paradizelost/paperless-ngx
1
0
Fork 0
mirror of https://github.com/paperless-ngx/paperless-ngx.git synced 2025-04-09 09:58:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

using mime type checking during upload

Browse Source
This commit is contained in:
Jonas Winkler 2020-11-21 01:42:55 +01:00
parent 77559332bc
commit b7fec4d355
1 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/documents/forms.py
View File

@ -3,22 +3,35 @@ import tempfile
from datetime import datetime from datetime import datetime
from time import mktime from time import mktime
import magic
from django import forms from django import forms
from django.conf import settings from django.conf import settings
from django_q.tasks import async_task from django_q.tasks import async_task
from pathvalidate import validate_filename, ValidationError from pathvalidate import validate_filename, ValidationError
from documents.parsers import is_mime_type_supported
class UploadForm(forms.Form): class UploadForm(forms.Form):
document = forms.FileField() document = forms.FileField()
def clean_document(self): def clean_document(self):
document_name = self.cleaned_data.get("document").name
try: try:
validate_filename(self.cleaned_data.get("document").name) validate_filename(document_name)
except ValidationError: except ValidationError:
raise forms.ValidationError("That filename is suspicious.") raise forms.ValidationError("That filename is suspicious.")
return self.cleaned_data.get("document")
document_data = self.cleaned_data.get("document").read()
mime_type = magic.from_buffer(document_data, mime=True)
if not is_mime_type_supported(mime_type):
raise forms.ValidationError("This mime type is not supported.")
return document_name, document_data
def save(self): def save(self):
""" """
@ -27,8 +40,7 @@ class UploadForm(forms.Form):
form do that as well. Think of it as a poor-man's queue server. form do that as well. Think of it as a poor-man's queue server.
""" """
document = self.cleaned_data.get("document").read() original_filename, data = self.cleaned_data.get("document")
original_filename = self.cleaned_data.get("document").name
t = int(mktime(datetime.now().timetuple())) t = int(mktime(datetime.now().timetuple()))
@ -36,7 +48,7 @@ class UploadForm(forms.Form):
with tempfile.NamedTemporaryFile(prefix="paperless-upload-", dir=settings.SCRATCH_DIR, delete=False) as f: with tempfile.NamedTemporaryFile(prefix="paperless-upload-", dir=settings.SCRATCH_DIR, delete=False) as f:
f.write(document) f.write(data)
os.utime(f.name, times=(t, t)) os.utime(f.name, times=(t, t))
async_task("documents.tasks.consume_file", f.name, override_filename=original_filename, task_name=os.path.basename(original_filename)) async_task("documents.tasks.consume_file", f.name, override_filename=original_filename, task_name=os.path.basename(original_filename))