feat: #9005, use timestamp in profile/cover images

delete current one if keepAllUserImages is turned off fix typo in data
NodeBB · Dec 2, 2020 · 5f0f476 · 5f0f476
1 parent 42b23a3
commit 5f0f476
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 7 deletions.
diff --git a/public/openapi/read/user/userslug/edit.yaml b/public/openapi/read/user/userslug/edit.yaml
@@ -31,7 +31,7 @@ get:
                     type: boolean
                   allowProfileImageUploads:
                     type: number
-                  allowedProfileImageExtensios:
+                  allowedProfileImageExtensions:
                     type: string
                   allowMultipleBadges:
                     type: boolean

diff --git a/public/src/client/account/edit.js b/public/src/client/account/edit.js
@@ -235,7 +235,7 @@ define('forum/account/edit', [
 				allowSkippingCrop: false,
 				title: '[[user:upload_picture]]',
 				description: '[[user:upload_a_picture]]',
-				accept: ajaxify.data.allowedProfileImageExtensios,
+				accept: ajaxify.data.allowedProfileImageExtensions,
 			}, function (url) {
 				onUploadComplete(url);
 			});

diff --git a/src/controllers/accounts/edit.js b/src/controllers/accounts/edit.js
@@ -24,7 +24,7 @@ editController.get = async function (req, res, next) {
 	userData.allowProfilePicture = !userData.isSelf || !!meta.config['reputation:disabled'] || userData.reputation >= meta.config['min:rep:profile-picture'];
 	userData.allowCoverPicture = !userData.isSelf || !!meta.config['reputation:disabled'] || userData.reputation >= meta.config['min:rep:cover-picture'];
 	userData.allowProfileImageUploads = meta.config.allowProfileImageUploads;
-	userData.allowedProfileImageExtensios = user.getAllowedProfileImageExtensions().map(ext => '.' + ext).join(', ');
+	userData.allowedProfileImageExtensions = user.getAllowedProfileImageExtensions().map(ext => '.' + ext).join(', ');
 	userData.allowMultipleBadges = meta.config.allowMultipleBadges === 1;
 	userData.allowAccountDelete = meta.config.allowAccountDelete === 1;
 	userData.allowWebsite = !userData.isSelf || !!meta.config['reputation:disabled'] || userData.reputation >= meta.config['min:rep:website'];

diff --git a/src/user/picture.js b/src/user/picture.js
@@ -2,6 +2,8 @@
 
 const winston = require('winston');
 const mime = require('mime');
+const path = require('path');
+const nconf = require('nconf');
 
 const db = require('../database');
 const file = require('../file');
@@ -11,7 +13,11 @@ const plugins = require('../plugins');
 
 module.exports = function (User) {
 	User.getAllowedProfileImageExtensions = function () {
-		return User.getAllowedImageTypes().map(type => mime.getExtension(type));
+		const exts = User.getAllowedImageTypes().map(type => mime.getExtension(type));
+		if (exts.includes('jpeg')) {
+			exts.push('jpg');
+		}
+		return exts;
 	};
 
 	User.getAllowedImageTypes = function () {
@@ -48,9 +54,10 @@ module.exports = function (User) {
 			picture.path = await image.writeImageDataToTempFile(data.imageData);
 
 			const extension = file.typeToExtension(image.mimeFromBase64(data.imageData));
-			const filename = data.uid + '-profilecover' + extension;
+			const filename = data.uid + '-profilecover-' + Date.now() + extension;
 			const uploadData = await image.uploadImage(filename, 'profile', picture);
 
+			await deleteCurrentPicture(data.uid, 'cover:url');
 			await User.setUserField(data.uid, 'cover:url', uploadData.url);
 
 			if (data.position) {
@@ -100,6 +107,7 @@ module.exports = function (User) {
 			name: 'profileAvatar',
 		});
 
+		await deleteCurrentPicture(data.uid, 'uploadedpicture');
 		await User.setUserFields(data.uid, {
 			uploadedpicture: uploadedImage.url,
 			picture: uploadedImage.url,
@@ -138,6 +146,7 @@ module.exports = function (User) {
 			const filename = generateProfileImageFilename(data.uid, extension);
 			const uploadedImage = await image.uploadImage(filename, 'profile', picture);
 
+			await deleteCurrentPicture(data.uid, 'uploadedpicture');
 			await User.setUserFields(data.uid, {
 				uploadedpicture: uploadedImage.url,
 				picture: uploadedImage.url,
@@ -148,6 +157,18 @@ module.exports = function (User) {
 		}
 	};
 
+	async function deleteCurrentPicture(uid, field) {
+		if (meta.config['profile:keepAllUserImages']) {
+			return;
+		}
+		const value = await User.getUserField(uid, field);
+		if (value && value.startsWith('/assets/uploads/profile/')) {
+			const filename = value.split('/').pop();
+			const uploadPath = path.join(nconf.get('upload_path'), 'profile', filename);
+			await file.delete(uploadPath);
+		}
+	}
+
 	function validateUpload(data, maxSize, allowedTypes) {
 		if (!data.imageData) {
 			throw new Error('[[error:invalid-data]]');
@@ -174,9 +195,8 @@ module.exports = function (User) {
 	}
 
 	function generateProfileImageFilename(uid, extension) {
-		const keepAllVersions = meta.config['profile:keepAllUserImages'] === 1;
 		const convertToPNG = meta.config['profile:convertProfileImageToPNG'] === 1;
-		return uid + '-profileavatar' + (keepAllVersions ? '-' + Date.now() : '') + (convertToPNG ? '.png' : extension);
+		return uid + '-profileavatar-' + Date.now() + (convertToPNG ? '.png' : extension);
 	}
 
 	User.removeCoverPicture = async function (data) {