Code review fixes: wardrobe migration, response validation, path traversal guard, deduplication

- Migrate 11 character JSONs from old wardrobe keys to _BODY_GROUP_KEYS format - Add is_favourite/is_nsfw columns to Preset model - Add HTTP response validation and timeouts to ComfyUI client - Add path traversal protection on replace cover route - Deduplicate services/mcp.py (4 functions → 2 generic + 2 wrappers) - Extract apply_library_filters() and clean_html_text() shared helpers - Add named constants for 17 ComfyUI workflow node IDs - Fix bare except clauses in services/llm.py - Fix tags schema in ensure_default_outfit() (list → dict) - Convert f-string logging to lazy % formatting - Add 5-minute polling timeout to frontend waitForJob() - Improve migration error handling (non-duplicate errors log at WARNING) - Update CLAUDE.md to reflect all changes Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-22 00:31:27 +00:00
parent 55ff58aba6
commit 29a6723b25
37 changed files with 464 additions and 539 deletions
--- a/routes/shared.py
+++ b/routes/shared.py
@@ -20,6 +20,23 @@ from utils import allowed_file
 logger = logging.getLogger('gaze')


+def apply_library_filters(query, model_class):
+    """Apply standard favourite/NSFW filters and sorting to a library query.
+
+    Returns (items, favourite_filter, nsfw_filter) tuple.
+    """
+    fav = request.args.get('favourite')
+    nsfw = request.args.get('nsfw', 'all')
+    if fav == 'on':
+        query = query.filter_by(is_favourite=True)
+    if nsfw == 'sfw':
+        query = query.filter_by(is_nsfw=False)
+    elif nsfw == 'nsfw':
+        query = query.filter_by(is_nsfw=True)
+    items = query.order_by(model_class.is_favourite.desc(), model_class.name).all()
+    return items, fav or '', nsfw
+
+
 # ---------------------------------------------------------------------------
 # Category configuration registry
 # ---------------------------------------------------------------------------
@@ -237,11 +254,16 @@ def _register_replace_cover_route(app, cfg):
    def replace_cover(slug):
        entity = Model.query.filter_by(slug=slug).first_or_404()
        preview_path = request.form.get('preview_path')
-        if preview_path and os.path.exists(
-                os.path.join(current_app.config['UPLOAD_FOLDER'], preview_path)):
-            entity.image_path = preview_path
-            db.session.commit()
-            flash('Cover image updated!')
+        if preview_path:
+            full_path = os.path.realpath(
+                os.path.join(current_app.config['UPLOAD_FOLDER'], preview_path))
+            upload_root = os.path.realpath(current_app.config['UPLOAD_FOLDER'])
+            if full_path.startswith(upload_root + os.sep) and os.path.exists(full_path):
+                entity.image_path = preview_path
+                db.session.commit()
+                flash('Cover image updated!')
+            else:
+                flash('Invalid preview path.', 'error')
        else:
            flash('No valid preview image selected.', 'error')
        return redirect(url_for(detail_ep, slug=slug))