mirror
/
OpenDroneMap-WebODM
kopia lustrzana https://github.com/OpenDroneMap/WebODM
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

Minor refactoring, fixes

pull/1086/head
Piero Toffanin 2021-11-04 14:31:43 -04:00
rodzic b6ce0ae3cd
commit c5fc89f61a
5 zmienionych plików z 18 dodań i 19 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

16
app/api/common.py
Wyświetl plik

@ -1,6 +1,7 @@
from django.core.exceptions import ObjectDoesNotExist, SuspiciousFileOperation from django.core.exceptions import ObjectDoesNotExist
from rest_framework import exceptions from rest_framework import exceptions
import os import os
import re
from app import models from app import models
@ -32,16 +33,6 @@ def get_and_check_project(request, project_pk, perms=('view_project',)):
return project return project
def path_traversal_check(unsafe_path, known_safe_path):
known_safe_path = os.path.abspath(known_safe_path)
unsafe_path = os.path.abspath(unsafe_path)
if (os.path.commonprefix([known_safe_path, unsafe_path]) != known_safe_path):
raise SuspiciousFileOperation("{} is not safe".format(unsafe_path))
# Passes the check
return unsafe_path
def hex2rgb(hex_color, with_alpha=False): def hex2rgb(hex_color, with_alpha=False):
""" """
Adapted from https://stackoverflow.com/questions/29643352/converting-hex-to-rgb-value-in-python/29643643 Adapted from https://stackoverflow.com/questions/29643352/converting-hex-to-rgb-value-in-python/29643643
@ -62,3 +53,6 @@ def hex2rgb(hex_color, with_alpha=False):
return tuple((255, 255, 255, 255)) return tuple((255, 255, 255, 255))
else: else:
return tuple((255, 255, 255)) return tuple((255, 255, 255))
def get_asset_download_filename(task, asset):
return re.sub(r'[^0-9a-zA-Z-_]+', '', task.name.replace(" ", "-").replace("/", "-")) + "-" + asset

8
app/api/tasks.py
Wyświetl plik

@ -19,7 +19,7 @@ from app import models, pending_actions
from nodeodm import status_codes from nodeodm import status_codes
from nodeodm.models import ProcessingNode from nodeodm.models import ProcessingNode
from worker import tasks as worker_tasks from worker import tasks as worker_tasks
from .common import get_and_check_project from .common import get_and_check_project, get_asset_download_filename
from app.security import path_traversal_check from app.security import path_traversal_check
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
@ -370,10 +370,12 @@ class TaskDownloads(TaskNestedView):
if not is_zipstream and not os.path.isfile(asset_fs): if not is_zipstream and not os.path.isfile(asset_fs):
raise exceptions.NotFound(_("Asset does not exist")) raise exceptions.NotFound(_("Asset does not exist"))
download_filename = request.GET.get('filename', get_asset_download_filename(task, asset))
if not is_zipstream: if not is_zipstream:
return download_file_response(request, asset_fs, 'attachment', download_filename=request.GET.get('filename')) return download_file_response(request, asset_fs, 'attachment', download_filename=download_filename)
else: else:
return download_file_stream(request, asset_fs, 'attachment', download_filename=request.GET.get('filename', asset)) return download_file_stream(request, asset_fs, 'attachment', download_filename=download_filename)
""" """
Raw access to the task's asset folder resources Raw access to the task's asset folder resources

4
app/api/tiler.py
Wyświetl plik

@ -6,7 +6,7 @@ from rasterio.crs import CRS
from rasterio.features import bounds as featureBounds from rasterio.features import bounds as featureBounds
import urllib import urllib
import os import os
import re from .common import get_asset_download_filename
from django.http import HttpResponse from django.http import HttpResponse
from rio_tiler.errors import TileOutsideBounds from rio_tiler.errors import TileOutsideBounds
from rio_tiler.utils import has_alpha_band, \ from rio_tiler.utils import has_alpha_band, \
@ -544,7 +544,7 @@ class Export(TaskNestedView):
# Strip unsafe chars, append suffix # Strip unsafe chars, append suffix
extension = extension_for_export_format(export_format) extension = extension_for_export_format(export_format)
filename = "{}{}.{}".format( filename = "{}{}.{}".format(
re.sub(r'[^0-9a-zA-Z-_]+', '', task.name.replace(" ", "-").replace("/", "-")) + "-" + asset_type, get_asset_download_filename(task, asset_type),
"-{}".format(formula) if expr is not None else "", "-{}".format(formula) if expr is not None else "",
extension extension
) )

2
app/models/task.py
Wyświetl plik

@ -33,7 +33,7 @@ from django.contrib.gis.db.models.fields import GeometryField
from app.cogeo import assure_cogeo from app.cogeo import assure_cogeo
from app.testwatch import testWatch from app.testwatch import testWatch
from app.api.common import path_traversal_check from app.security import path_traversal_check
from nodeodm import status_codes from nodeodm import status_codes
from nodeodm.models import ProcessingNode from nodeodm.models import ProcessingNode
from pyodm.exceptions import NodeResponseError, NodeConnectionError, NodeServerError, OdmError from pyodm.exceptions import NodeResponseError, NodeConnectionError, NodeServerError, OdmError

5
app/static/app/js/components/EditPresetDialog.jsx
Wyświetl plik

@ -11,6 +11,9 @@ if (!Object.values) {
values.shim(); values.shim();
} }
// Do not apply to WebODM, can cause confusion
const OPTS_BLACKLIST = ['orthophoto-png', 'orthophoto-kmz', 'pc-las', 'pc-ply', 'pc-csv', 'pc-ept', 'cog'];
class EditPresetDialog extends React.Component { class EditPresetDialog extends React.Component {
static defaultProps = { static defaultProps = {
}; };
@ -129,7 +132,7 @@ class EditPresetDialog extends React.Component {
: ""} : ""}
<div className="row"> <div className="row">
<div className="col-sm-12"> <div className="col-sm-12">
{options.filter(option => this.state.showSearch && this.state.search !== "" ? {options.filter(option => OPTS_BLACKLIST.indexOf(option.name.toLowerCase()) === -1).filter(option => this.state.showSearch && this.state.search !== "" ?
option.name.toLowerCase().indexOf(this.state.search.toLowerCase()) !== -1 : option.name.toLowerCase().indexOf(this.state.search.toLowerCase()) !== -1 :
true) true)
.map(option => .map(option =>