Allow to disable gravatar

Since Gravatar is an external image source and not perfect from a
privacy perspective, forbidding it allows to improve privacy.

This commit also simplifies and optimizes the avatar code.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This commit is contained in:
Sheogorath 2018-06-23 23:40:46 +02:00
parent a2608c319a
commit 318b2d378f
No known key found for this signature in database
GPG key ID: 1F05CC3635CDDFFD
5 changed files with 23 additions and 27 deletions

View file

@ -209,6 +209,7 @@ There are some config settings you need to change in the files below.
| `HMD_EMAIL` | `true` or `false` | set to allow email signin | | `HMD_EMAIL` | `true` or `false` | set to allow email signin |
| `HMD_ALLOW_PDF_EXPORT` | `true` or `false` | Enable or disable PDF exports | | `HMD_ALLOW_PDF_EXPORT` | `true` or `false` | Enable or disable PDF exports |
| `HMD_ALLOW_EMAIL_REGISTER` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | | `HMD_ALLOW_EMAIL_REGISTER` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
| `HMD_ALLOW_GRAVATAR` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance |
| `HMD_IMAGE_UPLOAD_TYPE` | `imgur`, `s3`, `minio` or `filesystem` | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md) | | `HMD_IMAGE_UPLOAD_TYPE` | `imgur`, `s3`, `minio` or `filesystem` | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md) |
| `HMD_S3_ACCESS_KEY_ID` | no example | AWS access key id | | `HMD_S3_ACCESS_KEY_ID` | no example | AWS access key id |
| `HMD_S3_SECRET_ACCESS_KEY` | no example | AWS secret key | | `HMD_S3_SECRET_ACCESS_KEY` | no example | AWS secret key |
@ -271,6 +272,7 @@ There are some config settings you need to change in the files below.
| `documentMaxLength` | `100000` | note max length | | `documentMaxLength` | `100000` | note max length |
| `email` | `true` or `false` | set to allow email signin | | `email` | `true` or `false` | set to allow email signin |
| `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) | | `allowEmailRegister` | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
| `allowGravatar` | `true` or `false` | set to `false` to disable gravatar as profile picture source on your instance |
| `imageUploadType` | `imgur`, `s3`, `minio`, `azure` or `filesystem`(default) | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md)| | `imageUploadType` | `imgur`, `s3`, `minio`, `azure` or `filesystem`(default) | Where to upload images. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md)|
| `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) | | `minio` | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageUploadType` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) |
| `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) | | `s3` | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) |

View file

@ -146,5 +146,6 @@ module.exports = {
}, },
email: true, email: true,
allowEmailRegister: true, allowEmailRegister: true,
allowGravatar: true,
allowPDFExport: true allowPDFExport: true
} }

View file

@ -120,5 +120,6 @@ module.exports = {
}, },
email: toBooleanConfig(process.env.HMD_EMAIL), email: toBooleanConfig(process.env.HMD_EMAIL),
allowEmailRegister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER), allowEmailRegister: toBooleanConfig(process.env.HMD_ALLOW_EMAIL_REGISTER),
allowGravatar: toBooleanConfig(process.env.HMD_ALLOW_GRAVATAR),
allowPDFExport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT) allowPDFExport: toBooleanConfig(process.env.HMD_ALLOW_PDF_EXPORT)
} }

View file

@ -1,5 +1,6 @@
'use strict' 'use strict'
// external modules // external modules
const md5 = require('blueimp-md5')
const randomcolor = require('randomcolor') const randomcolor = require('randomcolor')
const config = require('./config') const config = require('./config')
@ -24,6 +25,17 @@ exports.generateAvatar = function (name) {
return svg return svg
} }
exports.generateAvatarURL = function (name) { exports.generateAvatarURL = function (name, email = '', big = true) {
return config.serverURL + '/user/' + name + '/avatar.svg' let photo
if (email !== '' && config.allowGravatar) {
photo = 'https://www.gravatar.com/avatar/' + md5(email.toLowerCase())
if (big) {
photo += '?s=400'
} else {
photo += '?s=96'
}
} else {
photo = config.serverURL + '/user/' + (name || email.substring(0, email.lastIndexOf('@')) || md5(email.toLowerCase())) + '/avatar.svg'
}
return photo
} }

View file

@ -1,6 +1,5 @@
'use strict' 'use strict'
// external modules // external modules
var md5 = require('blueimp-md5')
var Sequelize = require('sequelize') var Sequelize = require('sequelize')
var scrypt = require('scrypt') var scrypt = require('scrypt')
@ -128,10 +127,7 @@ module.exports = function (sequelize, DataTypes) {
} }
break break
case 'dropbox': case 'dropbox':
// no image api provided, use gravatar photo = generateAvatarURL('', profile.emails[0].value, bigger)
photo = 'https://www.gravatar.com/avatar/' + md5(profile.emails[0].value)
if (bigger) photo += '?s=400'
else photo += '?s=96'
break break
case 'google': case 'google':
photo = profile.photos[0].value photo = profile.photos[0].value
@ -139,35 +135,19 @@ module.exports = function (sequelize, DataTypes) {
else photo = photo.replace(/(\?sz=)\d*$/i, '$196') else photo = photo.replace(/(\?sz=)\d*$/i, '$196')
break break
case 'ldap': case 'ldap':
// no image api provided, photo = generateAvatarURL(profile.username, profile.emails[0], bigger)
// use gravatar if email exists,
// otherwise generate a letter avatar
if (profile.emails[0]) {
photo = 'https://www.gravatar.com/avatar/' + md5(profile.emails[0])
if (bigger) photo += '?s=400'
else photo += '?s=96'
} else {
photo = generateAvatarURL(profile.username)
}
break break
case 'saml': case 'saml':
if (profile.emails[0]) { photo = generateAvatarURL(profile.username, profile.emails[0], bigger)
photo = 'https://www.gravatar.com/avatar/' + md5(profile.emails[0])
if (bigger) photo += '?s=400'
else photo += '?s=96'
} else {
photo = generateAvatarURL(profile.username)
}
break break
} }
return photo return photo
}, },
parseProfileByEmail: function (email) { parseProfileByEmail: function (email) {
var photoUrl = 'https://www.gravatar.com/avatar/' + md5(email)
return { return {
name: email.substring(0, email.lastIndexOf('@')), name: email.substring(0, email.lastIndexOf('@')),
photo: photoUrl + '?s=96', photo: generateAvatarURL('', email, false),
biggerphoto: photoUrl + '?s=400' biggerphoto: generateAvatarURL('', email, true)
} }
} }
} }