BookStack Code Mirror - bookstack/blob - app/Uploads/ImageService.php

1 <?php

3 namespace BookStack\Uploads;

5 use BookStack\Exceptions\ImageUploadException;

6 use ErrorException;

7 use Exception;

8 use Illuminate\Contracts\Cache\Repository as Cache;

9 use Illuminate\Contracts\Filesystem\FileNotFoundException;

10 use Illuminate\Contracts\Filesystem\Filesystem as Storage;

11 use Illuminate\Filesystem\FilesystemAdapter;

12 use Illuminate\Filesystem\FilesystemManager;

13 use Illuminate\Support\Facades\DB;

14 use Illuminate\Support\Facades\Log;

15 use Illuminate\Support\Str;

16 use Intervention\Image\Exception\NotSupportedException;

17 use Intervention\Image\ImageManager;

18 use League\Flysystem\Util;

19 use Psr\SimpleCache\InvalidArgumentException;

20 use Symfony\Component\HttpFoundation\File\UploadedFile;

21 use Symfony\Component\HttpFoundation\StreamedResponse;

23 class ImageService

24 {

25 protected $imageTool;

26 protected $cache;

27 protected $storageUrl;

28 protected $image;

29 protected $fileSystem;

31 protected static $supportedExtensions = ['jpg', 'jpeg', 'png', 'gif', 'webp'];

33 /**

34 * ImageService constructor.

35 */

36 public function __construct(Image $image, ImageManager $imageTool, FilesystemManager $fileSystem, Cache $cache)

37 {

38 $this->image = $image;

39 $this->imageTool = $imageTool;

40 $this->fileSystem = $fileSystem;

41 $this->cache = $cache;

42 }

44 /**

45 * Get the storage that will be used for storing images.

46 */

47 protected function getStorageDisk(string $imageType = ''): Storage

48 {

49 return $this->fileSystem->disk($this->getStorageDiskName($imageType));

50 }

52 /**

53 * Check if local secure image storage (Fetched behind authentication)

54 * is currently active in the instance.

55 */

56 protected function usingSecureImages(): bool

57 {

58 return $this->getStorageDiskName('gallery') === 'local_secure_images';

59 }

61 /**

62 * Change the originally provided path to fit any disk-specific requirements.

63 * This also ensures the path is kept to the expected root folders.

64 */

65 protected function adjustPathForStorageDisk(string $path, string $imageType = ''): string

66 {

67 $path = Util::normalizePath(str_replace('uploads/images/', '', $path));

69 if ($this->getStorageDiskName($imageType) === 'local_secure_images') {

70 return $path;

71 }

73 return 'uploads/images/' . $path;

74 }

76 /**

77 * Get the name of the storage disk to use.

78 */

79 protected function getStorageDiskName(string $imageType): string

80 {

81 $storageType = config('filesystems.images');

83 // Ensure system images (App logo) are uploaded to a public space

84 if ($imageType === 'system' && $storageType === 'local_secure') {

85 $storageType = 'local';

86 }

88 if ($storageType === 'local_secure') {

89 $storageType = 'local_secure_images';

90 }

92 return $storageType;

93 }

95 /**

96 * Saves a new image from an upload.

97 *

98 * @throws ImageUploadException

99 *

100 * @return mixed

101 */

102 public function saveNewFromUpload(

103 UploadedFile $uploadedFile,

104 string $type,

105 int $uploadedTo = 0,

106 int $resizeWidth = null,

107 int $resizeHeight = null,

108 bool $keepRatio = true

109 ) {

110 $imageName = $uploadedFile->getClientOriginalName();

111 $imageData = file_get_contents($uploadedFile->getRealPath());

112

113 if ($resizeWidth !== null || $resizeHeight !== null) {

114 $imageData = $this->resizeImage($imageData, $resizeWidth, $resizeHeight, $keepRatio);

115 }

116

117 return $this->saveNew($imageName, $imageData, $type, $uploadedTo);

118 }

119

120 /**

121 * Save a new image from a uri-encoded base64 string of data.

