Skip to content

Corpus Management Fix corrupt file upload (unreleased feature)

- requested to merge 347483-corpus-upload-zip-fix into master

What does this MR do and why?

This MR is a follow-up big for an unreleased feature. Entire page is feature flagged out, not an extension of an existing feature.

Bug: #347483 (closed)

Lack of test

I didn't add unit tests because I was unsure how to test this. I think we need a E2E test instead which we don't currently support well in the Secure stage that would cover unzipping the file and verifying contents. The bug was hard to track because in the original implementation we got a 200, and with the bug fix we got a 200. To truly test the bug fix, we'd need to verify that we could unzip the downloaded file and that the file contents matched. Since unzipping the file is done outside of the browser, and by a zip utility in the OS user space and not the browser I wasn't able to add tests

Before

When downloading the uploaded file, it appeared to be corrupt:

failure

After

Screen_Shot_2021-12-15_at_12.27.35_PM

Describe in detail what your merge request does and why.

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

How to set up and validate locally

Validation errors will be handled in #342583

  • From the gitlab repo open a rails console and enable the :corpus_management feature flag
bundle exec rails c

then

[4] pry(main)> Feature.enable(:corpus_management)

Navigate to:

http://172.16.123.1:3000/<group>/<project>/-/security/configuration/corpus_management

Click on New Corpus, upload any zip file

Click "Add", should see the corpus added to the table

Click the download button from the table row

Verify the unzipped file contents match your original file (Note, downloaded file will be named after the package name you uploaded, not the original file name, but the contents should remain the same)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #347483 (closed)

Edited by -

Merge request reports