OpenACS / openacs-4 / packages / file-storage

www

Tools

Line History

Line Count Graph
Line Count Graph

Stats

Commits this week: 0
Total Committers: 45
Last Commit: 21 Nov
Commits this week: 0
Total Lines of Code (LoC): 5,928
Net change in LoC this week: 0

Commit Activity

Commits By Day In Week
52 week commits volume
Commits By Day In Week
Commits by day
Commits By Day In Week
Commits by hour
Commits By Hour In Day
Commit calendar
 

Most active committers (90 days)

loading
loading
  • last updated 8 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Wednesday 11 Sep
8:11 am

gustafn

merge with missing files

Options
    • -0
    • +0
    ./copy-oracle.xql
    • -0
    • +0
    ./copy-postgresql.xql
    • -0
    • +0
    ./delete.xql
    • -0
    • +0
    ./file-add.tcl
    • -0
    • +0
    ./file-edit.tcl
    • -0
    • +0
    ./file.tcl
    • -0
    • +0
    ./folder-add.tcl
    • -0
    • +0
    ./folder-chunk.tcl
    • -0
    • +0
    ./folder-create.tcl
    • -0
    • +0
    ./folder-delete.tcl
    • -0
    • +0
    ./folder-edit.tcl
    • -0
    • +0
    ./folder-zip-add.tcl
    • -0
    • +0
    ./index.tcl
    • -0
    • +0
    ./index.vuh
    • -0
    • +0
    ./search.tcl
  16. … 1450 more files in changeset.
Tuesday 03 Sep
5:37 pm

gustafn

merge from oacs-5-10

Options
    • -32
    • +1
    ./copy-oracle.xql
    • -46
    • +1
    ./copy-postgresql.xql
    • -41
    • +63
    ./copy.tcl
    • -28
    • +0
    ./delete-oracle.xql
    • -28
    • +0
    ./delete-postgresql.xql
    • -22
    • +30
    ./delete.tcl
    • -2
    • +2
    ./delete.xql
    • -0
    • +30
    ./download-zip-2.tcl
    • -42
    • +77
    ./download-zip.tcl
    • -13
    • +46
    ./file-add.tcl
    • -1
    • +2
    ./file-edit.tcl
    • -37
    • +0
    ./file-oracle.xql
    • -34
    • +0
    ./file-postgresql.xql
    • -2
    • +2
    ./file-upload-confirm.tcl
    • -39
    • +62
    ./file.tcl
  16. … 8085 more files in changeset.
Monday 02 Sep
11:40 am

gustafn

regenerated documentation

Options
    • -38
    • +30
    ./doc/design.adp
    • -2
    • +5
    ./doc/index.adp
    • -0
    • +4
    ./doc/requirements.adp
  4. … 438 more files in changeset.
Thursday 01 Aug
10:03 am

gustafn

regenreated documentation (with non-finished release notes)

Options
    • -3
    • +3
    ./doc/design.adp
  2. … 146 more files in changeset.
9:38 am

gustafn

fixed typoes in documentation

Options
    • -1
    • +1
    ./doc/design.html
  2. … 23 more files in changeset.
Wednesday 31 Jul
11:59 am

gustafn

improved spelling

Options
    • -4
    • +4
    ./doc/design.adp
  2. … 29 more files in changeset.
Tuesday 30 Jul
3:45 pm

antoniop

Harden page contract

Options
    • -3
    • +3
    ./copy.tcl
3:34 pm

antoniop

Harden page contract

Options
    • -2
    • +2
    ./file-upload-confirm.tcl
  2. … 2 more files in changeset.
Monday 26 Feb
4:05 pm

antoniop

download-archive reform

File-Storage used to generate downloaded archives in tgz format, to then switch to zip, more user-friendly, in particular outside the Linux world (See https://openacs.org/forums/message-view?message_id=557561). To ease the transition, a couple of parameters and relative API were introduced that would allow to choose the preferred command one should use. During this reform however, default parameter values in the tcl code became inconsistent with those in the info file. Furthermore, the chosen defaults were set as absolute paths to the executable, which is not friendly to non-linux environments, or other scenarios where the "typical" Linux filesystem structure cannot be assumed (e.g. containers, MacOS...).

The only usage of this parameters/api was in fact in the download-archive vuh. In upstream codebase, no package references this file, not even the file-storage itself. Upon review, one could see that the file would also allow to specify a custom download filename via the path, which could be considered questionable. It would also execute the command in a way that once again assumes some form of Linux environment (e.g. invoking bash).

Save for the ability to customize the archive format and the anti-feature of being able to manipulate the archive filename via the path, the script largely relplicates www/download-zip, in a better shape after a few reforms hinted by e.g. penetration tools.

Given the aformentioned considerations, I have decided to make download-archive a simple redirect to download-zip. Specifying the object_id via the path will keep working, while URLs out there expecting the name to change will not fail, but the name will not be modified. The archive format will from now on be assumed to be zip.

Options
    • -57
    • +24
    ./download-archive/index.vuh
  2. … 4 more files in changeset.
Sunday 25 Feb
6:29 pm

gustafn

Improved consistency with external programs

Since "unzip" is used as well on various other places,

use it as well in the file storage. This means that

the parameter "UnzipBinary" for the file-storage package

is now obsolete.