122 *

123 * @throws ImageUploadException

124 */

125 public function saveNewFromBase64Uri(string $base64Uri, string $name, string $type, int $uploadedTo = 0): Image

126 {

127 $splitData = explode(';base64,', $base64Uri);

128 if (count($splitData) < 2) {

129 throw new ImageUploadException('Invalid base64 image data provided');

130 }

131 $data = base64_decode($splitData[1]);

132

133 return $this->saveNew($name, $data, $type, $uploadedTo);

134 }

135

136 /**

137 * Save a new image into storage.

138 *

139 * @throws ImageUploadException

140 */

141 public function saveNew(string $imageName, string $imageData, string $type, int $uploadedTo = 0): Image

142 {

143 $storage = $this->getStorageDisk($type);

144 $secureUploads = setting('app-secure-images');

145 $fileName = $this->cleanImageFileName($imageName);

146

147 $imagePath = '/uploads/images/' . $type . '/' . date('Y-m') . '/';

148

149 while ($storage->exists($this->adjustPathForStorageDisk($imagePath . $fileName, $type))) {

150 $fileName = Str::random(3) . $fileName;

151 }

152

153 $fullPath = $imagePath . $fileName;

154 if ($secureUploads) {

155 $fullPath = $imagePath . Str::random(16) . '-' . $fileName;

156 }

157

158 try {

159 $this->saveImageDataInPublicSpace($storage, $this->adjustPathForStorageDisk($fullPath, $type), $imageData);

160 } catch (Exception $e) {

161 Log::error('Error when attempting image upload:' . $e->getMessage());

162

163 throw new ImageUploadException(trans('errors.path_not_writable', ['filePath' => $fullPath]));

164 }

165

166 $imageDetails = [

167 'name' => $imageName,

168 'path' => $fullPath,

169 'url' => $this->getPublicUrl($fullPath),

170 'type' => $type,

171 'uploaded_to' => $uploadedTo,

172 ];

173

174 if (user()->id !== 0) {

175 $userId = user()->id;

176 $imageDetails['created_by'] = $userId;

177 $imageDetails['updated_by'] = $userId;

178 }

179

180 $image = $this->image->newInstance();

181 $image->forceFill($imageDetails)->save();

182

183 return $image;

184 }

185

186 /**

187 * Save image data for the given path in the public space, if possible,

188 * for the provided storage mechanism.

189 */

190 protected function saveImageDataInPublicSpace(Storage $storage, string $path, string $data)

191 {

192 $storage->put($path, $data);

193

194 // Set visibility when a non-AWS-s3, s3-like storage option is in use.

195 // Done since this call can break s3-like services but desired for other image stores.

196 // Attempting to set ACL during above put request requires different permissions

197 // hence would technically be a breaking change for actual s3 usage.

198 $usingS3 = strtolower(config('filesystems.images')) === 's3';

199 $usingS3Like = $usingS3 && !is_null(config('filesystems.disks.s3.endpoint'));

200 if (!$usingS3Like) {

201 $storage->setVisibility($path, 'public');

202 }

203 }

204

205 /**

206 * Clean up an image file name to be both URL and storage safe.

207 */

208 protected function cleanImageFileName(string $name): string

209 {

210 $name = str_replace(' ', '-', $name);

211 $nameParts = explode('.', $name);

212 $extension = array_pop($nameParts);

213 $name = implode('-', $nameParts);

214 $name = Str::slug($name);

215

216 if (strlen($name) === 0) {

217 $name = Str::random(10);

218 }

219

220 return $name . '.' . $extension;

221 }

222

223 /**

224 * Checks if the image is a gif. Returns true if it is, else false.

225 */

226 protected function isGif(Image $image): bool

227 {

228 return strtolower(pathinfo($image->path, PATHINFO_EXTENSION)) === 'gif';

229 }

230

231 /**

232 * Check if the given image and image data is apng.

