Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-30923

Fix can't generate thumbnail for a PDF when using cold storage

    XMLWordPrintable

    Details

    • Type: Question
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: ColdStorage, Renditions

      Description

      Steps to reproduce
      On a local instance, using the zip installation

      install cold storage addon and configure it
      start the server
      import a PDF file
      try to send the PDF file to cold storage

      => sending fails due to thumbnail can't be generated, exception looking like the following

      2022-03-09T13:01:00,791 WARN  [ThumbnailDocumentFactory] Cannot compute document thumbnail for: b23b9432-4b35-4450-be34-9810dcae8bc6
      org.nuxeo.ecm.core.convert.api.ConversionException: Blob Key/Provider: default:f9ee5c1723f8c3e5a0e751ce4d24aade/default, Document: DocumentModelImpl(b23b9432-4b35-4450-be34-9810dcae8bc6, path=/default-domain/workspaces/Policies/apollinaire_alcools.pdf, title=apollinaire_alcools.pdf), Thumbnail conversion failed
      	at org.nuxeo.ecm.platform.thumbnail.converter.ThumbnailDocumentConverter.convert(ThumbnailDocumentConverter.java:88) ~[nuxeo-thumbnail-2021.13.7.jar:?]
      	at org.nuxeo.ecm.core.convert.service.ConversionServiceImpl.convert(ConversionServiceImpl.java:340) ~[nuxeo-core-convert-2021.7.15.jar:?]
      	[...]
      Caused by: org.nuxeo.ecm.platform.commandline.executor.api.CommandException: Error code 1 after 0.16s for command: convert -define registry:temporary-path=#{nuxeo.tmp.dir} -quiet -strip -thumbnail #{size} -background transparent -gravity center -format png -quality 75 #{inputFilePath}[0] #{outputFilePath}, parameters: java.io.tmpdir=/home/bert/Documents/nx/nuxeo-server-tomcat-2021/tmp, nuxeo.tmp.dir=/home/bert/Documents/nx/nuxeo-server-tomcat-2021/tmp, size=1000x1000, inputFilePath=/home/bert/Documents/nx/nuxeo-server-tomcat-2021/tmp/nxbincache.17181559932561732974/a7a52e0adc5fcc16d54a291bab0c634f3dfa753e4618835df11df756185609a13ea24c39355ef510859da9ca3f92bcf10959ebe14ce84eebf58be76d05fc744a, outputFilePath=/home/bert/Documents/nx/nuxeo-server-tomcat-2021/tmp/nxblob-2843352251330627910.png
      output: convert-im6.q16: attempt to perform an operation not allowed by the security policy `PDF' @ error/constitute.c/IsCoderAuthorized/408. 

      As described in:
      https://stackoverflow.com/questions/52998331/imagemagick-security-policy-pdf-blocking-conversion

      Solution is to edit the /etc/ImageMagick-[version]/policy.xml file and replace the policy with the following:

      <policy domain="coder" rights="read | write" pattern="PDF" />

      => does this have any security implication we should consider?

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: