[10.x] Added File Validation extensions (#49082)

* [10.x] Added Extension Validation * Updated Tests and Comments * formatting --------- Co-authored-by: Taylor Otwell <[email protected]>
laravel · Nov 22, 2023 · 4ae1ef6 · 4ae1ef6
1 parent 2967d89
commit 4ae1ef6
Show file tree

Hide file tree

Showing 7 changed files with 140 additions and 0 deletions.
diff --git a/src/Illuminate/Translation/lang/en/validation.php b/src/Illuminate/Translation/lang/en/validation.php
@@ -52,6 +52,7 @@
     'ends_with' => 'The :attribute field must end with one of the following: :values.',
     'enum' => 'The selected :attribute is invalid.',
     'exists' => 'The selected :attribute is invalid.',
+    'extensions' => 'The :attribute field must have one of the following extensions: :values.',
     'file' => 'The :attribute field must be a file.',
     'filled' => 'The :attribute field must have a value.',
     'gt' => [

diff --git a/src/Illuminate/Validation/Concerns/ReplacesAttributes.php b/src/Illuminate/Validation/Concerns/ReplacesAttributes.php
@@ -132,6 +132,20 @@ protected function replaceDigitsBetween($message, $attribute, $rule, $parameters
         return $this->replaceBetween($message, $attribute, $rule, $parameters);
     }
 
+    /**
+     * Replace all place-holders for the extensions rule.
+     *
+     * @param  string  $message
+     * @param  string  $attribute
+     * @param  string  $rule
+     * @param  array<int,string>  $parameters
+     * @return string
+     */
+    protected function replaceExtensions($message, $attribute, $rule, $parameters)
+    {
+        return str_replace(':values', implode(', ', $parameters), $message);
+    }
+
     /**
      * Replace all place-holders for the min rule.
      *

diff --git a/src/Illuminate/Validation/Concerns/ValidatesAttributes.php b/src/Illuminate/Validation/Concerns/ValidatesAttributes.php
@@ -1076,6 +1076,27 @@ protected function getExtraConditions(array $segments)
         return $extra;
     }
 
+    /**
+     * Validate the extension of a file upload attribute is in a set of defined extensions.
+     *
+     * @param  string  $attribute
+     * @param  mixed  $value
+     * @param  array<int, int|string>  $parameters
+     * @return bool
+     */
+    public function validateExtensions($attribute, $value, $parameters)
+    {
+        if (! $this->isValidFileInstance($value)) {
+            return false;
+        }
+
+        if ($this->shouldBlockPhpUpload($value, $parameters)) {
+            return false;
+        }
+
+        return in_array(strtolower($value->getClientOriginalExtension()), $parameters);
+    }
+
     /**
      * Validate the given value is a valid file.
      *

diff --git a/src/Illuminate/Validation/Rules/File.php b/src/Illuminate/Validation/Rules/File.php
@@ -24,6 +24,13 @@ class File implements Rule, DataAwareRule, ValidatorAwareRule
      */
     protected $allowedMimetypes = [];
 
+    /**
+     * The extensions that the given file should match.
+     *
+     * @var array
+     */
+    protected $allowedExtensions = [];
+
     /**
      * The minimum size in kilobytes that the file can be.
      *
@@ -129,6 +136,20 @@ public static function types($mimetypes)
         return tap(new static(), fn ($file) => $file->allowedMimetypes = (array) $mimetypes);
     }
 
+
+    /**
+     * Limit the uploaded file to the given file extensions.
+     *
+     * @param  string|array<int, string>  $extensions
+     * @return $this
+     */
+    public function extensions($extensions)
+    {
+        $this->allowedExtensions = (array) $extensions;
+
+        return $this;
+    }
+
     /**
      * Indicate that the uploaded file should be exactly a certain size in kilobytes.
      *
@@ -256,6 +277,10 @@ protected function buildValidationRules()
 
         $rules = array_merge($rules, $this->buildMimetypes());
 
+        if (! empty($this->allowedExtensions)) {
+            $rules[] = 'extensions:'.implode(',', array_map('strtolower', $this->allowedExtensions));
+        }
+
         $rules[] = match (true) {
             is_null($this->minimumFileSize) && is_null($this->maximumFileSize) => null,
             is_null($this->maximumFileSize) => "min:{$this->minimumFileSize}",

diff --git a/src/Illuminate/Validation/Validator.php b/src/Illuminate/Validation/Validator.php
@@ -187,6 +187,7 @@ class Validator implements ValidatorContract
     protected $fileRules = [
         'Between',
         'Dimensions',
+        'Extensions',
         'File',
         'Image',
         'Max',

diff --git a/tests/Validation/ValidationFileRuleTest.php b/tests/Validation/ValidationFileRuleTest.php
@@ -134,6 +134,52 @@ public function testMixOfMimetypesAndMimes()
         );
     }
 
