* The primary user is the upload stash. Both stashed originals and thumbnails can
be viewed through Special:UploadStash, which checks the appropriate permissions.
There is no need for direct web access.
* Note that the scaler URL has to point to something that does no authentication
checks since the HTTP GET has no cookie headers propagated. However the file
name is the URL is determined by us_path, which is not exposed to the author
but rather stored in the DB and linked by the file key. The author should only
know the key.
* Also changed getTempRepo() to set the thumb/transcoded zones to nest in
the base repo temp zone. This way, the temp and base repo do not conflict
as to whether a container might be private or not.
Change-Id: I403520053b2053094e5f90083b6375bc04c351f4
Also, the former will now throw an MWException if called with one or more
arguments.
* Removed hitcounters and associated code.
Also, the former will now throw an MWException if called with one or more
arguments.
* Removed hitcounters and associated code.
+* The "temp" zone of the upload respository is now considered private. If it
+ already exists (such as under the images/ directory), please make sure that
+ the directory is not web readable (e.g. via a .htaccess file).
/** @var string The URL of the repo's favicon, if any */
protected $favicon;
/** @var string The URL of the repo's favicon, if any */
protected $favicon;
+ /** @var bool Whether all zones should be private (e.g. private wiki repo) */
+ protected $isPrivate;
+
/**
* Factory functions for creating new files
* Override these in the base class
/**
* Factory functions for creating new files
* Override these in the base class
* @return string|bool
*/
public function getZoneUrl( $zone, $ext = null ) {
* @return string|bool
*/
public function getZoneUrl( $zone, $ext = null ) {
- if ( in_array( $zone, array( 'public', 'temp', 'thumb', 'transcoded' ) ) ) {
+ if ( in_array( $zone, array( 'public', 'thumb', 'transcoded' ) ) ) {
// standard public zones
if ( $ext !== null && isset( $this->zones[$zone]['urlsByExt'][$ext] ) ) {
// custom URL for extension/zone
// standard public zones
if ( $ext !== null && isset( $this->zones[$zone]['urlsByExt'][$ext] ) ) {
// custom URL for extension/zone
case 'public':
return $this->url;
case 'temp':
case 'public':
return $this->url;
case 'temp':
- return "{$this->url}/temp";
case 'deleted':
return false; // no public URL
case 'thumb':
case 'deleted':
return false; // no public URL
case 'thumb':
list( , $container, ) = FileBackend::splitStoragePath( $path );
$params = array( 'dir' => $path );
list( , $container, ) = FileBackend::splitStoragePath( $path );
$params = array( 'dir' => $path );
- if ( $this->isPrivate || $container === $this->zones['deleted']['container'] ) {
+ if ( $this->isPrivate
+ || $container === $this->zones['deleted']['container']
+ || $container === $this->zones['temp']['container']
+ ) {
# Take all available measures to prevent web accessibility of new deleted
# directories, in case the user has not configured offline storage
$params = array( 'noAccess' => true, 'noListing' => true ) + $params;
# Take all available measures to prevent web accessibility of new deleted
# directories, in case the user has not configured offline storage
$params = array( 'noAccess' => true, 'noListing' => true ) + $params;
- * Get an temporary FileRepo associated with this repo.
- * Files will be created in the temp zone of this repo and
- * thumbnails in a /temp subdirectory in thumb zone of this repo.
+ * Get a temporary private FileRepo associated with this repo.
+ *
+ * Files will be created in the temp zone of this repo.
* It will have the same backend as this repo.
*
* @return TempFileRepo
* It will have the same backend as this repo.
*
* @return TempFileRepo
'backend' => $this->backend,
'zones' => array(
'public' => array(
'backend' => $this->backend,
'zones' => array(
'public' => array(
+ // Same place storeTemp() uses in the base repo, though
+ // the path hashing is mismatched, which is annoying.
'container' => $this->zones['temp']['container'],
'directory' => $this->zones['temp']['directory']
),
'thumb' => array(
'container' => $this->zones['temp']['container'],
'directory' => $this->zones['temp']['directory']
),
'thumb' => array(
- 'container' => $this->zones['thumb']['container'],
- 'directory' => $this->zones['thumb']['directory'] == ''
- ? 'temp'
- : $this->zones['thumb']['directory'] . '/temp'
+ 'container' => $this->zones['temp']['container'],
+ 'directory' => $this->zones['temp']['directory'] == ''
+ ? 'thumb'
+ : $this->zones['temp']['directory'] . '/thumb'
),
'transcoded' => array(
),
'transcoded' => array(
- 'container' => $this->zones['transcoded']['container'],
- 'directory' => $this->zones['transcoded']['directory'] == ''
- ? 'temp'
- : $this->zones['transcoded']['directory'] . '/temp'
+ 'container' => $this->zones['temp']['container'],
+ 'directory' => $this->zones['temp']['directory'] == ''
+ ? 'transcoded'
+ : $this->zones['temp']['directory'] . '/transcoded'
- 'url' => $this->getZoneUrl( 'temp' ),
- 'thumbUrl' => $this->getZoneUrl( 'thumb' ) . '/temp',
- 'transcodedUrl' => $this->getZoneUrl( 'transcoded' ) . '/temp',
- 'hashLevels' => $this->hashLevels // performance
+ 'hashLevels' => $this->hashLevels, // performance
+ 'isPrivate' => true // all in temp zone