Options
    • -2
    • +2
    ./file-add.tcl
  2. … 1 more file in changeset.
Sunday 22 Oct 2023
6:30 pm

gustafn

strengthen boolean parameters in page contracts

Options
    • -2
    • +2
    ./copy.tcl
    • -2
    • +2
    ./file-add.tcl
    • -2
    • +2
    ./folder-add.tcl
    • -2
    • +2
    ./folder-chunk.tcl
    • -2
    • +2
    ./folder-delete.tcl
    • -2
    • +2
    ./folder-zip-add.tcl
    • -2
    • +2
    ./move.tcl
    • -2
    • +2
    ./simple-add.tcl
    • -2
    • +2
    ./version-delete.tcl
  10. … 23 more files in changeset.
Tuesday 03 Oct 2023
4:07 pm

antoniop

Make values optional, as the user should supply them via the form

Options
    • -3
    • +3
    ./simple-add.tcl
Monday 25 Sep 2023
5:44 pm

antoniop

Reintroduce "short_name" list element in the folder-chunk, used in the list format and not exactly equivalent to "name"

Options
    • -1
    • +13
    ./folder-chunk.tcl
Thursday 13 Jul 2023
2:43 pm

gustafn

regenerated documentation

Options
    • -26
    • +38
    ./doc/design.adp
    • -1
    • +2
    ./doc/index.adp
  3. … 294 more files in changeset.
Friday 28 Apr 2023
3:11 pm

antoniop

Sign the return_url we set when we generate a zip file to prevent tampering

Options
    • -1
    • +1
    ./download-zip.tcl
    • -5
    • +5
    ./folder-chunk.tcl
Thursday 30 Mar 2023
6:28 pm

antoniop

Make sure, that also when the number of days is supplied as empty, we set it to a valid default

Options
    • -2
    • +6
    ./folder-chunk.tcl
Thursday 23 Mar 2023
1:18 pm

trenner

harden page_contract

Options
    • -3
    • +5
    ./simple-add.tcl
Friday 17 Mar 2023
2:29 pm

antoniop

Deprecate trivial fs::get_archive_extension and inline its only upstream occurrence

Options
    • -2
    • +2
    ./download-archive/index.vuh
  2. … 1 more file in changeset.
Tuesday 14 Mar 2023
9:37 am

trenner

check permission before adding file to zip directory

Options
    • -0
    • +1
    ./download-zip.tcl
Friday 27 Jan 2023
12:59 pm

gernst

Improve validation

Options
    • -1
    • +3
    ./file-add.tcl
    • -1
    • +2
    ./file-edit.tcl
Monday 16 Jan 2023
5:11 pm

antoniop

Fix typo

Options
    • -1
    • +1
    ./folder-chunk-postgresql.xql
Wednesday 04 Jan 2023
1:21 pm

antoniop

Refactor the query in the folder-chunk page so that on postgres one can enforce permissions in bulk, rather than for each file

Options
    • -0
    • +47
    ./folder-chunk-postgresql.xql
    • -31
    • +2
    ./folder-chunk.tcl
    • -3
    • +31
    ./folder-chunk.xql
Wednesday 30 Nov 2022
9:18 am

gustafn

Make use of new API "ad_mktmpdir" and "ad_opentmpfile" instead of "ad_tmpnam"

Options
    • -5
    • +3
    ./download-archive/index.vuh
  2. … 2 more files in changeset.
Sunday 27 Nov 2022
11:52 am

gustafn

Make use of new API "ad_mktmpdir" and "ad_opentmpfile" instead of "ad_tmpnam"

Options
    • -2
    • +1
    ./download-zip.tcl
    • -5
    • +3
    ./file-add.tcl
    • -3
    • +2
    ./folder-zip-add.tcl
  4. … 4 more files in changeset.
Saturday 22 Oct 2022
7:47 pm

gustafn

provided a helper proc to query the mapping of a generic icon name to a concrete

This function is necessary in boundary cases, where e.g. a display_template passes the generic

name of the icon via template variables which have to be

@-substituted before adp-tag resolution, which performs the

regular icon name mapping (otherwise, the tag resolver receives

e.g. ...name=@icon@...)

Options
    • -5
    • +5
    ./folder-chunk.tcl
  2. … 3 more files in changeset.
Thursday 20 Oct 2022
9:07 pm

gustafn

prefer adp:icon over old-style .gif images

Options
    • -7
    • +7
    ./folder-chunk.tcl
  2. … 2 more files in changeset.
Thursday 13 Oct 2022
12:21 pm

antoniop

Don't go to the cache to tell if a command is available

Options
    • -2
    • +2
    ./view/index.vuh
12:19 pm

antoniop

Don't go to the cache to tell if commands are available

Options
    • -2
    • +2
    ./file.tcl
    • -2
    • +2
    ./index.vuh
    • -3
    • +3
    ./download/index.vuh
12:15 pm

antoniop

Don't go to the cache to tell if the views package is installed

Options
    • -3
    • +4
    ./folder-chunk.tcl
Wednesday 24 Aug 2022
10:58 am

antoniop

Test the behavior of the file-storage when a malicious user would try to store a pre-existing file on the server as its own

The fix for the file-storage is a simple validation to make sure that the tmpfile exists, however, for the generic case of the file widget, we cannot trust the tmpfile value when this was not generated by the server. This will probably cause regression when one wants to show a "preview" of a form, to be continued.

Options
    • -1
    • +5
    ./file-add.tcl
  2. … 2 more files in changeset.