xref: /webtrees/app/Factories/ImageFactory.php (revision f78da6783564bad54411db0835818007bfdbaec8)
1<?php
2
3/**
4 * webtrees: online genealogy
5 * Copyright (C) 2021 webtrees development team
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18declare(strict_types=1);
19
20namespace Fisharebest\Webtrees\Factories;
21
22use Fig\Http\Message\StatusCodeInterface;
23use Fisharebest\Webtrees\Auth;
24use Fisharebest\Webtrees\Contracts\ImageFactoryInterface;
25use Fisharebest\Webtrees\Contracts\UserInterface;
26use Fisharebest\Webtrees\MediaFile;
27use Fisharebest\Webtrees\Mime;
28use Fisharebest\Webtrees\Registry;
29use Fisharebest\Webtrees\Webtrees;
30use Imagick;
31use Intervention\Image\Constraint;
32use Intervention\Image\Exception\NotReadableException;
33use Intervention\Image\Exception\NotSupportedException;
34use Intervention\Image\Image;
35use Intervention\Image\ImageManager;
36use League\Flysystem\FilesystemException;
37use League\Flysystem\FilesystemOperator;
38use League\Flysystem\UnableToReadFile;
39use League\Flysystem\UnableToRetrieveMetadata;
40use Psr\Http\Message\ResponseInterface;
41use RuntimeException;
42use Throwable;
43
44use function addcslashes;
45use function basename;
46use function extension_loaded;
47use function get_class;
48use function implode;
49use function pathinfo;
50use function response;
51use function str_contains;
52use function view;
53
54use const PATHINFO_EXTENSION;
55
56/**
57 * Make an image (from another image).
58 */
59class ImageFactory implements ImageFactoryInterface
60{
61    // Imagick can detect the quality setting for images.  GD cannot.
62    protected const GD_DEFAULT_IMAGE_QUALITY     = 90;
63    protected const GD_DEFAULT_THUMBNAIL_QUALITY = 70;
64
65    protected const WATERMARK_FILE = 'resources/img/watermark.png';
66
67    protected const THUMBNAIL_CACHE_TTL = 8640000;
68
69    protected const INTERVENTION_DRIVERS = ['imagick', 'gd'];
70
71    protected const INTERVENTION_FORMATS = [
72        'image/jpeg' => 'jpg',
73        'image/png'  => 'png',
74        'image/gif'  => 'gif',
75        'image/tiff' => 'tif',
76        'image/bmp'  => 'bmp',
77        'image/webp' => 'webp',
78    ];
79
80    /**
81     * Send the original file - either inline or as a download.
82     *
83     * @param FilesystemOperator $filesystem
84     * @param string             $path
85     * @param bool               $download
86     *
87     * @return ResponseInterface
88     */
89    public function fileResponse(FilesystemOperator $filesystem, string $path, bool $download): ResponseInterface
90    {
91        try {
92            try {
93                $mime_type = $filesystem->mimeType($path);
94            } catch (UnableToRetrieveMetadata $ex) {
95                $mime_type = Mime::DEFAULT_TYPE;
96            }
97
98            $filename = $download ? addcslashes(basename($path), '"') : '';
99
100            return $this->imageResponse($filesystem->read($path), $mime_type, $filename);
101        } catch (UnableToReadFile | FilesystemException $ex) {
102            return $this->replacementImageResponse((string) StatusCodeInterface::STATUS_NOT_FOUND);
103        }
104    }
105
106    /**
107     * Send a thumbnail.
108     *
109     * @param FilesystemOperator $filesystem
110     * @param string             $path
111     * @param int                $width
112     * @param int                $height
113     * @param string             $fit
114     *
115     *
116     * @return ResponseInterface
117     */
118    public function thumbnailResponse(
119        FilesystemOperator $filesystem,
120        string $path,
121        int $width,
122        int $height,
123        string $fit
124    ): ResponseInterface {
125        try {
126            $image = $this->imageManager()->make($filesystem->readStream($path));
127            $image = $this->autorotateImage($image);
128            $image = $this->resizeImage($image, $width, $height, $fit);
129
130            $format  = static::INTERVENTION_FORMATS[$image->mime()] ?? 'jpg';
131            $quality = $this->extractImageQuality($image, static::GD_DEFAULT_THUMBNAIL_QUALITY);
132            $data    = (string) $image->encode($format, $quality);
133
134            return $this->imageResponse($data, $image->mime(), '');
135        } catch (NotReadableException $ex) {
136            return $this->replacementImageResponse('.' . pathinfo($path, PATHINFO_EXTENSION))
137                ->withHeader('X-Thumbnail-Exception', get_class($ex) . ': ' . $ex->getMessage());
138        } catch (FilesystemException | UnableToReadFile $ex) {
139            return $this->replacementImageResponse((string) StatusCodeInterface::STATUS_NOT_FOUND);
140        } catch (Throwable $ex) {
141            return $this->replacementImageResponse((string) StatusCodeInterface::STATUS_INTERNAL_SERVER_ERROR)
142                ->withHeader('X-Thumbnail-Exception', get_class($ex) . ': ' . $ex->getMessage());
143        }
144    }
145
146    /**
147     * Create a full-size version of an image.
