X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/df0e03cd07db5ff2dbd16a27ccfcc2ca38402e46..refs/pull/5312/head:/app/Uploads/UserAvatars.php

diff --git a/app/Uploads/UserAvatars.php b/app/Uploads/UserAvatars.php
index e98c1cfca..c62324735 100644
--- a/app/Uploads/UserAvatars.php
+++ b/app/Uploads/UserAvatars.php
@@ -1,19 +1,22 @@
-<?php namespace BookStack\Uploads;
+<?php
+
+namespace BookStack\Uploads;
 
-use BookStack\Auth\User;
 use BookStack\Exceptions\HttpFetchException;
+use BookStack\Http\HttpRequestService;
+use BookStack\Users\Models\User;
 use Exception;
+use GuzzleHttp\Psr7\Request;
 use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Str;
+use Psr\Http\Client\ClientExceptionInterface;
 
 class UserAvatars
 {
-    protected $imageService;
-    protected $http;
-
-    public function __construct(ImageService $imageService, HttpFetcher $http)
-    {
-        $this->imageService = $imageService;
-        $this->http = $http;
+    public function __construct(
+        protected ImageService $imageService,
+        protected HttpRequestService $http
+    ) {
     }
 
     /**
@@ -31,7 +34,7 @@ class UserAvatars
             $user->avatar()->associate($avatar);
             $user->save();
         } catch (Exception $e) {
-            Log::error('Failed to save user avatar image');
+            Log::error('Failed to save user avatar image', ['exception' => $e]);
         }
     }
 
@@ -46,14 +49,14 @@ class UserAvatars
             $user->avatar()->associate($avatar);
             $user->save();
         } catch (Exception $e) {
-            Log::error('Failed to save user avatar image');
+            Log::error('Failed to save user avatar image', ['exception' => $e]);
         }
     }
 
     /**
      * Destroy all user avatars uploaded to the given user.
      */
-    public function destroyAllForUser(User $user)
+    public function destroyAllForUser(User $user): void
     {
         $profileImages = Image::query()->where('type', '=', 'user')
             ->where('uploaded_to', '=', $user->id)
@@ -66,7 +69,8 @@ class UserAvatars
 
     /**
      * Save an avatar image from an external service.
-     * @throws Exception
+     *
+     * @throws HttpFetchException
      */
     protected function saveAvatarImage(User $user, int $size = 500): Image
     {
@@ -74,13 +78,14 @@ class UserAvatars
         $email = strtolower(trim($user->email));
 
         $replacements = [
-            '${hash}' => md5($email),
-            '${size}' => $size,
+            '${hash}'  => md5($email),
+            '${size}'  => $size,
             '${email}' => urlencode($email),
         ];
 
         $userAvatarUrl = strtr($avatarUrl, $replacements);
         $imageData = $this->getAvatarImageData($userAvatarUrl);
+
         return $this->createAvatarImageFromData($user, $imageData, 'png');
     }
 
@@ -89,7 +94,7 @@ class UserAvatars
      */
     protected function createAvatarImageFromData(User $user, string $imageData, string $extension): Image
     {
-        $imageName = str_replace(' ', '-', $user->id . '-avatar.' . $extension);
+        $imageName = Str::random(10) . '-avatar.' . $extension;
 
         $image = $this->imageService->saveNew($imageName, $imageData, 'user', $user->id);
         $image->created_by = $user->id;
@@ -101,33 +106,45 @@ class UserAvatars
 
     /**
      * Gets an image from url and returns it as a string of image data.
-     * @throws Exception
+     *
+     * @throws HttpFetchException
      */
     protected function getAvatarImageData(string $url): string
     {
         try {
-            $imageData = $this->http->fetch($url);
-        } catch (HttpFetchException $exception) {
-            throw new Exception(trans('errors.cannot_get_image_from_url', ['url' => $url]));
+            $client = $this->http->buildClient(5);
+            $response = $client->sendRequest(new Request('GET', $url));
+            if ($response->getStatusCode() !== 200) {
+                throw new HttpFetchException(trans('errors.cannot_get_image_from_url', ['url' => $url]));
+            }
+
+            return (string) $response->getBody();
+        } catch (ClientExceptionInterface $exception) {
+            throw new HttpFetchException(trans('errors.cannot_get_image_from_url', ['url' => $url]), $exception->getCode(), $exception);
         }
-        return $imageData;
     }
 
     /**
      * Check if fetching external avatars is enabled.
      */
-    protected function avatarFetchEnabled(): bool
+    public function avatarFetchEnabled(): bool
     {
         $fetchUrl = $this->getAvatarUrl();
-        return is_string($fetchUrl) && strpos($fetchUrl, 'http') === 0;
+
+        return str_starts_with($fetchUrl, 'http');
     }
 
     /**
      * Get the URL to fetch avatars from.
      */
-    protected function getAvatarUrl(): string
+    public function getAvatarUrl(): string
     {
-        $url = trim(config('services.avatar_url'));
+        $configOption = config('services.avatar_url');
+        if ($configOption === false) {
+            return '';
+        }
+
+        $url = trim($configOption);
 
         if (empty($url) && !config('services.disable_services')) {
             $url = 'https://www.gravatar.com/avatar/${hash}?s=${size}&d=identicon';