mirror
/
OpenDroneMap-WebODM
kopia lustrzana https://github.com/OpenDroneMap/WebODM
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

Merge pull request #1070 from AIDI-solar/import_from_file_system 

Added possibility to import file from system.
pull/1077/head
Piero Toffanin 2021-10-11 13:54:56 -04:00 zatwierdzone przez GitHub
rodzic aded9a7f3f d63ee48aa3
commit 54ee8f898d
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 4AEE18F83AFDEB23
1 zmienionych plików z 39 dodań i 25 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

20
app/models/task.py
Wyświetl plik

@ -12,14 +12,14 @@ import piexif
import re import re
import zipfile import zipfile
from shutil import copyfile
import requests import requests
from PIL import Image from PIL import Image
from django.contrib.gis.gdal import GDALRaster from django.contrib.gis.gdal import GDALRaster
from django.contrib.gis.gdal import OGRGeometry from django.contrib.gis.gdal import OGRGeometry
from django.contrib.gis.geos import GEOSGeometry from django.contrib.gis.geos import GEOSGeometry
from django.contrib.postgres import fields from django.contrib.postgres import fields
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError, SuspiciousFileOperation
from django.db import models from django.db import models
from django.db import transaction from django.db import transaction
from django.db import connection from django.db import connection
@ -31,6 +31,7 @@ from django.contrib.gis.db.models.fields import GeometryField
from app.cogeo import assure_cogeo from app.cogeo import assure_cogeo
from app.testwatch import testWatch from app.testwatch import testWatch
from app.api.common import path_traversal_check
from nodeodm import status_codes from nodeodm import status_codes
from nodeodm.models import ProcessingNode from nodeodm.models import ProcessingNode
from pyodm.exceptions import NodeResponseError, NodeConnectionError, NodeServerError, OdmError from pyodm.exceptions import NodeResponseError, NodeConnectionError, NodeServerError, OdmError
@ -462,8 +463,21 @@ class Task(models.Model):
self.save() self.save()
zip_path = self.assets_path("all.zip") zip_path = self.assets_path("all.zip")
# Import assets file from mounted system volume (media-dir)/imports by relative path.
# Import file from relative path.
if self.import_url and not os.path.exists(zip_path): if self.import_url and not os.path.exists(zip_path):
if self.import_url.startswith("file://"):
imports_folder_path = os.path.join(settings.MEDIA_ROOT, "imports")
unsafe_path_to_import_file = os.path.join(settings.MEDIA_ROOT, "imports", self.import_url.replace("file://", ""))
# check is file placed in shared media folder in /imports directory without traversing
try:
checked_path_to_file = path_traversal_check(unsafe_path_to_import_file, imports_folder_path)
if os.path.isfile(checked_path_to_file):
copyfile(checked_path_to_file, zip_path)
except SuspiciousFileOperation as e:
logger.error("Error due importing assets from {} for {} in cause of path checking error".format(self.import_url, self))
raise NodeServerError(e)
else:
try: try:
# TODO: this is potentially vulnerable to a zip bomb attack # TODO: this is potentially vulnerable to a zip bomb attack
# mitigated by the fact that a valid account is needed to # mitigated by the fact that a valid account is needed to