fix: bug with decrypting images (#121)

Author: JannikStreek

src/files/files.controller.spec.ts

@@ -37,6 +37,7 @@ describe('FilesController', () => {
       mockStorageService.get.mockResolvedValue(fileData);
 
       const mockRes = {
+        setHeader: jest.fn(),
         write: jest.fn(() => true),
         end: jest.fn(),
         on: jest.fn(),
@@ -50,6 +51,27 @@ describe('FilesController', () => {
       expect(mockRes.end).toHaveBeenCalled();
     });
 
+    it('should set Content-Length header matching data size', async () => {
+      const fileData = Buffer.from('binary-file-data');
+      mockStorageService.get.mockResolvedValue(fileData);
+
+      const mockRes = {
+        setHeader: jest.fn(),
+        write: jest.fn(() => true),
+        end: jest.fn(),
+        on: jest.fn(),
+        once: jest.fn(),
+        emit: jest.fn(),
+      };
+
+      await controller.findOne({ id: 'file-123' }, mockRes as any);
+
+      expect(mockRes.setHeader).toHaveBeenCalledWith(
+        'Content-Length',
+        fileData.length,
+      );
+    });
+
     it('should throw NotFoundException when file does not exist', async () => {
       mockStorageService.get.mockResolvedValue(undefined);
 

src/files/files.controller.ts

@@ -31,6 +31,7 @@ export class FilesController {
       throw new NotFoundException();
     }
 
+    res.setHeader('Content-Length', data.length);
     const stream = new Readable();
     stream.push(data);
     stream.push(null);

src/main.spec.ts

@@ -0,0 +1,27 @@
+import { NestFactory } from '@nestjs/core';
+
+jest.mock('@nestjs/core', () => ({
+  NestFactory: {
+    create: jest.fn().mockResolvedValue({
+      setGlobalPrefix: jest.fn(),
+      listen: jest.fn().mockResolvedValue(undefined),
+    }),
+  },
+}));
+
+describe('bootstrap', () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+  });
+
+  it('should disable default body parsers to prevent binary data corruption', async () => {
+    await import('./main');
+
+    expect(NestFactory.create).toHaveBeenCalledWith(
+      expect.anything(),
+      expect.objectContaining({
+        bodyParser: false,
+      }),
+    );
+  });
+});

src/main.ts

@@ -13,6 +13,7 @@ async function bootstrap() {
 
   const app = await NestFactory.create(AppModule, {
     cors: true,
+    bodyParser: false,
     logger: [logLevel],
   });
 

src/rooms/rooms.controller.spec.ts

@@ -37,6 +37,7 @@ describe('RoomsController', () => {
       mockStorageService.get.mockResolvedValue(roomData);
 
       const mockRes = {
+        setHeader: jest.fn(),
         write: jest.fn(() => true),
         end: jest.fn(),
         on: jest.fn(),
@@ -50,6 +51,27 @@ describe('RoomsController', () => {
       expect(mockRes.end).toHaveBeenCalled();
     });
 
+    it('should set Content-Length header matching data size', async () => {
+      const roomData = Buffer.from('room-binary-data');
+      mockStorageService.get.mockResolvedValue(roomData);
+
+      const mockRes = {
+        setHeader: jest.fn(),
+        write: jest.fn(() => true),
+        end: jest.fn(),
+        on: jest.fn(),
+        once: jest.fn(),
+        emit: jest.fn(),
+      };
+
+      await controller.findOne({ id: 'room-123' }, mockRes as any);
+
+      expect(mockRes.setHeader).toHaveBeenCalledWith(
+        'Content-Length',
+        roomData.length,
+      );
+    });
+
     it('should throw NotFoundException when room does not exist', async () => {
       mockStorageService.get.mockResolvedValue(undefined);
 

src/rooms/rooms.controller.ts

@@ -30,6 +30,7 @@ export class RoomsController {
       throw new NotFoundException();
     }
 
+    res.setHeader('Content-Length', data.length);
     const stream = new Readable();
     stream.push(data);
     stream.push(null);

src/scenes/scenes.controller.spec.ts

@@ -40,6 +40,7 @@ describe('ScenesController', () => {
       mockStorageService.get.mockResolvedValue(sceneData);
 
       const mockRes = {
+        setHeader: jest.fn(),
         write: jest.fn(() => true),
         end: jest.fn(),
         on: jest.fn(),
@@ -53,6 +54,27 @@ describe('ScenesController', () => {
       expect(mockRes.end).toHaveBeenCalled();
     });
 
+    it('should set Content-Length header matching data size', async () => {
+      const sceneData = Buffer.from('scene-binary-data');
+      mockStorageService.get.mockResolvedValue(sceneData);
+
+      const mockRes = {
+        setHeader: jest.fn(),
+        write: jest.fn(() => true),
+        end: jest.fn(),
+        on: jest.fn(),
+        once: jest.fn(),
+        emit: jest.fn(),
+      };
+
+      await controller.findOne({ id: 'scene-123' }, mockRes as any);
+
+      expect(mockRes.setHeader).toHaveBeenCalledWith(
+        'Content-Length',
+        sceneData.length,
+      );
+    });
+
     it('should throw NotFoundException when scene does not exist', async () => {
       mockStorageService.get.mockResolvedValue(undefined);
 

src/scenes/scenes.controller.ts

@@ -31,6 +31,7 @@ export class ScenesController {
       throw new NotFoundException();
     }
 
