DGNum/demarches-normaliennes
15
1
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Validate virus free with Clamav

Browse source
This commit is contained in:
Mathieu Magnin 2017-11-08 16:37:04 +01:00
parent 158adc2472
commit 76cb54988d
2 changed files with 31 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
app/models/commentaire.rb
View file

@ -4,6 +4,7 @@ class Commentaire < ActiveRecord::Base
belongs_to :piece_justificative belongs_to :piece_justificative
mount_uploader :file, CommentaireFileUploader mount_uploader :file, CommentaireFileUploader
validate :is_virus_free?
default_scope { order(created_at: :asc) } default_scope { order(created_at: :asc) }
scope :updated_since?, -> (date) { where('commentaires.updated_at > ?', date) } scope :updated_since?, -> (date) { where('commentaires.updated_at > ?', date) }
@ -44,4 +45,10 @@ class Commentaire < ActiveRecord::Base
def notify_user def notify_user
NotificationMailer.new_answer(dossier).deliver_now! NotificationMailer.new_answer(dossier).deliver_now!
end end
def is_virus_free?
if file.present? && file_changed? && !ClamavService.safe_file?(file.path)
errors.add(:file, "Virus détecté dans le fichier joint, merci de changer de fichier")
end
end
end end

34
spec/controllers/new_gestionnaire/dossiers_controller_spec.rb
View file

@ -112,10 +112,9 @@ describe NewGestionnaire::DossiersController, type: :controller do
describe "#create_commentaire" do describe "#create_commentaire" do
let(:saved_commentaire) { dossier.commentaires.first } let(:saved_commentaire) { dossier.commentaires.first }
let(:file) { nil } let(:file) { nil }
let(:scan_result) { true }
before do subject {
allow(ClamavService).to receive(:safe_file?).and_return(true)
post :create_commentaire, params: { post :create_commentaire, params: {
procedure_id: procedure.id, procedure_id: procedure.id,
dossier_id: dossier.id, dossier_id: dossier.id,
@ -124,19 +123,34 @@ describe NewGestionnaire::DossiersController, type: :controller do
file: file file: file
} }
} }
}
before do
allow(ClamavService).to receive(:safe_file?).and_return(scan_result)
end end
it { expect(saved_commentaire.body).to eq('body') } it do
it { expect(saved_commentaire.email).to eq(gestionnaire.email) } subject
it { expect(saved_commentaire.dossier).to eq(dossier) }
it { expect(response).to redirect_to(messagerie_dossier_path(dossier.procedure, dossier)) } expect(saved_commentaire.body).to eq('body')
it { expect(gestionnaire.followed_dossiers).to include(dossier) } expect(saved_commentaire.email).to eq(gestionnaire.email)
it { expect(saved_commentaire.file.present?).to eq(false) } expect(saved_commentaire.dossier).to eq(dossier)
expect(response).to redirect_to(messagerie_dossier_path(dossier.procedure, dossier))
expect(gestionnaire.followed_dossiers).to include(dossier)
expect(saved_commentaire.file.present?).to eq(false)
end
context "with a file" do context "with a file" do
let(:file) { Rack::Test::UploadedFile.new("./spec/support/files/piece_justificative_0.pdf", 'application/pdf') } let(:file) { Rack::Test::UploadedFile.new("./spec/support/files/piece_justificative_0.pdf", 'application/pdf') }
it { expect(saved_commentaire.file.present?).to eq(true) } it { subject; expect(saved_commentaire.file.present?).to eq(true) }
it { expect { subject }.to change(Commentaire, :count).by(1) }
context "and a virus" do
let(:scan_result) { false }
it { expect { subject }.not_to change(Commentaire, :count) }
end
end end
end end