-
Suggestion
-
Resolution: Unresolved
-
None
It would be helpful to have the option to prevent attachments of a certain file type.
A specific use case would be to prevent executable files from being uploaded as an attachment to a review eg.:
The application allows only a set of file types, which, depending on the situation could be pdf, txt, images, etc. The application would avoid allowing files containing executable/script files (EXE, AS, JAR, MSI, BAT).
Workaround
Using the File types/extensions mentioned in the use case the following Byteman script was written and tested against Fisheye running on a Linux machine:
# This is a workaround for CRUC-8518 RULE addFileToReview_intercept_file_arg CLASS com.atlassian.crucible.spi.impl.DefaultReviewService METHOD addFileToReview AT ENTRY BIND invalid_file_types:String[] = {"exe", "as", "jar", "msi", "bat"} IF (java.util.Arrays.asList(invalid_file_types).contains(com.google.common.io.Files.getFileExtension($2.getName()).toLowerCase())) DO THROW new RuntimeException("invalid file type") ENDRULE RULE addFileToReview_intercept_diff_arg CLASS com.atlassian.crucible.spi.impl.DefaultReviewService METHOD addFileToReview AT ENTRY BIND invalid_file_types:String[] = {"exe", "as", "jar", "msi", "bat"} IF (java.util.Arrays.asList(invalid_file_types).contains(com.google.common.io.Files.getFileExtension($3.getName()).toLowerCase())) DO THROW new RuntimeException("invalid file type") ENDRULE
Windows specific caveat
This should also work on a Windows host machine however, if there are SVN repos added in a Windows environment where Fisheye is started as a service, the boot path must be specified when enabling Byteman, eg.:
1. Go to <Fisheye installation directory>\bin and execute either service.bat manage or prunmgr.exe "//ES//<SERVICE_NAME>", where <SERVICE_NAME> is the Windows Service name used by Fisheye.
2. In the Atlassian Fisheye Properties window that will open, go to Java tab
3. Add the following in a new line in Java Options field:
-javaagent:<Fisheye installation directory>\tools\byteman\lib\byteman.jar=boot:<Fisheye installation directory>\tools\byteman\lib\byteman.jar,listener:true,script:<full path to the>\addFileToReviewIntercept.btm
Replacing the path placeholders accordingly.
4. Go to General tab, then stop and start the service
If this is not done, enabling Byteman could lead to an issue where SVN stops working and class loader exceptions are thrown.
- mentioned in
-
Page Loading...
As an admin I would like to restrict attachments by file type
-
-
Resolution: Unresolved
-
None
It would be helpful to have the option to prevent attachments of a certain file type.
A specific use case would be to prevent executable files from being uploaded as an attachment to a review eg.:
The application allows only a set of file types, which, depending on the situation could be pdf, txt, images, etc. The application would avoid allowing files containing executable/script files (EXE, AS, JAR, MSI, BAT).
Workaround
Using the File types/extensions mentioned in the use case the following Byteman script was written and tested against Fisheye running on a Linux machine:
# This is a workaround for CRUC-8518 RULE addFileToReview_intercept_file_arg CLASS com.atlassian.crucible.spi.impl.DefaultReviewService METHOD addFileToReview AT ENTRY BIND invalid_file_types:String[] = {"exe", "as", "jar", "msi", "bat"} IF (java.util.Arrays.asList(invalid_file_types).contains(com.google.common.io.Files.getFileExtension($2.getName()).toLowerCase())) DO THROW new RuntimeException("invalid file type") ENDRULE RULE addFileToReview_intercept_diff_arg CLASS com.atlassian.crucible.spi.impl.DefaultReviewService METHOD addFileToReview AT ENTRY BIND invalid_file_types:String[] = {"exe", "as", "jar", "msi", "bat"} IF (java.util.Arrays.asList(invalid_file_types).contains(com.google.common.io.Files.getFileExtension($3.getName()).toLowerCase())) DO THROW new RuntimeException("invalid file type") ENDRULE
Windows specific caveat
This should also work on a Windows host machine however, if there are SVN repos added in a Windows environment where Fisheye is started as a service, the boot path must be specified when enabling Byteman, eg.:
1. Go to <Fisheye installation directory>\bin and execute either service.bat manage or prunmgr.exe "//ES//<SERVICE_NAME>", where <SERVICE_NAME> is the Windows Service name used by Fisheye.
2. In the Atlassian Fisheye Properties window that will open, go to Java tab
3. Add the following in a new line in Java Options field:
-javaagent:<Fisheye installation directory>\tools\byteman\lib\byteman.jar=boot:<Fisheye installation directory>\tools\byteman\lib\byteman.jar,listener:true,script:<full path to the>\addFileToReviewIntercept.btm
Replacing the path placeholders accordingly.
4. Go to General tab, then stop and start the service
If this is not done, enabling Byteman could lead to an issue where SVN stops working and class loader exceptions are thrown.
- mentioned in
-
-
Unassigned
-
Nate Hansberry
- Votes:
-
0 Vote for this issue
- Watchers:
-
4 Start watching this issue
- Created:
- Updated: