diff --git a/apps/demo-nextjs-app-router/api_scripts/hello_test.sh b/apps/demo-nextjs-app-router/api_scripts/hello_test.sh new file mode 100644 index 0000000..e8be4d3 --- /dev/null +++ b/apps/demo-nextjs-app-router/api_scripts/hello_test.sh @@ -0,0 +1,3 @@ +#!/bin/bash +echo "Script executed with args: $1 $2" +echo "Current time: $(date)" diff --git a/apps/demo-nextjs-app-router/api_scripts/video_add_watermark.sh b/apps/demo-nextjs-app-router/api_scripts/video_add_watermark.sh new file mode 100644 index 0000000..c578b8a --- /dev/null +++ b/apps/demo-nextjs-app-router/api_scripts/video_add_watermark.sh @@ -0,0 +1,4 @@ +#!/bin/bash +echo "Script executed with args: $1 $2" +echo "Current time: $(date)" +echo "Current directory: $(pwd)" \ No newline at end of file diff --git a/apps/demo-nextjs-app-router/services/bashExecService.ts b/apps/demo-nextjs-app-router/services/bashExecService.ts index e6cbf3e..d565f33 100644 --- a/apps/demo-nextjs-app-router/services/bashExecService.ts +++ b/apps/demo-nextjs-app-router/services/bashExecService.ts @@ -24,6 +24,22 @@ export async function executeScript( params: ScriptParams, ): Promise { // Add the script execution to the queue + + // hardcoded the allowed script path for security reasons + var allowedScriptPaths = [ + "/tmp/api_scripts/hello_test.sh", + "/tmp/api_scripts/video_add_watermark.sh", + ]; + + if (!allowedScriptPaths.includes(params.scriptPath)) { + return { + success: false, + stdout: "", + stderr: "", + error: "Script path is not allowed", + }; + } + const result = await scriptQueue.add(async () => { try { // Execute the bash script diff --git a/apps/demo-nextjs-app-router/startup.sh b/apps/demo-nextjs-app-router/startup.sh index 5e826bb..a6af3ee 100755 --- a/apps/demo-nextjs-app-router/startup.sh +++ b/apps/demo-nextjs-app-router/startup.sh @@ -8,6 +8,8 @@ SCRIPT_DIR="$(dirname "$SCRIPT_PATH")" # Set project directory PROJECT_DIR="$SCRIPT_DIR" +cp -rv "$PROJECT_DIR/api_scripts" /tmp/ + LOG_FILE="$PROJECT_DIR/startup.log" # Function to log messages