From a75dd2e16e155269d6897f7aad15ca0e8ed48dc5 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Mon, 18 Nov 2024 13:14:45 +0100 Subject: [PATCH] Fix thumbnails status code Return 403 instead of 500 when the image is too large (in dimensions or file size). Fixes: #10589 --- .../unreleased/fix-thumbnails-statuscode.md | 9 +++++++ .../thumbnails/pkg/service/grpc/v0/service.go | 24 ++++++++++++------- 2 files changed, 25 insertions(+), 8 deletions(-) create mode 100644 changelog/unreleased/fix-thumbnails-statuscode.md diff --git a/changelog/unreleased/fix-thumbnails-statuscode.md b/changelog/unreleased/fix-thumbnails-statuscode.md new file mode 100644 index 00000000000..8b0244fd9bf --- /dev/null +++ b/changelog/unreleased/fix-thumbnails-statuscode.md @@ -0,0 +1,9 @@ +Bugfix: Fix status code for thumbnail requests + +We fixed the status code returned by the thumbnails service when the image +source for a thumbnail exceeds the configured maximum dimensions or file size. +The service now returns a 403 Forbidden status code instead of a 500 Internal +Server Error status code. + +https://github.com/owncloud/ocis/pull/10592 +https://github.com/owncloud/ocis/issues/10589 diff --git a/services/thumbnails/pkg/service/grpc/v0/service.go b/services/thumbnails/pkg/service/grpc/v0/service.go index e3be606335e..d2909c16152 100644 --- a/services/thumbnails/pkg/service/grpc/v0/service.go +++ b/services/thumbnails/pkg/service/grpc/v0/service.go @@ -22,6 +22,7 @@ import ( "github.com/owncloud/ocis/v2/ocis-pkg/log" thumbnailssvc "github.com/owncloud/ocis/v2/protogen/gen/ocis/services/thumbnails/v0" + terrors "github.com/owncloud/ocis/v2/services/thumbnails/pkg/errors" "github.com/owncloud/ocis/v2/services/thumbnails/pkg/preprocessor" "github.com/owncloud/ocis/v2/services/thumbnails/pkg/service/grpc/v0/decorators" tjwt "github.com/owncloud/ocis/v2/services/thumbnails/pkg/service/jwt" @@ -155,9 +156,13 @@ func (g Thumbnail) handleCS3Source(ctx context.Context, req *thumbnailssvc.GetTh ctx = imgsource.ContextSetAuthorization(ctx, src.GetAuthorization()) r, err := g.cs3Source.Get(ctx, src.GetPath()) - if err != nil { + switch { + case errors.Is(err, terrors.ErrImageTooLarge): + return "", merrors.Forbidden(g.serviceID, err.Error()) + case err != nil: return "", merrors.InternalServerError(g.serviceID, "could not get image from source: %s", err.Error()) } + defer r.Close() ppOpts := map[string]interface{}{ "fontFileMap": g.preprocessorOpts.TxtFontFileMap, @@ -169,10 +174,10 @@ func (g Thumbnail) handleCS3Source(ctx context.Context, req *thumbnailssvc.GetTh } key, err = g.manager.Generate(tr, img) - if err != nil { - return "", err + if errors.Is(err, terrors.ErrImageTooLarge) { + return "", merrors.Forbidden(g.serviceID, err.Error()) } - return key, nil + return key, err } func (g Thumbnail) handleWebdavSource(ctx context.Context, req *thumbnailssvc.GetThumbnailRequest) (string, error) { @@ -244,7 +249,10 @@ func (g Thumbnail) handleWebdavSource(ctx context.Context, req *thumbnailssvc.Ge imgURL.RawQuery = params.Encode() r, err := g.webdavSource.Get(ctx, imgURL.String()) - if err != nil { + switch { + case errors.Is(err, terrors.ErrImageTooLarge): + return "", merrors.Forbidden(g.serviceID, err.Error()) + case err != nil: return "", merrors.InternalServerError(g.serviceID, "could not get image from source: %s", err.Error()) } defer r.Close() @@ -258,10 +266,10 @@ func (g Thumbnail) handleWebdavSource(ctx context.Context, req *thumbnailssvc.Ge } key, err = g.manager.Generate(tr, img) - if err != nil { - return "", err + if errors.Is(err, terrors.ErrImageTooLarge) { + return "", merrors.Forbidden(g.serviceID, err.Error()) } - return key, nil + return key, err } func (g Thumbnail) stat(path, auth string) (*provider.StatResponse, error) {