From 96cbbc0192f33f75091d7ea701dd05ffa5e3b149 Mon Sep 17 00:00:00 2001
From: Paul Chavard <github@paul.chavard.net>
Date: Thu, 2 Sep 2021 12:26:11 +0200
Subject: [PATCH] fix(virus scan): prevent virus scan on archives and
 signatures uploads

---
 app/models/bill_signature.rb              | 5 ++++-
 app/models/etablissement.rb               | 1 +
 app/services/procedure_archive_service.rb | 7 ++++++-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/app/models/bill_signature.rb b/app/models/bill_signature.rb
index 8b0e66cf5..d2c1cfd7a 100644
--- a/app/models/bill_signature.rb
+++ b/app/models/bill_signature.rb
@@ -30,6 +30,7 @@ class BillSignature < ApplicationRecord
       io: StringIO.new(operations_bill_json),
       filename: "demarches-simplifiees-operations-#{day.to_date.iso8601}.json",
       content_type: 'application/json',
+      # we don't want to run virus scanner on this file
       metadata: { virus_scan_result: ActiveStorage::VirusScanner::SAFE }
     )
 
@@ -52,7 +53,9 @@ class BillSignature < ApplicationRecord
     self.signature.attach(
       io: StringIO.new(signature),
       filename: "demarches-simplifiees-signature-#{day.to_date.iso8601}.der",
-      content_type: 'application/x-x509-ca-cert'
+      content_type: 'application/x-x509-ca-cert',
+      # we don't want to run virus scanner on this file
+      metadata: { virus_scan_result: ActiveStorage::VirusScanner::SAFE }
     )
   end
 
diff --git a/app/models/etablissement.rb b/app/models/etablissement.rb
index 3cf259d2d..25b3969cc 100644
--- a/app/models/etablissement.rb
+++ b/app/models/etablissement.rb
@@ -176,6 +176,7 @@ class Etablissement < ApplicationRecord
       attestation.attach(
         io: StringIO.new(response.body),
         filename: filename,
+        # we don't want to run virus scanner on this file
         metadata: { virus_scan_result: ActiveStorage::VirusScanner::SAFE }
       )
     end
diff --git a/app/services/procedure_archive_service.rb b/app/services/procedure_archive_service.rb
index bf3b4d320..5a4d54256 100644
--- a/app/services/procedure_archive_service.rb
+++ b/app/services/procedure_archive_service.rb
@@ -40,7 +40,12 @@ class ProcedureArchiveService
       end
     end
 
-    archive.file.attach(io: File.open(tmp_file), filename: archive.filename(@procedure))
+    archive.file.attach(
+      io: File.open(tmp_file),
+      filename: archive.filename(@procedure),
+      # we don't want to run virus scanner on this file
+      metadata: { virus_scan_result: ActiveStorage::VirusScanner::SAFE }
+    )
     tmp_file.delete
     archive.make_available!
     InstructeurMailer.send_archive(instructeur, @procedure, archive).deliver_later