From 46c4505522fee4ff03dd4e5729a32a9ba12f1ad8 Mon Sep 17 00:00:00 2001 From: saasfreelancer Date: Sun, 21 Jun 2020 14:45:26 +0500 Subject: [PATCH 1/3] uniquely identify each package type In rare situations, if you have theme / plugin with same slug, it can cause issue, which is saved / generated later will overwrite the existing package (specially if version is same). So this patch will try to avoid such situations. --- src/Provider/RewriteRules.php | 4 ++-- src/Release.php | 20 +++++++++++++++---- src/Route/Download.php | 14 ++++++++++++- .../ComposerPackageTransformer.php | 2 ++ 4 files changed, 33 insertions(+), 7 deletions(-) diff --git a/src/Provider/RewriteRules.php b/src/Provider/RewriteRules.php index 618cc70..c589083 100644 --- a/src/Provider/RewriteRules.php +++ b/src/Provider/RewriteRules.php @@ -61,8 +61,8 @@ public function register_rewrite_rules() { // Don't add a file extension. Some servers don't route file extensions // through WordPress' front controller. add_rewrite_rule( - 'satispress/([^/]+)(/([^/]+))?$', - 'index.php?satispress_route=download&satispress_params[slug]=$matches[1]&satispress_params[version]=$matches[3]', + 'satispress/([^/]+)(/([^/]+))(/([^/]+))?$', + 'index.php?satispress_route=download&satispress_params[slug]=$matches[3]&satispress_params[version]=$matches[5]&satispress_params[type]=$matches[1]', 'top' ); } diff --git a/src/Release.php b/src/Release.php index 230c847..ffff351 100644 --- a/src/Release.php +++ b/src/Release.php @@ -62,9 +62,14 @@ public function __construct( Package $package, string $version, string $source_u * @return string */ public function get_download_url( array $args = [] ): string { + + // un-prefix the package type + $package_type = str_replace( 'wordpress-', '', $this->get_package()->get_type() ); + $url = sprintf( - '/satispress/%s/%s', - $this->get_package()->get_slug(), + '/satispress/%s/%s/%s', + $package_type, + $this->get_package()->get_slug(), $this->get_version() ); @@ -79,11 +84,18 @@ public function get_download_url( array $args = [] ): string { * @return string */ public function get_file_path(): string { - return sprintf( - '%1$s/%2$s', + + // un-prefix the package type + $package_type = str_replace( 'wordpress-', '', $this->get_package()->get_type() ); + + $path = sprintf( + '%1$s/%2$s/%3$s', + $package_type, $this->get_package()->get_slug(), $this->get_file() ); + + return $path; } /** diff --git a/src/Route/Download.php b/src/Route/Download.php index a936b29..91e9026 100644 --- a/src/Route/Download.php +++ b/src/Route/Download.php @@ -48,6 +48,13 @@ class Download implements Route { */ const PACKAGE_VERSION_REGEX = '/[^0-9a-z.-]+/i'; + /** + * Regex for sanitizing package package type. + * + * @var string + */ + const PACKAGE_TYPE_REGEX = '/[^A-Za-z0-9._\-]+/i'; + /** * Release manager. * @@ -103,7 +110,12 @@ public function handle( Request $request ): Response { $version = preg_replace( self::PACKAGE_VERSION_REGEX, '', $request['version'] ); } - $package = $this->repository->first_where( [ 'slug' => $slug ] ); + $type = ''; + if ( ! empty( $request['type'] ) ) { + $type = preg_replace( self::PACKAGE_TYPE_REGEX, '', $request['type'] ); + } + + $package = $this->repository->first_where( [ 'slug' => $slug, 'type' => $type ] ); // Send a 404 response if the package doesn't exist. if ( ! $package instanceof Package ) { diff --git a/src/Transformer/ComposerPackageTransformer.php b/src/Transformer/ComposerPackageTransformer.php index 0e8aab9..7bc8627 100644 --- a/src/Transformer/ComposerPackageTransformer.php +++ b/src/Transformer/ComposerPackageTransformer.php @@ -62,6 +62,8 @@ public function transform( Package $package ) { $builder = $this->factory->create( 'composer' )->with_package( $package ); $vendor = apply_filters( 'satispress_vendor', 'satispress' ); + $vendor = $vendor. '-' . $package->get_type(); + $name = $this->normalize_package_name( $package->get_slug() ); $builder->set_name( $vendor . '/' . $name ); From d05da24d35306c840f7cb548aec0123dd67c9292 Mon Sep 17 00:00:00 2001 From: saasfreelancer Date: Sun, 21 Jun 2020 14:46:35 +0500 Subject: [PATCH 2/3] ignore windows file path warning, which fails the download. on windows / wamp server, this throws the issue if file is downloaded directly from dashboard, so this workaround allows for proper download --- src/HTTP/ResponseBody/FileBody.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/HTTP/ResponseBody/FileBody.php b/src/HTTP/ResponseBody/FileBody.php index a2a4eed..7d429ba 100644 --- a/src/HTTP/ResponseBody/FileBody.php +++ b/src/HTTP/ResponseBody/FileBody.php @@ -35,7 +35,18 @@ class FileBody implements ResponseBody { * @throws InvalidFileName If the file name fails validation. */ public function __construct( string $filename ) { + $result = validate_file( $filename ); + + // if windows file path is found, ignore in + // in case wamp or such server is used + if ( 2 === $result ) { + $result = 0; + + // normalize windows file path + $filename = wp_normalize_path( $filename ); + } + if ( 0 !== $result ) { throw InvalidFileName::withValidationCode( $filename, $result ); } From a67e6a475b7a908d73043d40bfda1d91dd6e3af7 Mon Sep 17 00:00:00 2001 From: saasfreelancer Date: Mon, 22 Jun 2020 16:47:30 +0500 Subject: [PATCH 3/3] refactor formating issues. --- src/HTTP/ResponseBody/FileBody.php | 1 - src/Release.php | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/HTTP/ResponseBody/FileBody.php b/src/HTTP/ResponseBody/FileBody.php index 7d429ba..8ddd1d4 100644 --- a/src/HTTP/ResponseBody/FileBody.php +++ b/src/HTTP/ResponseBody/FileBody.php @@ -35,7 +35,6 @@ class FileBody implements ResponseBody { * @throws InvalidFileName If the file name fails validation. */ public function __construct( string $filename ) { - $result = validate_file( $filename ); // if windows file path is found, ignore in diff --git a/src/Release.php b/src/Release.php index ffff351..3ccc410 100644 --- a/src/Release.php +++ b/src/Release.php @@ -69,7 +69,7 @@ public function get_download_url( array $args = [] ): string { $url = sprintf( '/satispress/%s/%s/%s', $package_type, - $this->get_package()->get_slug(), + $this->get_package()->get_slug(), $this->get_version() );