New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove invalid upload files #11851
base: develop
Are you sure you want to change the base?
Remove invalid upload files #11851
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tried it locally and it works well! Code-wise it's 👌🏽 👏🏽 👏🏽
I'll wait for @ahukkanen review too as he understands much better the ActiveStorage
API and implications just in case.
5d6ab94
…ent-validation-cleanup
…ent-validation-cleanup
…ent-validation-cleanup
…ent-validation-cleanup
…UnattachedBlobJob
…of difference just to be sure
it prevents access by unauthenticated users it validates by the allowed mime types in system defined for participants in case the current_user is a normal participant it validates by the allowed mime types in system defined for admins in case the current_user is an admin
Co-authored-by: Andrés Pereira de Lucena <andreslucena@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since I promised to give a review on this, here it is: great work and superb improvement!
I left some improvement ideas in the code comments, feel free to adjust.
decidim-core/app/controllers/decidim/direct_uploads_controller.rb
Outdated
Show resolved
Hide resolved
decidim-core/app/controllers/decidim/direct_uploads_controller.rb
Outdated
Show resolved
Hide resolved
decidim-core/app/controllers/decidim/direct_uploads_controller.rb
Outdated
Show resolved
Hide resolved
decidim-core/app/controllers/decidim/direct_uploads_controller.rb
Outdated
Show resolved
Hide resolved
private | ||
|
||
def remove_invalid_file | ||
blob = ActiveStorage::Blob.find_signed(@form.blob) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should change the type of the :blob
attribute on the form itself to Decidim::Attributes::Blob
.
It does exactly this.
This is probably an oversight in the previous implementation (or the attribute didn't exist back then).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@alecslupu Is there some problem implementing this change? I was just wondering because the other changes seem to be already implemented, just this one is still open.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ahukkanen, there is no issue. Just this PR has not been under my attention lately. also the implementation needs to be changed so that the upload flow to handle the validation as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK thanks and noted. Let me know if this still needs my attention.
🎩 What? Why?
This PR will remove any file uploaded, that is invalid ( either format or size )
Testing
./development_app/storage
)