+    public function testSingleExtension()
+    {
+        $this->fails(
+            File::default()->extensions('png'),
+            UploadedFile::fake()->createWithContent('foo', file_get_contents(__DIR__.'/fixtures/image.png')),
+            ['validation.extensions']
+        );
+
+        $this->fails(
+            File::default()->extensions('png'),
+            UploadedFile::fake()->createWithContent('foo.jpg', file_get_contents(__DIR__.'/fixtures/image.png')),
+            ['validation.extensions']
+        );
+
+        $this->fails(
+            File::default()->extensions('jpeg'),
+            UploadedFile::fake()->createWithContent('foo.jpg', file_get_contents(__DIR__.'/fixtures/image.png')),
+            ['validation.extensions']
+        );
+
+        $this->passes(
+            File::default()->extensions('png'),
+            UploadedFile::fake()->createWithContent('foo.png', file_get_contents(__DIR__.'/fixtures/image.png')),
+        );
+    }
+
+    public function testMultipleExtensions()
+    {
+        $this->fails(
+            File::default()->extensions(['png', 'jpeg', 'jpg']),
+            UploadedFile::fake()->createWithContent('foo', file_get_contents(__DIR__.'/fixtures/image.png')),
+            ['validation.extensions']
+        );
+
+        $this->fails(
+            File::default()->extensions(['png', 'jpeg']),
+            UploadedFile::fake()->createWithContent('foo.jpg', file_get_contents(__DIR__.'/fixtures/image.png')),
+            ['validation.extensions']
+        );
+
+        $this->passes(
+            File::default()->extensions(['png', 'jpeg', 'jpg']),
+            UploadedFile::fake()->createWithContent('foo.png', file_get_contents(__DIR__.'/fixtures/image.png')),
+        );
+    }
+
     public function testImage()
     {
         $this->fails(

diff --git a/tests/Validation/ValidationValidatorTest.php b/tests/Validation/ValidationValidatorTest.php
@@ -4697,6 +4697,38 @@ public function testValidateMime()
         $this->assertTrue($v->passes());
     }
 
+    public function testValidateExtension()
+    {
+        $trans = $this->getIlluminateArrayTranslator();
+        $uploadedFile = [__FILE__, '', null, null, true];
+
+        $file = $this->getMockBuilder(UploadedFile::class)->onlyMethods(['getClientOriginalExtension'])->setConstructorArgs($uploadedFile)->getMock();
+        $file->expects($this->any())->method('getClientOriginalExtension')->willReturn('pdf');
+        $v = new Validator($trans, ['x' => $file], ['x' => 'extensions:pdf']);
+        $this->assertTrue($v->passes());
+
+        $file = $this->getMockBuilder(UploadedFile::class)->onlyMethods(['getClientOriginalExtension'])->setConstructorArgs($uploadedFile)->getMock();
+        $file->expects($this->any())->method('getClientOriginalExtension')->willReturn('jpg');
+        $v = new Validator($trans, ['x' => $file], ['x' => 'extensions:jpg']);
+        $this->assertTrue($v->passes());
+
+        $file = $this->getMockBuilder(UploadedFile::class)->onlyMethods(['getClientOriginalExtension'])->setConstructorArgs($uploadedFile)->getMock();
+        $file->expects($this->any())->method('getClientOriginalExtension')->willReturn('jpg');
+        $v = new Validator($trans, ['x' => $file], ['x' => 'extensions:jpeg,jpg']);
+        $this->assertTrue($v->passes());
+
+        $file = $this->getMockBuilder(UploadedFile::class)->onlyMethods(['getClientOriginalExtension'])->setConstructorArgs($uploadedFile)->getMock();
+        $file->expects($this->any())->method('getClientOriginalExtension')->willReturn('jpg');
+        $v = new Validator($trans, ['x' => $file], ['x' => 'extensions:jpeg']);
+        $this->assertFalse($v->passes());
+
+        $file = $this->getMockBuilder(UploadedFile::class)->onlyMethods(['guessExtension', 'getClientOriginalExtension'])->setConstructorArgs($uploadedFile)->getMock();
+        $file->expects($this->any())->method('guessExtension')->willReturn('jpg');
+        $file->expects($this->any())->method('getClientOriginalExtension')->willReturn('jpeg');
+        $v = new Validator($trans, ['x' => $file], ['x' => 'mimes:jpg|extensions:jpg']);
+        $this->assertFalse($v->passes());
+    }
+
     public function testValidateMimeEnforcesPhpCheck()
     {
         $trans = $this->getIlluminateArrayTranslator();