zulip/zerver/views/thumbnail.py

import re

from django.contrib.auth.models import AnonymousUser
from django.http import HttpRequest, HttpResponseBase, HttpResponseForbidden

from zerver.lib.typed_endpoint import typed_endpoint
from zerver.models import UserProfile
from zerver.views.upload import serve_file


@typed_endpoint
def backend_serve_thumbnail(
    request: HttpRequest,
    maybe_user_profile: UserProfile | AnonymousUser,
    *,
    url: str,
    size: str,
) -> HttpResponseBase:
    # This URL used to be passed arbitrary URLs, and pass them through
    # Camo; we no longer support doing so, and instead return a 403.
    #
    # Modern thumbnailing uses URLs of the style
    # `/user_uploads/thumbnail/.../300x200.webp`; this endpoint is
    # kept for backward compatibility, and for future extension for
    # thumbnailing external URLs.
    upload_path_parts = re.match(r"user_uploads/(\d+)/(.*)", url)
    if not upload_path_parts:
        return HttpResponseForbidden()

    realm_id_str = upload_path_parts[1]
    path_id = upload_path_parts[2]

    # We do not have ImageAttachment rows for historical uploads, so
    # we cannot serve a "new" thumbnail for these requests; serve the
    # full-size file.
    return serve_file(request, maybe_user_profile, realm_id_str, path_id)
thumbnail: Do not Camo old thumbor URLs; serve images directly. Providing a signed Camo URL for arbitrary URLs opened the server up to being an open redirector. Return 403 if the URL is not a user upload, and the backend image if it is. Since we do not have ImageAttachment rows for uploads at a time we wrote `/thumbnail?` URLs, return the full-size content. 2024-07-24 22:35:18 +02:00			`import re`

upload: Allow rate limited access to spectators for uploaded files. We allow spectators access to uploaded files in web public streams but rate limit the daily requests to 1000 per file by default. 2021-11-02 15:42:58 +01:00			`from django.contrib.auth.models import AnonymousUser`
thumbnail: Do not Camo old thumbor URLs; serve images directly. Providing a signed Camo URL for arbitrary URLs opened the server up to being an open redirector. Return 403 if the URL is not a user upload, and the backend image if it is. Since we do not have ImageAttachment rows for uploads at a time we wrote `/thumbnail?` URLs, return the full-size content. 2024-07-24 22:35:18 +02:00			`from django.http import HttpRequest, HttpResponseBase, HttpResponseForbidden`
python: Sort imports with isort. Fixes #2665. Regenerated by tabbott with `lint --fix` after a rebase and change in parameters. Note from tabbott: In a few cases, this converts technical debt in the form of unsorted imports into different technical debt in the form of our largest files having very long, ugly import sequences at the start. I expect this change will increase pressure for us to split those files, which isn't a bad thing. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2020-06-11 00:54:34 +02:00
zerver: Migrate several small files to typed_endpoint. Migrate "submessage.py", "thumbnail.py", "tutorial.py", "zephyr.py" and "dev_login.py" to `typed_endpoint`. 2024-06-28 21:14:00 +02:00			`from zerver.lib.typed_endpoint import typed_endpoint`
thumbnail: Do not Camo old thumbor URLs; serve images directly. Providing a signed Camo URL for arbitrary URLs opened the server up to being an open redirector. Return 403 if the URL is not a user upload, and the backend image if it is. Since we do not have ImageAttachment rows for uploads at a time we wrote `/thumbnail?` URLs, return the full-size content. 2024-07-24 22:35:18 +02:00			`from zerver.models import UserProfile`
			`from zerver.views.upload import serve_file`
thumbor: Complete implementation of thumbnailing. Various pieces of our thumbor-based thumbnailing system were already merged; this adds the remaining pieces required for it to work: * a THUMBOR_URL Django setting that controls whether thumbor is enabled on the Zulip server (and if so, where thumbor is hosted). * Replaces the overly complicated prototype cryptography logic * Adds a /thumbnail endpoint (supported both on web and mobile) for accessing thumbnails in messages, designed to support hosting both external URLs as well as uploaded files (and applying Zulip's security model for access to thumbnails of uploaded files). * Modifies bugdown to, when THUMBOR_URL is set, render images with the `src` attribute pointing /thumbnail (to provide a small thumbnail for the image), along with adding a "data-original" attribute that can be used to access the "original/full" size version of the image. There are a few things that don't work quite yet: * The S3 backend support is incomplete and doesn't work yet. * The error pages for unauthorized access are ugly. * We might want to rename data-original and /thumbnail?size=original to use some other name, like "full", that better reflects the fact that we're potentially not serving the original image URL. 2018-03-08 09:37:09 +01:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:19:30 +01:00
zerver: Migrate several small files to typed_endpoint. Migrate "submessage.py", "thumbnail.py", "tutorial.py", "zephyr.py" and "dev_login.py" to `typed_endpoint`. 2024-06-28 21:14:00 +02:00			`@typed_endpoint`
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2021-02-12 08:19:30 +01:00			`def backend_serve_thumbnail(`
			`request: HttpRequest,`
ruff: Fix UP007 Use `X \| Y` for type annotations. Signed-off-by: Anders Kaseorg <anders@zulip.com> 2024-07-12 02:30:23 +02:00			`maybe_user_profile: UserProfile \| AnonymousUser,`
zerver: Migrate several small files to typed_endpoint. Migrate "submessage.py", "thumbnail.py", "tutorial.py", "zephyr.py" and "dev_login.py" to `typed_endpoint`. 2024-06-28 21:14:00 +02:00			`*,`
			`url: str,`
			`size: str,`
thumbnail: Do not Camo old thumbor URLs; serve images directly. Providing a signed Camo URL for arbitrary URLs opened the server up to being an open redirector. Return 403 if the URL is not a user upload, and the backend image if it is. Since we do not have ImageAttachment rows for uploads at a time we wrote `/thumbnail?` URLs, return the full-size content. 2024-07-24 22:35:18 +02:00			`) -> HttpResponseBase:`
			`# This URL used to be passed arbitrary URLs, and pass them through`
			`# Camo; we no longer support doing so, and instead return a 403.`
			`#`
			`# Modern thumbnailing uses URLs of the style`
			# `/user_uploads/thumbnail/.../300x200.webp`; this endpoint is
			`# kept for backward compatibility, and for future extension for`
			`# thumbnailing external URLs.`
			`upload_path_parts = re.match(r"user_uploads/(\d+)/(.*)", url)`
			`if not upload_path_parts:`
			`return HttpResponseForbidden()`

			`realm_id_str = upload_path_parts[1]`
			`path_id = upload_path_parts[2]`

			`# We do not have ImageAttachment rows for historical uploads, so`
			`# we cannot serve a "new" thumbnail for these requests; serve the`
			`# full-size file.`
			`return serve_file(request, maybe_user_profile, realm_id_str, path_id)`