diff --git a/agent/app/service/runtime_utils.go b/agent/app/service/runtime_utils.go index db792373ab08..5dd7224cf670 100644 --- a/agent/app/service/runtime_utils.go +++ b/agent/app/service/runtime_utils.go @@ -41,19 +41,24 @@ import ( func handleRuntime(create request.RuntimeCreate, runtime *model.Runtime, fileOp files.FileOp, appVersionDir string) (err error) { runtimeDir := path.Join(global.Dir.RuntimeDir, create.Type) + projectDir := path.Join(runtimeDir, create.Name) + if create.CodeDir != "" && isPathInsideOrEqual(projectDir, create.CodeDir) { + return buserr.New("ErrRuntimeProjectDirContainsCodeDir") + } if err = fileOp.CopyDir(appVersionDir, runtimeDir); err != nil { return } versionDir := path.Join(runtimeDir, filepath.Base(appVersionDir)) - projectDir := path.Join(runtimeDir, create.Name) + cleanupTarget := versionDir defer func() { if err != nil { - _ = fileOp.DeleteDir(projectDir) + _ = fileOp.DeleteDir(cleanupTarget) } }() if err = fileOp.Rename(versionDir, projectDir); err != nil { return } + cleanupTarget = projectDir composeContent, envContent, _, err := handleParams(create, projectDir) if err != nil { return @@ -76,12 +81,36 @@ func handleRuntime(create request.RuntimeCreate, runtime *model.Runtime, fileOp return } +func isPathInsideOrEqual(baseDir, targetDir string) bool { + baseAbs := resolveRuntimePath(baseDir) + targetAbs := resolveRuntimePath(targetDir) + rel, err := filepath.Rel(baseAbs, targetAbs) + if err != nil { + return false + } + return rel == "." || (rel != ".." && !strings.HasPrefix(rel, ".."+string(os.PathSeparator))) +} + +func resolveRuntimePath(dir string) string { + cleanDir := filepath.Clean(dir) + if realDir, err := filepath.EvalSymlinks(cleanDir); err == nil { + return realDir + } + if absDir, err := filepath.Abs(cleanDir); err == nil { + return absDir + } + return cleanDir +} + func handlePHP(create request.RuntimeCreate, runtime *model.Runtime, fileOp files.FileOp, appVersionDir string) (err error) { runtimeDir := path.Join(global.Dir.RuntimeDir, create.Type) + projectDir := path.Join(runtimeDir, create.Name) + if create.CodeDir != "" && isPathInsideOrEqual(projectDir, create.CodeDir) { + return buserr.New("ErrRuntimeProjectDirContainsCodeDir") + } if err = fileOp.CopyDirWithNewName(appVersionDir, runtimeDir, create.Name); err != nil { return } - projectDir := path.Join(runtimeDir, create.Name) defer func() { if err != nil { _ = fileOp.DeleteDir(projectDir) diff --git a/agent/i18n/lang/en.yaml b/agent/i18n/lang/en.yaml index e6e19af833e2..ccf270e50401 100644 --- a/agent/i18n/lang/en.yaml +++ b/agent/i18n/lang/en.yaml @@ -181,6 +181,7 @@ ErrSSLValid: 'Certificate file is invalid' ErrWebsiteDir: 'Select a subdirectory under the website directory' ErrComposerFileNotFound: "composer.json file does not exist" ErrRuntimeNoPort: 'Runtime port is not