Add documents

[paroga]

No description provided.

[wvengen]

Interesting idea!

I'm curious what others think: is this the right approach? Do we want to store documents in the database? Does something like this belong in the wiki, or is this ok?

[wvengen]

I'm ok with the database, as a first simple step forward.

[wvengen]

content-type?

[paroga]

I use the filename extension in this case.
IMHO storing the "unsafe" content-type provided by the browser is not much better than using the extension of the file.

[wvengen]

True 👍

[wvengen]

It seems to me that some attachment code is bound to be duplicated in invoice attachments and here. Mime-type-checking, removing attachments, perhaps file-size error handling. I think we'd need to either our own concerns, or use some existing gem. Perhaps this attachment_fu is useful, it's one that is still being maintained (and seems to support full db storage).

[wvengen]

Ok, testing it now and doing some small changes. I've done some changes and rebased on master (whoops - can't do a pull request anymore to you) - it's on https://github.com/wvengen/foodsoft/tree/feature/documents . You may consider starting from there.

One thing that I found very unintuitive is that mime-type is derived from the name. I entered a description there without extension, which meant the mimetype couldn't be guessed. So I think it works better when the mimetype is derived either from what the browser sends, or from the original filename. I guess we'd better save it in the db.

[paroga]

i'd prefer the browser content type solution. should I do this change?
one other point in your changes: adding the translations to the en file in the plugins directory had no effect at my installation. only the en file in the core worked. the de translations worked correctly in the plugin folder. Is this a problem with my installation or a general problem?

[wvengen]

I'm for the browser content-type solution as well. Would be great, yes.
Hmmm I could see the changes in the plugin locales right away, strange.
(The idea is to put the English locales in the plugin, and then to import them into main Foodsoft as well so that they can easily be translated using localeapp.)

[wvengen]

fyi: for the Travis CI build to succeed, you need to bundle install and commit the Gemfile.lock changes.

[Tamriel]

What has to be done to complete this issue?

[wvengen]

Thanks for asking, I see the following issues:

• Security - see OWASP on Unrestricted File Upload
  • Never accept a filename and its extension directly without having a white-list filter.
  • All the control characters and Unicode ones should be removed from the filenames and their extensions without any exception
• Rebase on master

For the rest, I'd say - all set.
Would it be ok to not enable this plugin by default just yet? I'd like to have more clarity first if sysadmins agree on putting files in the database. You may ask it on the -dev or -discuss mailing list yourself, if you like.

[paroga]

ping

[wvengen]

Great you added a check. Still it's easy to bypass when supplying a name parameter directly.
What about doing this substitution on serving the file? That way we can even change what characters to allow afterwards.

[paroga]

i do not want to store the original_filename in the DB, so storing a more or less valid name (if not provided by the user already) seams more reasonable to me. This is not related to security. It's just for providing nice filenames.

[wvengen]

Ah, I see.
I'd really like to follow OWASP and filter filename characters to known safe ones.

[paroga]

blacklisting as bad practice and whitelisting all unicode characters gets ugly very quickly. What's the problem with storing mad filenames? The only place where it could be problematic is when the browser reads the filename from the HTTP header and when the user uses a browser which is not able to to the without security impact (s)he might have even bigger problems than that!

[wvengen]

Great! Disabled it by default, updated the plugin's README and merged.
Thanks a lot!