Skip to content

Add support to restrict @Core.AcceptableMediaTypes#732

Open
samyuktaprabhu wants to merge 17 commits intomainfrom
sam-restrict-media-types-409
Open

Add support to restrict @Core.AcceptableMediaTypes#732
samyuktaprabhu wants to merge 17 commits intomainfrom
sam-restrict-media-types-409

Conversation

@samyuktaprabhu
Copy link
Contributor

@samyuktaprabhu samyuktaprabhu commented Feb 11, 2026

Add Support to Restrict @Core.AcceptableMediaTypes

✨ New Features

Introduced support for restricting allowed MIME types for attachments using the @Core.AcceptableMediaTypes annotation. This feature enables validation of file types during upload, ensuring only specified media types are accepted.

🔧 Changes

  • Documentation:

    • README.md: Added comprehensive documentation for the new @Core.AcceptableMediaTypes annotation, including examples of exact matches, wildcard patterns (image/*), and default behavior
  • Core Implementation:

    • CreateAttachmentsHandler.java: Added new @Before handler method processBeforeForMetadata that validates acceptable media types early in the request lifecycle at HandlerOrder.BEFORE. Integrated validation using CdsRuntime dependency to support metadata validation
    • AttachmentValidationHelper.java (new): Created comprehensive helper class for media type validation with extensive MIME type mapping (70+ common formats including images, documents, videos, fonts). Implements validation logic with support for wildcard patterns and default fallback behavior
    • Registration.java: Updated handler registration to pass CdsRuntime instance to CreateAttachmentsHandler
  • Integration Test Configuration:

    • data-model.cds: Added mediaValidatedAttachments composition to Roots entity
    • test-service.cds: Configured annotation to accept only JPEG and PNG images
    • RootEntityBuilder.java: Enhanced builder to support media-validated attachments with proper initialization
  • Test Suite:

    • CreateAttachmentsHandlerTest.java: Added tests for new metadata validation handler
    • AttachmentValidationHelperTest.java (new): Comprehensive test suite with 16+ test cases covering MIME type detection, validation, wildcards, error scenarios, and edge cases (including hidden files like .gitignore)
    • MediaValidatedAttachmentsDraftTest.java (new): Integration tests for draft service media validation
    • MediaValidatedAttachmentsNonDraftTest.java (new): Integration tests for non-draft service media validation
    • SizeLimitedAttachmentsSizeValidationDraftTest.java: Updated with file name assignments
    • SizeLimitedAttachmentValidationNonDraftTest.java: Updated with file name assignments
  • Sample Application:

    • samples/bookshop/srv/attachments.cds: Added mediaValidatedAttachments composition to Books entity with configuration to accept only JPEG and PNG images
  • 🔄 Regenerate and Update Summary

📬 Subscribe to the Hyperspace PR Bot DL to get the latest announcements and pilot features!

PR Bot Information

Version: 1.17.61 | 📖 Documentation | 🚨 Create Incident | 💬 Feedback

  • Output Template: Default Template
  • Event Trigger: pull_request.edited
  • Summary Prompt: Default Prompt
  • LLM: anthropic--claude-4.5-sonnet
  • Correlation ID: bbd4b7f0-0d9e-11f1-894a-5accae685c85

Copy link
Contributor

@hyperspace-insights hyperspace-insights bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR adds media type restriction support for attachments. I've identified a few issues: a typo in MIME type definitions (application/txt should be text/plain), potential security concerns with filename validation (missing path traversal checks), and a minor note about null handling. Overall the implementation is reasonable but needs these corrections before merging.

PR Bot Information

Version: 1.17.53 | 📖 Documentation | 🚨 Create Incident | 💬 Feedback

  • Event Trigger: pull_request.opened
  • LLM: anthropic--claude-4.5-sonnet
  • Correlation ID: 78c854a0-0757-11f1-833c-299ee35f3dc8

@samyuktaprabhu samyuktaprabhu changed the title Add support to restrict media types Add support to restrict @Core.AcceptableMediaTypes Feb 11, 2026
@samyuktaprabhu samyuktaprabhu force-pushed the sam-restrict-media-types-409 branch from 8b6c095 to a12bc05 Compare February 17, 2026 08:35
@samyuktaprabhu samyuktaprabhu self-assigned this Feb 17, 2026
Copy link
Contributor

@hyperspace-insights hyperspace-insights bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.


Summary

The pull request introduces MIME type validation for attachments with good test coverage. However, several null safety issues were identified in the validation logic that could lead to NullPointerException errors. Additionally, a minor CDS syntax inconsistency and a misleading test variable name should be addressed.

PR Bot Information

Version: 1.17.61 | 📖 Documentation | 🚨 Create Incident | 💬 Feedback

  • Event Trigger: issue_comment.created
  • Correlation ID: b7b79080-0bdb-11f1-9b97-78cdc3653ab1
  • LLM: anthropic--claude-4.5-sonnet

@hyperspace-insights hyperspace-insights bot deleted a comment from samyuktaprabhu Feb 17, 2026
@samyuktaprabhu samyuktaprabhu marked this pull request as ready for review February 17, 2026 08:36
@samyuktaprabhu samyuktaprabhu force-pushed the sam-restrict-media-types-409 branch from e2b000e to 26b499c Compare February 17, 2026 09:36
Copy link
Collaborator

@Schmarvinius Schmarvinius left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unit-Tests:

  • AttachmentCalidationHelperTest:
    • Add a test for wildcard subtype rejection like image/* should reject application/pdf
    • Add a test for files start with . like .gitignore or .ssh or .zshrc and so on

Integration-Tests:

  • MediaCalidatedAttachmentsDraftTest:
    • Add a test for false inputs like an empty string. You have them for non draft but not for draft.
    • Add tests for situations where it fails like upload a pdf when only jpeg or image/* is allowed
      • Also one for dotfiles
  • MediaValidatedAttachmentsNonDraftTest:
    • Add a test for case sensitivity in the extension
    • Add a test for no extension
    • Add a test for hidden files again

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants

Comments