From 6c34f91ceae554d4703423873e3deaf6eb58b993 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?H=C3=A9l=C3=A8ne=20Meneuvrier?= Date: Fri, 24 Jan 2025 16:26:35 +0100 Subject: [PATCH 1/3] check size on uploadFile #3336 --- .../Signalement/SignalementFileProcessor.php | 105 ++++++++++-------- src/Service/UploadHandlerService.php | 19 +++- 2 files changed, 78 insertions(+), 46 deletions(-) diff --git a/src/Service/Signalement/SignalementFileProcessor.php b/src/Service/Signalement/SignalementFileProcessor.php index 5d88d402e..7071645ac 100644 --- a/src/Service/Signalement/SignalementFileProcessor.php +++ b/src/Service/Signalement/SignalementFileProcessor.php @@ -7,6 +7,8 @@ use App\Entity\Intervention; use App\Entity\Signalement; use App\Entity\User; +use App\Exception\File\EmptyFileException; +use App\Exception\File\MaxUploadSizeExceededException; use App\Factory\FileFactory; use App\Service\Files\FilenameGenerator; use App\Service\ImageManipulationHandler; @@ -40,6 +42,7 @@ public function process( ): array { $fileList = []; foreach ($files[$inputName] as $key => $file) { + $fileSizeOk = false; if ($file instanceof UploadedFile) { try { if (!$this->fileScanner->isClean($file->getPathname())) { @@ -53,61 +56,73 @@ public function process( $this->logger->error($exception->getMessage()); continue; } + try { + $fileSizeOk = $this->uploadHandlerService->isFileSizeOk($file); + } catch (MaxUploadSizeExceededException|EmptyFileException $exception) { + $this->errors[] = $exception->getMessage(); + } + } else { + $fileSizeOk = true; } - $fileExtension = $file instanceof UploadedFile ? $file->getExtension() : null; - if ( - $file instanceof UploadedFile - && File::INPUT_NAME_DOCUMENTS === $inputName - && !UploadHandlerService::isAcceptedDocumentFormat($file, $inputName) - ) { - $acceptedExtensions = UploadHandlerService::getAcceptedExtensions('document'); - $message = <<getClientOriginalExtension() : null; + + if ( + $file instanceof UploadedFile + && File::INPUT_NAME_DOCUMENTS === $inputName + && !UploadHandlerService::isAcceptedDocumentFormat($file, $inputName) + ) { + $acceptedExtensions = UploadHandlerService::getAcceptedExtensions('document'); + $message = <<__toString().' MimeType : '.$file->getMimeType().' )'; - $this->logger->error($message.$fileInfo); - $this->errors[] = $message; - } elseif ( - $file instanceof UploadedFile - && File::INPUT_NAME_PHOTOS === $inputName - && !ImageManipulationHandler::isAcceptedPhotoFormat($file, $inputName) - ) { - $acceptedExtensions = UploadHandlerService::getAcceptedExtensions('photo'); - $message = <<__toString().' MimeType : '.$file->getMimeType().' )'; + $this->logger->error($message.$fileInfo); + $this->errors[] = $message; + } elseif ( + $file instanceof UploadedFile + && File::INPUT_NAME_PHOTOS === $inputName + && !ImageManipulationHandler::isAcceptedPhotoFormat($file, $inputName) + ) { + $acceptedExtensions = UploadHandlerService::getAcceptedExtensions('photo'); + $message = <<__toString().' MimeType : '.$file->getMimeType().' )'; - $this->logger->error($message.$fileInfo); - $this->errors[] = $message; - } else { - $inputTypeDetection = $inputName; - try { - if ($file instanceof UploadedFile) { - $filename = $this->uploadHandlerService->uploadFromFile( - $file, - $this->filenameGenerator->generate($file), - $inputTypeDetection - ); - $title = $this->filenameGenerator->getTitle(); - - if (\in_array($file->getMimeType(), File::IMAGE_MIME_TYPES)) { - $this->imageManipulationHandler->setUseTmpDir(false)->resize($filename)->thumbnail($filename); + $fileInfo = ' ( Fichier : '.$file->__toString().' MimeType : '.$file->getMimeType().' )'; + $this->logger->error($message.