From 02a1bcbfd30737b6c0fc26ff763fc5f887f28693 Mon Sep 17 00:00:00 2001 From: joan Date: Mon, 3 Apr 2023 08:54:15 +0200 Subject: [PATCH 1/3] fix(setPassword): proper access type Refs #5471 --- back/methods/account/change-password.js | 1 + back/methods/account/set-password.js | 1 + 2 files changed, 2 insertions(+) diff --git a/back/methods/account/change-password.js b/back/methods/account/change-password.js index c0956b1937..b8f9de3418 100644 --- a/back/methods/account/change-password.js +++ b/back/methods/account/change-password.js @@ -2,6 +2,7 @@ module.exports = Self => { Self.remoteMethod('changePassword', { description: 'Changes the user password', + accessType: 'WRITE', accepts: [ { arg: 'id', diff --git a/back/methods/account/set-password.js b/back/methods/account/set-password.js index ab4d3b3fe1..093935948b 100644 --- a/back/methods/account/set-password.js +++ b/back/methods/account/set-password.js @@ -1,6 +1,7 @@ module.exports = Self => { Self.remoteMethod('setPassword', { description: 'Sets the user password', + accessType: 'WRITE', accepts: [ { arg: 'id', From e8f0a49f0c2dd223a9e6672b324d2b362076d9e2 Mon Sep 17 00:00:00 2001 From: joan Date: Tue, 4 Apr 2023 13:51:44 +0200 Subject: [PATCH 2/3] fix(resetPassword): increased token TTL for password recovery Refs #5474 --- back/models/user.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/back/models/user.json b/back/models/user.json index 921362e0ed..d992fd9db5 100644 --- a/back/models/user.json +++ b/back/models/user.json @@ -4,7 +4,8 @@ "options": { "mysql": { "table": "salix.User" - } + }, + "resetPasswordTokenTTL": "604800" }, "properties": { "id": { From c126c6044acb635a1373305ea1a4fc901d023f9b Mon Sep 17 00:00:00 2001 From: joan Date: Tue, 4 Apr 2023 13:55:44 +0200 Subject: [PATCH 3/3] Updated format --- .../back/methods/item-image-queue/download.js | 22 ++-- .../item-image-queue/downloadImages.js | 105 ------------------ 2 files changed, 11 insertions(+), 116 deletions(-) delete mode 100644 modules/item/back/methods/item-image-queue/downloadImages.js diff --git a/modules/item/back/methods/item-image-queue/download.js b/modules/item/back/methods/item-image-queue/download.js index cdc0fe0494..5f1b460fcd 100644 --- a/modules/item/back/methods/item-image-queue/download.js +++ b/modules/item/back/methods/item-image-queue/download.js @@ -1,7 +1,7 @@ const axios = require('axios'); const uuid = require('uuid'); const fs = require('fs/promises'); -const { createWriteStream } = require('fs'); +const {createWriteStream} = require('fs'); const path = require('path'); const gm = require('gm'); @@ -15,7 +15,7 @@ module.exports = Self => { }, }); - Self.download = async () => { + Self.download = async() => { const models = Self.app.models; const tempContainer = await models.TempContainer.container( 'salix-image' @@ -32,13 +32,13 @@ module.exports = Self => { let tempFilePath; let queueRow; try { - const myOptions = { transaction: tx }; + const myOptions = {transaction: tx}; queueRow = await Self.findOne( { fields: ['id', 'itemFk', 'url', 'attempts'], where: { - url: { neq: null }, + url: {neq: null}, attempts: { lt: maxAttempts, }, @@ -59,7 +59,7 @@ module.exports = Self => { 'model', 'property', ], - where: { name: collectionName }, + where: {name: collectionName}, include: { relation: 'sizes', scope: { @@ -116,16 +116,16 @@ module.exports = Self => { const collectionDir = path.join(rootPath, collectionName); // To max size - const { maxWidth, maxHeight } = collection; + const {maxWidth, maxHeight} = collection; const fullSizePath = path.join(collectionDir, 'full'); const toFullSizePath = `${fullSizePath}/${fileName}`; - await fs.mkdir(fullSizePath, { recursive: true }); + await fs.mkdir(fullSizePath, {recursive: true}); await new Promise((resolve, reject) => { gm(tempFilePath) .resize(maxWidth, maxHeight, '>') .setFormat('png') - .write(toFullSizePath, function (err) { + .write(toFullSizePath, function(err) { if (err) reject(err); if (!err) resolve(); }); @@ -133,12 +133,12 @@ module.exports = Self => { // To collection sizes for (const size of collection.sizes()) { - const { width, height } = size; + const {width, height} = size; const sizePath = path.join(collectionDir, `${width}x${height}`); const toSizePath = `${sizePath}/${fileName}`; - await fs.mkdir(sizePath, { recursive: true }); + await fs.mkdir(sizePath, {recursive: true}); await new Promise((resolve, reject) => { const gmInstance = gm(tempFilePath); @@ -153,7 +153,7 @@ module.exports = Self => { gmInstance .setFormat('png') - .write(toSizePath, function (err) { + .write(toSizePath, function(err) { if (err) reject(err); if (!err) resolve(); }); diff --git a/modules/item/back/methods/item-image-queue/downloadImages.js b/modules/item/back/methods/item-image-queue/downloadImages.js deleted file mode 100644 index 7f53df95a7..0000000000 --- a/modules/item/back/methods/item-image-queue/downloadImages.js +++ /dev/null @@ -1,105 +0,0 @@ -const https = require('https'); -const fs = require('fs-extra'); -const path = require('path'); -const uuid = require('uuid'); - -module.exports = Self => { - Self.remoteMethod('downloadImages', { - description: 'Returns last entries', - accessType: 'WRITE', - returns: { - type: ['Object'], - root: true - }, - http: { - path: `/downloadImages`, - verb: 'POST' - } - }); - - Self.downloadImages = async() => { - const models = Self.app.models; - const container = await models.TempContainer.container('salix-image'); - const tempPath = path.join(container.client.root, container.name); - const maxAttempts = 3; - - const images = await Self.find({ - where: {attempts: {eq: maxAttempts}} - }); - - for (let image of images) { - const currentStamp = Date.vnNew().getTime(); - const updatedStamp = image.updated.getTime(); - const graceTime = Math.abs(currentStamp - updatedStamp); - const maxTTL = 3600 * 48 * 1000; // 48 hours in ms; - - if (graceTime >= maxTTL) - await Self.destroyById(image.itemFk); - } - - download(); - - async function download() { - const image = await Self.findOne({ - where: {url: {neq: null}, attempts: {lt: maxAttempts}}, - order: 'priority, attempts, updated' - }); - - if (!image) return; - - const fileName = `${uuid.v4()}.png`; - const filePath = path.join(tempPath, fileName); - const imageUrl = image.url.replace('http://', 'https://'); - - https.get(imageUrl, async response => { - if (response.statusCode != 200) { - const error = new Error(`Could not download the image. Status code ${response.statusCode}`); - - return await errorHandler(image.itemFk, error, filePath); - } - - const writeStream = fs.createWriteStream(filePath); - writeStream.on('open', () => response.pipe(writeStream)); - writeStream.on('error', async error => - await errorHandler(image.itemFk, error, filePath)); - writeStream.on('finish', () => writeStream.end()); - - writeStream.on('close', async function() { - try { - await models.Image.registerImage('catalog', filePath, fileName, image.itemFk); - await image.destroy(); - - download(); - } catch (error) { - await errorHandler(image.itemFk, error, filePath); - } - }); - }).on('error', async error => { - await errorHandler(image.itemFk, error, filePath); - }); - } - - async function errorHandler(rowId, error, filePath) { - try { - const row = await Self.findById(rowId); - - if (!row) return; - - if (row.attempts < maxAttempts) { - await row.updateAttributes({ - error: error, - attempts: row.attempts + 1, - updated: Date.vnNew() - }); - } - - if (filePath && fs.existsSync(filePath)) - await fs.unlink(filePath); - - download(); - } catch (err) { - throw new Error(`Image download failed: ${err}`); - } - } - }; -};