mirror of
https://github.com/LBPUnion/ProjectLighthouse.git
synced 2025-05-14 05:42:27 +00:00
329ab66043
* Initial work for serialization refactor * Experiment with new naming conventions * Mostly implement user and slot serialization. Still needs to be fine tuned to match original implementation Many things are left in a broken state like website features/api endpoints/lbp3 categories * Fix release building * Migrate scores, reviews, and more to new serialization system. Many things are still broken but progress is steadily being made * Fix Api responses and migrate serialization for most types * Make serialization better and fix bugs Fix recursive PrepareSerialization when recursive item is set during root item's PrepareSerialization, items, should be properly indexed in order but it's only tested to 1 level of recursion * Fix review serialization * Fix user serialization producing malformed SQL query * Remove DefaultIfEmpty query * MariaDB doesn't like double nested queries * Fix LBP1 tag counter * Implement lbp3 categories and add better deserialization handling * Implement expression tree caching to speed up reflection and write new serializer tests * Remove Game column from UserEntity and rename DatabaseContextModelSnapshot.cs back to DatabaseModelSnapshot.cs * Make UserEntity username not required * Fix recursive serialization of lists and add relevant unit tests * Actually commit the migration * Fix LocationTests to use new deserialization class * Fix comments not serializing the right author username * Replace all occurrences of StatusCode with their respective ASP.NET named result instead of StatusCode(403) everything is now in the form of Forbid() * Fix SlotBase.ConvertToEntity and LocationTests * Fix compilation error * Give Location a default value in GameUserSlot and GameUser * Reimplement stubbed website functions * Convert grief reports to new serialization system * Update DatabaseModelSnapshot and bump dotnet tool version * Remove unused directives * Fix broken type reference * Fix rated comments on website * Don't include banned users in website comments * Optimize score submission * Fix slot id calculating in in-game comment posting * Move serialization interfaces to types folder and add more documentation * Allow uploading of versus scores
117 lines
No EOL
4.2 KiB
C#
117 lines
No EOL
4.2 KiB
C#
#nullable enable
|
|
using System.Buffers;
|
|
using System.IO.Pipelines;
|
|
using LBPUnion.ProjectLighthouse.Extensions;
|
|
using LBPUnion.ProjectLighthouse.Files;
|
|
using LBPUnion.ProjectLighthouse.Logging;
|
|
using LBPUnion.ProjectLighthouse.Servers.GameServer.Types.Misc;
|
|
using LBPUnion.ProjectLighthouse.Types.Logging;
|
|
using LBPUnion.ProjectLighthouse.Types.Resources;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using IOFile = System.IO.File;
|
|
|
|
namespace LBPUnion.ProjectLighthouse.Servers.GameServer.Controllers.Resources;
|
|
|
|
[ApiController]
|
|
[Authorize]
|
|
[Produces("text/xml")]
|
|
[Route("LITTLEBIGPLANETPS3_XML")]
|
|
public class ResourcesController : ControllerBase
|
|
{
|
|
|
|
[HttpPost("showModerated")]
|
|
public IActionResult ShowModerated() => this.Ok(new ResourceList());
|
|
|
|
[HttpPost("filterResources")]
|
|
[HttpPost("showNotUploaded")]
|
|
public async Task<IActionResult> FilterResources()
|
|
{
|
|
ResourceList? resourceList = await this.DeserializeBody<ResourceList>();
|
|
if (resourceList?.Resources == null) return this.BadRequest();
|
|
|
|
resourceList.Resources = resourceList.Resources.Where(r => !FileHelper.ResourceExists(r)).ToArray();
|
|
|
|
return this.Ok(resourceList);
|
|
}
|
|
|
|
[HttpGet("r/{hash}")]
|
|
public IActionResult GetResource(string hash)
|
|
{
|
|
string path = FileHelper.GetResourcePath(hash);
|
|
|
|
string fullPath = Path.GetFullPath(path);
|
|
|
|
// Prevent directory traversal attacks
|
|
if (!fullPath.StartsWith(FileHelper.FullResourcePath)) return this.BadRequest();
|
|
|
|
if (FileHelper.ResourceExists(hash)) return this.File(IOFile.OpenRead(path), "application/octet-stream");
|
|
|
|
return this.NotFound();
|
|
}
|
|
|
|
// TODO: check if this is a valid hash
|
|
[HttpPost("upload/{hash}/unattributed")]
|
|
[HttpPost("upload/{hash}")]
|
|
public async Task<IActionResult> UploadResource(string hash)
|
|
{
|
|
string assetsDirectory = FileHelper.ResourcePath;
|
|
string path = FileHelper.GetResourcePath(hash);
|
|
string fullPath = Path.GetFullPath(path);
|
|
|
|
FileHelper.EnsureDirectoryCreated(assetsDirectory);
|
|
// lbp treats code 409 as success and as an indicator that the file is already present
|
|
if (FileHelper.ResourceExists(hash)) return this.Conflict();
|
|
|
|
// theoretically shouldn't be possible because of hash check but handle anyways
|
|
if (!fullPath.StartsWith(FileHelper.FullResourcePath)) return this.BadRequest();
|
|
|
|
Logger.Info($"Processing resource upload (hash: {hash})", LogArea.Resources);
|
|
LbpFile file = new(await readFromPipeReader(this.Request.BodyReader));
|
|
|
|
if (!FileHelper.IsFileSafe(file))
|
|
{
|
|
Logger.Warn($"File is unsafe (hash: {hash}, type: {file.FileType})", LogArea.Resources);
|
|
return this.Conflict();
|
|
}
|
|
|
|
if (!FileHelper.AreDependenciesSafe(file))
|
|
{
|
|
Logger.Warn($"File has unsafe dependencies (hash: {hash}, type: {file.FileType}", LogArea.Resources);
|
|
return this.Conflict();
|
|
}
|
|
|
|
string calculatedHash = file.Hash;
|
|
if (calculatedHash != hash)
|
|
{
|
|
Logger.Warn
|
|
($"File hash does not match the uploaded file! (hash: {hash}, calculatedHash: {calculatedHash}, type: {file.FileType})", LogArea.Resources);
|
|
return this.Conflict();
|
|
}
|
|
|
|
Logger.Success($"File is OK! (hash: {hash}, type: {file.FileType})", LogArea.Resources);
|
|
await IOFile.WriteAllBytesAsync(path, file.Data);
|
|
return this.Ok();
|
|
}
|
|
|
|
// Written with reference from
|
|
// https://docs.microsoft.com/en-us/aspnet/core/fundamentals/middleware/request-response?view=aspnetcore-5.0
|
|
// Surprisingly doesn't take seconds. (67ms for a 100kb file)
|
|
private static async Task<byte[]> readFromPipeReader(PipeReader reader)
|
|
{
|
|
List<byte> data = new();
|
|
while (true)
|
|
{
|
|
ReadResult readResult = await reader.ReadAsync();
|
|
ReadOnlySequence<byte> buffer = readResult.Buffer;
|
|
|
|
if (readResult.IsCompleted && buffer.Length > 0) data.AddRange(buffer.ToArray());
|
|
|
|
reader.AdvanceTo(buffer.Start, buffer.End);
|
|
|
|
if (readResult.IsCompleted) break;
|
|
}
|
|
|
|
return data.ToArray();
|
|
}
|
|
} |