148     *
149     * @param MediaFile $media_file
150     * @param bool      $add_watermark
151     * @param bool      $download
152     *
153     * @return ResponseInterface
154     */
155    public function mediaFileResponse(MediaFile $media_file, bool $add_watermark, bool $download): ResponseInterface
156    {
157        $filesystem = Registry::filesystem()->media($media_file->media()->tree());
158        $path   = $media_file->filename();
159
160        if (!$add_watermark || !$media_file->isImage()) {
161            return $this->fileResponse($filesystem, $path, $download);
162        }
163
164        try {
165            $image     = $this->imageManager()->make($filesystem->readStream($path));
166            $image     = $this->autorotateImage($image);
167            $watermark = $this->createWatermark($image->width(), $image->height(), $media_file);
168            $image     = $this->addWatermark($image, $watermark);
169            $filename  = $download ? basename($path) : '';
170            $format    = static::INTERVENTION_FORMATS[$image->mime()] ?? 'jpg';
171            $quality   = $this->extractImageQuality($image, static::GD_DEFAULT_IMAGE_QUALITY);
172            $data      = (string) $image->encode($format, $quality);
173
174            return $this->imageResponse($data, $image->mime(), $filename);
175        } catch (NotReadableException $ex) {
176            return $this->replacementImageResponse(pathinfo($path, PATHINFO_EXTENSION))
177                ->withHeader('X-Image-Exception', $ex->getMessage());
178        } catch (FilesystemException | UnableToReadFile $ex) {
179            return $this->replacementImageResponse((string) StatusCodeInterface::STATUS_NOT_FOUND);
180        } catch (Throwable $ex) {
181            return $this->replacementImageResponse((string) StatusCodeInterface::STATUS_INTERNAL_SERVER_ERROR)
182                ->withHeader('X-Image-Exception', $ex->getMessage());
183        }
184    }
185
186    /**
187     * Create a smaller version of an image.
188     *
189     * @param MediaFile $media_file
190     * @param int       $width
191     * @param int       $height
192     * @param string    $fit
193     * @param bool      $add_watermark
194     *
195     * @return ResponseInterface
196     */
197    public function mediaFileThumbnailResponse(
198        MediaFile $media_file,
199        int $width,
200        int $height,
201        string $fit,
202        bool $add_watermark
203    ): ResponseInterface {
204        // Where are the images stored.
205        $filesystem = Registry::filesystem()->media($media_file->media()->tree());
206
207        // Where is the image stored in the filesystem.
208        $path = $media_file->filename();
209
210        try {
211            $mime_type = $filesystem->mimeType($path);
212
213            $key = implode(':', [
214                $media_file->media()->tree()->name(),
215                $path,
216                $filesystem->lastModified($path),
217                (string) $width,
218                (string) $height,
219                $fit,
220                (string) $add_watermark,
221            ]);
222
223            $closure = function () use ($filesystem, $path, $width, $height, $fit, $add_watermark, $media_file): string {
224                $image = $this->imageManager()->make($filesystem->readStream($path));
225                $image = $this->autorotateImage($image);
226                $image = $this->resizeImage($image, $width, $height, $fit);
227
228                if ($add_watermark) {
229                    $watermark = $this->createWatermark($image->width(), $image->height(), $media_file);
230                    $image     = $this->addWatermark($image, $watermark);
231                }
232
233                $format  = static::INTERVENTION_FORMATS[$image->mime()] ?? 'jpg';
234                $quality = $this->extractImageQuality($image, static::GD_DEFAULT_THUMBNAIL_QUALITY);
235
236                return (string) $image->encode($format, $quality);
237            };
238
239            // Images and Responses both contain resources - which cannot be serialized.
240            // So cache the raw image data.
241            $data = Registry::cache()->file()->remember($key, $closure, static::THUMBNAIL_CACHE_TTL);
242
243            return $this->imageResponse($data, $mime_type, '');
244        } catch (NotReadableException $ex) {
245            return $this->replacementImageResponse('.' . pathinfo($path, PATHINFO_EXTENSION))
246                ->withHeader('X-Thumbnail-Exception', get_class($ex) . ': ' . $ex->getMessage());
247        } catch (FilesystemException | UnableToReadFile $ex) {
248            return $this->replacementImageResponse((string) StatusCodeInterface::STATUS_NOT_FOUND);
249        } catch (Throwable $ex) {
250            return $this->replacementImageResponse((string) StatusCodeInterface::STATUS_INTERNAL_SERVER_ERROR)
251                ->withHeader('X-Thumbnail-Exception', get_class($ex) . ': ' . $ex->getMessage());
252        }
253    }
254
255    /**
256     * Does a full-sized image need a watermark?