233 */

234 protected function isApngData(Image $image, string &$imageData): bool

235 {

236 $isPng = strtolower(pathinfo($image->path, PATHINFO_EXTENSION)) === 'png';

237 if (!$isPng) {

238 return false;

239 }

240

241 $initialHeader = substr($imageData, 0, strpos($imageData, 'IDAT'));

242

243 return strpos($initialHeader, 'acTL') !== false;

244 }

245

246 /**

247 * Get the thumbnail for an image.

248 * If $keepRatio is true only the width will be used.

249 * Checks the cache then storage to avoid creating / accessing the filesystem on every check.

250 *

251 * @throws Exception

252 * @throws InvalidArgumentException

253 */

254 public function getThumbnail(Image $image, ?int $width, ?int $height, bool $keepRatio = false): string

255 {

256 // Do not resize GIF images where we're not cropping

257 if ($keepRatio && $this->isGif($image)) {

258 return $this->getPublicUrl($image->path);

259 }

260

261 $thumbDirName = '/' . ($keepRatio ? 'scaled-' : 'thumbs-') . $width . '-' . $height . '/';

262 $imagePath = $image->path;

263 $thumbFilePath = dirname($imagePath) . $thumbDirName . basename($imagePath);

264

265 $thumbCacheKey = 'images::' . $image->id . '::' . $thumbFilePath;

266

267 // Return path if in cache

268 $cachedThumbPath = $this->cache->get($thumbCacheKey);

269 if ($cachedThumbPath) {

270 return $this->getPublicUrl($cachedThumbPath);

271 }

272

273 // If thumbnail has already been generated, serve that and cache path

274 $storage = $this->getStorageDisk($image->type);

275 if ($storage->exists($this->adjustPathForStorageDisk($thumbFilePath, $image->type))) {

276 $this->cache->put($thumbCacheKey, $thumbFilePath, 60 * 60 * 72);

277

278 return $this->getPublicUrl($thumbFilePath);

279 }

280

281 $imageData = $storage->get($this->adjustPathForStorageDisk($imagePath, $image->type));

282

283 // Do not resize apng images where we're not cropping

284 if ($keepRatio && $this->isApngData($image, $imageData)) {

285 $this->cache->put($thumbCacheKey, $image->path, 60 * 60 * 72);

286

287 return $this->getPublicUrl($image->path);

288 }

289

290 // If not in cache and thumbnail does not exist, generate thumb and cache path

291 $thumbData = $this->resizeImage($imageData, $width, $height, $keepRatio);

292 $this->saveImageDataInPublicSpace($storage, $this->adjustPathForStorageDisk($thumbFilePath, $image->type), $thumbData);

293 $this->cache->put($thumbCacheKey, $thumbFilePath, 60 * 60 * 72);

294

295 return $this->getPublicUrl($thumbFilePath);

296 }

297

298 /**

299 * Resize the image of given data to the specified size, and return the new image data.

300 *

301 * @throws ImageUploadException

302 */

303 protected function resizeImage(string $imageData, ?int $width, ?int $height, bool $keepRatio): string

304 {

305 try {

306 $thumb = $this->imageTool->make($imageData);

307 } catch (ErrorException|NotSupportedException $e) {

308 throw new ImageUploadException(trans('errors.cannot_create_thumbs'));

309 }

310

311 if ($keepRatio) {

312 $thumb->resize($width, $height, function ($constraint) {

313 $constraint->aspectRatio();

314 $constraint->upsize();

315 });

316 } else {

317 $thumb->fit($width, $height);

318 }

319

320 $thumbData = (string) $thumb->encode();

321

322 // Use original image data if we're keeping the ratio

323 // and the resizing does not save any space.

324 if ($keepRatio && strlen($thumbData) > strlen($imageData)) {

325 return $imageData;

326 }

327

328 return $thumbData;

329 }

330

331 /**

332 * Get the raw data content from an image.

