Added filetype validation for upload
This commit is contained in:
Tom Bloor
parent
7f18aa7173
commit
e9f4888a8c
2 changed files with 12 additions and 17 deletions
|
|
@ -56,6 +56,8 @@ has error_messages => sub {
|
||||||
},
|
},
|
||||||
file => {
|
file => {
|
||||||
required => { message => 'No file uploaded', status => 400 },
|
required => { message => 'No file uploaded', status => 400 },
|
||||||
|
upload => { message => 'No file uploaded', status => 400 },
|
||||||
|
filetype => { message => 'File must be of type image/jpeg', status => 400 },
|
||||||
},
|
},
|
||||||
organisation_id => {
|
organisation_id => {
|
||||||
required => { message => 'organisation_id is missing', status => 400 },
|
required => { message => 'organisation_id is missing', status => 400 },
|
||||||
|
|
@ -77,7 +79,7 @@ sub post_upload {
|
||||||
my $validation = $c->validation;
|
my $validation = $c->validation;
|
||||||
|
|
||||||
# Test for file before loading the JSON in to the validator
|
# Test for file before loading the JSON in to the validator
|
||||||
$validation->required('file');
|
$validation->required('file')->upload->filetype('image/jpeg');
|
||||||
|
|
||||||
$validation->input( $c->stash->{api_json} );
|
$validation->input( $c->stash->{api_json} );
|
||||||
|
|
||||||
|
|
@ -109,27 +111,12 @@ sub post_upload {
|
||||||
|
|
||||||
my $transaction_value = $validation->param('transaction_value');
|
my $transaction_value = $validation->param('transaction_value');
|
||||||
|
|
||||||
my $json = $c->stash->{api_json};
|
my $file = $validation->param('file');
|
||||||
|
|
||||||
my $userId = $user->id;
|
|
||||||
|
|
||||||
my $file = $self->req->upload('file');
|
|
||||||
|
|
||||||
my $ext = '.jpg';
|
my $ext = '.jpg';
|
||||||
my $uuid = Data::UUID->new->create_str;
|
my $uuid = Data::UUID->new->create_str;
|
||||||
my $filename = $uuid . $ext;
|
my $filename = $uuid . $ext;
|
||||||
|
|
||||||
#TODO Check for valid image file.
|
|
||||||
# my $headers = $file->headers->content_type;
|
|
||||||
# $self->app->log->debug( "content type: " . Dumper $headers );
|
|
||||||
#Is content type wrong?
|
|
||||||
# if ($headers ne 'image/jpeg') {
|
|
||||||
# return $self->render( json => {
|
|
||||||
# success => Mojo::JSON->false,
|
|
||||||
# message => 'Wrong image extension!',
|
|
||||||
# }, status => 400);
|
|
||||||
# };
|
|
||||||
|
|
||||||
if ( $type == 1 ) {
|
if ( $type == 1 ) {
|
||||||
# Validated organisation
|
# Validated organisation
|
||||||
$c->schema->resultset('Transaction')->create({
|
$c->schema->resultset('Transaction')->create({
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@ use Mojo::Base 'Mojolicious::Plugin';
|
||||||
use Email::Valid;
|
use Email::Valid;
|
||||||
use Geo::UK::Postcode;
|
use Geo::UK::Postcode;
|
||||||
use Scalar::Util qw/ looks_like_number /;
|
use Scalar::Util qw/ looks_like_number /;
|
||||||
|
use File::Basename;
|
||||||
|
|
||||||
sub register {
|
sub register {
|
||||||
my ( $plugin, $app, $conf ) = @_;
|
my ( $plugin, $app, $conf ) = @_;
|
||||||
|
|
@ -37,6 +38,13 @@ sub register {
|
||||||
my ( $validation, $name, $value, $check ) = @_;
|
my ( $validation, $name, $value, $check ) = @_;
|
||||||
return $value > $check ? undef : 1;
|
return $value > $check ? undef : 1;
|
||||||
});
|
});
|
||||||
|
|
||||||
|
$app->validator->add_check( filetype => sub {
|
||||||
|
my ( $validation, $name, $value, $filetype ) = @_;
|
||||||
|
my ( undef, undef, $extension ) = fileparse $value->filename, qr/\.[^.]*/;
|
||||||
|
$extension =~ s/^\.//;
|
||||||
|
return $app->types->type($extension) eq $filetype ? undef : 1;
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
|
||||||
Reference in a new issue