diff --git a/backend/feature/image/src/adapter/delivery/image_controller.rs b/backend/feature/image/src/adapter/delivery/image_controller.rs index 4d3acfe..133db87 100644 --- a/backend/feature/image/src/adapter/delivery/image_controller.rs +++ b/backend/feature/image/src/adapter/delivery/image_controller.rs @@ -28,6 +28,8 @@ pub trait ImageController: Send + Sync { pub struct ImageControllerImpl { upload_image_use_case: Arc, get_image_use_case: Arc, + + mime_type_whitelist: Vec, } impl ImageControllerImpl { @@ -38,6 +40,12 @@ impl ImageControllerImpl { Self { upload_image_use_case, get_image_use_case, + mime_type_whitelist: vec![ + "image/jpeg".to_string(), + "image/png".to_string(), + "image/gif".to_string(), + "image/webp".to_string(), + ], } } } @@ -48,6 +56,10 @@ impl ImageController for ImageControllerImpl { &self, image: ImageRequestDto, ) -> Result { + if !self.mime_type_whitelist.contains(&image.mime_type) { + return Err(ImageError::UnsupportedMimeType); + } + let id = self .upload_image_use_case .execute(image.to_entity()) diff --git a/backend/feature/image/src/application/error/image_error.rs b/backend/feature/image/src/application/error/image_error.rs index de3810d..5c10b00 100644 --- a/backend/feature/image/src/application/error/image_error.rs +++ b/backend/feature/image/src/application/error/image_error.rs @@ -3,4 +3,5 @@ pub enum ImageError { DatabaseError(String), StorageError(String), NotFound, + UnsupportedMimeType, } diff --git a/backend/feature/image/src/framework/db/image_record.rs b/backend/feature/image/src/framework/db/image_record.rs index 11548c8..b74bbab 100644 --- a/backend/feature/image/src/framework/db/image_record.rs +++ b/backend/feature/image/src/framework/db/image_record.rs @@ -1,4 +1,4 @@ -#[derive(sqlx::FromRow, Debug)] +#[derive(sqlx::FromRow)] pub struct ImageRecord { pub id: i32, pub mime_type: String, diff --git a/backend/feature/image/src/framework/web/image_web_routes.rs b/backend/feature/image/src/framework/web/image_web_routes.rs index 4bc07a6..4d0c206 100644 --- a/backend/feature/image/src/framework/web/image_web_routes.rs +++ b/backend/feature/image/src/framework/web/image_web_routes.rs @@ -57,10 +57,13 @@ async fn upload_image_handler( match result { Ok(image_info) => HttpResponse::Created().json(image_info), - Err(e) => { - log::error!("{e:?}"); - HttpResponse::InternalServerError().finish() - } + Err(e) => match e { + ImageError::UnsupportedMimeType => HttpResponse::BadRequest().body(format!("{e:?}")), + _ => { + log::error!("{e:?}"); + HttpResponse::InternalServerError().finish() + } + }, } } @@ -75,13 +78,12 @@ async fn get_image_by_id_handler( Ok(image_response) => HttpResponse::Ok() .content_type(image_response.mime_type) .body(image_response.data), - Err(e) => { - if e == ImageError::NotFound { - HttpResponse::NotFound().finish() - } else { + Err(e) => match e { + ImageError::NotFound => HttpResponse::NotFound().finish(), + _ => { log::error!("{e:?}"); HttpResponse::InternalServerError().finish() } - } + }, } } diff --git a/backend/feature/post/src/framework/db/post_with_label_record.rs b/backend/feature/post/src/framework/db/post_with_label_record.rs index 4999304..20fcabe 100644 --- a/backend/feature/post/src/framework/db/post_with_label_record.rs +++ b/backend/feature/post/src/framework/db/post_with_label_record.rs @@ -1,6 +1,6 @@ use chrono::NaiveDateTime; -#[derive(sqlx::FromRow, Debug)] +#[derive(sqlx::FromRow)] pub struct PostWithLabelRecord { pub post_id: i32, pub title: String,