Add Antivirus Scanner#19329
Conversation
…S/OrchardCore into ma/upload-file-scanner
|
@gvkries @sebastienros I made the changes we spoke about today. However, I added |
I think that service is fine, but we could also just go with extension methods. Because I think we should not force all event handlers to be singletons, the additional service just adds overhead. |
…S/OrchardCore into ma/upload-file-scanner
Co-authored-by: Georg von Kries <gvk@creativbox.net>
@gvkries I addressed your feedback. Now the FileCreatingService is transient and the handlers can be registered in any form. I still like FileCreatingService over extension as it provides better UI, and the user will have to resolve a single service and it is stronger abstraction. |
Co-authored-by: Georg von Kries <gvk@creativbox.net>
|
This pull request has merge conflicts. Please resolve those before requesting a review. |
|
@copilot please fix merge conflicts and merge main into this branch |
Co-authored-by: MikeAlhayek <24724371+MikeAlhayek@users.noreply.github.com>
Done in commit |
|
|
||
| namespace OrchardCore.Antivirus.ClamAV; | ||
|
|
||
| public sealed class ClamAvConnectionFactory : IDisposable |
There was a problem hiding this comment.
these implementations could be private (not just this class)
| /// The caller owns the original <paramref name="stream"/> and should dispose the returned | ||
| /// <see cref="FileCreatingResult"/> to clean up any replacement stream created by handlers. | ||
| /// </summary> | ||
| public async Task<FileCreatingResult> CreateAsync( |
There was a problem hiding this comment.
I think we need an argument to specify ownership and the dispose behavior. By default any stream that is passed we now own and dispose it like StreamReader, GZipStream, SslStream, …). For instance public MyWrapper(Stream stream, ..., bool leaveOpen = false).
| @@ -0,0 +1,22 @@ | |||
| <Project Sdk="Aspire.AppHost.Sdk/13.4.1"> | |||
There was a problem hiding this comment.
it's fine right now but we should put this version in a props file so this is updatable automatically (it's already 13.4.4)
There was a problem hiding this comment.
Project Sdk="..." does not naturally flow from Directory.Packages.props. I added comment to ensure that we update the Sdk when updating the package version
| $"tcp://{PrimaryEndpoint.Property(EndpointProperty.Host)}:{PrimaryEndpoint.Property(EndpointProperty.Port)}"); | ||
| } | ||
|
|
||
| internal static class ClamAVResourceBuilderExtensions |
There was a problem hiding this comment.
what about making these available in the modules?
Same for configuration.
There was a problem hiding this comment.
I'd keep them in OrchardCore.AspireHost for now so the runtime module doesn’t take an Aspire hosting dependency.
| using Aspire.Hosting.ApplicationModel; | ||
| using OrchardCore.AspireHost; | ||
|
|
||
| var builder = DistributedApplication.CreateBuilder(args); |
There was a problem hiding this comment.
what is the goal of the app? Feels like a sample for ClamAV, not a generic "OrchardCore ApireHost".
We could say it's the beginning of such a big sample but there are nothing else than the AV right now...
There was a problem hiding this comment.
Today it is effectively a ClamAV-oriented sample/bootstrap host. But this will be expanded later on by adding more useful services like Elasticsearch, Redis, etc so that we can use the Aspire host to make other services ready locally.
|
This pull request has merge conflicts. Please resolve those before requesting a review. |
This pull request introduces a new ClamAV antivirus integration for Orchard Core, enabling file scanning with ClamAV before storage. It adds a new
OrchardCore.Antivirusmodule, Aspire host project, and related configuration and documentation updates. The key changes are grouped below:ClamAV Antivirus Module Implementation:
OrchardCore.Antivirusmodule with ClamAV support, including options (ClamAvOptions), a connection manager (ClamAvConnection,ClamAvConnectionFactory), and a file event handler (ClamAvFileEventHandler) that scans files using ClamAV before saving. This ensures uploaded files are checked for viruses and rejected if infected. [1] [2] [3] [4]Manifest.cswith metadata and description.Aspire Host Integration:
OrchardCore.AspireHostproject configured to orchestrate the ClamAV container via Aspire, including resource definition (ClamAVResource), program setup (Program.cs), and related configuration files. This enables running ClamAV alongside Orchard Core in a distributed environment. [1] [2] [3] [4] [5] [6] [7]Solution and Dependency Updates:
OrchardCore.slnx) and included the Aspire package version inDirectory.Packages.props. [1] [2] [3]OrchardCore.Cms.Web.csproj.Documentation: