From 9d4d3b3a1ba568bc4ff42be2a6ea4af26535d7d5 Mon Sep 17 00:00:00 2001
From: cboulanger <christophe.boulanger@imio.be>
Date: Tue, 9 Jul 2024 11:25:52 +0200
Subject: [PATCH] WEB-4122 : Create adapter/validator to filter valid image
 mimetype in our solutions

---
 CHANGES.rst                             |  3 ++-
 src/imio/smartweb/common/adapters.py    | 26 +++++++++++++++++++++++++
 src/imio/smartweb/common/adapters.zcml  | 10 ++++++++++
 src/imio/smartweb/common/configure.zcml |  1 +
 4 files changed, 39 insertions(+), 1 deletion(-)

diff --git a/CHANGES.rst b/CHANGES.rst
index 6479fb5..23585a3 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -5,7 +5,8 @@ Changelog
 1.2.19 (unreleased)
 -------------------
 
-- Nothing changed yet.
+- WEB-4122 : Create adapter/validator to filter valid image mimetype in our solutions
+  [boulch]
 
 
 1.2.18 (2024-07-01)
diff --git a/src/imio/smartweb/common/adapters.py b/src/imio/smartweb/common/adapters.py
index 7a98b01..3d67d85 100644
--- a/src/imio/smartweb/common/adapters.py
+++ b/src/imio/smartweb/common/adapters.py
@@ -1,7 +1,12 @@
 # -*- coding: utf-8 -*-
 
 from plone.namedfile.interfaces import IAvailableSizes
+from plone.namedfile.interfaces import INamedImageField
+from plone.namedfile.field import InvalidImageFile
+from plone.namedfile.utils import get_contenttype
+from zope.component import adapter
 from zope.component import getUtility
+from zope.interface import Interface
 
 
 class BaseCroppingProvider(object):
@@ -17,3 +22,24 @@ def get_scales(self, fieldname, request=None):
         scales = list(allowed_sizes.keys())
         scales.remove("banner")
         return scales
+
+
+@adapter(INamedImageField, Interface)
+class ImageContenttypeValidator:
+    def __init__(self, field, value):
+        self.field = field
+        self.value = value
+
+    def __call__(self):
+        if self.value is None:
+            return
+        mimetype = get_contenttype(self.value)
+        valid_mimetypes = [
+            "image/gif",
+            "image/jpeg",
+            "image/png",
+            "image/svg+xml",
+            "image/webp",
+        ]
+        if mimetype not in valid_mimetypes:
+            raise InvalidImageFile(mimetype, self.field.__name__)
diff --git a/src/imio/smartweb/common/adapters.zcml b/src/imio/smartweb/common/adapters.zcml
index 1faa3e4..7ee3fc3 100644
--- a/src/imio/smartweb/common/adapters.zcml
+++ b/src/imio/smartweb/common/adapters.zcml
@@ -7,4 +7,14 @@
       factory=".adapters.BaseCroppingProvider"
       />
 
+  <unconfigure>
+    <adapter name="image_contenttype" factory="plone.namedfile.field.ImageContenttypeValidator" />
+  </unconfigure>
+
+  <adapter
+      factory=".adapters.ImageContenttypeValidator"
+      provides="plone.namedfile.field.IPluggableImageFieldValidation"
+      name="smartweb_image_contenttype"
+      />
+
 </configure>
diff --git a/src/imio/smartweb/common/configure.zcml b/src/imio/smartweb/common/configure.zcml
index b667c70..bdcb790 100644
--- a/src/imio/smartweb/common/configure.zcml
+++ b/src/imio/smartweb/common/configure.zcml
@@ -1,6 +1,7 @@
 <configure
     xmlns="http://namespaces.zope.org/zope">
 
+  <include package="z3c.unconfigure" file="meta.zcml" />
   <include package="collective.taxonomy" />
   <include package="eea.facetednavigation" />
   <include package="eea.facetednavigation" file="meta.zcml" />