MOSIP-32782 - Password-protected file is not allowed for upload (mosi…

…p#718) * MOSIP-32782 - Password-protected file is not allowed for upload Signed-off-by: GOKULRAJ136 <[email protected]> * removed non-pdf files types handling Signed-off-by: GOKULRAJ136 <[email protected]> * error handling for password protection files Signed-off-by: GOKULRAJ136 <[email protected]> * throwing an IOException Signed-off-by: GOKULRAJ136 <[email protected]> --------- Signed-off-by: GOKULRAJ136 <[email protected]>
GOKULRAJ136 · Sep 25, 2024 · 2eb59e4 · 2eb59e4
1 parent d1eb792
commit 2eb59e4
Show file tree

Hide file tree

Showing 5 changed files with 44 additions and 6 deletions.
diff --git a/pre-registration/pre-registration-application-service/pom.xml b/pre-registration/pre-registration-application-service/pom.xml
@@ -160,6 +160,11 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-data-jpa</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.apache.pdfbox</groupId>
+			<artifactId>pdfbox</artifactId>
+			<version>3.0.3</version>
+		</dependency>
 	</dependencies>
 	<build>
 		<plugins>

diff --git a/...ice/src/main/java/io/mosip/preregistration/application/errorcodes/DocumentErrorCodes.java b/...ice/src/main/java/io/mosip/preregistration/application/errorcodes/DocumentErrorCodes.java
@@ -110,6 +110,10 @@ public enum DocumentErrorCodes {
 	/**
 	 * ErrorCode for DOCUMENT_TABLE_NOTACCESSIBLE BY BOOKED OR EXPIRED STATUS
 	 */
-	PRG_PAM_DOC_024;
+	PRG_PAM_DOC_024,
+	/**
+	 * ErrorCode for Password Protection files
+	 */
+	PRG_PAM_DOC_025;
 
 }
diff --git a/.../src/main/java/io/mosip/preregistration/application/errorcodes/DocumentErrorMessages.java b/.../src/main/java/io/mosip/preregistration/application/errorcodes/DocumentErrorMessages.java
@@ -132,7 +132,12 @@ public enum DocumentErrorMessages {
 	/**
 	 * ErrorMessage for PRG_PAM_DOC_012
 	 */
-	DOCUMENT_TABLE_NOTACCESSIBLE_BY_BOOKED_OR_EXPIRED_STATUS("Document table not able to update by this status");
+	DOCUMENT_TABLE_NOTACCESSIBLE_BY_BOOKED_OR_EXPIRED_STATUS("Document table not able to update by this status"),
+
+	/**
+	 * ErrorMessage for Password Protection files
+	 */
+	PASSWORD_PROTECTION_ERROR("Password-protected file is not allowed for upload");
 
 	private DocumentErrorMessages(String message) {
 		this.message = message;

diff --git a/...n-service/src/main/java/io/mosip/preregistration/application/service/DocumentService.java b/...n-service/src/main/java/io/mosip/preregistration/application/service/DocumentService.java
@@ -226,6 +226,10 @@ public MainResponseDTO<DocumentResponseDTO> uploadDocument(MultipartFile file, S
 				if (scanDocument) {
 					serviceUtil.virusScanCheck(file);
 				}
+				if (serviceUtil.isPasswordProtectedFile(file)) {
+					throw new RecordFailedToUpdateException(DocumentErrorCodes.PRG_PAM_DOC_025.toString(),
+							DocumentErrorMessages.PASSWORD_PROTECTION_ERROR.getMessage());
+				}
 				if (serviceUtil.fileSizeCheck(file.getSize()) && serviceUtil.fileExtensionCheck(file)) {
 					serviceUtil.isValidRequest(docReqDto.getRequest(), preRegistrationId);
 					validationUtil.langvalidation(docReqDto.getRequest().getLangCode());

diff --git a/.../src/main/java/io/mosip/preregistration/application/service/util/DocumentServiceUtil.java b/.../src/main/java/io/mosip/preregistration/application/service/util/DocumentServiceUtil.java
@@ -8,20 +8,21 @@
 import static io.mosip.preregistration.application.constant.PreRegApplicationConstant.LOGGER_IDTYPE;
 import static io.mosip.preregistration.application.constant.PreRegApplicationConstant.LOGGER_SESSIONID;
 
+import java.io.BufferedInputStream;
 import java.io.InputStream;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.time.LocalDateTime;
 import java.time.ZoneId;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Date;
-import java.util.List;
+import java.util.*;
 import java.util.stream.Collectors;
 
 import org.apache.commons.io.FilenameUtils;
 import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.exception.ExceptionUtils;
+import org.apache.pdfbox.Loader;
+import org.apache.pdfbox.pdmodel.PDDocument;
+import org.apache.pdfbox.pdmodel.encryption.InvalidPasswordException;
 import org.json.JSONException;
 import org.json.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -405,6 +406,25 @@ private boolean compareUploadedDocListAndValidMandatoryDocList(List<String> avai
 		}
 	}
 
+	public boolean isPasswordProtectedFile(MultipartFile file) throws java.io.IOException {
+		String contentType = file.getContentType();
+		List<String> supportedExtensions = Arrays.asList(fileExtension.split(","));
+		if (supportedExtensions.contains("PDF") && "application/pdf".equals(contentType)) {
+			PDDocument document = null;
+			try (InputStream inputStream = new BufferedInputStream(file.getInputStream())) {
+				document = Loader.loadPDF(inputStream.readAllBytes());
+			} catch (InvalidPasswordException e) {
+				log.error("Invalid password for PDF", file.getOriginalFilename(), e);
+				return true;
+			} finally {
+				if (document != null){
+					document.close();
+				}
+			}
+		}
+		return false;
+    }
+
 	@Transactional(propagation = Propagation.REQUIRES_NEW, isolation = Isolation.READ_COMMITTED)
 	public void updateApplicationStatusToIncomplete(DemographicEntity demographicEntity) {
 		commonServiceUtil.updatePreRegistrationStatus(demographicEntity.getPreRegistrationId(),