Skip to content

[PRMP-1384] File integrity check in document upload process #1075

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
NogaNHS wants to merge 8 commits into
base: main
Choose a base branch
from
Open

[PRMP-1384] File integrity check in document upload process #1075

NogaNHS wants to merge 8 commits into from
+633 −272

Conversation

@NogaNHS
Copy link
Contributor

@NogaNHS NogaNHS commented Feb 11, 2026

Overview

Jira ticket: PRMP-1384

Description

  • Implement check for locked or corrupt files during document upload process.
  • Introduce new INVALID status for documents that are password protected or corrupted.
  • Create requirements for files_lambda_layer to include msoffcrypto-tool.

Context

Checklist

Tasks for all changes:

  • 1. I have linked this PR to its Jira ticket.
  • 2. I have run git pre-commits. (WIP)
  • 3. I have added and/or updated relevant tests.
  • 4. I have updated relevant documentation.
  • 5. I have considered the cross-team impact (and have PR approval from both Core & Demographics if necessary).
  • 6. I have successfully deployed this change to a sandbox and witnessed unit and e2e tests passing:

NogaNHS and others added 4 commits February 11, 2026 11:48
@NogaNHS
[PRMP-1384] Add file validation for document uploads and update depen…
306c64b 
…dencies

- Implement check for locked or corrupt files during document upload process.
- Introduce new INVALID status for documents that are password protected or corrupted.
- Create requirements for files_lambda_layer to include msoffcrypto-tool.
@NogaNHS
Fix virus scan result constant to use uppercase enumeration
d00e45e
@adamwhitingnhs @NogaNHS
fix changed files queries on lint and format
24b6476
@NogaNHS
Refactor virus scan result handling to check for file name presence b…
8edc95a 
…efore processing
@NogaNHS NogaNHS marked this pull request as ready for review February 11, 2026 11:54
@NogaNHS NogaNHS requested review from a team as code owners February 11, 2026 11:54
@github-actions
Copy link

github-actions bot commented Feb 11, 2026

Code security issues found

View full details here.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 11, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
93.2% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

jameslinnell
jameslinnell reviewed Feb 11, 2026
View reviewed changes
lambdas/services/base/s3_service.py

def get_object_stream(self, bucket: str, key: str):
response = self.client.get_object(Bucket=bucket, Key=key)
def get_object_stream(self, bucket: str, key: str, byte_range: str = None):
Copy link
Contributor

@jameslinnell jameslinnell Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

byte_range: str | None = None

jameslinnell
jameslinnell reviewed Feb 11, 2026
View reviewed changes
lambdas/services/get_document_upload_status.py
if doc_ref.doc_status == "cancelled":
if doc_ref.virus_scanner_result == VirusScanResult.INFECTED:
return DocumentStatus.INFECTED.display, DocumentStatus.INFECTED.code
elif doc_ref.virus_scanner_result == VirusScanResult.INVALID:
Copy link
Contributor

@jameslinnell jameslinnell Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can probably just be
if doc_ref.virus....... instead of elif

jameslinnell
jameslinnell reviewed Feb 11, 2026
View reviewed changes
lambdas/tests/unit/services/test_get_document_upload_status.py
assert result["doc-id-4"]["error_code"] == DocumentStatus.INFECTED.code


def test_get_document_references_by_id_invalid_document(
Copy link
Contributor

@jameslinnell jameslinnell Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could be a good idea to include some e2e tests for this scenario

jameslinnell
jameslinnell reviewed Feb 12, 2026
View reviewed changes
lambdas/tests/unit/services/test_upload_document_reference_service.py
)
mock_stream.read.assert_called_once_with()
mock_bytesio.assert_called_once_with(file_content)
mock_check.assert_called_once_with(mock_file_stream, file_extension)
Copy link
Contributor

@jameslinnell jameslinnell Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe some more tests here that include failure scenarios.
file_name missing/None.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jameslinnell jameslinnell jameslinnell left review comments

@lillie-dae lillie-dae lillie-dae approved these changes

@SWhyteAnswer SWhyteAnswer SWhyteAnswer approved these changes

@kamenbachvarov-nhs kamenbachvarov-nhs kamenbachvarov-nhs approved these changes

@AndyFlintAnswerDigital AndyFlintAnswerDigital Awaiting requested review from AndyFlintAnswerDigital AndyFlintAnswerDigital is a code owner automatically assigned from NHSDigital/access-store

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@NogaNHS @jameslinnell @lillie-dae @SWhyteAnswer @kamenbachvarov-nhs @adamwhitingnhs