Do not allow uploading of binary_blob through generic POST and PUT requests. (#607)

PGijsbers · web-flow · commit 136ae4347151 · 2025-09-04T16:44:20.000+03:00
* Add columns to other tables

* Forbid uploading of binary blobs directly
diff --git a/alembic/alembic/versions/fabaaad1cf1f_make_content_url_optional_and_add_image_.py b/alembic/alembic/versions/fabaaad1cf1f_make_content_url_optional_and_add_image_.py
@@ -18,21 +18,47 @@
 branch_labels: Union[str, Sequence[str], None] = None
 depends_on: Union[str, Sequence[str], None] = None
 
+assets_with_media = [
+    "case_study",
+    "computational_asset",
+    "dataset",
+    "educational_resource",
+    "event",
+    "experiment",
+    "ml_model",
+    "news",
+    "organisation",
+    "person",
+    "project",
+    "publication",
+    "resource_bundle",
+    "service",
+    "team",
+]
+
 
 def upgrade() -> None:
-    op.alter_column(
-        "media_organisation", "content_url", existing_type=sa.String(length=1800), nullable=True
-    )
+    for asset_type in assets_with_media:
+        op.alter_column(
+            f"media_{asset_type}",
+            "content_url",
+            existing_type=sa.String(length=1800),
+            nullable=True,
+        )
 
-    op.add_column(
-        table_name="media_organisation",
-        column=sa.Column("binary_blob", sa.LargeBinary(), nullable=True),
-    )
+        op.add_column(
+            table_name=f"media_{asset_type}",
+            column=sa.Column("binary_blob", sa.LargeBinary(), nullable=True),
+        )
 
 
 def downgrade() -> None:
-    op.alter_column(
-        "media_organisation", "content_url", existing_type=sa.String(length=1800), nullable=False
-    )
+    for asset_type in assets_with_media:
+        op.alter_column(
+            f"media_{asset_type}",
+            "content_url",
+            existing_type=sa.String(length=1800),
+            nullable=False,
+        )
 
-    op.drop_column("media_organisation", "binary_blob")
+        op.drop_column(f"media_{asset_type}", "binary_blob")
diff --git a/src/database/model/ai_asset/distribution.py b/src/database/model/ai_asset/distribution.py
@@ -54,7 +54,11 @@ class DistributionBase(AIoDConceptBase):
     # Currently, only organisation accepts this field, potentially to store images (ex. organisation logo).
     binary_blob: bytes | None = Field(
         default=None,
-        description="Binary blob for storing image (or other type of media) data.",
+        description=(
+            "Binary blob for storing image (or other type of media) data. "
+            "You may not set this property directly, set it indirectly through dedicated "
+            "endpoints such as /organisations/{identifier}/image instead."
+        ),
         sa_column=Column(LargeBinary),
     )
 
diff --git a/src/routers/resource_router.py b/src/routers/resource_router.py
@@ -2,9 +2,7 @@
 import datetime
 import traceback
 from functools import partial
-from http import HTTPStatus
 from typing import Annotated, Any, Literal, Sequence, Type, TypeVar, Union, Callable, cast
-from wsgiref.handlers import format_date_time
 from fastapi import APIRouter, Depends, HTTPException, status, Query, Path
 from sqlalchemy import and_, func
 from sqlalchemy.sql.operators import is_
@@ -25,20 +23,16 @@
 from database.model.concept.concept import AIoDConcept
 from database.model.platform.platform import Platform
 from database.model.platform.platform_names import PlatformName
-from database.model.resource_read_and_create import (
-    resource_create,
-    resource_read,
-)
 from database.model.serializers import deserialize_resource_relationships
 from database.review import Submission, SubmissionCreate
 from database.session import DbSession
 from dependencies.filtering import ResourceFilters, ResourceFiltersParams
 from dependencies.pagination import Pagination, PaginationParams
 from error_handling import as_http_exception
+from database.model.ai_asset.distribution import Distribution
 from versioning import Version, VersionedResource
 
 from http import HTTPStatus
-from pydantic import BaseModel
 import base64
 
 RESOURCE = TypeVar("RESOURCE", bound=AIResource)
@@ -488,6 +482,7 @@ def register_resource(
                         detail="No permission to set platform or platform resource identifier.",
                     )
 
+            _raise_if_contains_binary_blob(resource_create)
             try:
                 with DbSession() as session:
                     try:
@@ -544,6 +539,7 @@ def put_resource(
             with DbSession() as session:
                 try:
                     resource: Any = self._retrieve_resource(session, identifier)
+                    _raise_if_contains_binary_blob(resource_create_instance)
                     if not (
                         user_can_write(user, resource.aiod_entry)
                         or user.has_role(f"update_{self.resource_name_plural}")
@@ -872,3 +868,15 @@ def _raise_error_on_invalid_schema(possible_schemas, schema):
             detail=f"Invalid schema {schema}. Expected {' or '.join(possible_schemas)}",
             status_code=status.HTTP_400_BAD_REQUEST,
         )
+
+
+def _raise_if_contains_binary_blob(item):
+    if not hasattr(item, "media") or not (media := getattr(item, "media")):
+        return
+
+    for item in media:
+        if isinstance(item, Distribution) and item.binary_blob:
+            raise HTTPException(
+                status_code=HTTPStatus.BAD_REQUEST,
+                detail="Setting `binary_blob` is forbidden. Consider using `content_url` instead.",
+            )
