demarches-normaliennes/app/models/concerns/attachment_virus_scanner_concern.rb

28 lines
898 B
Ruby
Raw Normal View History

# Run a virus scan on all attachments after they are analyzed.
#
# We're using a class extension to ensure that all attachments get scanned,
# regardless on how they were created. This could be an ActiveStorage::Analyzer,
# but as of Rails 6.1 only the first matching analyzer is ever run on
# a blob (and we may want to analyze the dimension of a picture as well
# as scanning it).
module AttachmentVirusScannerConcern
extend ActiveSupport::Concern
included do
after_create_commit :scan_for_virus_later
end
private
def scan_for_virus_later
return if blob.nil?
# do not scan if the blob is already marked as safe
# usually because of metadata[:virus_scan_result] = ActiveStorage::VirusScanner::SAFE
# added on a blob built by the application itself
return if blob.virus_scan_result == ActiveStorage::VirusScanner::SAFE
blob.scan_for_virus_later
end
end