Added check for file overwrite setting (#9823)

2022-12-23 20:53:41 +05:30 · 2022-12-23 20:53:41 +05:30 · e68f2e0d7d
commit e68f2e0d7d
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@ -20,6 +20,7 @@ Changelog
 * Users now remain on the edit page after saving a snippet as draft (Sage Abdullah)
 * Base project template now populates the meta description tag from the search description field (Aman Pandey)
 * Added support for `azure-mgmt-cdn` version >= 10 and `azure-mgmt-frontdoor` version >= 1 in the frontend cache invalidator (Sylvain Fankhauser)
+ * Add a system check to warn when a `django-storages` backend is configured to allow overwriting (Rishabh jain)
 * Fix: Make sure workflow timeline icons are visible in high-contrast mode (Loveth Omokaro)
 * Fix: Ensure authentication forms (login, password reset) have a visible border in Windows high-contrast mode (Loveth Omokaro)
 * Fix: Ensure visual consistency between buttons and links as buttons in Windows high-contrast mode (Albina Starykova)
--- a/CONTRIBUTORS.rst
+++ b/CONTRIBUTORS.rst
@ -678,6 +678,7 @@ Contributors
 * Natarajan Balaji
 * Vallabh Tiwari
 * dr-rompecabezas
+* Rishabh jain

 Translators
 ===========
--- a/docs/releases/4.2.md
+++ b/docs/releases/4.2.md
@ -42,6 +42,7 @@ This feature was developed by Jake Howard.
 * Users now remain on the edit page after saving a snippet as draft (Sage Abdullah)
 * Base project template now populates the meta description tag from the search description field (Aman Pandey)
 * Added support for `azure-mgmt-cdn` version >= 10 and `azure-mgmt-frontdoor` version >= 1 in the frontend cache invalidator (Sylvain Fankhauser)
+ * Add a system check to warn when a `django-storages` backend is configured to allow overwriting (Rishabh jain)

 ### Bug fixes

--- a/wagtail/admin/checks.py
+++ b/wagtail/admin/checks.py
@ -183,3 +183,48 @@ def wagtail_admin_base_url_check(app_configs, **kwargs):
        )

    return errors
+
+
+@register("file_overwrite")
+def file_overwrite_check(app_configs, **kwargs):
+    from django.conf import settings
+
+    file_storage = getattr(settings, "DEFAULT_FILE_STORAGE", None)
+
+    errors = []
+
+    if file_storage == "storages.backends.s3boto3.S3Boto3Storage" and getattr(
+        settings, "AWS_S3_FILE_OVERWRITE", True
+    ):
+        errors.append(
+            Warning(
+                "The AWS_S3_FILE_OVERWRITE setting is set to True",
+                hint="This should be set to False. The incorrect setting can cause documents and "
+                "other user-uploaded files to be silently overwritten or deleted.",
+                id="wagtailadmin.W004",
+            )
+        )
+    if file_storage == "storages.backends.azure_storage.AzureStorage" and getattr(
+        settings, "AZURE_OVERWRITE_FILES", False
+    ):
+        errors.append(
+            Warning(
+                "The AZURE_OVERWRITE_FILES setting is set to True",
+                hint="This should be set to False. The incorrect setting can cause documents and "
+                "other user-uploaded files to be silently overwritten or deleted.",
+                id="wagtailadmin.W004",
+            )
+        )
+    if file_storage == "storages.backends.gcloud.GoogleCloudStorage" and getattr(
+        settings, "GS_FILE_OVERWRITE", True
+    ):
+        errors.append(
+            Warning(
+                "The GS_FILE_OVERWRITE setting is set to True",
+                hint="This should be set to False. The incorrect setting can cause documents and "
+                "other user-uploaded files to be silently overwritten or deleted.",
+                id="wagtailadmin.W004",
+            )
+        )
+
+    return errors