django-lasuite malware detection integration #936
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
| IMHO the best way to add malware scanning would be to implement an ICAP client that forwards files to an ICAP server that the admin can configure. This is the way most services, e.g., Nextcloud, do it. |
| This part of the library can have many implementation. Maybe it is possible to add an ICAP backend alongside the other ones ? |
lunika force-pushed the feat/jcop branch 2 times, most recently from 505fa34 to fa0091d Compare 
qbey reviewed May 12, 2025
Library we are using can have celery shared task. We have to make some modification to load them earlier when the celery app is configure and when the impress app is loaded.
We want to use the malware_detection module from lasuite library. We add a new setting MALWARE_DETECTION to configure the backend we want to use. The callback is also added. It removes the file if it is not safe or change it's status in the metadata to set it as ready.
In the attachment_upload method, the status in the file metadata to processing and the malware_detection backend is called. We check in the media_auth if the status is ready in order to accept the request.
qbey approved these changes May 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
Purpose
The django lasuite library has a dedicated module managing malware detection.
We have to configure it using django settings and then put the logic we want to apply in a callback.
While the analyse is not made, we set a temporary status to the file metadata and this status is check in the media-auth endpoint to determine is the s3 signature should be return or not.
If a file is glas as unsafe, it is deleted.
Proposal