feat: URL preview support

from upstream MR https://gitlab.com/famedly/conduit/-/merge_requests/347 with the following changes (so far): - remove hardcoded list of allowed hosts (strongly disagree with this, even if it is desired, it should not be harcoded) - add more allow config options for granularity via URL contains, host contains, and domain is (explicit match) for security - warn if a user is allowing all URLs to be previewed for security reasons - replace an expect with proper error handling - bump webpage to 2.0 - improved code style a tad Co-authored-by: rooot <hey@rooot.gay> Signed-off-by: rooot <hey@rooot.gay> Signed-off-by: strawberry <strawberry@puppygock.gay>
2024-02-09 23:16:06 -05:00 · 2024-02-09 23:16:06 -05:00 · c0dd5b1cc2
commit c0dd5b1cc2
parent 6f26be1c6e
13 changed files with 821 additions and 41 deletions
--- a/src/service/globals/mod.rs
+++ b/src/service/globals/mod.rs
@ -390,6 +390,18 @@ impl Service<'_> {
        &self.config.emergency_password
    }

+    pub fn url_preview_domain_contains_allowlist(&self) -> &Vec<String> {
+        &self.config.url_preview_domain_contains_allowlist
+    }
+
+    pub fn url_preview_domain_explicit_allowlist(&self) -> &Vec<String> {
+        &self.config.url_preview_domain_explicit_allowlist
+    }
+
+    pub fn url_preview_url_contains_allowlist(&self) -> &Vec<String> {
+        &self.config.url_preview_url_contains_allowlist
+    }
+
    pub fn forbidden_room_names(&self) -> &RegexSet {
        &self.config.forbidden_room_names
    }
--- a/src/service/media/data.rs
+++ b/src/service/media/data.rs
@ -17,4 +17,15 @@ pub trait Data: Send + Sync {
        width: u32,
        height: u32,
    ) -> Result<(Option<String>, Option<String>, Vec<u8>)>;
+
+    fn remove_url_preview(&self, url: &str) -> Result<()>;
+
+    fn set_url_preview(
+        &self,
+        url: &str,
+        data: &super::UrlPreviewData,
+        timestamp: std::time::Duration,
+    ) -> Result<()>;
+
+    fn get_url_preview(&self, url: &str) -> Option<super::UrlPreviewData>;
 }
--- a/src/service/media/mod.rs
+++ b/src/service/media/mod.rs
@ -1,7 +1,13 @@
 mod data;
-use std::io::Cursor;
+use std::{
+    collections::HashMap,
+    io::Cursor,
+    sync::{Arc, RwLock},
+    time::SystemTime,
+};

 pub(crate) use data::Data;
+use serde::Serialize;

 use crate::{services, Result};
 use image::imageops::FilterType;
@ -9,6 +15,7 @@ use image::imageops::FilterType;
 use tokio::{
    fs::File,
    io::{AsyncReadExt, AsyncWriteExt, BufReader},
+    sync::Mutex,
 };

 pub struct FileMeta {
@ -17,8 +24,43 @@ pub struct FileMeta {
    pub file: Vec<u8>,
 }

+#[derive(Serialize, Default)]
+pub struct UrlPreviewData {
+    #[serde(
+        skip_serializing_if = "Option::is_none",
+        rename(serialize = "og:title")
+    )]
+    pub title: Option<String>,
+    #[serde(
+        skip_serializing_if = "Option::is_none",
+        rename(serialize = "og:description")
+    )]
+    pub description: Option<String>,
+    #[serde(
+        skip_serializing_if = "Option::is_none",
+        rename(serialize = "og:image")
+    )]
+    pub image: Option<String>,
+    #[serde(
+        skip_serializing_if = "Option::is_none",
+        rename(serialize = "matrix:image:size")
+    )]
+    pub image_size: Option<usize>,
+    #[serde(
+        skip_serializing_if = "Option::is_none",
+        rename(serialize = "og:image:width")
+    )]
+    pub image_width: Option<u32>,
+    #[serde(
+        skip_serializing_if = "Option::is_none",
+        rename(serialize = "og:image:height")
+    )]
+    pub image_height: Option<u32>,
+}
+
 pub struct Service {
    pub db: &'static dyn Data,
+    pub url_preview_mutex: RwLock<HashMap<String, Arc<Mutex<()>>>>,
 }

 impl Service {
@ -260,6 +302,22 @@ impl Service {
            Ok(None)
        }
    }
+
+    pub async fn get_url_preview(&self, url: &str) -> Option<UrlPreviewData> {
+        self.db.get_url_preview(url)
+    }
+
+    pub async fn remove_url_preview(&self, url: &str) -> Result<()> {
+        // TODO: also remove the downloaded image
+        self.db.remove_url_preview(url)
+    }
+
+    pub async fn set_url_preview(&self, url: &str, data: &UrlPreviewData) -> Result<()> {
+        let now = SystemTime::now()
+            .duration_since(SystemTime::UNIX_EPOCH)
+            .expect("valid system time");
+        self.db.set_url_preview(url, data, now)
+    }
 }

 #[cfg(test)]
--- a/src/service/mod.rs
+++ b/src/service/mod.rs
@ -1,6 +1,6 @@
 use std::{
    collections::{BTreeMap, HashMap},
-    sync::{Arc, Mutex},
+    sync::{Arc, Mutex, RwLock},
 };

 use lru_cache::LruCache;
@ -114,7 +114,10 @@ impl Services<'_> {
            account_data: account_data::Service { db },
            admin: admin::Service::build(),
            key_backups: key_backups::Service { db },
-            media: media::Service { db },
+            media: media::Service {
+                db,
+                url_preview_mutex: RwLock::new(HashMap::new()),
+            },
            sending: sending::Service::build(db, &config),

            globals: globals::Service::load(db, config)?,