-
Suggestion
-
Resolution: Unresolved
-
None
It would be helpful to have the option to prevent attachments of a certain file type.
A specific use case would be to prevent executable files from being uploaded as an attachment to a review eg.:
The application allows only a set of file types, which, depending on the situation could be pdf, txt, images, etc. The application would avoid allowing files containing executable/script files (EXE, AS, JAR, MSI, BAT).
Workaround
Using the File types/extensions mentioned in the use case the following Byteman script was written and tested against Fisheye running on a Linux machine:
# This is a workaround for CRUC-8518 RULE addFileToReview_intercept_file_arg CLASS com.atlassian.crucible.spi.impl.DefaultReviewService METHOD addFileToReview AT ENTRY BIND invalid_file_types:String[] = {"exe", "as", "jar", "msi", "bat"} IF (java.util.Arrays.asList(invalid_file_types).contains(com.google.common.io.Files.getFileExtension($2.getName()).toLowerCase())) DO THROW new RuntimeException("invalid file type") ENDRULE RULE addFileToReview_intercept_diff_arg CLASS com.atlassian.crucible.spi.impl.DefaultReviewService METHOD addFileToReview AT ENTRY BIND invalid_file_types:String[] = {"exe", "as", "jar", "msi", "bat"} IF (java.util.Arrays.asList(invalid_file_types).contains(com.google.common.io.Files.getFileExtension($3.getName()).toLowerCase())) DO THROW new RuntimeException("invalid file type") ENDRULE
Windows specific caveat
This should also work on a Windows host machine however, if there are SVN repos added in a Windows environment where Fisheye is started as a service, the boot path must be specified when enabling Byteman, eg.:
1. Go to <Fisheye installation directory>\bin and execute either service.bat manage or prunmgr.exe "//ES//<SERVICE_NAME>", where <SERVICE_NAME> is the Windows Service name used by Fisheye.
2. In the Atlassian Fisheye Properties window that will open, go to Java tab
3. Add the following in a new line in Java Options field:
-javaagent:<Fisheye installation directory>\tools\byteman\lib\byteman.jar=boot:<Fisheye installation directory>\tools\byteman\lib\byteman.jar,listener:true,script:<full path to the>\addFileToReviewIntercept.btm
Replacing the path placeholders accordingly.
4. Go to General tab, then stop and start the service
If this is not done, enabling Byteman could lead to an issue where SVN stops working and class loader exceptions are thrown.
- mentioned in
-
Page Failed to load
| Form Name | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
[CRUC-8518] As an admin I would like to restrict attachments by file type
A potential work-around:
- write a script intercepting
com.atlassian.crucible.spi.impl.DefaultReviewService#addFileToReview(PermId<ReviewData> id, FileData file, FileData diff)
and throw an exception if com.atlassian.crucible.spi.services.FileData#getContentType or com.atlassian.crucible.spi.services.FileData#getName contains restricted content for file or diff argument
- enable Byteman in Fisheye/Crucible and load the script
References:
Hi everyone,
We have recently reviewed this issue and the overall interest in the problem. As the issue hasn't collect votes, watchers, comments, or support cases from many customers during its lifetime, it's very low on our priority list, and will not be fixed in the foreseeable future. That's why we've decided to resolve it as Not Being Considered.
Although we're aware the issue is still important to those of you who were involved in the conversations around it, we want to be clear in managing your expectations. The Fisheye&Crucible team is focusing on issues that have broad impact and high value, reflected by the number of comments, votes, support cases, and customers interested. Please consult the Implementation of New Features Policy for more details.
We understand how disappointing this decision may be, but we hope you'll appreciate our transparent approach and communication. Atlassian will continue to watch this issue for further updates, so please feel free to share your thoughts in the comments.
Kind regards
Marek Parfianowicz
Principal Engineer