From 003d88587a8dc26ca24eb7c96a19276733b6b1e2 Mon Sep 17 00:00:00 2001 From: florianfederspiel Date: Wed, 18 Mar 2026 18:27:14 +0100 Subject: [PATCH] Fixed Dokubox and Sanitizing for File Uploads Fix #133 --- backend/src/modules/cron/dokuboximport.service.ts | 9 +++++++-- backend/src/routes/files.ts | 2 +- backend/src/utils/files.ts | 8 ++++++-- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/backend/src/modules/cron/dokuboximport.service.ts b/backend/src/modules/cron/dokuboximport.service.ts index fd4a7e2..795dd23 100644 --- a/backend/src/modules/cron/dokuboximport.service.ts +++ b/backend/src/modules/cron/dokuboximport.service.ts @@ -27,6 +27,10 @@ export function syncDokuboxService (server: FastifyInstance) { let client: ImapFlow | null = null async function initDokuboxClient() { + if (client?.usable) { + return client + } + client = new ImapFlow({ host: secrets.DOKUBOX_IMAP_HOST, port: secrets.DOKUBOX_IMAP_PORT, @@ -41,6 +45,7 @@ export function syncDokuboxService (server: FastifyInstance) { console.log("Dokubox E-Mail Client Initialized") await client.connect() + return client } const syncDokubox = async () => { @@ -92,7 +97,8 @@ export function syncDokuboxService (server: FastifyInstance) { if (!badMessageMessageSent) { badMessageMessageSent = true } - return + server.log.warn({ messageId: message.id, subject: message.subject }, "Dokubox message could not be mapped to a tenant") + continue } if (message.attachments.length > 0) { @@ -248,7 +254,6 @@ export function syncDokuboxService (server: FastifyInstance) { return { run: async () => { - await initDokuboxClient() await syncDokubox() console.log("Service: Dokubox sync finished") } diff --git a/backend/src/routes/files.ts b/backend/src/routes/files.ts index 9af7527..241a92f 100644 --- a/backend/src/routes/files.ts +++ b/backend/src/routes/files.ts @@ -60,7 +60,7 @@ export default async function fileRoutes(server: FastifyInstance) { return { id: created.id, - filename: data.filename, + filename: created.filename, path: created.key } } catch (err) { diff --git a/backend/src/utils/files.ts b/backend/src/utils/files.ts index 1e57f52..0e289f7 100644 --- a/backend/src/utils/files.ts +++ b/backend/src/utils/files.ts @@ -7,6 +7,7 @@ import { files } from "../../db/schema" import { eq } from "drizzle-orm" import { FastifyInstance } from "fastify" import { storeExtractedTextForFile } from "./documentText" +import { sanitizeFilename } from "./filename" export const saveFile = async ( server: FastifyInstance, @@ -46,7 +47,10 @@ export const saveFile = async ( // Name ermitteln (Fallback Logik) // Wenn attachment ein Buffer ist, muss der Name in 'other' stehen oder generiert werden - const filename = attachment.filename || providedFilename || `${created.id}.pdf` + const filename = sanitizeFilename( + attachment.filename || providedFilename || `${created.id}.pdf`, + `${created.id}.pdf` + ) // --------------------------------------------------- // 2️⃣ BODY & CONTENT TYPE ERMITTELN @@ -108,7 +112,7 @@ export const saveFile = async ( ) console.log(`File saved: ${key}`) - return { id: created.id, key } + return { id: created.id, key, filename } } catch (err) { console.error("saveFile error:", err) return null