257     *
258     * @param MediaFile     $media_file
259     * @param UserInterface $user
260     *
261     * @return bool
262     */
263    public function fileNeedsWatermark(MediaFile $media_file, UserInterface $user): bool
264    {
265        $tree = $media_file->media()->tree();
266
267        return Auth::accessLevel($tree, $user) > $tree->getPreference('SHOW_NO_WATERMARK');
268    }
269
270    /**
271     * Does a thumbnail image need a watermark?
272     *
273     * @param MediaFile     $media_file
274     * @param UserInterface $user
275     *
276     * @return bool
277     */
278    public function thumbnailNeedsWatermark(MediaFile $media_file, UserInterface $user): bool
279    {
280        return $this->fileNeedsWatermark($media_file, $user);
281    }
282
283    /**
284     * Create a watermark image, perhaps specific to a media-file.
285     *
286     * @param int       $width
287     * @param int       $height
288     * @param MediaFile $media_file
289     *
290     * @return Image
291     */
292    public function createWatermark(int $width, int $height, MediaFile $media_file): Image
293    {
294        return $this->imageManager()
295            ->make(Webtrees::ROOT_DIR . static::WATERMARK_FILE)
296            ->resize($width, $height, static function (Constraint $constraint) {
297                $constraint->aspectRatio();
298            });
299    }
300
301    /**
302     * Add a watermark to an image.
303     *
304     * @param Image $image
305     * @param Image $watermark
306     *
307     * @return Image
308     */
309    public function addWatermark(Image $image, Image $watermark): Image
310    {
311        return $image->insert($watermark, 'center');
312    }
313
314    /**
315     * Send a replacement image, to replace one that could not be found or created.
316     *
317     * @param string $text HTTP status code or file extension
318     *
319     * @return ResponseInterface
320     */
321    public function replacementImageResponse(string $text): ResponseInterface
322    {
323        // We can't create a PNG/BMP/JPEG image, as the GD/IMAGICK libraries may be missing.
324        $svg = view('errors/image-svg', ['status' => $text]);
325
326        // We can't send the actual status code, as browsers won't show images with 4xx/5xx.
327        return response($svg, StatusCodeInterface::STATUS_OK, [
328            'content-type' => 'image/svg+xml',
329        ]);
330    }
331
332    /**
333     * @param string $data
334     * @param string $mime_type
335     * @param string $filename
336     *
337     * @return ResponseInterface
338     */
339    protected function imageResponse(string $data, string $mime_type, string $filename): ResponseInterface
340    {
341        if ($mime_type === 'image/svg+xml' && str_contains($data, '<script')) {
342            return $this->replacementImageResponse('XSS')
343                ->withHeader('X-Image-Exception', 'SVG image blocked due to XSS.');
344        }
345
346        // HTML files may contain javascript, so use content-security-policy to disable it.
347        $response = response($data)
348            ->withHeader('content-type', $mime_type)
349            ->withHeader('content-security-policy', 'script-src none');
350
351        if ($filename === '') {
352            return $response;
353        }
354
355        return $response
356            ->withHeader('content-disposition', 'attachment; filename="' . addcslashes(basename($filename), '"'));
357    }
358
359    /**
360     * @return ImageManager
361     * @throws RuntimeException
362     */
363    protected function imageManager(): ImageManager
364    {
365        foreach (static::INTERVENTION_DRIVERS as $driver) {
366            if (extension_loaded($driver)) {
367                return new ImageManager(['driver' => $driver]);
368            }
369        }
370
371        throw new RuntimeException('No PHP graphics library is installed.  Need Imagick or GD');
372    }
373
374    /**
375     * Apply EXIF rotation to an image.
376     *
377     * @param Image $image
378     *
379     * @return Image
380     */
381    protected function autorotateImage(Image $image): Image
382    {
383        try {
384            // Auto-rotate using EXIF information.
385            return $image->orientate();
386        } catch (NotSupportedException $ex) {
387            // If we can't auto-rotate the image, then don't.
388            return $image;
389        }
390    }
391
392    /**
393     * Resize an image.
394     *
395     * @param Image  $image
396     * @param int    $width
397     * @param int    $height
398     * @param string $fit
399     *
400     * @return Image
401     */
402    protected function resizeImage(Image $image, int $width, int $height, string $fit): Image
403    {
404        switch ($fit) {
405            case 'crop':
406                return $image->fit($width, $height);
407            case 'contain':
408                return $image->resize($width, $height, static function (Constraint $constraint) {
409                    $constraint->aspectRatio();
410                    $constraint->upsize();
411                });
412        }
413
414        return $image;
415    }
416
417    /**
418     * Extract the quality/compression parameter from an image.
419     *
420     * @param Image $image
421     * @param int   $default
422     *
423     * @return int
424     */
425    protected function extractImageQuality(Image $image, int $default): int
426    {
427        $core = $image->getCore();
428
429        if ($core instanceof Imagick) {
430            return $core->getImageCompressionQuality() ?: $default;
431        }
432
433        return $default;
434    }
435}
436