a) File Type Condition : Consider a requirement wherein business wants to put a constrain on resume upload functionality in terms of file type and they want only '.doc or .pdf format' files to be uploaded.
One can see this validation working in Reporting Tools > XML Publisher > Report Definition. Under Validation tab we select a Template Type and under Template tab we upload a Template File. If type of the file we're uploading is not matching with the one we selected in Template Type page, we'll get an error. Checkout Record PeopleCode PSXPRPTTMPF_WRK.PSXPUPLOADTMPLPB.FieldChange.
b) File Size Condition: Say, we've a limitation on upper size of file.
This one is simple as AddAttachment Function has an argument MaxSize which will take care of this validation. Syntax of AddAttachment goes like:
AddAttachment(URLDestination, DirAndFilename, FileType, UserFile, MaxSize [, PreserveCase, UploadPageTitle]).
When the file size will exceed the permissible value, the return code would be %Attachment_FileExceedsMaxSize ( Numeric value: 6)
Code Snippet ( From PBooks):
&retcode = AddAttachment(URL.MYFTP, ATTACHSYSFILENAME, "", ATTACHUSERFILE, 0);
If (&retcode = %Attachment_FileExceedsMaxSize) Then
MessageBox(0, "File Attachment Status", 0, 0, "AddAttachment failed: File exceeds the max size");
.....
.....
End-If;
c) Virus Scanning: Assume that client wants to scan the uploaded file for virus. This one is interesting as PeopleSoft doesn't support this out-of-box.
[ Updated on 5/12/09: In PT 8.50, Virus Scan is a delivered feature with AddAttachement ( We need to do the setup at Web Server Level) ]
You may ask why do we need this scan after uploading the file, why can't we scan it upfront before uploading it. Well, when external applicants uploads their resume, PeopleSoft has no control on those resume unless it's got uploaded into the server. Now how can be scan for virus for the uploaded file ? Here is the high level step :
1) Assume file is uploaded into the table PS_RESUME_TBL ( consists subrecord FILE_ATTDET_SBR) [ you may upload the file in file server but saving file as BLOB/CLOB in DB is advisable].
2) Create a file ( of the same type) in temp and write the content of file from the table using WriteRaw. Code would be something like...
&RS = CreateRowset(Record.RESUME_TBL);
&query = "WHERE
&RS.Fill(&query);
Local File &File = GetFile("C:\temp\Resume.pdf", "w", "a", %FilePath_Absolute);
&reqFile.WriteRaw(&RS.GetRow(1).GetRecord(Record.RESUME_TBL).GetField(Field.FILE_DATA).Value);
&reqFile.Close();
[PS: This code is for reference only & not been tested, you can write a better code than this ]
3) We need to have a Command Line Virus Scanner installed in the file server which can scan this file for virus. We need a mechanism through which a) we can run a Virus Scanner from Command Line and b) We can run it for any specific file.
There are many such Antivirus product in the market. For testing purpose I've installed McAfee VirusScan Command Line Scanner for Windows.
To scan a file using this antivirus from command prompt, the command is: SCAN
To scan a file using this antivirus from command prompt and if found infected then to be deleted , the command is: SCAN
So in peoplecode we'll need to execute the command SCAN C:\temp\Resume.pdf /DEL using Exec function in Synchronous mode. This piece of code will make (a) antivirus to scan the file Resume.pdf first and (b) if the file is found infected, it will be deleted.
4) Now we need to check if this file Resume.pdf exists in the file server or not. If it still exists, then it's virus free...else it's virus infected. In case the file is not found in the server, we need to delete the row from PS_RESUME_TBL for this file and send a message to user about the infected file.
Code should be written at FieldChange peoplecode.
Refer http://www.rexswain.com/eicar.html for test virus file.
No comments:
Post a Comment