From ae650d14d96119dff4f87b6185a60cbcdeb9df81 Mon Sep 17 00:00:00 2001
From: Evgeny Generalov <Evgeniy.Generalov@coxautoinc.com>
Date: Sat, 14 Nov 2020 22:52:29 +0300
Subject: [PATCH] fix: content type

---
 packages/import-service/package.json          |  3 ++-
 packages/import-service/serverless.yml        |  1 +
 .../src/handlers/importProductsFile.js        | 21 ++++++++++++++++---
 3 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/packages/import-service/package.json b/packages/import-service/package.json
index 25a6d77..09b2663 100644
--- a/packages/import-service/package.json
+++ b/packages/import-service/package.json
@@ -23,6 +23,7 @@
   "license": "MIT",
   "dependencies": {
     "aws-sdk": "^2.792.0",
-    "csv-parser": "^2.3.3"
+    "csv-parser": "^2.3.3",
+    "http-errors": "^1.8.0"
   }
 }
diff --git a/packages/import-service/serverless.yml b/packages/import-service/serverless.yml
index 702a28b..55c03a1 100644
--- a/packages/import-service/serverless.yml
+++ b/packages/import-service/serverless.yml
@@ -49,6 +49,7 @@ functions:
             parameters:
               querystrings:
                 name: true
+                type: true
 
   importFileParser:
     handler: src/handlers/importFileParser.handler
diff --git a/packages/import-service/src/handlers/importProductsFile.js b/packages/import-service/src/handlers/importProductsFile.js
index a8c6085..6414964 100644
--- a/packages/import-service/src/handlers/importProductsFile.js
+++ b/packages/import-service/src/handlers/importProductsFile.js
@@ -1,10 +1,16 @@
 import AWS from "aws-sdk";
+import httpError from "http-errors";
 import middy from "@middy/core";
 import middyHttpCors from "@middy/http-cors";
 import middyErrorHandler from "middy-error-handler";
 import middyRequestLogger from "middy-request-logger";
 
 const { IMPORT_S3_BUCKET, IMPORT_S3_PREFIX, IMPORT_S3_REGION } = process.env;
+const ALLOWED_CONTENT_TYPES = [
+  "text/csv",
+  "application/vnd.ms-excel",
+  "text/x-csv",
+];
 
 export const handler = middy(importProductsFile).use([
   middyErrorHandler(),
@@ -14,14 +20,23 @@ export const handler = middy(importProductsFile).use([
 
 export async function importProductsFile(event, context, callback) {
   const fileName = event.queryStringParameters.name;
-  const catalogPath = [IMPORT_S3_PREFIX, fileName].join("");
+  const fileMimeType = event.queryStringParameters.type;
+
+  if (
+    !ALLOWED_CONTENT_TYPES.find((allowedType) =>
+      fileMimeType.includes(allowedType)
+    )
+  ) {
+    throw new httpError.BadRequest(`Unsupported file type ${fileMimeType}`);
+  }
 
   const s3 = new AWS.S3({ region: IMPORT_S3_REGION });
+  const uploadPath = [IMPORT_S3_PREFIX, fileName].join("");
   const url = await s3.getSignedUrlPromise("putObject", {
     Bucket: IMPORT_S3_BUCKET,
-    Key: catalogPath,
+    Key: uploadPath,
     Expires: 60,
-    ContentType: "text/csv",
+    ContentType: fileMimeType,
   });
 
   return {