[PR #3693] [MERGED] Addition of a local_secure_restricted image storage option #6250

New Issue

OVERLORD · 2026-02-05T10:27:43+03:00

OVERLORD commented

2026-02-05 10:27:43 +03:00

📋 Pull Request Information

Original PR: https://github.com/BookStackApp/BookStack/pull/3693
Author: @ssddanbrown
Created: 9/1/2022
Status: ✅ Merged
Merged: 9/2/2022
Merged by: @ssddanbrown

Base: development ← Head: local_secure_restricted

📝 Commits (5)

27ac122 Started work on local_secure_restricted image option
f28ed0e Fixed shelf covers being stored as 'cover_book'
f883302 Added test to cover secure restricted functionality
092b6d6 Added test and handling for local_secure_restricted in exports
c76b5e2 Fixed local_secure_restricted preventing attachment uploads

📊 Changes

10 files changed (+236 additions, -25 deletions)

View changed files

📝 app/Entities/Models/Bookshelf.php (+1 -1)
📝 app/Entities/Repos/BaseRepo.php (+2 -1)
📝 app/Entities/Tools/ExportFormatter.php (+1 -2)
📝 app/Http/Controllers/Images/ImageController.php (+1 -1)
📝 app/Uploads/AttachmentService.php (+1 -1)
📝 app/Uploads/ImageService.php (+89 -19)
➕ database/migrations/2022_09_02_082910_fix_shelf_cover_image_types.php (+42 -0)
📝 tests/Entity/BookShelfTest.php (+1 -0)
📝 tests/Uploads/AttachmentTest.php (+15 -0)
📝 tests/Uploads/ImageTest.php (+83 -0)

📄 Description

Adds a local_secure_restricted storage type option which adds related item permission checks to image access.

TODO

Initial Implementation
Fix/migration of cover_book image types, that should actually be cover_bookshelf types
Permission control in exports?
PHPUnit Testing Coverage
Check attachments aren't hindered when using value as STORAGE_TYPE
Manual Scenario Testing

To Document

New option on security page.
Might be worth marking as beta/experimental initially.
Clarify detail on security page.
New option on file uploads page.
Clarify detail on file uploads page.
Advise of option caveats somewhere in doc (Performance, Copying page to different permission scenarios etc...)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/BookStackApp/BookStack/pull/3693 **Author:** [@ssddanbrown](https://github.com/ssddanbrown) **Created:** 9/1/2022 **Status:** ✅ Merged **Merged:** 9/2/2022 **Merged by:** [@ssddanbrown](https://github.com/ssddanbrown) **Base:** `development` ← **Head:** `local_secure_restricted` --- ### 📝 Commits (5) - [`27ac122`](https://github.com/BookStackApp/BookStack/commit/27ac1225024fabb8497bb25a57d837ff61806c5d) Started work on local_secure_restricted image option - [`f28ed0e`](https://github.com/BookStackApp/BookStack/commit/f28ed0ef0b219eece535a4d2a1261832bfc10f14) Fixed shelf covers being stored as 'cover_book' - [`f883302`](https://github.com/BookStackApp/BookStack/commit/f88330202bd5ae9bca94e589ee14d13839745e71) Added test to cover secure restricted functionality - [`092b6d6`](https://github.com/BookStackApp/BookStack/commit/092b6d6378175720debbcce14d026e8705b5d3cc) Added test and handling for local_secure_restricted in exports - [`c76b5e2`](https://github.com/BookStackApp/BookStack/commit/c76b5e2ec45cb6847d8f950ae80001b263285bf6) Fixed local_secure_restricted preventing attachment uploads ### 📊 Changes **10 files changed** (+236 additions, -25 deletions) <details> <summary>View changed files</summary> 📝 `app/Entities/Models/Bookshelf.php` (+1 -1) 📝 `app/Entities/Repos/BaseRepo.php` (+2 -1) 📝 `app/Entities/Tools/ExportFormatter.php` (+1 -2) 📝 `app/Http/Controllers/Images/ImageController.php` (+1 -1) 📝 `app/Uploads/AttachmentService.php` (+1 -1) 📝 `app/Uploads/ImageService.php` (+89 -19) ➕ `database/migrations/2022_09_02_082910_fix_shelf_cover_image_types.php` (+42 -0) 📝 `tests/Entity/BookShelfTest.php` (+1 -0) 📝 `tests/Uploads/AttachmentTest.php` (+15 -0) 📝 `tests/Uploads/ImageTest.php` (+83 -0) </details> ### 📄 Description Adds a `local_secure_restricted` storage type option which adds related item permission checks to image access. ### TODO - [x] Initial Implementation - [x] Fix/migration of `cover_book` image types, that should actually be `cover_bookshelf` types - [x] Permission control in exports? - [x] PHPUnit Testing Coverage - [x] Check attachments aren't hindered when using value as `STORAGE_TYPE` - [x] Manual Scenario Testing ### To Document - New option on security page. - Might be worth marking as beta/experimental initially. - Clarify detail on security page. - New option on file uploads page. - Clarify detail on file uploads page. - Advise of option caveats somewhere in doc (Performance, Copying page to different permission scenarios etc...) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

OVERLORD added the pull-request label 2026-02-05 10:27:43 +03:00

OVERLORD closed this issue

2026-02-05 10:27:45 +03:00

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#6250

[PR #3693] [MERGED] Addition of a local_secure_restricted image storage option #6250