linting
This commit is contained in:
Stephan D
@@ -2,6 +2,7 @@ package docstore
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
@@ -36,8 +37,12 @@ func (s *LocalStore) Save(ctx context.Context, key string, data []byte) error {
|
||||
return err
|
||||
}
|
||||
|
||||
path := filepath.Join(s.rootPath, filepath.Clean(key))
|
||||
if err := os.MkdirAll(filepath.Dir(path), 0o755); err != nil {
|
||||
path, err := resolveStoragePath(s.rootPath, key)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := os.MkdirAll(filepath.Dir(path), 0o750); err != nil {
|
||||
s.logger.Warn("Failed to create document directory", zap.Error(err), zap.String("path", path))
|
||||
|
||||
return err
|
||||
@@ -56,8 +61,12 @@ func (s *LocalStore) Load(ctx context.Context, key string) ([]byte, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
path := filepath.Join(s.rootPath, filepath.Clean(key))
|
||||
path, err := resolveStoragePath(s.rootPath, key)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
//nolint:gosec // path is constrained by resolveStoragePath to stay within configured root.
|
||||
data, err := os.ReadFile(path)
|
||||
if err != nil {
|
||||
s.logger.Warn("Failed to read document file", zap.Error(err), zap.String("path", path))
|
||||
@@ -69,3 +78,32 @@ func (s *LocalStore) Load(ctx context.Context, key string) ([]byte, error) {
|
||||
}
|
||||
|
||||
var _ Store = (*LocalStore)(nil)
|
||||
|
||||
func resolveStoragePath(rootPath string, key string) (string, error) {
|
||||
cleanKey := filepath.Clean(strings.TrimSpace(key))
|
||||
if cleanKey == "" || cleanKey == "." {
|
||||
return "", merrors.InvalidArgument("docstore: key is required")
|
||||
}
|
||||
|
||||
if filepath.IsAbs(cleanKey) {
|
||||
return "", merrors.InvalidArgument("docstore: absolute keys are not allowed")
|
||||
}
|
||||
|
||||
rootAbs, err := filepath.Abs(rootPath)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("resolve local store root: %w", err)
|
||||
}
|
||||
|
||||
path := filepath.Join(rootAbs, cleanKey)
|
||||
pathAbs, err := filepath.Abs(path)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("resolve local store path: %w", err)
|
||||
}
|
||||
|
||||
prefix := rootAbs + string(filepath.Separator)
|
||||
if pathAbs != rootAbs && !strings.HasPrefix(pathAbs, prefix) {
|
||||
return "", merrors.InvalidArgument("docstore: key escapes root path")
|
||||
}
|
||||
|
||||
return pathAbs, nil
|
||||
}
|
||||
|
||||
@@ -124,7 +124,11 @@ func (s *S3Store) Load(ctx context.Context, key string) ([]byte, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
defer obj.Body.Close()
|
||||
defer func() {
|
||||
if closeErr := obj.Body.Close(); closeErr != nil {
|
||||
s.logger.Warn("Failed to close document body", zap.Error(closeErr), zap.String("key", key))
|
||||
}
|
||||
}()
|
||||
|
||||
return io.ReadAll(obj.Body)
|
||||
}
|
||||
|
||||
@@ -247,12 +247,6 @@ func (s *Service) startDiscoveryAnnouncer() {
|
||||
s.announcer.Start()
|
||||
}
|
||||
|
||||
type serviceError string
|
||||
|
||||
func (e serviceError) Error() string {
|
||||
return string(e)
|
||||
}
|
||||
|
||||
func (s *Service) generateActPDF(snapshot model.ActSnapshot) ([]byte, string, error) {
|
||||
blocks, err := s.template.Render(snapshot)
|
||||
if err != nil {
|
||||
|
||||
@@ -54,34 +54,6 @@ func (s *stubDocumentsStore) ListByPaymentRefs(_ context.Context, _ []string) ([
|
||||
|
||||
var _ storage.DocumentsStore = (*stubDocumentsStore)(nil)
|
||||
|
||||
type memDocStore struct {
|
||||
data map[string][]byte
|
||||
saveCount int
|
||||
loadCount int
|
||||
}
|
||||
|
||||
func (m *memDocStore) Save(_ context.Context, key string, data []byte) error {
|
||||
m.saveCount++
|
||||
copyData := make([]byte, len(data))
|
||||
copy(copyData, data)
|
||||
m.data[key] = copyData
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *memDocStore) Load(_ context.Context, key string) ([]byte, error) {
|
||||
m.loadCount++
|
||||
data := m.data[key]
|
||||
copyData := make([]byte, len(data))
|
||||
copy(copyData, data)
|
||||
|
||||
return copyData, nil
|
||||
}
|
||||
|
||||
func (m *memDocStore) Counts() (int, int) {
|
||||
return m.saveCount, m.loadCount
|
||||
}
|
||||
|
||||
type stubTemplate struct {
|
||||
blocks []renderer.Block
|
||||
calls int
|
||||
|
||||
@@ -24,6 +24,7 @@ type acceptanceTemplateData struct {
|
||||
}
|
||||
|
||||
func newTemplateRenderer(path string) (*templateRenderer, error) {
|
||||
//nolint:gosec // template file path is provided by trusted service configuration.
|
||||
data, err := os.ReadFile(path)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("read template: %w", err)
|
||||
|
||||
Reference in New Issue
Block a user