333 *

334 * @throws FileNotFoundException

335 */

336 public function getImageData(Image $image): string

337 {

338 $storage = $this->getStorageDisk();

339

340 return $storage->get($this->adjustPathForStorageDisk($image->path, $image->type));

341 }

342

343 /**

344 * Destroy an image along with its revisions, thumbnails and remaining folders.

345 *

346 * @throws Exception

347 */

348 public function destroy(Image $image)

349 {

350 $this->destroyImagesFromPath($image->path, $image->type);

351 $image->delete();

352 }

353

354 /**

355 * Destroys an image at the given path.

356 * Searches for image thumbnails in addition to main provided path.

357 */

358 protected function destroyImagesFromPath(string $path, string $imageType): bool

359 {

360 $path = $this->adjustPathForStorageDisk($path, $imageType);

361 $storage = $this->getStorageDisk($imageType);

362

363 $imageFolder = dirname($path);

364 $imageFileName = basename($path);

365 $allImages = collect($storage->allFiles($imageFolder));

366

367 // Delete image files

368 $imagesToDelete = $allImages->filter(function ($imagePath) use ($imageFileName) {

369 return basename($imagePath) === $imageFileName;

370 });

371 $storage->delete($imagesToDelete->all());

372

373 // Cleanup of empty folders

374 $foldersInvolved = array_merge([$imageFolder], $storage->directories($imageFolder));

375 foreach ($foldersInvolved as $directory) {

376 if ($this->isFolderEmpty($storage, $directory)) {

377 $storage->deleteDirectory($directory);

378 }

379 }

380

381 return true;

382 }

383

384 /**

385 * Check whether a folder is empty.

386 */

387 protected function isFolderEmpty(Storage $storage, string $path): bool

388 {

389 $files = $storage->files($path);

390 $folders = $storage->directories($path);

391

392 return count($files) === 0 && count($folders) === 0;

393 }

394

395 /**

396 * Delete gallery and drawings that are not within HTML content of pages or page revisions.

397 * Checks based off of only the image name.

398 * Could be much improved to be more specific but kept it generic for now to be safe.

399 *

400 * Returns the path of the images that would be/have been deleted.

401 */

402 public function deleteUnusedImages(bool $checkRevisions = true, bool $dryRun = true)

403 {

404 $types = ['gallery', 'drawio'];

405 $deletedPaths = [];

406

407 $this->image->newQuery()->whereIn('type', $types)

408 ->chunk(1000, function ($images) use ($checkRevisions, &$deletedPaths, $dryRun) {

409 foreach ($images as $image) {

410 $searchQuery = '%' . basename($image->path) . '%';

411 $inPage = DB::table('pages')

412 ->where('html', 'like', $searchQuery)->count() > 0;

413

414 $inRevision = false;

415 if ($checkRevisions) {

416 $inRevision = DB::table('page_revisions')

417 ->where('html', 'like', $searchQuery)->count() > 0;

418 }

419

420 if (!$inPage && !$inRevision) {

421 $deletedPaths[] = $image->path;

422 if (!$dryRun) {

423 $this->destroy($image);

424 }

425 }

426 }

427 });

428

429 return $deletedPaths;

430 }

431

432 /**

433 * Convert an image URI to a Base64 encoded string.

434 * Attempts to convert the URL to a system storage url then

435 * fetch the data from the disk or storage location.

436 * Returns null if the image data cannot be fetched from storage.

437 *

438 * @throws FileNotFoundException

439 */

440 public function imageUriToBase64(string $uri): ?string

441 {

442 $storagePath = $this->imageUrlToStoragePath($uri);

443 if (empty($uri) || is_null($storagePath)) {

444 return null;

445 }

446

447 $storagePath = $this->adjustPathForStorageDisk($storagePath);

448 $storage = $this->getStorageDisk();

449 $imageData = null;

450 if ($storage->exists($storagePath)) {

451 $imageData = $storage->get($storagePath);

452 }

453

454 if (is_null($imageData)) {

455 return null;

456 }

457

458 $extension = pathinfo($uri, PATHINFO_EXTENSION);

459 if ($extension === 'svg') {

460 $extension = 'svg+xml';

461 }

462

463 return 'data:image/' . $extension . ';base64,' . base64_encode($imageData);

464 }

465

466 /**

467 * Check if the given path exists in the local secure image system.

