage.Type != LocalStorageType && Attachment.Storage.Type != MinioStorageType {
|
|
storage, ok := storages[Attachment.Storage.Type]
|
|
if !ok {
|
|
log.Fatal("Failed to get attachment storage type: %s", Attachment.Storage.Type)
|
|
}
|
|
Attachment.Storage = storage
|
|
}
|
|
|
|
// Override
|
|
Attachment.ServeDirect = sec.Key("SERVE_DIRECT").MustBool(Attachment.ServeDirect)
|
|
|
|
switch Attachment.Storage.Type {
|
|
case LocalStorageType:
|
|
Attachment.Path = sec.Key("PATH").MustString(filepath.Join(AppDataPath, "attachments"))
|
|
if !filepath.IsAbs(Attachment.Path) {
|
|
Attachment.Path = filepath.Join(AppWorkPath, Attachment.Path)
|
|
}
|
|
case MinioStorageType:
|
|
Attachment.Minio.Endpoint = sec.Key("MINIO_ENDPOINT").MustString(Attachment.Minio.Endpoint)
|
|
Attachment.Minio.AccessKeyID = sec.Key("MINIO_ACCESS_KEY_ID").MustString(Attachment.Minio.AccessKeyID)
|
|
Attachment.Minio.SecretAccessKey = sec.Key("MINIO_SECRET_ACCESS_KEY").MustString(Attachment.Minio.SecretAccessKey)
|
|
Attachment.Minio.Bucket = sec.Key("MINIO_BUCKET").MustString(Attachment.Minio.Bucket)
|
|
Attachment.Minio.Location = sec.Key("MINIO_LOCATION").MustString(Attachment.Minio.Location)
|
|
Attachment.Minio.UseSSL = sec.Key("MINIO_USE_SSL").MustBool(Attachment.Minio.UseSSL)
|
|
Attachment.Minio.BasePath = sec.Key("MINIO_BASE_PATH").MustString("attachments/")
|
|
}
|
|
|
|
Attachment.AllowedTypes = sec.Key("ALLOWED_TYPES").MustString(".docx,.gif,.gz,.jpeg,.jpg,.log,.pdf,.png,.pptx,.txt,.xlsx,.zip")
|
|
Attachment.MaxSize = sec.Key("MAX_SIZE").MustInt64(4)
|
|
Attachment.MaxFiles = sec.Key("MAX_FILES").MustInt(5)
|
|
Attachment.Enabled = sec.Key("ENABLED").MustBool(true)
|
|
}
|