set' +ErrRuntimeProjectDirContainsCodeDir: 'The runtime directory contains the selected project directory. Please choose another project directory and create it again.' Status: 'Status' start: 'Start' stop: 'Stop' diff --git a/agent/i18n/lang/es-ES.yaml b/agent/i18n/lang/es-ES.yaml index f1124bc52833..daa458f3e87f 100644 --- a/agent/i18n/lang/es-ES.yaml +++ b/agent/i18n/lang/es-ES.yaml @@ -166,6 +166,7 @@ ErrSSLValid: 'Archivo de certificado anómalo, revise el estado del certificado' ErrWebsiteDir: 'seleccione un directorio dentro del directorio del sitio web' ErrComposerFileNotFound: 'El archivo composer.json no existe' ErrRuntimeNoPort: 'El entorno de ejecución no tiene configurado un puerto, edítelo primero' +ErrRuntimeProjectDirContainsCodeDir: 'El directorio de ejecución incluye el directorio de proyecto seleccionado. Elija otro directorio de proyecto y créelo de nuevo.' Status: 'Estado' start: 'Iniciar' stop: 'Detener' diff --git a/agent/i18n/lang/ja.yaml b/agent/i18n/lang/ja.yaml index abce78493b17..7ab4743202e7 100644 --- a/agent/i18n/lang/ja.yaml +++ b/agent/i18n/lang/ja.yaml @@ -166,6 +166,7 @@ ErrSSLValid: '証明書ファイルが異常です、証明書の状態を確認 ErrWebsiteDir: 'ウェブサイトディレクトリ内のディレクトリを選択してください。' ErrComposerFileNotFound: 'composer.json ファイルが存在しません' ErrRuntimeNoPort: 'ランタイム環境にポートが設定されていません。先にランタイム環境を編集してください。' +ErrRuntimeProjectDirContainsCodeDir: '実行環境ディレクトリに選択したプロジェクトディレクトリが含まれています。別のプロジェクトディレクトリを選択して、再作成してください。' Status: 'ステータス' start: '開始' stop: '停止' diff --git a/agent/i18n/lang/ko.yaml b/agent/i18n/lang/ko.yaml index 9614b8c6bafb..93a6952a207b 100644 --- a/agent/i18n/lang/ko.yaml +++ b/agent/i18n/lang/ko.yaml @@ -166,6 +166,7 @@ ErrSSLValid: '인증서 파일에 문제가 있습니다. 인증서 상태를 ErrWebsiteDir: '웹사이트 디렉토리 내의 디렉토리를 선택하세요.' ErrComposerFileNotFound: 'composer.json 파일이 존재하지 않습니다' ErrRuntimeNoPort: '런타임 환경에 포트가 설정되지 않았습니다. 먼저 런타임 환경을 편집하세요.' +ErrRuntimeProjectDirContainsCodeDir: '런타임 디렉터리에 선택한 프로젝트 디렉터리가 포함되어 있습니다. 다른 프로젝트 디렉터리를 선택한 후 다시 생성해 주세요.' Status: '상태' start: '시작' stop: '중지' diff --git a/agent/i18n/lang/ms.yaml b/agent/i18n/lang/ms.yaml index 319dfb4c1578..2654c2b7525a 100644 --- a/agent/i18n/lang/ms.yaml +++ b/agent/i18n/lang/ms.yaml @@ -166,6 +166,7 @@ ErrSSLValid: 'Fail sijil bermasalah, sila periksa status sijil' ErrWebsiteDir: 'Sila pilih direktori dalam direktori laman web.' ErrComposerFileNotFound: 'Fail composer.json tidak wujud' ErrRuntimeNoPort: 'Persekitaran runtime tidak diset dengan port, sila edit persekitaran runtime terlebih dahulu.' +ErrRuntimeProjectDirContainsCodeDir: 'Direktori runtime mengandungi direktori projek yang dipilih. Sila pilih direktori projek lain dan cipta semula.' Status: 'Status' start: 'Mulakan' stop: 'Berhenti' diff --git a/agent/i18n/lang/pt-BR.yaml b/agent/i18n/lang/pt-BR.yaml index 1d3df6cba237..7a36e2ed2007 100644 --- a/agent/i18n/lang/pt-BR.yaml +++ b/agent/i18n/lang/pt-BR.yaml @@ -166,6 +166,7 @@ ErrSSLValid: 'O arquivo do certificado está anormal, verifique o status do cert ErrWebsiteDir: ', selecione um diretório dentro do diretório do site.' ErrComposerFileNotFound: 'O arquivo composer.json não existe' ErrRuntimeNoPort: 'O ambiente de tempo de execução não está configurado com uma porta, edite o ambiente de tempo de execução primeiro.' +ErrRuntimeProjectDirContainsCodeDir: 'O diretório de execução inclui o diretório de projeto selecionado. Escolha outro diretório de projeto e crie novamente.' Status: 'Status' start: 'Iniciar' stop: 'Parar' diff --git a/agent/i18n/lang/ru.yaml b/agent/i18n/lang/ru.yaml index f9655250fe71..33d05694b9ed 100644 --- a/agent/i18n/lang/ru.yaml +++ b/agent/i18n/lang/ru.yaml @@ -166,6 +166,7 @@ ErrSSLValid: 'Файл сертификата аномален, проверьт ErrWebsiteDir: 'Пожалуйста, выберите директорию внутри директории сайта.' ErrComposerFileNotFound: 'Файл composer.json не существует' ErrRuntimeNoPort: 'Среда выполнения не настроена с портом, сначала отредактируйте среду выполнения.' +ErrRuntimeProjectDirContainsCodeDir: 'Каталог среды выполнения содержит выбранный каталог проекта. Выберите другой каталог проекта и создайте его заново.' Status: 'Статус' start: 'Запустить' stop: 'Остановить' diff --git a/agent/i18n/lang/tr.yaml b/agent/i18n/lang/tr.yaml index 01ef4cd52efe..bedda10fa2f9 100644 --- a/agent/i18n/lang/tr.yaml +++ b/agent/i18n/lang/tr.yaml @@ -166,6 +166,7 @@ ErrSSLValid: 'Sertifika dosyası anormal, lütfen sertifika durumunu kontrol edi ErrWebsiteDir: 'Lütfen web sitesi dizini içindeki bir dizin seçin.' ErrComposerFileNotFound: 'composer.json dosyası mevcut değil' ErrRuntimeNoPort: 'Çalışma zamanı ortamı bir porta sahip değil, lütfen önce çalışma zamanı ortamını düzenleyin.' +ErrRuntimeProjectDirContainsCodeDir: 'Çalışma zamanı dizini, seçilen proje dizinini içeriyor. Lütfen başka bir proje dizini seçip yeniden oluşturun.' Status: 'Durum' start: 'Başlat' stop: 'Durdur' diff --git a/agent/i18n/lang/zh-Hant.yaml b/agent/i18n/lang/zh-Hant.yaml index 102b9d69efe3..058caa0082b0 100644 --- a/agent/i18n/lang/zh-Hant.yaml +++ b/agent/i18n/lang/zh-Hant.yaml @@ -166,6 +166,7 @@ ErrSSLValid: '憑證檔案異常,請檢查憑證狀態!' ErrWebsiteDir: '請選擇網站目錄下的目錄' ErrComposerFileNotFound: 'composer.json 檔案不存在' ErrRuntimeNoPort: '執行環境未設定埠,請先編輯執行環境' +ErrRuntimeProjectDirContainsCodeDir: '執行環境目錄包含所選專案目錄,請先更換專案目錄後再重新建立' Status: '狀態' start: '開啟' stop: '關閉' diff --git a/agent/i18n/lang/zh.yaml b/agent/i18n/lang/zh.yaml index 8b1d40f83fb2..92653379d163 100644 --- a/agent/i18n/lang/zh.yaml +++ b/agent/i18n/lang/zh.yaml @@ -181,6 +181,7 @@ ErrSSLValid: '证书文件异常,请检查证书状态!' ErrWebsiteDir: '请选择网站目录下的目录' ErrComposerFileNotFound: 'composer.json 文件不存在' ErrRuntimeNoPort: '运行环境未设置端口,请先编辑运行环境' +ErrRuntimeProjectDirContainsCodeDir: '运行环境目录包含所选项目目录,请先更换项目目录后再重新创建' Status: '状态' start: '开启' stop: '关闭'