Feature/save signs (#2127)

* apply fix * Fixes empty th:action * Update build.gradle * fix * formatting * Save signatures * Fix code scanning alert no. 42: Uncontrolled data used in path expression Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fix UserServiceInterface * Merge branch 'feature/saveSigns' of git@github.com:Stirling-Tools/Stirling-PDF.git into feature/saveSigns * 0.31.0 bump and further csrf * formatting * preview name * add * sign doc * Update translation files (#2128) Signed-off-by: GitHub Action <action@github.com> Co-authored-by: GitHub Action <action@github.com> --------- Signed-off-by: GitHub Action <action@github.com> Co-authored-by: Dimitrios Kaitantzidis <james_k23@hotmail.gr> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: a <a> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: GitHub Action <action@github.com>
2024-10-30 12:46:44 +00:00
parent ed75fa4e1b
commit 27d2681a97
56 changed files with 741 additions and 44 deletions
--- a/src/main/java/stirling/software/SPDF/service/SignatureService.java
+++ b/src/main/java/stirling/software/SPDF/service/SignatureService.java
@@ -0,0 +1,100 @@
+package stirling.software.SPDF.service;
+
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.stream.Collectors;
+
+import org.springframework.stereotype.Service;
+import org.thymeleaf.util.StringUtils;
+
+import lombok.extern.slf4j.Slf4j;
+import stirling.software.SPDF.model.SignatureFile;
+
+@Service
+@Slf4j
+public class SignatureService {
+
+    private static final String SIGNATURE_BASE_PATH = "customFiles/signatures/";
+    private static final String ALL_USERS_FOLDER = "ALL_USERS";
+
+    public boolean hasAccessToFile(String username, String fileName) throws IOException {
+        validateFileName(fileName);
+        // Check if file exists in user's personal folder or ALL_USERS folder
+        Path userPath = Paths.get(SIGNATURE_BASE_PATH, username, fileName);
+        Path allUsersPath = Paths.get(SIGNATURE_BASE_PATH, ALL_USERS_FOLDER, fileName);
+
+        return Files.exists(userPath) || Files.exists(allUsersPath);
+    }
+
+    public List<SignatureFile> getAvailableSignatures(String username) {
+        List<SignatureFile> signatures = new ArrayList<>();
+
+        // Get signatures from user's personal folder
+        if (!StringUtils.isEmptyOrWhitespace(username)) {
+            Path userFolder = Paths.get(SIGNATURE_BASE_PATH, username);
+            if (Files.exists(userFolder)) {
+                try {
+                    signatures.addAll(getSignaturesFromFolder(userFolder, "Personal"));
+                } catch (IOException e) {
+                    log.error("Error reading user signatures folder", e);
+                }
+            }
+        }
+
+        // Get signatures from ALL_USERS folder
+        Path allUsersFolder = Paths.get(SIGNATURE_BASE_PATH, ALL_USERS_FOLDER);
+        if (Files.exists(allUsersFolder)) {
+            try {
+                signatures.addAll(getSignaturesFromFolder(allUsersFolder, "Shared"));
+            } catch (IOException e) {
+                log.error("Error reading shared signatures folder", e);
+            }
+        }
+
+        return signatures;
+    }
+
+    private List<SignatureFile> getSignaturesFromFolder(Path folder, String category)
+            throws IOException {
+        return Files.list(folder)
+                .filter(path -> isImageFile(path))
+                .map(path -> new SignatureFile(path.getFileName().toString(), category))
+                .collect(Collectors.toList());
+    }
+
+    public byte[] getSignatureBytes(String username, String fileName) throws IOException {
+        validateFileName(fileName);
+        // First try user's personal folder
+        Path userPath = Paths.get(SIGNATURE_BASE_PATH, username, fileName);
+        if (Files.exists(userPath)) {
+            return Files.readAllBytes(userPath);
+        }
+
+        // Then try ALL_USERS folder
+        Path allUsersPath = Paths.get(SIGNATURE_BASE_PATH, ALL_USERS_FOLDER, fileName);
+        if (Files.exists(allUsersPath)) {
+            return Files.readAllBytes(allUsersPath);
+        }
+
+        throw new FileNotFoundException("Signature file not found");
+    }
+
+    private boolean isImageFile(Path path) {
+        String fileName = path.getFileName().toString().toLowerCase();
+        return fileName.endsWith(".jpg")
+                || fileName.endsWith(".jpeg")
+                || fileName.endsWith(".png")
+                || fileName.endsWith(".gif");
+    }
+
+    private void validateFileName(String fileName) {
+        if (fileName.contains("..") || fileName.contains("/") || fileName.contains("\\")) {
+            throw new IllegalArgumentException("Invalid filename");
+        }
+    }
+}