From b5895e4d282dacc1e4fd3cc132b30ee10357c350 Mon Sep 17 00:00:00 2001
From: Tyler Kennedy <tk@tkte.ch>
Date: Mon, 19 Dec 2022 05:53:13 -0500
Subject: [PATCH] Stop saving infinite files. (#208)

Use a consistent name for Identity.icon as a quick fix to stop flooding object storage.
---
 core/uploads.py | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/core/uploads.py b/core/uploads.py
index f6c0e89..2e9125f 100644
--- a/core/uploads.py
+++ b/core/uploads.py
@@ -1,5 +1,6 @@
 import os
 import secrets
+import urllib.parse
 from typing import TYPE_CHECKING
 
 from django.utils import timezone
@@ -12,11 +13,20 @@ if TYPE_CHECKING:
 
 def upload_namer(prefix, instance, filename):
     """
-    Names uploaded images, obscuring their original name with a random UUID.
+    Names uploaded images.
+
+    By default, obscures the original name with a random UUID.
     """
-    now = timezone.now()
     _, old_extension = os.path.splitext(filename)
+
+    if prefix == "profile_images":
+        # If we're saving images for an Identity, we only keep the most recently
+        # received. Ideally, we should hash the file content and de-duplicate
+        # but this is the easy and immediate solution.
+        return f"{prefix}/{urllib.parse.quote(instance.handle)}{old_extension}"
+
     new_filename = secrets.token_urlsafe(20)
+    now = timezone.now()
     return f"{prefix}/{now.year}/{now.month}/{now.day}/{new_filename}{old_extension}"