$fileInfo); + $this->errors[] = $message; + } else { + $inputTypeDetection = $inputName; + try { + if ($file instanceof UploadedFile) { + $filename = $this->uploadHandlerService->uploadFromFile( + $file, + $this->filenameGenerator->generate($file), + $inputTypeDetection + ); + $title = $this->filenameGenerator->getTitle(); + + if (\in_array($file->getMimeType(), File::IMAGE_MIME_TYPES)) { + $this->imageManipulationHandler->setUseTmpDir(false)->resize($filename)->thumbnail($filename); + } else { + $inputTypeDetection = 'documents'; + } } else { - $inputTypeDetection = 'documents'; + $filename = $this->uploadHandlerService->moveFromBucketTempFolder($file); + $title = $key; } - } else { - $filename = $this->uploadHandlerService->moveFromBucketTempFolder($file); - $title = $key; + } catch (\Exception $exception) { + $this->logger->error($exception->getMessage()); + $this->errors[] = $exception->getMessage(); + continue; + } + if (!empty($filename)) { + $fileList[] = $this->createFileItem($filename, $title, $inputTypeDetection, $documentType); } - } catch (\Exception $exception) { - $this->logger->error($exception->getMessage()); - $this->errors[] = $exception->getMessage(); - continue; - } - if (!empty($filename)) { - $fileList[] = $this->createFileItem($filename, $title, $inputTypeDetection, $documentType); } } } diff --git a/src/Service/UploadHandlerService.php b/src/Service/UploadHandlerService.php index ff19e8b88..15817b5ea 100755 --- a/src/Service/UploadHandlerService.php +++ b/src/Service/UploadHandlerService.php @@ -46,7 +46,7 @@ public function toTempFolder( } $newFilename = $this->filenameGenerator->generate($file); $titre = $this->filenameGenerator->getTitle(); - + if ($this->isFileEmpty($file)) { throw new EmptyFileException(); } @@ -119,6 +119,23 @@ public static function getAcceptedExtensions(?string $type = 'document'): string return $all; } + /** + * @throws EmptyFileException + * @throws MaxUploadSizeExceededException + */ + public function isFileSizeOk( + UploadedFile $file, + ): bool { + if ($this->isFileEmpty($file)) { + throw new EmptyFileException(); + } + if ($file->getSize() > self::MAX_FILESIZE) { + throw new MaxUploadSizeExceededException(self::MAX_FILESIZE); + } + + return true; + } + public function moveFilePath(string $filePath): ?string { try { From 2a2231ade88e1ea82ad9613e29c3590311daa3e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?H=C3=A9l=C3=A8ne=20Meneuvrier?= Date: Fri, 24 Jan 2025 16:47:08 +0100 Subject: [PATCH 2/3] cs-fixer #3336 --- src/Service/Signalement/SignalementFileProcessor.php | 1 - src/Service/UploadHandlerService.php | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/Service/Signalement/SignalementFileProcessor.php b/src/Service/Signalement/SignalementFileProcessor.php index 7071645ac..3a2457be0 100644 --- a/src/Service/Signalement/SignalementFileProcessor.php +++ b/src/Service/Signalement/SignalementFileProcessor.php @@ -65,7 +65,6 @@ public function process( $fileSizeOk = true; } - if ($fileSizeOk) { $fileExtension = $file instanceof UploadedFile ? $file->getClientOriginalExtension() : null; diff --git a/src/Service/UploadHandlerService.php b/src/Service/UploadHandlerService.php index 15817b5ea..cb36c66a0 100755 --- a/src/Service/UploadHandlerService.php +++ b/src/Service/UploadHandlerService.php @@ -46,7 +46,7 @@ public function toTempFolder( } $newFilename = $this->filenameGenerator->generate($file); $titre = $this->filenameGenerator->getTitle(); - + if ($this->isFileEmpty($file)) { throw new EmptyFileException(); } From 9425ad01b3a50e4334616286bbee9e96362193fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?H=C3=A9l=C3=A8ne=20Meneuvrier?= Date: Tue, 28 Jan 2025 10:58:46 +0100 Subject: [PATCH 3/3] add log sentry #3336 --- src/Service/Signalement/SignalementFileProcessor.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/Service/Signalement/SignalementFileProcessor.php b/src/Service/Signalement/SignalementFileProcessor.php index 3a2457be0..389894ab2 100644 --- a/src/Service/Signalement/SignalementFileProcessor.php +++ b/src/Service/Signalement/SignalementFileProcessor.php @@ -60,6 +60,7 @@ public function process( $fileSizeOk = $this->uploadHandlerService->isFileSizeOk($file); } catch (MaxUploadSizeExceededException|EmptyFileException $exception) { $this->errors[] = $exception->getMessage(); + $this->logger->error($exception->getMessage()); } } else { $fileSizeOk = true;