diff --git a/.changeset/chilly-toys-hunt.md b/.changeset/chilly-toys-hunt.md new file mode 100644 index 000000000000..79be3fcfc74c --- /dev/null +++ b/.changeset/chilly-toys-hunt.md @@ -0,0 +1,5 @@ +--- +"@rocket.chat/meteor": patch +--- + +Fixed "File Upload > Accepted Media Types" setting to allow all type of files uploads diff --git a/apps/meteor/app/file-upload/server/lib/FileUpload.ts b/apps/meteor/app/file-upload/server/lib/FileUpload.ts index 4458f9d61881..c824ba6c31a5 100644 --- a/apps/meteor/app/file-upload/server/lib/FileUpload.ts +++ b/apps/meteor/app/file-upload/server/lib/FileUpload.ts @@ -170,7 +170,7 @@ export const FileUpload = { throw new Meteor.Error('error-file-too-large', reason); } - if (!fileUploadIsValidContentType(file.type as string, '')) { + if (!fileUploadIsValidContentType(file?.type)) { const reason = i18n.t('File_type_is_not_accepted', { lng: language }); throw new Meteor.Error('error-invalid-file-type', reason); } @@ -420,7 +420,6 @@ export const FileUpload = { await Avatars.deleteFile(oldAvatar._id); } await Avatars.updateFileNameById(file._id, user.username); - // console.log('upload finished ->', file); }, async requestCanAccessFiles({ headers = {}, url }: http.IncomingMessage, file?: IUpload) { diff --git a/apps/meteor/app/utils/client/restrictions.ts b/apps/meteor/app/utils/client/restrictions.ts index 261eddf4467d..d4c6b62d68dd 100644 --- a/apps/meteor/app/utils/client/restrictions.ts +++ b/apps/meteor/app/utils/client/restrictions.ts @@ -1,7 +1,7 @@ import { settings } from '../../settings/client'; import { fileUploadIsValidContentTypeFromSettings } from '../lib/restrictions'; -export const fileUploadIsValidContentType = function (type: string, customWhiteList?: string): boolean { +export const fileUploadIsValidContentType = function (type: string | undefined, customWhiteList?: string): boolean { const blackList = settings.get('FileUpload_MediaTypeBlackList'); const whiteList = customWhiteList || settings.get('FileUpload_MediaTypeWhiteList'); diff --git a/apps/meteor/app/utils/lib/restrictions.ts b/apps/meteor/app/utils/lib/restrictions.ts index ebebe113f31e..bf859e5b4700 100644 --- a/apps/meteor/app/utils/lib/restrictions.ts +++ b/apps/meteor/app/utils/lib/restrictions.ts @@ -1,12 +1,10 @@ -import _ from 'underscore'; - export const fileUploadMediaWhiteList = function (customWhiteList: string): string[] | undefined { const mediaTypeWhiteList = customWhiteList; if (!mediaTypeWhiteList || mediaTypeWhiteList === '*') { return; } - return _.map(mediaTypeWhiteList.split(','), (item) => { + return mediaTypeWhiteList.split(',').map((item) => { return item.trim(); }); }; @@ -17,37 +15,47 @@ const fileUploadMediaBlackList = function (customBlackList: string): string[] | return; } - return _.map(blacklist.split(','), (item) => item.trim()); + return blacklist.split(',').map((item) => item.trim()); }; -const isTypeOnList = function (type: string, list: string[]): boolean | undefined { - if (_.contains(list, type)) { +const isTypeOnList = function (type?: string, list?: string[]): boolean { + if (!type || !list) { + return false; + } + + if (list.includes(type)) { return true; } const wildCardGlob = '/*'; - const wildcards = _.filter(list, (item) => { + const wildcards = list.filter((item) => { return item.indexOf(wildCardGlob) > 0; }); - if (_.contains(wildcards, type.replace(/(\/.*)$/, wildCardGlob))) { + if (wildcards.includes(type.replace(/(\/.*)$/, wildCardGlob))) { return true; } + + return false; }; -export const fileUploadIsValidContentTypeFromSettings = function (type: string, customWhiteList: string, customBlackList: string): boolean { +export const fileUploadIsValidContentTypeFromSettings = function ( + type: string | undefined, + customWhiteList: string, + customBlackList: string, +): boolean { const blackList = fileUploadMediaBlackList(customBlackList); const whiteList = fileUploadMediaWhiteList(customWhiteList); - if (!type && blackList) { + if (blackList && type && isTypeOnList(type, blackList)) { return false; } - if (blackList && isTypeOnList(type, blackList)) { - return false; + if (whiteList) { + return isTypeOnList(type, whiteList); } if (!whiteList) { return true; } - return !!isTypeOnList(type, whiteList); + return false; }; diff --git a/apps/meteor/app/utils/server/restrictions.ts b/apps/meteor/app/utils/server/restrictions.ts index ca524b09d351..6eb1c9a655d4 100644 --- a/apps/meteor/app/utils/server/restrictions.ts +++ b/apps/meteor/app/utils/server/restrictions.ts @@ -1,7 +1,7 @@ import { settings } from '../../settings/server'; import { fileUploadIsValidContentTypeFromSettings } from '../lib/restrictions'; -export const fileUploadIsValidContentType = function (type: string, customWhiteList?: string): boolean { +export const fileUploadIsValidContentType = function (type: string | undefined, customWhiteList?: string): boolean { const blackList = settings.get('FileUpload_MediaTypeBlackList'); const whiteList = customWhiteList || settings.get('FileUpload_MediaTypeWhiteList'); diff --git a/apps/meteor/client/lib/chats/flows/uploadFiles.ts b/apps/meteor/client/lib/chats/flows/uploadFiles.ts index 82572aa2dbf5..62458d53fd60 100644 --- a/apps/meteor/client/lib/chats/flows/uploadFiles.ts +++ b/apps/meteor/client/lib/chats/flows/uploadFiles.ts @@ -46,7 +46,7 @@ export const uploadFiles = async (chat: ChatAPI, files: readonly File[], resetFi imperativeModal.close(); uploadNextFile(); }, - invalidContentType: !