Merge pull request #3293 from appirio-tech/hotfix/security-comp-10

vikasrohit · web-flow · commit 00cd6fb7bd77 · 2019-09-09T11:43:10.000+05:30
Hotfix/security comp 10
diff --git a/config/constants/dev.js b/config/constants/dev.js
@@ -35,6 +35,7 @@ module.exports = {
 
   FILE_PICKER_API_KEY: process.env.FILE_PICKER_API_KEY_DEV,
   FILE_PICKER_SUBMISSION_CONTAINER_NAME: 'submission-staging-dev',
+  FILE_PICKER_ACCEPT: process.env.FILE_PICKER_ACCEPT_DEV,
 
   SALESFORCE_PROJECT_LEAD_LINK: 'https://c.cs18.visual.force.com/apex/ConnectLead?connectProjectId=',
 
diff --git a/config/constants/master.js b/config/constants/master.js
@@ -36,6 +36,7 @@ module.exports = {
 
   FILE_PICKER_API_KEY: process.env.FILE_PICKER_API_KEY_PROD,
   FILE_PICKER_SUBMISSION_CONTAINER_NAME: 'submission-staging-prod',
+  FILE_PICKER_ACCEPT: process.env.FILE_PICKER_ACCEPT_PROD,
 
   SALESFORCE_PROJECT_LEAD_LINK: 'https://topcoder.my.salesforce.com/apex/ConnectLead?connectProjectId=',
   CONNECT_SEGMENT_KEY: process.env.PROD_SEGMENT_KEY,
diff --git a/config/constants/qa.js b/config/constants/qa.js
@@ -35,6 +35,7 @@ module.exports = {
 
   FILE_PICKER_API_KEY: process.env.FILE_PICKER_API_KEY_QA,
   FILE_PICKER_SUBMISSION_CONTAINER_NAME: 'submission-staging-qa',
+  FILE_PICKER_ACCEPT: process.env.FILE_PICKER_ACCEPT_QA,
 
   SALESFORCE_PROJECT_LEAD_LINK: 'https://c.cs18.visual.force.com/apex/ConnectLead?connectProjectId=',
   CONNECT_SEGMENT_KEY: process.env.QA_SEGMENT_KEY,
diff --git a/src/components/Feed/NewPostMobile.jsx b/src/components/Feed/NewPostMobile.jsx
@@ -21,7 +21,9 @@ import {
   FILE_PICKER_API_KEY,
   FILE_PICKER_CNAME,
   FILE_PICKER_FROM_SOURCES,
-  FILE_PICKER_SUBMISSION_CONTAINER_NAME, PROJECT_ATTACHMENTS_FOLDER
+  FILE_PICKER_SUBMISSION_CONTAINER_NAME,
+  PROJECT_ATTACHMENTS_FOLDER,
+  FILE_PICKER_ACCEPT,
 } from '../../config/constants'
 import BtnRemove from '../../assets/icons/ui-16px-1_trash-simple.svg'
 import _ from 'lodash'
@@ -114,6 +116,7 @@ class NewPostMobile extends React.Component {
         },
         maxFiles: 4,
         fromSources: FILE_PICKER_FROM_SOURCES,
+        accept: FILE_PICKER_ACCEPT,
         uploadInBackground: false,
         onFileUploadFinished: (files) => {
           this.processUploadedFiles(files)
diff --git a/src/components/FileList/AddFiles.jsx b/src/components/FileList/AddFiles.jsx
@@ -3,7 +3,13 @@ import PropTypes from 'prop-types'
 import FilePicker from 'appirio-tech-react-components/components/FilePicker/FilePicker'
 import './AddFiles.scss'
 
-import { FILE_PICKER_API_KEY, FILE_PICKER_SUBMISSION_CONTAINER_NAME, FILE_PICKER_CNAME, FILE_PICKER_FROM_SOURCES } from '../../config/constants'
+import {
+  FILE_PICKER_API_KEY,
+  FILE_PICKER_SUBMISSION_CONTAINER_NAME,
+  FILE_PICKER_CNAME,
+  FILE_PICKER_FROM_SOURCES,
+  FILE_PICKER_ACCEPT
+} from '../../config/constants'
 
 const AddFiles = props => {
   const { successHandler, category, storePath } = props
@@ -20,6 +26,7 @@ const AddFiles = props => {
     location: 's3',
     storeContainer: FILE_PICKER_SUBMISSION_CONTAINER_NAME,
     fromSources: FILE_PICKER_FROM_SOURCES,
+    accept: FILE_PICKER_ACCEPT,
     path: storePath,
     multiple: 'true',
     services: ['COMPUTER', 'GOOGLE_DRIVE', 'BOX', 'DROPBOX', 'SKYDRIVE']
diff --git a/src/components/LinksMenu/FileLinksMenu.jsx b/src/components/LinksMenu/FileLinksMenu.jsx
@@ -21,7 +21,8 @@ import {
   FILE_PICKER_API_KEY,
   FILE_PICKER_FROM_SOURCES,
   FILE_PICKER_CNAME,
-  FILE_PICKER_SUBMISSION_CONTAINER_NAME
+  FILE_PICKER_SUBMISSION_CONTAINER_NAME,
+  FILE_PICKER_ACCEPT,
 } from '../../config/constants'
 
 const FileLinksMenu = ({
@@ -119,6 +120,7 @@ const FileLinksMenu = ({
         },
         maxFiles: 4,
         fromSources: FILE_PICKER_FROM_SOURCES,
+        accept: FILE_PICKER_ACCEPT,
         uploadInBackground: false,
         onFileUploadFinished: (files) => {
           processUploadedFiles(files, category)
diff --git a/src/components/RichTextArea/RichTextArea.jsx b/src/components/RichTextArea/RichTextArea.jsx
@@ -27,9 +27,11 @@ import TitleSaveIcon from '../../assets/icons/icon-save.svg'
 
 import {
   FILE_PICKER_API_KEY,
-  FILE_PICKER_CNAME, FILE_PICKER_FROM_SOURCES,
+  FILE_PICKER_CNAME,
+  FILE_PICKER_FROM_SOURCES,
   FILE_PICKER_SUBMISSION_CONTAINER_NAME,
-  PROJECT_ATTACHMENTS_FOLDER
+  PROJECT_ATTACHMENTS_FOLDER,
+  FILE_PICKER_ACCEPT,
 } from '../../config/constants'
 import * as filepicker from 'filestack-js'
 import BtnRemove from '../../assets/icons/ui-16px-1_trash-simple.svg'
@@ -339,6 +341,7 @@ class RichTextArea extends React.Component {
         },
         maxFiles: 4,
         fromSources: FILE_PICKER_FROM_SOURCES,
+        accept: FILE_PICKER_ACCEPT,
         uploadInBackground: false,
         onFileUploadFinished: (files) => {
           this.processUploadedFiles(files)
diff --git a/src/config/constants.js b/src/config/constants.js
@@ -644,11 +644,12 @@ export const ROLE_ADMINISTRATOR = 'administrator'
 export const ROLE_CONNECT_COPILOT_MANAGER = 'Connect Copilot Manager'
 
 // FIXME .. remove defaults
-export const FILE_PICKER_API_KEY = process.env.FILE_PICKER_API_KEY || 'AzFINuQoqTmqw0QEoaw9az'
+export const FILE_PICKER_API_KEY = process.env.FILE_PICKER_API_KEY || ''
 export const FILE_PICKER_SUBMISSION_CONTAINER_NAME = process.env.FILE_PICKER_SUBMISSION_CONTAINER_NAME || 'submission-staging-dev'
 export const FILE_PICKER_CNAME = process.env.FILE_PICKER_CNAME || 'fs.topcoder.com'
 export const FILE_PICKER_FROM_SOURCES = process.env.FILE_PICKER_FROM_SOURCES || ['local_file_system', 'googledrive', 'dropbox']
 export const PROJECT_ATTACHMENTS_FOLDER = process.env.PROJECT_ATTACHMENTS_FOLDER || 'PROJECT_ATTACHMENTS'
+export const FILE_PICKER_ACCEPT = process.env.FILE_PICKER_ACCEPT || ['.bmp', '.gif', '.jpg', '.tex', '.xls', '.xlsx', '.doc', '.docx', '.zip', '.txt', '.pdf', '.png', '.ppt', '.pptx', '.rtf']
 
 export const SEGMENT_KEY = process.env.CONNECT_SEGMENT_KEY
 /*
diff --git a/src/projects/detail/containers/AssetsInfoContainer.jsx b/src/projects/detail/containers/AssetsInfoContainer.jsx
@@ -19,7 +19,9 @@ import { PROJECT_ATTACHMENTS_FOLDER,
   FILE_PICKER_API_KEY,
   FILE_PICKER_FROM_SOURCES,
   FILE_PICKER_CNAME,
-  FILE_PICKER_SUBMISSION_CONTAINER_NAME } from '../../../config/constants'
+  FILE_PICKER_SUBMISSION_CONTAINER_NAME, 
+  FILE_PICKER_ACCEPT,
+} from '../../../config/constants'
 import AddLink from '../../../components/AssetsLibrary/AddLink'
 import PERMISSIONS from '../../../config/permissions'
 import { checkPermission } from '../../../helpers/permissions'
@@ -517,6 +519,7 @@ class AssetsInfoContainer extends React.Component {
           },
           maxFiles: 4,
           fromSources: FILE_PICKER_FROM_SOURCES,
+          accept: FILE_PICKER_ACCEPT,
           uploadInBackground: false,
           onFileUploadFinished: (files) => {
             processUploadedFiles(files, category)
