Add lenient file-type checking mode #10862

archesproject · Jun 14, 2024 · bcaae04 · bcaae04
1 parent 1fb1607
commit bcaae04
Show file tree

Hide file tree

Showing 6 changed files with 67 additions and 8 deletions.
diff --git a/arches/app/utils/file_validator.py b/arches/app/utils/file_validator.py
@@ -17,9 +17,14 @@ def test_unknown_filetypes(self, file, extension=None):
         errors = []
         match extension:
             case "DS_Store":
-                self.logger.log(
-                    logging.WARN, "DS_Store file encountered, proceeding with caution."
-                )
+                if settings.FILE_TYPE_CHECKING:
+                    if settings.FILE_TYPE_CHECKING == "lenient":
+                        self.logger.log(
+                            logging.WARN,
+                            "DS_Store file encountered, proceeding with caution.",
+                        )
+                    else:
+                        errors.append(f"File type is not permitted: {extension}")
             case _ if extension not in settings.FILE_TYPES:
                 errors.append(f"File type is not permitted: {extension}")
             case "xlsx":
@@ -46,7 +51,8 @@ def test_unknown_filetypes(self, file, extension=None):
                 except json.decoder.JSONDecodeError:
                     errors.append("Invalid json file")
             case _:
-                errors.append("Cannot validate file")
+                if settings.FILE_TYPE_CHECKING != "lenient":
+                    errors.append("Cannot validate file")
 
         for error in errors:
             self.logger.log(logging.ERROR, error)

diff --git a/arches/apps.py b/arches/apps.py
@@ -1,6 +1,20 @@
+import warnings
+
 from django.conf import settings
 from django.core.checks import register, Tags, Error, Warning
 
+### GLOBAL DEPRECATIONS ###
+FILE_TYPE_CHECKING_MSG = (
+    "Providing boolean values to FILE_TYPE_CHECKING is deprecated. "
+    "Starting with Arches 8.0, the only allowed options will be "
+    "None, 'lenient', and 'strict'."
+)
+if settings.FILE_TYPE_CHECKING in (True, False):
+    warnings.warn(FILE_TYPE_CHECKING_MSG, DeprecationWarning)
+
+
+### SYSTEM CHECKS ###
+
 
 @register(Tags.security)
 def check_cache_backend_for_production(app_configs, **kwargs):

diff --git a/arches/install/arches-templates/project_name/settings.py-tpl b/arches/install/arches-templates/project_name/settings.py-tpl
@@ -36,8 +36,23 @@ SEARCH_COMPONENT_LOCATIONS.append('{{ project_name }}.search_components')
 
 LOCALE_PATHS.insert(0, os.path.join(APP_ROOT, 'locale'))
 
-FILE_TYPE_CHECKING = False
-FILE_TYPES = ["bmp", "gif", "jpg", "jpeg", "json", "pdf", "png", "psd", "rtf", "tif", "tiff", "xlsx", "csv", "zip"]
+FILE_TYPE_CHECKING = "lenient"
+FILE_TYPES = [
+    "bmp",
+    "gif",
+    "jpg",
+    "jpeg",
+    "json",
+    "pdf",
+    "png",
+    "psd",
+    "rtf",
+    "tif",
+    "tiff",
+    "xlsx",
+    "csv",
+    "zip",
+]
 FILENAME_GENERATOR = "arches.app.utils.storage_filename_generator.generate_filename"
 UPLOADED_FILES_DIR = "uploadedfiles"
 

diff --git a/arches/settings.py b/arches/settings.py
@@ -674,7 +674,7 @@
     "arches.app.etl_modules",
 ]
 
-FILE_TYPE_CHECKING = False
+FILE_TYPE_CHECKING = "lenient"
 FILE_TYPES = [
     "bmp",
     "gif",

diff --git a/releases/7.6.0.md b/releases/7.6.0.md
@@ -34,6 +34,7 @@ Arches 7.6.0 Release Notes
 - 9769 Ensure resource creation edit log timestamps precede resource update timestamps
 - 10738 Adds Github action for comparing test coverage between branches and rejecting branches that lower test coverage
 - 10842 Adds project-level testing and GitHub test runners
+- 10862 Lenient file-type checking mode
 - 10699 Allow overriding search_results view
 - 10911 Styling fix in resource model manage menu
 - 10726 Upgrade openpyxl package to 3.1.2 and fixes ETL modules
@@ -155,6 +156,15 @@ Minor incompatibilities:
     is now a more attractive target for overriding than `run_load_task()`.
 
 
+### Deprecations
+
+- Boolean values for the `FILE_TYPE_CHECKING` setting are deprecated. Starting with Arches 8.0, the allowed values will be:
+    - `None`
+    - `"lenient"`
+    - `"strict"`
+
+    For more, see the [documentation]() for this setting. 
+
 ### Upgrading Arches
 
 1. You must be upgraded to at least version 7.5.0 before proceeding. If you are on an earlier version, please refer to the upgrade process in the [Version 7.5.0 release notes](https://github.com/archesproject/arches/blob/dev/7.5.x/releases/7.5.0.md)
@@ -355,7 +365,19 @@ Minor incompatibilities:
         - `npm run build_production` This builds a production bundle. **takes up to 2hrs depending on resources**
         - Alternatively you can run `python manage.py build_production`. This will create a production bundle of frontend assessts and also call `collectstatic`.
 
-16.  If you are running Arches on Apache, be sure to run:
+16. Test your project with deprecation warnings enabled.
+
+    ```
+    python -Wall::DeprecationWarning manage.py test --settings=tests.test_settings
+    ```
+
+17. Run system checks against your production settings.
+
+    ```
+    python manage.py check --deploy --settings=path.to.production.settings
+    ```
+
+18.  If you are running Arches on Apache, be sure to run:
 
     ```
     collectstatic

diff --git a/tests/test_settings.py b/tests/test_settings.py
@@ -71,6 +71,8 @@
     "arches.W001"
 )  # Cache backend does not support rate-limiting
 
+FILE_TYPE_CHECKING = "lenient"
+
 # could add Chrome, PhantomJS etc... here
 LOCAL_BROWSERS = []  # ['Firefox']