468 * Returns false if local_secure is not in use.

469 */

470 public function pathExistsInLocalSecure(string $imagePath): bool

471 {

472 /** @var FilesystemAdapter $disk */

473 $disk = $this->getStorageDisk('gallery');

474

475 // Check local_secure is active

476 return $this->usingSecureImages()

477 && $disk instanceof FilesystemAdapter

478 // Check the image file exists

479 && $disk->exists($imagePath)

480 // Check the file is likely an image file

481 && strpos($disk->getMimetype($imagePath), 'image/') === 0;

482 }

483

484 /**

485 * For the given path, if existing, provide a response that will stream the image contents.

486 */

487 public function streamImageFromStorageResponse(string $imageType, string $path): StreamedResponse

488 {

489 $disk = $this->getStorageDisk($imageType);

490

491 return $disk->response($path);

492 }

493

494 /**

495 * Check if the given image extension is supported by BookStack.

496 * The extension must not be altered in this function. This check should provide a guarantee

497 * that the provided extension is safe to use for the image to be saved.

498 */

499 public static function isExtensionSupported(string $extension): bool

500 {

501 return in_array($extension, static::$supportedExtensions);

502 }

503

504 /**

505 * Get a storage path for the given image URL.

506 * Ensures the path will start with "uploads/images".

507 * Returns null if the url cannot be resolved to a local URL.

508 */

509 private function imageUrlToStoragePath(string $url): ?string

510 {

511 $url = ltrim(trim($url), '/');

512

513 // Handle potential relative paths

514 $isRelative = strpos($url, 'http') !== 0;

515 if ($isRelative) {

516 if (strpos(strtolower($url), 'uploads/images') === 0) {

517 return trim($url, '/');

518 }

519

520 return null;

521 }

522

523 // Handle local images based on paths on the same domain

524 $potentialHostPaths = [

525 url('uploads/images/'),

526 $this->getPublicUrl('/uploads/images/'),

527 ];

528

529 foreach ($potentialHostPaths as $potentialBasePath) {

530 $potentialBasePath = strtolower($potentialBasePath);

531 if (strpos(strtolower($url), $potentialBasePath) === 0) {

532 return 'uploads/images/' . trim(substr($url, strlen($potentialBasePath)), '/');

533 }

534 }

535

536 return null;

537 }

538

539 /**

540 * Gets a public facing url for an image by checking relevant environment variables.

541 * If s3-style store is in use it will default to guessing a public bucket URL.

542 */

543 private function getPublicUrl(string $filePath): string

544 {

545 if (is_null($this->storageUrl)) {

546 $storageUrl = config('filesystems.url');

547

548 // Get the standard public s3 url if s3 is set as storage type

549 // Uses the nice, short URL if bucket name has no periods in otherwise the longer

550 // region-based url will be used to prevent http issues.

551 if ($storageUrl == false && config('filesystems.images') === 's3') {

552 $storageDetails = config('filesystems.disks.s3');

553 if (strpos($storageDetails['bucket'], '.') === false) {

554 $storageUrl = 'https://' . $storageDetails['bucket'] . '.s3.amazonaws.com';

555 } else {

556 $storageUrl = 'https://s3-' . $storageDetails['region'] . '.amazonaws.com/' . $storageDetails['bucket'];

557 }

558 }

559

560 $this->storageUrl = $storageUrl;

561 }

562

563 $basePath = ($this->storageUrl == false) ? url('/') : $this->storageUrl;

564

565 return rtrim($basePath, '/') . $filePath;

566 }

567 }