Revert "feat: add parse server option fileUpload.fileTypes"

This reverts commit 16a9d0a.

Author: dblythy

spec/.eslintrc.json

@@ -34,8 +34,7 @@
       "jequal": true,
       "create": true,
       "arrayContains": true,
-      "databaseAdapter": true,
-      "requestWithExpectedError": true
+      "databaseAdapter": true
     },
     "rules": {
       "no-console": [0],

spec/ParseFile.spec.js

@@ -1109,150 +1109,6 @@ describe('Parse.File testing', () => {
           await expectAsync(reconfigureServer({ fileUpload: { [key]: value } })).toBeResolved();
         }
       }
-      await expectAsync(
-        reconfigureServer({
-          fileUpload: {
-            fileTypes: 1,
-          },
-        })
-      ).toBeRejectedWith('fileUpload.fileTypes must be an array or string.');
-    });
-  });
-  describe('fileTypes', () => {
-    it('works with _ContentType', async () => {
-      await reconfigureServer({
-        fileUpload: {
-          enableForPublic: true,
-          fileTypes: '(^image)(/)[a-zA-Z0-9_]*',
-        },
-      });
-      await expectAsync(
-        requestWithExpectedError({
-          method: 'POST',
-          url: 'http://localhost:8378/1/files/file',
-          body: JSON.stringify({
-            _ApplicationId: 'test',
-            _JavaScriptKey: 'test',
-            _ContentType: 'text/html',
-            base64: 'PGh0bWw+PC9odG1sPgo=',
-          }),
-        })
-      ).toBeRejectedWith(
-        new Parse.Error(Parse.Error.FILE_SAVE_ERROR, `File upload of type text/html is disabled.`)
-      );
-    });
-
-    it('works without Content-Type', async () => {
-      await reconfigureServer({
-        fileUpload: {
-          enableForPublic: true,
-          fileTypes: '(^image)(/)[a-zA-Z0-9_]*',
-        },
-      });
-      const headers = {
-        'X-Parse-Application-Id': 'test',
-        'X-Parse-REST-API-Key': 'rest',
-      };
-      await expectAsync(
-        requestWithExpectedError({
-          method: 'POST',
-          headers: headers,
-          url: 'http://localhost:8378/1/files/file.html',
-          body: '<html></html>\n',
-        })
-      ).toBeRejectedWith(
-        new Parse.Error(Parse.Error.FILE_SAVE_ERROR, `File upload of type text/html is disabled.`)
-      );
-    });
-
-    it('works with array', async () => {
-      await reconfigureServer({
-        fileUpload: {
-          enableForPublic: true,
-          fileTypes: ['image/jpg'],
-        },
-      });
-      await expectAsync(
-        requestWithExpectedError({
-          method: 'POST',
-          url: 'http://localhost:8378/1/files/file',
-          body: JSON.stringify({
-            _ApplicationId: 'test',
-            _JavaScriptKey: 'test',
-            _ContentType: 'text/html',
-            base64: 'PGh0bWw+PC9odG1sPgo=',
-          }),
-        })
-      ).toBeRejectedWith(
-        new Parse.Error(Parse.Error.FILE_SAVE_ERROR, `File upload of type text/html is disabled.`)
-      );
-    });
-
-    it('works with array without Content-Type', async () => {
-      await reconfigureServer({
-        fileUpload: {
-          enableForPublic: true,
-          fileTypes: ['image/jpg'],
-        },
-      });
-      const headers = {
-        'X-Parse-Application-Id': 'test',
-        'X-Parse-REST-API-Key': 'rest',
-      };
-      await expectAsync(
-        requestWithExpectedError({
-          method: 'POST',
-          headers: headers,
-          url: 'http://localhost:8378/1/files/file.html',
-          body: '<html></html>\n',
-        })
-      ).toBeRejectedWith(
-        new Parse.Error(Parse.Error.FILE_SAVE_ERROR, `File upload of type text/html is disabled.`)
-      );
-    });
-
-    it('works with array with correct file type', async () => {
-      await reconfigureServer({
-        fileUpload: {
-          enableForPublic: true,
-          fileTypes: ['text/html'],
-        },
-      });
-      const response = await request({
-        method: 'POST',
-        url: 'http://localhost:8378/1/files/file',
-        body: JSON.stringify({
-          _ApplicationId: 'test',
-          _JavaScriptKey: 'test',
-          _ContentType: 'text/html',
-          base64: 'PGh0bWw+PC9odG1sPgo=',
-        }),
-      });
-      const b = response.data;
-      expect(b.name).toMatch(/_file.html$/);
-      expect(b.url).toMatch(/^http:\/\/localhost:8378\/1\/files\/test\/.*file.html$/);
-    });
-
-    it('works with regex with correct file type', async () => {
-      await reconfigureServer({
-        fileUpload: {
-          enableForPublic: true,
-          fileTypes: '(^text)(/)[a-zA-Z0-9_]*',
-        },
-      });
-      const headers = {
-        'X-Parse-Application-Id': 'test',
-        'X-Parse-REST-API-Key': 'rest',
-      };
-      const response = await request({
-        method: 'POST',
-        headers: headers,
-        url: 'http://localhost:8378/1/files/file.html',
-        body: '<html></html>\n',
-      });
-      const b = response.data;
-      expect(b.name).toMatch(/_file.html$/);
-      expect(b.url).toMatch(/^http:\/\/localhost:8378\/1\/files\/test\/.*file.html$/);
     });
   });
 });

