Check that uploaded APKs are a proper update to current app

App Edit Mode Upload

When the user uploads multiple files, we add all to the app that are proper updates and refuse all the rest. These can be:

• files that have a different file type than the existing files (e.g. user uploads an image, but the existing files are APKs)
• APKs that does not belong to the current app (different package ID)
• APKs that belong to the current app, but have a different signature

When we encounter any of those, we should provide the user with the filename that she tried to upload and with a reason why it was rejected.

Repo Index Upload

When dragging files into the app section of the repo, similar considerations apply. There we would need to reject:

• possibly forbidden file types (.php, .py)
• APKs that would be an update for an existing app, but already exist or have a wrong signature

We can not automatically detect here, if one non-apk file is supposed to be an update for another one. So updates for those need to be uploaded directly in the app edit mode. Otherwise, new "apps" will be created for them.

APKs uploaded here can be attached to the proper app if

• an app with the same package ID exists
• the existing app has the same signature
• the APK does not exist already

Related to #26 (closed)