ct/bmc_hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: container_name uses STACK_NAME + ALLOWED_EXTENSIONS CSV parsing v2.2.13

Browse Source
This commit is contained in:
Christian 2026-03-01 20:01:11 +01:00
parent 84c837f303
commit c5aa31b825
4 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION
View File

@ -1 +1 @@
2.2.11 2.2.13

10
app/billing/backend/supplier_invoices.py
View File

@ -1982,10 +1982,16 @@ async def upload_supplier_invoice(file: UploadFile = File(...)):
try: try:
# Validate file extension # Validate file extension
suffix = Path(file.filename).suffix.lower() suffix = Path(file.filename).suffix.lower()
if suffix not in settings.ALLOWED_EXTENSIONS: suffix_clean = suffix.lstrip('.')
# Build allowed set — guard against pydantic parsing CSV as a single element
raw = settings.ALLOWED_EXTENSIONS
if len(raw) == 1 and ',' in raw[0]:
raw = [e.strip() for e in raw[0].split(',')]
allowed_clean = {ext.lower().lstrip('.') for ext in raw}
if suffix_clean not in allowed_clean:
raise HTTPException( raise HTTPException(
status_code=400, status_code=400,
detail=f"Filtype {suffix} ikke tilladt. Tilladte: {', '.join(settings.ALLOWED_EXTENSIONS)}" detail=f"Filtype {suffix} ikke tilladt. Tilladte: {', '.join(sorted(allowed_clean))}"
) )
# Create upload directory # Create upload directory

14
app/core/config.py
View File

@ -111,6 +111,20 @@ class Settings(BaseSettings):
EMAIL_MAX_UPLOAD_SIZE_MB: int = 50 # Max file size for email uploads EMAIL_MAX_UPLOAD_SIZE_MB: int = 50 # Max file size for email uploads
ALLOWED_EXTENSIONS: List[str] = ["pdf", "jpg", "jpeg", "png", "gif", "doc", "docx", "xls", "xlsx", "zip"] # Allowed file extensions for uploads ALLOWED_EXTENSIONS: List[str] = ["pdf", "jpg", "jpeg", "png", "gif", "doc", "docx", "xls", "xlsx", "zip"] # Allowed file extensions for uploads
@field_validator("ALLOWED_EXTENSIONS", mode="before")
@classmethod
def parse_allowed_extensions(cls, v):
"""Handle both list and comma-separated string (e.g. from .env: .pdf,.jpg,...)"""
if isinstance(v, str):
# Split comma-separated and strip whitespace + leading dots
return [ext.strip().lstrip('.').lower() for ext in v.split(',') if ext.strip()]
if isinstance(v, list):
# Fix case where pydantic already wrapped entire CSV as single list element
if len(v) == 1 and ',' in str(v[0]):
return [ext.strip().lstrip('.').lower() for ext in str(v[0]).split(',') if ext.strip()]
return [ext.strip().lstrip('.').lower() for ext in v if ext]
return v
# vTiger Cloud Integration # vTiger Cloud Integration
VTIGER_ENABLED: bool = False VTIGER_ENABLED: bool = False
VTIGER_URL: str = "" VTIGER_URL: str = ""

5
docker-compose.prod.yml
View File

@ -4,7 +4,7 @@ services:
# PostgreSQL Database - Production # PostgreSQL Database - Production
postgres: postgres:
image: postgres:16-alpine image: postgres:16-alpine
container_name: bmc-hub-postgres-prod container_name: bmc-hub-postgres-${STACK_NAME:-prod}
environment: environment:
POSTGRES_USER: ${POSTGRES_USER} POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
@ -36,8 +36,7 @@ services:
RELEASE_VERSION: ${RELEASE_VERSION:-latest} RELEASE_VERSION: ${RELEASE_VERSION:-latest}
GITHUB_TOKEN: ${GITHUB_TOKEN} GITHUB_TOKEN: ${GITHUB_TOKEN}
GITHUB_REPO: ${GITHUB_REPO:-ct/bmc_hub} GITHUB_REPO: ${GITHUB_REPO:-ct/bmc_hub}
image: localhost/bmc-hub:${RELEASE_VERSION:-latest} container_name: bmc-hub-api-${STACK_NAME:-prod}
container_name: bmc-hub-api-prod
depends_on: depends_on:
postgres: postgres:
condition: service_healthy condition: service_healthy