Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Restrict upload of binary or unknown file types by default #1507

Merged
merged 26 commits into from
Nov 19, 2024

Conversation

fsbraun
Copy link
Member

@fsbraun fsbraun commented Nov 19, 2024

Description

This PR changes the default settings for file validations to deny upload of binary or unknown file types. Uploading unknown file types is a security risk which will have to be enabled first by setting:

FILER_REMOVE_FILE_VALIDATORS = [
    "application/octet-stream",
]

The docs now include an example of how to run binary file uploads by a virus checker (ClamAV in the example)

# settings.py
FILER_ADD_FILE_VALIDATORS = {
    "application/octet-stream": ["my_validator_app.validators.validate_octet_stream"],
}

# my_validator_app.validators.py

def validate_octet_stream(file_name: str, file: typing.IO, owner: User, mime_type: str) -> None:
    """Octet streams are binary files without a specific mime type. They are run through
    a virus check."""
    try:
        from django_clamd.validators import validate_file_infection

        validate_file_infection(file)
    except (ModuleNotFoundError, ImportError):
        raise FileValidationError(
            _('File "{file_name}": Virus check for binary/unknown file not available').format(file_name=file_name)
        )

It bumps the version to 3.3 since it will require an explicit update of settings for some use cases.

Related resources

  • #...
  • #...

Checklist

  • I have opened this pull request against master
  • I have added or modified the tests when changing logic
  • I have followed the conventional commits guidelines to add meaningful information into the changelog
  • I have read the contribution guidelines and I have joined #workgroup-pr-review on
    Slack to find a “pr review buddy” who is going to review my pull request.

Copy link
Contributor

sourcery-ai bot commented Nov 19, 2024

Reviewer's Guide by Sourcery

This PR implements security improvements by restricting the upload of binary and unknown file types by default. The implementation adds a default validator for 'application/octet-stream' MIME type in the FILE_VALIDATORS settings and provides a way to customize validation through configuration settings.

Class diagram for file validation changes

classDiagram
    class FilerConfig {
        +FILE_VALIDATORS: dict
    }

    class ValidationSettings {
        +FILER_REMOVE_FILE_VALIDATORS: list
        +FILER_ADD_FILE_VALIDATORS: dict
    }

    FilerConfig --> ValidationSettings

    note for FilerConfig "FILE_VALIDATORS now includes 'application/octet-stream' with a default deny validator."
    note for ValidationSettings "Settings can be customized to add or remove file validators."
Loading

File-Level Changes

Change Details Files
Added default security restriction for binary/unknown file uploads
  • Added 'application/octet-stream' to FILE_VALIDATORS with deny validator
  • Added configuration option FILER_REMOVE_FILE_VALIDATORS to override restrictions
  • Added documentation for custom binary file validation with virus checking example
filer/settings.py
docs/validation.rst
Updated test cases to handle new file upload restrictions
  • Modified binary upload test to temporarily disable validators
  • Added validator state management in test setup and teardown
  • Preserved original validator configuration after test execution
tests/test_admin.py

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time. You can also use
    this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@fsbraun fsbraun requested a review from marksweb November 19, 2024 08:10
Copy link
Contributor

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @fsbraun - I've reviewed your changes - here's some feedback:

Overall Comments:

  • Consider adding a migration guide section to the documentation to help users transition from the previous behavior, especially for cases where they need to explicitly enable binary file uploads.
Here's what I looked at during the review
  • 🟡 General issues: 1 issue found
  • 🟢 Security: all looks good
  • 🟡 Testing: 2 issues found
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

tests/test_admin.py Show resolved Hide resolved
tests/test_admin.py Show resolved Hide resolved
docs/validation.rst Outdated Show resolved Hide resolved
Copy link

codecov bot commented Nov 19, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 76.73%. Comparing base (b0f39ab) to head (031c1be).
Report is 27 commits behind head on master.

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #1507      +/-   ##
==========================================
+ Coverage   76.59%   76.73%   +0.14%     
==========================================
  Files          75       77       +2     
  Lines        3546     3624      +78     
  Branches      568      519      -49     
==========================================
+ Hits         2716     2781      +65     
- Misses        667      677      +10     
- Partials      163      166       +3     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.


🚨 Try these New Features:

fsbraun and others added 3 commits November 19, 2024 09:12
Co-authored-by: sourcery-ai[bot] <58596630+sourcery-ai[bot]@users.noreply.github.com>
@fsbraun
Copy link
Member Author

fsbraun commented Nov 19, 2024

@sourcery-ai review

Copy link
Contributor

sourcery-ai bot commented Nov 19, 2024

I'm sorry, I don't understand the command @sourcery-ai I added migration information to README.rst.

Please use @sourcery-ai review to request a review.

@fsbraun fsbraun merged commit f8209a6 into django-cms:master Nov 19, 2024
34 checks passed
@fsbraun fsbraun deleted the fix/restricted-upload branch November 19, 2024 15:41
@fsbraun fsbraun restored the fix/restricted-upload branch November 19, 2024 15:42
fsbraun added a commit that referenced this pull request Nov 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants