Validate asset extensions as well as types

Adds a parallel configurable list of allowed asset extensions alongside the list of allowed types. (cherry picked from commit 66e1294)
omeka · Aug 4, 2023 · 2a7fb26 · 2a7fb26
1 parent 9ea6db0
commit 2a7fb26
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/application/config/module.config.php b/application/config/module.config.php
@@ -47,6 +47,13 @@
             'image/gif',
             'image/webp',
         ],
+        'allowed_extensions' => [
+            'jpeg',
+            'jpg',
+            'png',
+            'gif',
+            'webp',
+        ],
     ],
     'permissions' => [
         'acl_resources' => [

diff --git a/application/src/Api/Adapter/AssetAdapter.php b/application/src/Api/Adapter/AssetAdapter.php
@@ -70,7 +70,7 @@ public function hydrate(Request $request, EntityInterface $entity, ErrorStore $e
 
             $tempFile->setSourceName($fileData['file']['name']);
             $config = $this->getServiceLocator()->get('Config');
-            $validator = new Validator($config['api_assets']['allowed_media_types']);
+            $validator = new Validator($config['api_assets']['allowed_media_types'], $config['api_assets']['allowed_extensions']);
             if (!$validator->validate($tempFile, $errorStore)) {
                 return;
             }