diff --git a/app/Uploads/UserAvatars.php b/app/Uploads/UserAvatars.php index f5b085a35..49a54bbbb 100644 --- a/app/Uploads/UserAvatars.php +++ b/app/Uploads/UserAvatars.php @@ -6,6 +6,7 @@ use BookStack\Auth\User; use BookStack\Exceptions\HttpFetchException; use Exception; use Illuminate\Support\Facades\Log; +use Illuminate\Support\Str; class UserAvatars { @@ -93,7 +94,7 @@ class UserAvatars */ protected function createAvatarImageFromData(User $user, string $imageData, string $extension): Image { - $imageName = str_replace(' ', '-', $user->id . '-avatar.' . $extension); + $imageName = Str::random(10) . '-avatar.' . $extension; $image = $this->imageService->saveNew($imageName, $imageData, 'user', $user->id); $image->created_by = $user->id; @@ -134,7 +135,12 @@ class UserAvatars */ protected function getAvatarUrl(): string { - $url = trim(config('services.avatar_url')); + $configOption = config('services.avatar_url'); + if ($configOption === false) { + return ''; + } + + $url = trim($configOption); if (empty($url) && !config('services.disable_services')) { $url = 'https://www.gravatar.com/avatar/${hash}?s=${size}&d=identicon'; diff --git a/tests/Uploads/AvatarTest.php b/tests/Uploads/AvatarTest.php index 650f5b4ea..3e27e5344 100644 --- a/tests/Uploads/AvatarTest.php +++ b/tests/Uploads/AvatarTest.php @@ -82,6 +82,21 @@ class AvatarTest extends TestCase $this->createUserRequest($user); } + public function test_avatar_not_fetched_if_avatar_url_option_set_to_false() + { + config()->set([ + 'services.disable_services' => false, + 'services.avatar_url' => false, + ]); + + $user = User::factory()->make(); + + $http = $this->mock(HttpFetcher::class); + $http->shouldNotReceive('fetch'); + + $this->createUserRequest($user); + } + public function test_no_failure_but_error_logged_on_failed_avatar_fetch() { config()->set([