Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove invalid upload files #11851

Open
wants to merge 22 commits into
base: develop
Choose a base branch
from
Open

Remove invalid upload files #11851

wants to merge 22 commits into from

Conversation

alecslupu
Copy link
Contributor

🎩 What? Why?

This PR will remove any file uploaded, that is invalid ( either format or size )

Testing

  1. Go to development_app's storage folder and remove all it's content (./development_app/storage )
  2. Login as user, visit "my account"
  3. On profile click to upload new photo
  4. Select an invalid file type (ex a pdf)
  5. Check the storage folder and see the file is still there
  6. remove storage contents & apply patch
  7. Repeat 2,3,4
  8. Check the storage folder and see there is no file left

♥️ Thank you!

@alecslupu alecslupu added target: developer-experience type: fix PRs that implement a fix for a bug labels Oct 27, 2023
@alecslupu alecslupu added this to the 0.28.0 milestone Oct 27, 2023
github-actions[bot]
github-actions bot previously approved these changes Oct 27, 2023
View reviewed changes
@alecslupu alecslupu marked this pull request as ready for review October 27, 2023 12:44
andreslucena
andreslucena previously approved these changes Oct 27, 2023
View reviewed changes
Copy link
Member

@andreslucena andreslucena left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tried it locally and it works well! Code-wise it's 👌🏽 👏🏽 👏🏽

I'll wait for @ahukkanen review too as he understands much better the ActiveStorage API and implications just in case.

github-actions[bot]
github-actions bot previously approved these changes Oct 27, 2023
View reviewed changes
github-actions[bot]
github-actions bot previously approved these changes Oct 27, 2023
View reviewed changes
github-actions[bot]
github-actions bot previously approved these changes Nov 8, 2023
View reviewed changes
github-actions[bot]
github-actions bot previously approved these changes Nov 8, 2023
View reviewed changes
github-actions[bot]
github-actions bot previously approved these changes Nov 10, 2023
View reviewed changes
@andreslucena andreslucena modified the milestones: 0.28.0, 0.28.1 Dec 20, 2023
@andreslucena andreslucena removed this from the 0.28.1 milestone Jan 10, 2024
github-actions[bot]
github-actions bot previously approved these changes Mar 8, 2024
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 11, 2024
View reviewed changes
RELEASE_NOTES.md Fixed Show fixed Hide fixed
decidim-core/lib/tasks/decidim_attachments.rake Fixed Show fixed Hide fixed
github-actions[bot]
github-actions bot previously approved these changes Mar 11, 2024
View reviewed changes
@alecslupu
Merge branch 'develop' of github.com:decidim/decidim into fix/attachm…
dd16d30 
…ent-validation-cleanup
@alecslupu
Remove the "decidim_core.clean_attachments" initializer and the Clean…
342751e 
…UnattachedBlobJob
@alecslupu
Change the rake task so it prevents deleting blobs that are less than…
3490ff8 
… 60 minutes
@alecslupu
Change the Releases Notes so the task is run two times with one hour …
63586fa 
…of difference just to be sure
@alecslupu
DirectUploadsController validations
2f38d9c 
it prevents access by unauthenticated users
it validates by the allowed mime types in system defined for participants in case the current_user is a normal participant
it validates by the allowed mime types in system defined for admins in case the current_user is an admin
@alecslupu
Add specs
7bccc7e
github-actions[bot]
github-actions bot previously approved these changes Apr 16, 2024
View reviewed changes
andreslucena
andreslucena reviewed Apr 16, 2024
View reviewed changes
RELEASE_NOTES.md Outdated Show resolved Hide resolved
@alecslupu @andreslucena
Update RELEASE_NOTES.md
2c961cd 
Co-authored-by: Andrés Pereira de Lucena <andreslucena@users.noreply.github.com>
github-actions[bot]
github-actions bot previously approved these changes Apr 16, 2024
View reviewed changes
github-actions[bot]
github-actions bot previously approved these changes Apr 16, 2024
View reviewed changes
ahukkanen
ahukkanen requested changes Apr 16, 2024
View reviewed changes
Copy link
Contributor

@ahukkanen ahukkanen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since I promised to give a review on this, here it is: great work and superb improvement!

I left some improvement ideas in the code comments, feel free to adjust.

decidim-core/app/controllers/decidim/direct_uploads_controller.rb Outdated Show resolved Hide resolved
decidim-core/app/controllers/decidim/direct_uploads_controller.rb Outdated Show resolved Hide resolved
decidim-core/app/controllers/decidim/direct_uploads_controller.rb Outdated Show resolved Hide resolved
decidim-core/app/controllers/decidim/direct_uploads_controller.rb Outdated Show resolved Hide resolved
decidim-core/lib/decidim/core/engine.rb Outdated Show resolved Hide resolved
decidim-core/lib/tasks/decidim_attachments.rake Outdated Show resolved Hide resolved
decidim-core/app/commands/decidim/validate_upload.rb
private

def remove_invalid_file
blob = ActiveStorage::Blob.find_signed(@form.blob)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should change the type of the :blob attribute on the form itself to Decidim::Attributes::Blob.

It does exactly this.

This is probably an oversight in the previous implementation (or the attribute didn't exist back then).

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@alecslupu Is there some problem implementing this change? I was just wondering because the other changes seem to be already implemented, just this one is still open.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ahukkanen, there is no issue. Just this PR has not been under my attention lately. also the implementation needs to be changed so that the upload flow to handle the validation as well.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK thanks and noted. Let me know if this still needs my attention.

github-actions[bot]
github-actions bot previously approved these changes Apr 16, 2024
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andreslucena andreslucena andreslucena left review comments

@ahukkanen ahukkanen ahukkanen requested changes

@github-actions github-actions[bot] github-actions approved these changes

Requested changes must be addressed to merge this pull request.

Assignees

@andreslucena andreslucena

Labels
target: developer-experience type: fix PRs that implement a fix for a bug
Projects
Maintainers' backlog
Status: 👀 In review
Milestone
0.28.2
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@alecslupu @andreslucena @ahukkanen