Permission to Upload Blacklisted Files

1 Initial Problem

Up to now it has been possible to control the upload of files using a whitelist. Administrators can define file extensions, which are allowed when uploading files or define exceptions. Files with illegal file extensions are renamed to oldfilename.sec during upload.
The problem is that these .sec files can be downloaded, renamed and opened by the user. This possibility should be disabled with the possibility to make an exception for certain roles.

2 Conceptual Summary

The new feature will implement a blacklist in addition to the whitelist. File extensions that are blacklisted can no longer be uploaded. All file extensions that are not on the whitelist will still be renamed. It will also be possible to give a role the right to avoid the blacklist, but the whitelist will still be used and files will be renamed if they are not listed.
 
The right does not belong to individual objects but is assigned globally via Administration » File. Files in .zip format should be checked as well. The upload is canceled, if the .zip file contains a blacklisted file extension, but there is no renaming of .zip-files.

3 User Interface Modifications

3.1 List of Affected Views

• Administration » File: Upload Settings
• Administration » File: Permissions

3.2 User Interface Details

Add the illegal file extensions via Administration » File: Upload Settings into the textfield Custom Suffix Blacklist

If certain roles should still be allowed to upload files with illegal file extensions, check the box via Administration » File: Permissions for Upload file types despite blacklist

Now the boxes Visible and Read must be checked via Administration » General Settings for the desired role.

When trying to upload a blacklisted file, an error message is displayed:

3.3 New User Interface Concepts

{If the proposal introduces any completely new user interface elements, you might consult UI Kitchen Sink in order to find the necessary information to propose new UI-Concepts. Note that any maintainer might gladly assist you with this.}

4 Technical Information

The implementation does not include the planned implementation of a new Project: ILIAS Resource Storage Service (IRSS) because it is not accepted at this time. This feature request solves the problem described here as well: Permission to upload HTML5 content

5 Contact

• Author of the Request: Lorenz, Katharina [klorenz]
• Maintainer: Schmid, Fabian [fschmid]
• Implementation of the feature is done by: Schmid, Fabian [fschmid]

6 Funding

If you are interest in funding this feature, please add your name and institution to this list.

• Qualitus

7 Discussion

Kunkel, Matthias [mkunkel], 18 MAR 2019: How about labeling this permission "Bypass blacklist" and use "Upload indexed file types despite blacklist" as description (when hover or for templates? And a question to understand the workflow: If I have this permission and I upload a file that is blacklisted, does it still get a .sec ending. Or will it be available for everyone?

Lorenz, Katharina [klorenz], 21 MAR 2019: Thanks for your feedback, Matthias. We support the renaming and it's correct, the file will still be renamed in .sec.

JourFixe, ILIAS [jourfixe], 25 MAR 2019 : We highly appreciate this suggestion and schedule the feature for 6.0 with the following modifications:

• Permission to bypass blacklist should not require to have access to administration node of Files. Permission check using 'RBACSystem' should be sufficient to avoid that an additional global role has to be created for getting administration access.
• The blacklist should become a own input. Current negative list of whitelist should be kept because files with this file ending still can be uploaded but are renamed while blacklisted files are really blocked from being uploaded.

8 Implementation

{The maintainer has to give a description of the final implementation and add screenshots if possible.}

Test Cases

Test cases completed at {date} by {user}

• C31863 : Blacklist-Datei unberechtigt hochladen 
• C31864 : Blacklist-Datei berechtigt hochladen 
• C31865 : Blacklist-Datei in ZIP unberechtigt hochladen 
• C31866 : Blacklist-Datei in ZIP berechtigt hochladen 

Approval

Approved at 22.05.2019 by Breuer, Jens [breuer].