From 1f27652cd370a9edd851dd4bec13abaf8b94960c Mon Sep 17 00:00:00 2001 From: kara Diaby Date: Mon, 16 Mar 2020 17:55:16 +0100 Subject: [PATCH] add files validations to models --- app/models/attestation_template.rb | 5 ++--- app/models/avis.rb | 2 ++ app/models/commentaire.rb | 1 + app/models/procedure.rb | 20 +++++++++++++++++++ .../procedures/_informations.html.haml | 2 ++ spec/models/procedure_spec.rb | 16 +++++++++++---- 6 files changed, 39 insertions(+), 7 deletions(-) diff --git a/app/models/attestation_template.rb b/app/models/attestation_template.rb index 69056789b..87accde3c 100644 --- a/app/models/attestation_template.rb +++ b/app/models/attestation_template.rb @@ -10,9 +10,8 @@ class AttestationTemplate < ApplicationRecord has_one_attached :signature validates :footer, length: { maximum: 190 } - - validates :logo, content_type: [:png, :jpg, :jpeg] - validates :signature, content_type: [:png, :jpg, :jpeg] + validates :logo, content_type: ['image/png', 'image/jpg', 'image/jpeg'], size: { less_than: 1.megabytes } + validates :signature, content_type: ['image/png', 'image/jpg', 'image/jpeg'], size: { less_than: 1.megabytes } DOSSIER_STATE = Dossier.states.fetch(:accepte) diff --git a/app/models/avis.rb b/app/models/avis.rb index fae8f3a35..bf468b96a 100644 --- a/app/models/avis.rb +++ b/app/models/avis.rb @@ -10,6 +10,8 @@ class Avis < ApplicationRecord validates :email, format: { with: Devise.email_regexp, message: "n'est pas valide" }, allow_nil: true validates :claimant, presence: true + validates :piece_justificative_file, size: { less_than: 20.megabytes } + validates :introduction_file, size: { less_than: 20.megabytes } before_validation -> { sanitize_email(:email) } before_create :try_to_assign_instructeur diff --git a/app/models/commentaire.rb b/app/models/commentaire.rb index 9a93319d4..7d4a520ae 100644 --- a/app/models/commentaire.rb +++ b/app/models/commentaire.rb @@ -11,6 +11,7 @@ class Commentaire < ApplicationRecord has_one_attached :piece_jointe validates :body, presence: { message: "ne peut être vide" } + validates :piece_jointe, size: { less_than: 20.megabytes } default_scope { order(created_at: :asc) } scope :updated_since?, -> (date) { where('commentaires.updated_at > ?', date) } diff --git a/app/models/procedure.rb b/app/models/procedure.rb index 807899628..3c3a72fca 100644 --- a/app/models/procedure.rb +++ b/app/models/procedure.rb @@ -84,6 +84,26 @@ class Procedure < ApplicationRecord validates :duree_conservation_dossiers_dans_ds, allow_nil: true, numericality: { only_integer: true, greater_than_or_equal_to: 1, less_than_or_equal_to: MAX_DUREE_CONSERVATION }, unless: :durees_conservation_required validates :duree_conservation_dossiers_hors_ds, allow_nil: true, numericality: { only_integer: true, greater_than_or_equal_to: 0 }, unless: :durees_conservation_required validates_with MonAvisEmbedValidator + validates :notice, content_type: [ + "application/msword", + "application/pdf", + "application/vnd.openxmlformats-officedocument.wordprocessingml.document", + "application/vnd.ms-powerpoint", + "application/vnd.openxmlformats-officedocument.presentationml.presentation", + "application/vnd.oasis.opendocument.text", + "application/vnd.oasis.opendocument.presentation", + "text/plain" + ], size: { less_than: 20.megabytes } + + validates :deliberation, content_type: [ + "application/msword", + "application/pdf", + "application/vnd.openxmlformats-officedocument.wordprocessingml.document", + "text/plain", + "application/vnd.oasis.opendocument.text" + ], size: { less_than: 20.megabytes } + + validates :logo, content_type: ['image/png', 'image/jpg', 'image/jpeg'], size: { less_than: 5.megabytes } before_save :update_juridique_required before_save :update_durees_conservation_required after_initialize :ensure_path_exists diff --git a/app/views/new_administrateur/procedures/_informations.html.haml b/app/views/new_administrateur/procedures/_informations.html.haml index 9a3385173..db14b75a1 100644 --- a/app/views/new_administrateur/procedures/_informations.html.haml +++ b/app/views/new_administrateur/procedures/_informations.html.haml @@ -70,6 +70,8 @@ Une notice explicative est un document destiné à guider l’usager dans sa démarche. C’est un document que vous avez élaboré et qui peut prendre la forme d’un fichier doc, d’un pdf ou encore de diapositives. Le bouton pour télécharger cette notice apparaît en haut du formulaire pour l’usager. = f.label :notice, 'Notice' +%p.notice + Formats acceptés : .doc, .odt, .pdf, .ppt, .pptx - notice = @procedure.notice = render 'shared/attachment/edit', { form: f, diff --git a/spec/models/procedure_spec.rb b/spec/models/procedure_spec.rb index 080d753a5..0d3b220df 100644 --- a/spec/models/procedure_spec.rb +++ b/spec/models/procedure_spec.rb @@ -193,12 +193,19 @@ describe Procedure do context 'when the deliberation is uploaded ' do before do - allow(procedure).to receive(:deliberation) - .and_return(double('attached?': true)) + procedure.deliberation = Rack::Test::UploadedFile.new('spec/fixtures/files/file.pdf', 'application/pdf') end it { expect(procedure.valid?).to eq(true) } end + + context 'when the deliberation is uploaded with an unauthorized format' do + before do + procedure.deliberation = Rack::Test::UploadedFile.new('spec/fixtures/files/french-flag.gif', 'image/gif') + end + + it { expect(procedure.valid?).to eq(false) } + end end end @@ -925,8 +932,9 @@ describe Procedure do p.reload expect(p.juridique_required).to be_falsey - allow(p).to receive(:deliberation).and_return(double('attached?': true)) - p.save + @deliberation = Rack::Test::UploadedFile.new('spec/fixtures/files/file.pdf', 'application/pdf') + p.update(deliberation: @deliberation) + p.reload expect(p.juridique_required).to be_truthy end end