/// <summary>Validates the specified object.</summary> /// <param name="value">The object to validate.</param> /// <param name="validationContext">The <see cref="T:System.ComponentModel.DataAnnotations.ValidationContext" /> object that describes the context where the validation checks are performed. This parameter cannot be null.</param> /// <exception cref="T:System.ComponentModel.DataAnnotations.ValidationException">Validation failed.</exception> protected override ValidationResult IsValid(object value, ValidationContext validationContext) { var postedFile = value as HttpPostedFileBase; if (postedFile == null) { // No posted file to validate return(ValidationResult.Success); } // Validate posted file size if (Size > 0 && postedFile.ContentLength > Size) { return(new ValidationResult(string.Format(CultureInfo.CurrentCulture, DataAnnotationsResources.FileAttribute_InvalidSize, validationContext.DisplayName, GetAllowedFileSizeDescription(Size)))); } byte[] postedBytes = null; // Get file model of posted file by matching against posted file extension var postedExtension = postedFile.FileName.Split('.').LastOrDefault(); if (postedExtension == null) { return(new ValidationResult(string.Format(CultureInfo.CurrentCulture, DataAnnotationsResources.FileAttribute_InvalidExtension, validationContext.DisplayName, GetAllowedFileExtensionsDescription()))); } // Get file model of posted file by matching against posted file extension var postedFileModel = FileModels.FirstOrDefault(m => m.Extensions.Contains(postedExtension.ToLower())); // Invalid posted file if there is no matching file model or it is not an allowed file type if (postedFileModel == null || !FileTypes.Contains(postedFileModel.FileType)) { return(new ValidationResult(string.Format(CultureInfo.CurrentCulture, DataAnnotationsResources.FileAttribute_InvalidType, validationContext.DisplayName, GetAllowedFileExtensionsDescription()))); } // Check config to see if file signature check should be skipped bool skip; if ((postedFileModel.FileType != FileType.Txt) && !(ConfigurationManager.AppSettings["SkipFileSignatureCheck"] != null && bool.TryParse(ConfigurationManager.AppSettings.Get("SkipFileSignatureCheck"), out skip) && skip)) { // Get copy of bytes postedBytes = postedFile.GetBytes(); // Check posted file data has a valid signature for its file type if (!postedFileModel.ValidSignature(postedBytes)) { return(new ValidationResult(string.Format(CultureInfo.CurrentCulture, DataAnnotationsResources.FileAttribute_InvalidSignature, validationContext.DisplayName, GetAllowedFileExtensionsDescription()))); } } // RTF specific validation if (postedFileModel.FileType == FileType.Rtf) { postedBytes = postedBytes ?? postedFile.GetBytes(); var text = new UTF8Encoding().GetString(postedBytes, 0, postedBytes.Length); if (!string.IsNullOrEmpty(text)) { text = text.ToLower(); if (text.Contains(string.Format("{0}{{", RtfImageTag)) || text.Contains(string.Format("{0}\\", RtfImageTag)) || text.Contains(string.Format("{0}{{", RtfDrawingTag)) || text.Contains(string.Format("{0}\\", RtfDrawingTag))) { return(new ValidationResult(string.Format(DataAnnotationsResources.FileAttribute_InvalidRtfImage, validationContext.DisplayName))); } if (text.Contains(string.Format("{0}{{", RtfObjectTag)) || text.Contains(string.Format("{0}\\", RtfObjectTag)) || text.Contains(string.Format("{0}{{", RtfMacObjectTag)) || text.Contains(string.Format("{0}\\", RtfMacObjectTag))) { return(new ValidationResult(string.Format(DataAnnotationsResources.FileAttribute_InvalidRtfObject, validationContext.DisplayName))); } var blueWordResult = new BlueWordAttribute().ValidateBlueWord(validationContext.DisplayName, text); if (blueWordResult != ValidationResult.Success) { return(blueWordResult); } } } // Validate compressed file size if (CompressedSize > 0) { var compressedBytes = (postedBytes ?? postedFile.GetBytes()).Compress(); if (compressedBytes != null && compressedBytes.Length > CompressedSize) { return(new ValidationResult(string.Format(CultureInfo.CurrentCulture, DataAnnotationsResources.FileAttribute_InvalidCompressedSize, validationContext.DisplayName, GetAllowedFileSizeDescription(CompressedSize)))); } } return(ValidationResult.Success); }