(file.type && fileUploadIsValidContentType(file.type)), + invalidContentType: !fileUploadIsValidContentType(file?.type), }, }); }; diff --git a/apps/meteor/client/views/admin/moderation/ModerationConsoleTable.tsx b/apps/meteor/client/views/admin/moderation/ModerationConsoleTable.tsx index 6de7cdda1675..805d89c54c37 100644 --- a/apps/meteor/client/views/admin/moderation/ModerationConsoleTable.tsx +++ b/apps/meteor/client/views/admin/moderation/ModerationConsoleTable.tsx @@ -85,16 +85,6 @@ const ModerationConsoleTable: FC = () => { > {t('User')} , - - - {t('Moderation_Reported_message')} - , {t('Room')} , diff --git a/apps/meteor/client/views/admin/moderation/ModerationConsoleTableRow.tsx b/apps/meteor/client/views/admin/moderation/ModerationConsoleTableRow.tsx index 56419c61223c..65bf7069e074 100644 --- a/apps/meteor/client/views/admin/moderation/ModerationConsoleTableRow.tsx +++ b/apps/meteor/client/views/admin/moderation/ModerationConsoleTableRow.tsx @@ -13,7 +13,7 @@ export type ModerationConsoleRowProps = { }; const ModerationConsoleTableRow = ({ report, onClick, isDesktopOrLarger }: ModerationConsoleRowProps): JSX.Element => { - const { userId: _id, rooms, name, count, message, username, ts } = report; + const { userId: _id, rooms, name, count, username, ts } = report; const roomNames = rooms.map((room) => { if (room.t === 'd') { @@ -31,7 +31,6 @@ const ModerationConsoleTableRow = ({ report, onClick, isDesktopOrLarger }: Moder - {message} {concatenatedRoomNames} {formatDateAndTime(ts)} {count} diff --git a/apps/meteor/tests/unit/app/utils/lib/restrictions.spec.ts b/apps/meteor/tests/unit/app/utils/lib/restrictions.spec.ts new file mode 100644 index 000000000000..f7a6b4439f21 --- /dev/null +++ b/apps/meteor/tests/unit/app/utils/lib/restrictions.spec.ts @@ -0,0 +1,49 @@ +import { expect } from 'chai'; + +import { fileUploadIsValidContentTypeFromSettings } from '../../../../../app/utils/lib/restrictions'; + +describe('fileUploadIsValidContentTypeFromSettings', () => { + it('should return true if type is not defined and whiteList is not defined', () => { + expect(fileUploadIsValidContentTypeFromSettings(undefined, '', '')).to.be.true; + }); + + it('should return false if type is not defined and whiteList is defined', () => { + expect(fileUploadIsValidContentTypeFromSettings(undefined, 'image/jpeg', '')).to.be.false; + }); + + it('should return true if type is defined and whiteList is not defined', () => { + expect(fileUploadIsValidContentTypeFromSettings('image/jpeg', '', '')).to.be.true; + }); + + it('should return true if type is defined and whiteList is defined and type is in whiteList', () => { + expect(fileUploadIsValidContentTypeFromSettings('image/jpeg', 'image/jpeg', '')).to.be.true; + }); + + it('should return false if type is defined and whiteList is defined and type is not in whiteList', () => { + expect(fileUploadIsValidContentTypeFromSettings('image/png', 'image/jpeg', '')).to.be.false; + }); + + it('should return false if type is defined and whiteList is not defined and type is in blackList', () => { + expect(fileUploadIsValidContentTypeFromSettings('image/jpeg', '', 'image/jpeg')).to.be.false; + }); + + it('should return true if type is defined and whiteList is not defined and type is not in blackList', () => { + expect(fileUploadIsValidContentTypeFromSettings('image/png', '', 'image/jpeg')).to.be.true; + }); + + it('should return true if type is defined and whiteList is defined and type is in whiteList with wildcard', () => { + expect(fileUploadIsValidContentTypeFromSettings('image/jpeg', 'image/*', '')).to.be.true; + }); + + it('should return false if type is defined and whiteList is defined and type is not in whiteList with wildcard', () => { + expect(fileUploadIsValidContentTypeFromSettings('text/plain', 'image/*', '')).to.be.false; + }); + + it('should return false if type is defined and whiteList is not defined and type is in blackList with wildcard', () => { + expect(fileUploadIsValidContentTypeFromSettings('image/jpeg', '', 'image/*')).to.be.false; + }); + + it('should return true if type is defined and whiteList is defined and type is not in blackList with wildcard', () => { + expect(fileUploadIsValidContentTypeFromSettings('text/plain', '', 'image/*')).to.be.true; + }); +});