Extension Resource Type Validation

Extension Basics

Title	Resource Type Validation
Name	ckanext-resource-type-validation
Type	Public extension
Description	Stricter validation of resource formats ensuring file extension, contents, and format are compatible
CKAN versions	~2.9 Show details These CKAN Versions are exactely matched: 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.10.5 2.10.6 2.10.7 2.10.8 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.9.0 2.9.1 2.9.10 2.9.11 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 2.9.8 2.9.9
Download-Url (zip)	https://github.com/DataShades/ckanext-resource-type-validation.git#egg=ckanext-resource-type-validation
Download-Url commit date	2022-07-13
Url to repo	https://github.com/DataShades/ckanext-resource-type-validation
Category	Data Management & Quality

Background Infos

Description (long)	Show details The resource-type-validation extension performs comprehensive validation of resource formats for uploaded files in CKAN. It ensures that the file extension, file contents (via magic/type sniffing), and declared resource format are all compatible with each other. This reduces workload on staff by preventing miscategorized files and provides better restrictions on allowed formats by running files through magic/type sniffing systems, ensuring invalid files can’t be uploaded by simply selecting a random format and changing the file extension. The extension supports whitelists of allowed file extensions and/or MIME types. Configuration file allows defining allowed_extensions, allowed_overrides (MIME type subtypes), equal_types (interchangeable types), archive_types (special handling for ZIP etc), generic_types (supertypes to prevent content-sniffing attacks), and extra_mimetypes (custom extension mappings). Developed by Queensland Government.
Version	0.0.1
Version release date	2022-07-13
Contact name	Queensland Online
Contakt email	qol.development@smartservice.qld.gov.au
Contact Url	(not set)

Installation Guide

Configuration hints	Requirements: - CKAN <= 2.8 (CKAN 2.9 compatibility not yet verified) - python-magic library for file type sniffing Installation: 1. Activate CKAN virtualenv 2. Install extension: pip install -e git+https://github.com/qld-gov-au/ckanext-resource-type-validation.git#egg=ckanext-resource-type-validation 3. Install dependencies: pip install -r ckanext-resource-type-validation/requirements.txt Add to ckan.plugins: resource_type_validation Configuration: Path to configuration file for file types (optional) Default: ckanext/resource_type_validation/resources/resource_types.json ckanext.resource_validation.types_file = /path/to/file.json Support contact for error messages (optional) ckanext.resource_validation.support_contact = webmaster@example.com Whitelist of allowed MIME types (optional) ckan.mimetypes_allowed = application/pdf,text/plain,text/xml Configuration file structure (all optional): allowed_extensions: List of allowed file extensions (case-insensitive) Example: [“pdf”, “csv”, “json”, “xml”] allowed_overrides: MIME type subtype mappings Example: {“text/plain”: [“application/xml”, “text/”], “application/octet-stream”: [“”]} application/xml is subtype of text/plain Wildcards: “” for any type, “prefix/” for any with prefix equal_types: Lists of interchangeable types Example: [[“text/xml”, “application/xml”], [“text/csv”, “application/csv”]] archive_types: Types requiring special handling Example: [“application/zip”, “application/x-tar”, “application/gzip”] Archives can specify any format (referring to contents) Must be well-formed (extension and contents match) generic_types: Generic supertypes (prevents content-sniffing attacks) Example: [“text/plain”, “application/octet-stream”] File with text/plain content can specify CSV extension/format File with .txt extension cannot specify CSV format Prevents browser-based content-sniffing attacks extra_mimetypes: Custom extension to MIME type mappings Example: {“.ttf”: “text/plain”, “.geojson”: “application/geo+json”} Benefits: - Reduces staff workload fixing miscategorized files - Better format restrictions via type sniffing - Prevents invalid file uploads with fake extensions - Protects against content-sniffing attacks Testing: python ckanext/resource_type_validation/test_mime_type_validation.py OR nosetests –ckan –with-pylons=test.ini ckanext/resource_type_validation
Plugins to configure (ckan.ini)	resource_type_validation
CKAN Settings (ckan.ini)	# ckanext.resource_validation.types_file = /path/to/file.json # ckanext.resource_validation.support_contact = webmaster@example.com # ckan.mimetypes_allowed = application/pdf,text/plain,text/xml
DB migration to be executed	(not set)

<< back to Extensions