diff --git a/backend/pom.xml b/backend/pom.xml
index aaf553bd..cee50306 100644
--- a/backend/pom.xml
+++ b/backend/pom.xml
@@ -182,6 +182,10 @@
com.github.lookfirst
sardine
+
+ org.apache.tika
+ tika-core
+
${project.parent.artifactId}
diff --git a/backend/src/main/java/ervu/service/fileupload/EmployeeInfoFileUploadService.java b/backend/src/main/java/ervu/service/fileupload/EmployeeInfoFileUploadService.java
index b99a0840..ce5e0750 100644
--- a/backend/src/main/java/ervu/service/fileupload/EmployeeInfoFileUploadService.java
+++ b/backend/src/main/java/ervu/service/fileupload/EmployeeInfoFileUploadService.java
@@ -1,5 +1,6 @@
package ervu.service.fileupload;
+import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.sql.Timestamp;
import java.time.LocalDateTime;
@@ -16,6 +17,11 @@ import ervu.model.fileupload.EmployeeInfoKafkaMessage;
import ervu.model.fileupload.FileInfo;
import ervu.model.fileupload.FileStatus;
import org.apache.kafka.clients.producer.ProducerRecord;
+import org.apache.tika.Tika;
+import org.apache.tika.mime.MediaType;
+import org.apache.tika.mime.MimeType;
+import org.apache.tika.mime.MimeTypeException;
+import org.apache.tika.mime.MimeTypes;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
@@ -70,6 +76,10 @@ public class EmployeeInfoFileUploadService {
}
public boolean saveEmployeeInformationFile(MultipartFile multipartFile, String formType, String authToken, String offset) {
+
+ if (!isValid(multipartFile)){
+ return false;
+ }
String fileUploadUrl = this.url + "/" + getNewFilename(multipartFile.getOriginalFilename());
LocalDateTime now = LocalDateTime.now();
@@ -116,6 +126,37 @@ public class EmployeeInfoFileUploadService {
}
}
+ private boolean isValid(MultipartFile multipartFile) {
+
+ if (multipartFile == null) {
+ return false;
+ }
+ try {
+ String contentType = new Tika().detect(multipartFile.getBytes());
+ MimeTypes defaultMimeTypes = MimeTypes.getDefaultMimeTypes();
+ MimeType mimeType = defaultMimeTypes.forName(contentType);
+ boolean isText = mimeType.getType().equals(MediaType.TEXT_PLAIN);
+
+ if (!isText) {
+ logger.info("Trying to upload file={} with wrong mime type={}",
+ multipartFile.getOriginalFilename(), mimeType
+ );
+ }
+ return isText;
+ }
+ catch (MimeTypeException e) {
+ logger.error(
+ "Couldn't get mime type from bytes for file=" + multipartFile.getOriginalFilename(), e);
+ return false;
+ }
+ catch (IOException e) {
+ logger.error("Error while checking file type, file=" + multipartFile.getOriginalFilename(),
+ e
+ );
+ return false;
+ }
+ }
+
private boolean sendMessage(String message) {
ProducerRecord record = new ProducerRecord<>(this.kafkaTopicName, message);
record.headers().add("messageId", UUID.randomUUID().toString().getBytes(StandardCharsets.UTF_8));
diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/UnauthorizedEntryPoint.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/UnauthorizedEntryPoint.java
index 2fbdcec8..98a08eea 100644
--- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/UnauthorizedEntryPoint.java
+++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/UnauthorizedEntryPoint.java
@@ -21,9 +21,10 @@ public class UnauthorizedEntryPoint implements AuthenticationEntryPoint {
response.setStatus(HttpServletResponse.SC_OK);
}
else {
- response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
- "Unauthorized: Authentication token was either missing or invalid."
- );
+ response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ response.setContentType("application/json;charset=UTF-8");
+ response.getWriter()
+ .write("\"Unauthorized: Authentication token was either missing or invalid.\"");
}
}
}
diff --git a/pom.xml b/pom.xml
index b980e2ac..d65a0a45 100644
--- a/pom.xml
+++ b/pom.xml
@@ -55,10 +55,6 @@
ru.micord.gar
gar-client
-
- org.apache.tika
- tika-core
-
org.mnode.ical4j
ical4j