+    res.setHeader('Content-Length', data.length);
     const stream = new Readable();
     stream.push(data);
     stream.push(null);

src/storage/storage.service.touch-postgres.spec.ts

@@ -0,0 +1,110 @@
+import Keyv from 'keyv';
+import KeyvPostgres from '@keyv/postgres';
+import { StorageNamespace } from './storage.service';
+import { PgMockManager } from '../../test/utils';
+
+/**
+ * Integration tests using PGlite to verify the regexp_replace touch SQL
+ * preserves stored data while updating only the expires timestamp.
+ *
+ * Uses beforeAll (not beforeEach) because KeyvPostgres triggers async PGlite
+ * initialization that must complete within an awaited context.
+ */
+describe('touchPostgres regexp_replace integration (PGlite)', () => {
+  let store: KeyvPostgres;
+  let keyv: Keyv;
+  const ttl = 86400000;
+  const namespace = StorageNamespace.SCENES;
+
+  const getDb = () => PgMockManager.getInstance().getDb();
+
+  /** Run the same regexp_replace SQL that touchPostgres uses. */
+  const runTouchSql = async (fullKey: string, expires: number) => {
+    return getDb().query(
+      `UPDATE keyv
+       SET value = regexp_replace(value, '"expires":\\d+', '"expires":' || $1::text)
+       WHERE key = $2`,
+      [expires, fullKey],
+    );
+  };
+
+  /** Read the raw value column from the keyv table. */
+  const readRawRow = async (fullKey: string): Promise<string | undefined> => {
+    const result = await getDb().query<{ value: string }>(
+      'SELECT value FROM keyv WHERE key = $1',
+      [fullKey],
+    );
+    return result.rows[0]?.value;
+  };
+
+  beforeAll(async () => {
+    store = new KeyvPostgres();
+    keyv = new Keyv({ store, namespace, ttl });
+    // Force PGlite table creation by performing an initial operation
+    await keyv.set('__init__', 'init');
+    await keyv.delete('__init__');
+  });
+
+  afterEach(async () => {
+    await PgMockManager.getInstance().clearDatabase();
+  });
+
+  afterAll(async () => {
+    await store.disconnect();
+  });
+
+  it('should preserve binary data after touch', async () => {
+    const original = Buffer.from([0x00, 0x01, 0xff, 0xfe, 0x80, 0x7f]);
+    await keyv.set('binary-key', original);
+
+    const fullKey = `${namespace}:binary-key`;
+    const newExpires = Date.now() + ttl * 2;
+    await runTouchSql(fullKey, newExpires);
+
+    const retrieved = await keyv.get('binary-key');
+    expect(Buffer.isBuffer(retrieved)).toBe(true);
+    expect(Buffer.from(retrieved).equals(original)).toBe(true);
+  });
+
+  it('should update the expires timestamp in the raw row', async () => {
+    await keyv.set('ts-key', 'hello');
+
+    const fullKey = `${namespace}:ts-key`;
+    const rawBefore = await readRawRow(fullKey);
+    const expiresBefore = JSON.parse(rawBefore!).expires as number;
+
+    const newExpires = expiresBefore + 99999;
+    await runTouchSql(fullKey, newExpires);
+
+    const rawAfter = await readRawRow(fullKey);
+    const expiresAfter = JSON.parse(rawAfter!).expires as number;
+
+    expect(expiresAfter).toBe(newExpires);
+    expect(expiresAfter).not.toBe(expiresBefore);
+  });
+
+  it('should preserve string data after touch', async () => {
+    await keyv.set('str-key', 'some important string value');
+
+    const fullKey = `${namespace}:str-key`;
+    await runTouchSql(fullKey, Date.now() + ttl * 2);
+
+    const retrieved = await keyv.get('str-key');
+    expect(retrieved).toBe('some important string value');
+  });
+
+  it('should not modify value when expires is null', async () => {
+    const fullKey = `${namespace}:no-expires`;
+    // Insert a row manually with "expires":null — won't match \d+
+    await getDb().query(`INSERT INTO keyv (key, value) VALUES ($1, $2)`, [
+      fullKey,
+      '{"value":"test-data","expires":null}',
+    ]);
+
+    const rawBefore = await readRawRow(fullKey);
+    await runTouchSql(fullKey, Date.now() + ttl);
+    const rawAfter = await readRawRow(fullKey);
+
+    expect(rawAfter).toBe(rawBefore);
+  });
+});

src/storage/storage.service.touch.spec.ts

@@ -71,19 +71,29 @@ describe('StorageService - touch()', () => {
       service = module.get<StorageService>(StorageService);
     });
 
-    it('should refresh TTL via SQL for an existing record', async () => {
+    it('should refresh TTL via SQL using regexp_replace for an existing record', async () => {
       jest.spyOn(Date, 'now').mockReturnValue(1000000000);
       (mockStore.query as jest.Mock).mockResolvedValue(createQueryResult(1));
 
       const result = await service.touch(testKey, testNamespace);
 
       expect(result).toBe(true);
       expect(mockStore.query).toHaveBeenCalledWith(
-        expect.stringContaining('UPDATE keyv'),
+        expect.stringContaining('regexp_replace'),
         [1000000000 + mockTtl, `${testNamespace}:${testKey}`],
       );
     });
 
+    it('should not use JSONB operations in touch SQL', async () => {
+      (mockStore.query as jest.Mock).mockResolvedValue(createQueryResult(1));
+
+      await service.touch(testKey, testNamespace);
+
+      const sql = (mockStore.query as jest.Mock).mock.calls[0][0] as string;
+      expect(sql).not.toContain('jsonb_set');
+      expect(sql).not.toContain('::jsonb');
+    });
+
     it('should return false when record not found', async () => {
       (mockStore.query as jest.Mock).mockResolvedValue(createQueryResult(0));