Storage: validation and sanitization stubs (#50523)

* add `IsPathValidationError` util to fs api * refactor storage.Upload method * remove unused struct * extract `RootUpload` constant * move file validation outside of the service * Make UploadErrorToStatusCode exported * validation/sanitization * refactor pathValidationError check * refactor, rename sanitize to transform * add a todo * refactor * transform -> sanitize * lint fix * #50608: fix jpg/jpeg Co-authored-by: Tania B <yalyna.ts@gmail.com> Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2025-02-25 18:55:37 -06:00 · 2022-06-15 12:32:29 +04:00
parent dfb0f6b1b8
commit cc4473faf3
6 changed files with 154 additions and 50 deletions
--- a/pkg/services/store/sanitize.go
+++ b/pkg/services/store/sanitize.go
@@ -0,0 +1,28 @@
+package store
+
+import (
+	"context"
+	"path/filepath"
+
+	"github.com/grafana/grafana/pkg/infra/filestorage"
+	"github.com/grafana/grafana/pkg/models"
+)
+
+func (s *standardStorageService) sanitizeUploadRequest(ctx context.Context, user *models.SignedInUser, req *UploadRequest, storagePath string) (*filestorage.UpsertFileCommand, error) {
+	if req.EntityType == EntityTypeImage {
+		ext := filepath.Ext(req.Path)
+		//nolint: staticcheck
+		if ext == ".svg" {
+			// TODO: sanitize svg
+		}
+	}
+
+	return &filestorage.UpsertFileCommand{
+		Path:               storagePath,
+		Contents:           req.Contents,
+		MimeType:           req.MimeType,
+		CacheControl:       req.CacheControl,
+		ContentDisposition: req.ContentDisposition,
+		Properties:         req.Properties,
+	}, nil
+}