pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

File length validation for task order upload

Browse Source
This commit is contained in:
dandds 2019-06-06 13:04:39 -04:00
parent f5e208ccc5
commit 318257e32c
4 changed files with 28 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
atst/domain/csp/files.py
View File

@ -14,7 +14,7 @@ class CSPFileError(Exception):
class FileProviderInterface: class FileProviderInterface:
_PERMITTED_MIMETYPES = ["application/pdf", "image/png"] _PERMITTED_MIMETYPES = ["application/pdf"]
def _enforce_mimetype(self, fyle): def _enforce_mimetype(self, fyle):
# TODO: for hardening, we should probably use a better library for # TODO: for hardening, we should probably use a better library for

4
atst/forms/task_order.py
View File

@ -4,6 +4,7 @@ from wtforms.validators import Required, Optional
from flask_wtf.file import FileAllowed from flask_wtf.file import FileAllowed
from .forms import BaseForm from .forms import BaseForm
from atst.forms.validators import FileLength
from atst.utils.localization import translate from atst.utils.localization import translate
@ -16,7 +17,8 @@ class TaskOrderForm(BaseForm):
pdf = FileField( pdf = FileField(
None, None,
validators=[ validators=[
FileAllowed(["pdf"], translate("forms.task_order.file_format_not_allowed")) FileAllowed(["pdf"], translate("forms.task_order.file_format_not_allowed")),
FileLength(),
], ],
render_kw={"accept": ".pdf,application/pdf"}, render_kw={"accept": ".pdf,application/pdf"},
) )

14
atst/forms/validators.py
View File

@ -99,3 +99,17 @@ def RequiredIf(criteria_function, message=translate("forms.validators.is_require
raise StopValidation() raise StopValidation()
return _required_if return _required_if
def FileLength(max_length=50000000, message=None):
def _file_length(_form, field):
if field.data is None:
return True
content = field.data.read()
if len(content) > max_length:
raise ValidationError(message)
else:
field.data.seek(0)
return _file_length

17
tests/forms/test_validators.py
View File

@ -1,13 +1,7 @@
from wtforms.validators import ValidationError, StopValidation from wtforms.validators import ValidationError, StopValidation
import pytest import pytest
from atst.forms.validators import ( from atst.forms.validators import *
Name,
IsNumber,
PhoneNumber,
ListItemsUnique,
RequiredIf,
)
class TestIsNumber: class TestIsNumber:
@ -97,3 +91,12 @@ class TestRequiredIf:
with pytest.raises(StopValidation): with pytest.raises(StopValidation):
validator(dummy_form, dummy_field) validator(dummy_form, dummy_field)
class TestFileLength:
def test_FileLength(self, dummy_form, dummy_field, pdf_upload):
validator = FileLength(max_length=1)
dummy_field.data = pdf_upload
with pytest.raises(ValidationError):
validator(dummy_form, dummy_field)