Virus Scanning - Ministry User File Interactions

[CarlyCotton]

User Story As a Ministry User, I would like to ensure that malware is not propagated VIA SIMS due to the reputational risk and as such require that all files received via SIMS are scanned. This involves not allowing a file to be downloaded before it has been scanned as OK, and to put a placeholder file when files had scanning issues.

Acceptance Criteria

• [x] Pending Scan: Do not allow users to download a file that has not been scanned. When clicking on a file that hasn't been scanned, show a message "Warning: This file has not been scanned and will be available to download once it is determined to be safe."
• [x] Successfully Scanned: Safely scanned files are able to be downloaded by ministry users, no additional content required.
• [x] Scanned by Failed/Virus Detected: Perform the following:
  • [x] Hide the failed file so it cannot be accessed by users.
  • [x] Update the link to the hidden file and rename it to include "OriginalFileError".
  • [x] On clicking the link show a message (consistent with the pending file warning) "Error: The original file was deleted due to security rules. Please re-check file and attempt to upload again."

Technical Context

• [x] Check for the "student_files" table " virus_scan_status" column and if its in "Pending/ in progress" do not allow the user to download the file, rather create a snackbar stating "Warning: This file has not been scanned and will be available to download once it is determined to be safe."
• [x] Add a condition to the below query to not fetch the student file if the virus_scan_status is in pending or in progress state. 'https://github.com/bcgov/SIMS/blob/ff9c49b2e68edfa76784a644059e79c841f3bcd1/sources/packages/backend/apps/api/src/services/student-file/student-file.service.ts#L49'
• [x] Update the file name to include "OriginalFileError" and status to "Virus detected" in the student_files table and display the warning message.
• [x] Existing E2E test case needs to be updated and create test case for the API that downloads the file to check the pending and in progress status.

Context Follow up on how to deal with the virus scanning in #3180 for users.

[CarlyCotton]

@HRAGANBC @Joshua-Lakusta @JerPearson Please take a look and let me know if we're missing anything to push this up to lather.

[HRAGANBC]

Remove file attached. Insert placeholder text file. Add System message..."

Not clear to me how this is different than the following AC. Are you envisioning an error message AND a text file containing some contents?

[CarlyCotton]

@HRAGANBC I was thinking that we'd have the placeholder text file(with a note inside to provide context to the student) AND adding a note to the student profile (as a guide for ministry users). I've updated the AC to better show the two items as separate.

[guru-aot]

"Filename should be the same as the deleted file with "-OriginalFileError" at the end" can we update it to "-OriginalFileError.txt" ? @CarlyCotton @HRAGANBC Please confirm

[CarlyCotton]

@guru-aot Yes, can have the .txt extension after "-OriginalFileError"

[andrepestana-aot]

@CarlyCotton

1. Should we really delete the files permanently or just do not return the infected content to the user? I'm confirming this now because a question was raised due to other requirements about soft deleting other data in the past.
2. Could we return a toast message to the user in case of infected file the same way as file scan pending? This could make it more consistent/uniform when dealing with files in the application.

[CarlyCotton]

@andrepestana-aot

1. Just want to have that file NOT accessible to users. So if that's a soft delete or "hiding" as long as that gets us to the result. I can update the AC to remove "Remove and delete file attached"?
2. A toast message or a modal when they try to click on it to download? I think the discussion was around having a placeholder file since the scan may not be instant and we need a way to show why their original file isn't there anymore.

[andrepestana-aot]

@CarlyCotton

1. Yes, then please update the AC to "Do not allow the download for files of pending scan. Instead of deleting the content, just do not return it to the user without changing the original file." or something similar.
2. Yes, the way to show them why the file is not accessible could be through a toast message as we are doing for pending scan files. When they click on the filename they're going to see a toast message "Due to our security rules, the original file, [filename], was deleted. Please re-check your file and attempt to re-upload." or something similar.

[CarlyCotton]

@andrepestana-aot I have updated the AC and edited my comment because I don't actually want to ensure that a sketchy file is accessible to users. Is there a reason to change this to a toast message instead of the way it was written/groomed/estimated?

[andrewsignori-aot]

As per the conversation including the team and @ninosamson the decision is not to delete the file from the storage. Later ticket to change purge failed files if needed.

[CarlyCotton]

To clarify regarding Guru's question above - we were asked if the text to show it failed could be in front of the extension. I answered it can be. If I'm asked if it can be behind the extension, it can be. As long as there is an indication of the error in the file name,

[CarlyCotton]

@andrepestana-aot

Updated the last AC to:

• [ ] Scanned by Failed/Virus Detected: Perform the following:
  • [ ] Hide the failed file so it cannot be accessed by users.
  • [ ] Update the link to the hidden file and rename it to include "OriginalFileError".
  • [ ] On clicking the link show a message (consistent with the pending file warning) "Error: The original file was deleted due to security rules. Please re-check file and attempt to upload again."

Original:

Scanned but Failed/Virus Detected: Perform the following automatically:

• Hide the failed file so it cannot be accessed by users. Insert placeholder text file (see next AC).
  • Filename should be the same as the deleted file with "-OriginalFileError" at the end. Inside the text file we can include more information: "Due to our security rules, the original file, [filename], was deleted. Please re-check your file and attempt to re-upload.