spec/helper.js

@@ -4,7 +4,6 @@ const semver = require('semver');
 const CurrentSpecReporter = require('./support/CurrentSpecReporter.js');
 const { SpecReporter } = require('jasmine-spec-reporter');
 const SchemaCache = require('../lib/Adapters/Cache/SchemaCache').default;
-const request = require('../lib/request');
 
 // Ensure localhost resolves to ipv4 address first on node v17+
 if (dns.setDefaultResultOrder) {
@@ -31,13 +30,6 @@ if (global._babelPolyfill) {
   console.error('We should not use polyfilled tests');
   process.exit(1);
 }
-global.requestWithExpectedError = async params => {
-  try {
-    return await request(params);
-  } catch (e) {
-    throw new Error(e.data.error);
-  }
-};
 process.noDeprecation = true;
 
 const cache = require('../lib/cache').default;

src/Config.js

@@ -421,11 +421,6 @@ export class Config {
     } else if (typeof fileUpload.enableForAuthenticatedUser !== 'boolean') {
       throw 'fileUpload.enableForAuthenticatedUser must be a boolean value.';
     }
-    if (fileUpload.fileTypes === undefined) {
-      fileUpload.fileTypes = FileUploadOptions.fileTypes.default;
-    } else if (typeof fileUpload.fileTypes !== 'string' && !Array.isArray(fileUpload.fileTypes)) {
-      throw 'fileUpload.fileTypes must be an array or string.';
-    }
   }
 
   static validateMasterKeyIps(masterKeyIps) {

src/Deprecator/Deprecations.js

@@ -24,5 +24,4 @@ module.exports = [
   },
   { optionKey: 'enforcePrivateUsers', changeNewDefault: 'true' },
   { optionKey: 'allowClientClassCreation', changeNewDefault: 'false' },
-  { optionKey: 'fileUpload.fileTypes', changeNewDefault: '^(.(?!.*html?))*$' },
 ];

src/Options/Definitions.js

@@ -866,11 +866,6 @@ module.exports.FileUploadOptions = {
     action: parsers.booleanParser,
     default: false,
   },
-  fileTypes: {
-    env: 'PARSE_SERVER_FILE_UPLOAD_FILE_TYPES',
-    help: 'If set, allowed content types of files',
-    default: '.*',
-  },
 };
 module.exports.DatabaseOptions = {
   enableSchemaHooks: {

src/Options/docs.js

@@ -202,7 +202,6 @@
  * @property {Boolean} enableForAnonymousUser Is true if file upload should be allowed for anonymous users.
  * @property {Boolean} enableForAuthenticatedUser Is true if file upload should be allowed for authenticated users.
  * @property {Boolean} enableForPublic Is true if file upload should be allowed for anyone, regardless of user authentication.
- * @property {String} fileTypes If set, allowed content types of files
  */
 
 /**

src/Options/index.js

@@ -490,9 +490,6 @@ export interface PasswordPolicyOptions {
 }
 
 export interface FileUploadOptions {
-  /*  If set, allowed content types of files
-  :DEFAULT: .* */
-  fileTypes: ?string;
   /*  Is true if file upload should be allowed for anonymous users.
   :DEFAULT: false */
   enableForAnonymousUser: ?boolean;

src/Routers/FilesRouter.js

@@ -124,7 +124,7 @@ export class FilesRouter {
     }
     const filesController = config.filesController;
     const { filename } = req.params;
-    const contentType = req.get('Content-type') || mime.getType(filename);
+    const contentType = req.get('Content-type');
 
     if (!req.body || !req.body.length) {
       next(new Parse.Error(Parse.Error.FILE_SAVE_ERROR, 'Invalid file upload.'));
@@ -137,25 +137,6 @@ export class FilesRouter {
       return;
     }
 
-    const fileTypes = config.fileUpload && config.fileUpload.fileTypes;
-    if (!isMaster && fileTypes) {
-      try {
-        if (Array.isArray(fileTypes)) {
-          if (!fileTypes.includes(contentType)) {
-            throw `File upload of type ${contentType} is disabled.`;
-          }
-        } else if (typeof fileTypes === 'string') {
-          const regex = new RegExp(fileTypes);
-          if (!regex.test(contentType)) {
-            throw `File upload of type ${contentType} is disabled.`;
-          }
-        }
-      } catch (e) {
-        next(new Parse.Error(Parse.Error.FILE_SAVE_ERROR, e));
-        return;
-      }
-    }
-
     const base64 = req.body.toString('base64');
     const file = new Parse.File(filename, { base64 }, contentType);
     const { metadata = {}, tags = {} } = req.fileData || {};