From b9f3899b0109dbf3b8ea5f6ec9bae2f56ab85bed Mon Sep 17 00:00:00 2001 From: Jacob Walls Date: Thu, 2 May 2024 14:51:48 -0400 Subject: [PATCH] Deprecate FILE_TYPE_CHECKING = False #10862 --- arches/apps.py | 13 +++++++++++++ .../arches-templates/project_name/settings.py-tpl | 4 +++- arches/settings.py | 2 ++ releases/7.6.0.md | 5 +++++ tests/test_settings.py | 3 +++ 5 files changed, 26 insertions(+), 1 deletion(-) diff --git a/arches/apps.py b/arches/apps.py index 2b0ae78d86e..3476a5eeefd 100644 --- a/arches/apps.py +++ b/arches/apps.py @@ -1,6 +1,19 @@ +import warnings + from django.conf import settings from django.core.checks import register, Tags, Error, Warning +### GLOBAL DEPRECATIONS ### +FILE_TYPE_CHECKING_MSG = ( + "FILE_TYPE_CHECKING=False is deprecated. Starting with Arches 8.0, " + "uploaded files will always be validated against the FILE_TYPES setting. " + "To opt into this behavior now set FILE_TYPE_CHECKING = True." +) +if not settings.FILE_TYPE_CHECKING: + warnings.warn(FILE_TYPE_CHECKING_MSG, DeprecationWarning) + + +### SYSTEM CHECKS ### @register(Tags.security) def check_cache_backend_for_production(app_configs, **kwargs): diff --git a/arches/install/arches-templates/project_name/settings.py-tpl b/arches/install/arches-templates/project_name/settings.py-tpl index a88601747fc..b11185d9960 100644 --- a/arches/install/arches-templates/project_name/settings.py-tpl +++ b/arches/install/arches-templates/project_name/settings.py-tpl @@ -36,7 +36,9 @@ SEARCH_COMPONENT_LOCATIONS.append('{{ project_name }}.search_components') LOCALE_PATHS.append(os.path.join(APP_ROOT, 'locale')) -FILE_TYPE_CHECKING = False +# TODO: Remove in Arches 8.0 +FILE_TYPE_CHECKING = True + FILE_TYPES = ["bmp", "gif", "jpg", "jpeg", "pdf", "png", "psd", "rtf", "tif", "tiff", "xlsx", "csv", "zip"] FILENAME_GENERATOR = "arches.app.utils.storage_filename_generator.generate_filename" UPLOADED_FILES_DIR = "uploadedfiles" diff --git a/arches/settings.py b/arches/settings.py index 8da3eb1d87e..904fd998a2c 100644 --- a/arches/settings.py +++ b/arches/settings.py @@ -609,7 +609,9 @@ "arches.app.etl_modules", ] +# TODO: Remove in Arches 8.0 FILE_TYPE_CHECKING = False + FILE_TYPES = ["bmp", "gif", "jpg", "jpeg", "pdf", "png", "psd", "rtf", "tif", "tiff", "xlsx", "csv", "zip"] FILENAME_GENERATOR = "arches.app.utils.storage_filename_generator.generate_filename" UPLOADED_FILES_DIR = "uploadedfiles" diff --git a/releases/7.6.0.md b/releases/7.6.0.md index b75ae68c9bc..47185dc5ee3 100644 --- a/releases/7.6.0.md +++ b/releases/7.6.0.md @@ -74,6 +74,11 @@ JavaScript: The minimum supported version of Python is now 3.10. Python 3.11 is encouraged, as it is significantly faster. +### Deprecations + +- Setting `FILE_TYPE_CHECKING` to False is deprecated. Starting with Arches 8.0, uploaded files will always be validated against the `FILE_TYPES` setting. To opt into this behavior now set `FILE_TYPE_CHECKING = True`. + + ### Upgrading Arches 1. You must be upgraded to at least version 7.5.0 before proceeding. If you are on an earlier version, please refer to the upgrade process in the [Version 7.5.0 release notes](https://github.com/archesproject/arches/blob/dev/7.5.x/releases/7.5.0.md) diff --git a/tests/test_settings.py b/tests/test_settings.py index 887cb3d804b..c7b6747d37d 100644 --- a/tests/test_settings.py +++ b/tests/test_settings.py @@ -68,6 +68,9 @@ TEST_RUNNER = "tests.base_test.ArchesTestRunner" SILENCED_SYSTEM_CHECKS.append("arches.W001") # Cache backend does not support rate-limiting +# TODO: remove in Arches 8.0 +FILE_TYPE_CHECKING = True + # could add Chrome, PhantomJS etc... here LOCAL_BROWSERS = [] # ['Firefox']