mirror of
				https://github.com/paperless-ngx/paperless-ngx.git
				synced 2025-10-24 03:26:11 -05:00 
			
		
		
		
	using mime type checking during upload
This commit is contained in:
		| @@ -3,22 +3,35 @@ import tempfile | ||||
| from datetime import datetime | ||||
| from time import mktime | ||||
|  | ||||
| import magic | ||||
| from django import forms | ||||
| from django.conf import settings | ||||
| from django_q.tasks import async_task | ||||
| from pathvalidate import validate_filename, ValidationError | ||||
|  | ||||
| from documents.parsers import is_mime_type_supported | ||||
|  | ||||
|  | ||||
| class UploadForm(forms.Form): | ||||
|  | ||||
|     document = forms.FileField() | ||||
|  | ||||
|     def clean_document(self): | ||||
|         document_name = self.cleaned_data.get("document").name | ||||
|  | ||||
|         try: | ||||
|             validate_filename(self.cleaned_data.get("document").name) | ||||
|             validate_filename(document_name) | ||||
|         except ValidationError: | ||||
|             raise forms.ValidationError("That filename is suspicious.") | ||||
|         return self.cleaned_data.get("document") | ||||
|  | ||||
|         document_data = self.cleaned_data.get("document").read() | ||||
|  | ||||
|         mime_type = magic.from_buffer(document_data, mime=True) | ||||
|  | ||||
|         if not is_mime_type_supported(mime_type): | ||||
|             raise forms.ValidationError("This mime type is not supported.") | ||||
|  | ||||
|         return document_name, document_data | ||||
|  | ||||
|     def save(self): | ||||
|         """ | ||||
| @@ -27,8 +40,7 @@ class UploadForm(forms.Form): | ||||
|         form do that as well.  Think of it as a poor-man's queue server. | ||||
|         """ | ||||
|  | ||||
|         document = self.cleaned_data.get("document").read() | ||||
|         original_filename = self.cleaned_data.get("document").name | ||||
|         original_filename, data = self.cleaned_data.get("document") | ||||
|  | ||||
|         t = int(mktime(datetime.now().timetuple())) | ||||
|  | ||||
| @@ -36,7 +48,7 @@ class UploadForm(forms.Form): | ||||
|  | ||||
|         with tempfile.NamedTemporaryFile(prefix="paperless-upload-", dir=settings.SCRATCH_DIR, delete=False) as f: | ||||
|  | ||||
|             f.write(document) | ||||
|             f.write(data) | ||||
|             os.utime(f.name, times=(t, t)) | ||||
|  | ||||
|             async_task("documents.tasks.consume_file", f.name, override_filename=original_filename, task_name=os.path.basename(original_filename)) | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Jonas Winkler
					Jonas Winkler