FIX: Use theme screenshot names in theme fields (#31852)

Currently we allow for 2 theme screenshots to be specified, with a lightweight spec to allow both a light and dark version of the screenshot. However, we were not storing this screenshot name anywhere, so we would not be able to use it for light/dark switching. This commit fixes that issue, and also does some general refactoring around theme screenshots, and adds more tests.
2025-05-24 14:12:10 +08:00 · 2025-03-17 15:56:19 +10:00
parent d0a5fd5e21
commit 327375abee
7 changed files with 223 additions and 90 deletions
--- a/lib/compression/strategy.rb
+++ b/lib/compression/strategy.rb
@ -38,18 +38,6 @@ module Compression
      Pathname.new(filename).realpath.to_s
    end

-    # https://guides.rubyonrails.org/security.html#file-uploads
-    def sanitize_filename(filename)
-      filename.strip.tap do |name|
-        # NOTE: File.basename doesn't work right with Windows paths on Unix
-        # get only the filename, not the whole path
-        name.sub! %r{\A.*(\\|/)}, ""
-        # Finally, replace all non alphanumeric, underscore
-        # or periods with underscore
-        name.gsub! /[^\w\.\-]/, "_"
-      end
-    end
-
    def calculate_available_size(max_size)
      1024**2 * (max_size / 1.049) # Mb to Mib
    end
--- a/lib/compression/tar.rb
+++ b/lib/compression/tar.rb
@ -9,7 +9,7 @@ module Compression
    end

    def compress(path, target_name)
-      tar_filename = sanitize_filename("#{target_name}.tar")
+      tar_filename = FileHelper.sanitize_filename("#{target_name}.tar")
      Discourse::Utils.execute_command(
        "tar",
        "--create",