File inspection and Mimetype Limits on Document Upload Mutation.

[JSv4]

Introduce File Type Checking for Document Uploads

Summary

This PR introduces MIME type and file type checking to the UploadDocument mutation. This new feature enhances security and ensures that only allowed file types can be uploaded through our system.

Changes

UploadDocument Mutation

• Integrated the filetype library to detect MIME types of uploaded files
• Added MIME type checking against a list of allowed types (currently only PDF)
• Implemented error handling for disallowed file types
• Added detailed logging for debugging purposes

New Test Case (UploadDocumentMutationTestCase)

• Created a new test suite for the UploadDocument mutation
• Implemented tests for PDF (allowed), DOCX (disallowed), and TXT (disallowed) file types
• Used python-docx to generate a real DOCX file for accurate testing

Rationale

File type checking is crucial for:

1. Security: Preventing potential security vulnerabilities from malicious file uploads
2. Data Integrity: Ensuring only desired file types are stored in our system
3. User Experience: Providing immediate feedback to users about acceptable file types

Implementation Details

• Added filetype and python-docx as new dependencies
• Utilized io.BytesIO() for efficient file content handling
• Implemented MIME type checking using settings.ALLOWED_DOCUMENT_MIMETYPES
• Enhanced error messages to provide clear feedback on upload failures

Testing

• New test suite covers successful PDF uploads and rejected DOCX/TXT uploads
• Manually tested the mutation with various file types to ensure correct behavior
• All existing tests continue to pass

Configuration

• Added ALLOWED_DOCUMENT_MIMETYPES to settings (currently set to ['application/pdf'])

Next Steps

• Consider expanding the list of allowed file types based on business requirements
• Implement front-end validation to improve user experience
• Add more comprehensive tests for edge cases (e.g., corrupt files, very large files)

Breaking Changes

• The mutation now rejects non-PDF files. Update client-side code to handle these rejections appropriately.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 70.18%. Comparing base (55d5525) to head (24ebca3).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #144   +/-   ##
=======================================
  Coverage   70.18%   70.18%           
=======================================
  Files          59       59           
  Lines        2700     2700           
=======================================
  Hits         1895     1895           
  Misses        805      805           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.