diff options
Diffstat (limited to 'app/Controllers/Http')
-rw-r--r-- | app/Controllers/Http/ServiceController.js | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/app/Controllers/Http/ServiceController.js b/app/Controllers/Http/ServiceController.js index 3d10cb4..1be0484 100644 --- a/app/Controllers/Http/ServiceController.js +++ b/app/Controllers/Http/ServiceController.js | |||
@@ -6,6 +6,7 @@ const Helpers = use('Helpers'); | |||
6 | const { v4: uuid } = require('uuid'); | 6 | const { v4: uuid } = require('uuid'); |
7 | const path = require('path'); | 7 | const path = require('path'); |
8 | const fs = require('fs-extra'); | 8 | const fs = require('fs-extra'); |
9 | const sanitize = require('sanitize-filename'); | ||
9 | 10 | ||
10 | class ServiceController { | 11 | class ServiceController { |
11 | // Create a new service for user | 12 | // Create a new service for user |
@@ -231,10 +232,21 @@ class ServiceController { | |||
231 | } | 232 | } |
232 | 233 | ||
233 | async icon({ params, response }) { | 234 | async icon({ params, response }) { |
234 | const { id } = params; | 235 | let { id } = params; |
236 | |||
237 | id = sanitize(id); | ||
238 | if (id === '') { | ||
239 | return response.status(404).send({ | ||
240 | status: "Icon doesn't exist", | ||
241 | }); | ||
242 | } | ||
235 | 243 | ||
236 | const iconPath = path.join(Helpers.tmpPath('uploads'), id); | 244 | const iconPath = path.join(Helpers.tmpPath('uploads'), id); |
237 | if (!(await fs.exists(iconPath))) { | 245 | |
246 | try { | ||
247 | await fs.access(iconPath); | ||
248 | } catch { | ||
249 | // File not available. | ||
238 | return response.status(404).send({ | 250 | return response.status(404).send({ |
239 | status: "Icon doesn't exist", | 251 | status: "Icon doesn't exist", |
240 | }); | 252 | }); |