search

ropensci / magick

Magic, madness, heaven, sin
https://docs.ropensci.org/magick
Other
461 stars 65 forks source link

Attempt to perform an operation not allowed by the security policy `PDF' #384

Closed dcaud closed 10 months ago

dcaud commented 1 year ago

The error happens when trying to write to a pdf with image_write() on shinyapps.io. I think the Posit needs to change the policy.xml file on their newly updated Ubuntu servers (see https://stackoverflow.com/questions/52998331/imagemagick-security-policy-pdf-blocking-conversion).

Do you have ideas to fix this issue without needing to wait for Posit to make a change?

Here's an example app that reproduces the error:

library(shiny)
library(magick)

ui <- fluidPage(
  titlePanel("Error when downloading as PDF"),

  sidebarLayout(
    sidebarPanel(
      radioButtons("fileType", "Choose File Type:",
                   choices = c("PDF", "JPEG"),
                   selected = "PDF"),
      downloadButton("downloadFile", "Download")
    ),

    mainPanel(
      imageOutput("displayImage")
    )
  )
)

server <- function(input, output, session) {

  img <- image_read("wizard:")

  output$displayImage <- renderImage({
    tmp <- tempfile(fileext = ".png")
    image_write(img, path = tmp, format = "png")
    list(src = tmp)
  }, deleteFile = TRUE)

  output$downloadFile <- downloadHandler(
    filename = function() {
      if (input$fileType == "PDF") {
        paste0("converted_", Sys.Date(), ".pdf")
      } else {
        paste0("converted_", Sys.Date(), ".jpeg")
      }
    },
    content = function(file) {
      if (input$fileType == "PDF") {
        # The write function w/ PDF seems to be at odds with a policy that can be revised.
        image_write(img, path = file, format = "pdf")
      } else {
        image_write(img, path = file, format = "jpeg")
      }
    }
  )
}

shinyApp(ui = ui, server = server)

Related: https://github.com/rstudio/shinyapps-package-dependencies/pull/289#issuecomment-1780301670

jeroen commented 1 year ago

Yeah I don't think it is possible to work around the policy restrictions. I can try to ping the sysadmins...

jeroen commented 1 year ago

I actually thought they had just removed the policy: https://github.com/rstudio/shinyapps-package-dependencies/pull/323

dcaud commented 1 year ago

They definitely removed the policy a while back, but it has reappeared.

dcaud commented 1 year ago

Thanks, jeroen! I think what happened is that they wrote a script to remove policy.xml for Focal that has was included (and updated) to work with Jammy.

dcaud commented 10 months ago

The Posit folks fixed this so new apps launched there do not continue to have this problem.