From 490757e9424a55db40218a69d6e4e2f36471804b Mon Sep 17 00:00:00 2001
From: Thomas Walker <thomas.e.walker88@gmail.com>
Date: Wed, 13 Dec 2023 08:16:33 -0500
Subject: [PATCH 1/3] EREGCSC-2267 sanitize file names

---
 solution/backend/file_manager/admin.py        | 20 +++++++++++++++++--
 .../backend/file_manager/tests/test_admin.py  | 15 ++++++++++++++
 2 files changed, 33 insertions(+), 2 deletions(-)
 create mode 100644 solution/backend/file_manager/tests/test_admin.py

diff --git a/solution/backend/file_manager/admin.py b/solution/backend/file_manager/admin.py
index 563e1fc293..708c3d06b0 100644
--- a/solution/backend/file_manager/admin.py
+++ b/solution/backend/file_manager/admin.py
@@ -1,3 +1,5 @@
+import re
+
 import requests
 from django import forms
 from django.conf import settings
@@ -55,17 +57,31 @@ class UploadedFileAdmin(BaseAdmin):
         "subjects": lambda: Subject.objects.all()
     }
 
+    # Will remove any characters from file namess we do not want in it.
+    # Commas in file names causes issues in chrsome on downloads since we rename the file.
+    def clean_file_name(self, name):
+        bad_char = [";", "!", "?", "*", ":", ",", '"', '“', "'", r'/', '\\', '-',]
+        temp = ''
+        split_name = name.split('.')
+        extension = split_name.pop()
+        file_name = '.'.join(split_name)
+        for i in bad_char:
+            temp = temp + i
+        clean_name = re.sub(rf'[{temp}]', '', file_name).strip()
+        return f'{clean_name}.{extension}'
+
     def save_model(self, request, obj, form, change):
         path = form.cleaned_data.get("file_path")
         if path:
-            file_name, extension = path._name.split('.')
-            obj.file_name = f"{slugify(file_name)}.{extension}"
+            obj.file_name = self.clean_file_name(path._name)
             self.upload_file(path, obj)
         super().save_model(request, obj, form, change)
 
     def save_related(self, request, form, formsets, change):
         super().save_related(request, form, formsets, change)
         add_to_index(form.instance)
+    # Will remove any characters from file names we do not want in it.
+    # Commas in file names causes issues in chrome on downloads since we rename the file.
 
     def upload_file(self, file, obj):
         key = obj.get_key()
diff --git a/solution/backend/file_manager/tests/test_admin.py b/solution/backend/file_manager/tests/test_admin.py
new file mode 100644
index 0000000000..eea05340cb
--- /dev/null
+++ b/solution/backend/file_manager/tests/test_admin.py
@@ -0,0 +1,15 @@
+from file_manager.admin import UploadedFileAdmin
+
+
+def test_extension():
+    file_name = 'blah.txt'
+    admin = UploadedFileAdmin
+    clean_name = admin.clean_file_name('', file_name)
+    file_name = 'weird name with "quotations".doc'
+    assert clean_name == 'blah.txt'
+    clean_name = admin.clean_file_name('', file_name)
+    assert clean_name == 'weird name with quotations.doc'
+    file_name = "random:;/!? .xls"
+    clean_name = admin.clean_file_name('', file_name)
+    assert clean_name == 'random.xls'
+

From 9914bc00079632b54a049a321118e951f976a1f7 Mon Sep 17 00:00:00 2001
From: Thomas Walker <thomas.e.walker88@gmail.com>
Date: Wed, 13 Dec 2023 08:21:32 -0500
Subject: [PATCH 2/3] linter fix

---
 solution/backend/file_manager/admin.py            | 1 -
 solution/backend/file_manager/tests/test_admin.py | 1 -
 2 files changed, 2 deletions(-)

diff --git a/solution/backend/file_manager/admin.py b/solution/backend/file_manager/admin.py
index 708c3d06b0..978d4f7de9 100644
--- a/solution/backend/file_manager/admin.py
+++ b/solution/backend/file_manager/admin.py
@@ -6,7 +6,6 @@
 from django.contrib import admin
 from django.urls import reverse
 from django.utils.html import format_html
-from django.utils.text import slugify
 
 from common.functions import establish_client
 from content_search.functions import add_to_index
diff --git a/solution/backend/file_manager/tests/test_admin.py b/solution/backend/file_manager/tests/test_admin.py
index eea05340cb..f0c1695400 100644
--- a/solution/backend/file_manager/tests/test_admin.py
+++ b/solution/backend/file_manager/tests/test_admin.py
@@ -12,4 +12,3 @@ def test_extension():
     file_name = "random:;/!? .xls"
     clean_name = admin.clean_file_name('', file_name)
     assert clean_name == 'random.xls'
-

From 526157dd533bd9609fff0b628114b5e53ac316f3 Mon Sep 17 00:00:00 2001
From: Thomas Walker <thomas.e.walker88@gmail.com>
Date: Wed, 13 Dec 2023 10:13:46 -0500
Subject: [PATCH 3/3] remove unnecessary comment

---
 solution/backend/file_manager/admin.py | 2 --
 1 file changed, 2 deletions(-)

diff --git a/solution/backend/file_manager/admin.py b/solution/backend/file_manager/admin.py
index 978d4f7de9..0f3bb10974 100644
--- a/solution/backend/file_manager/admin.py
+++ b/solution/backend/file_manager/admin.py
@@ -79,8 +79,6 @@ def save_model(self, request, obj, form, change):
     def save_related(self, request, form, formsets, change):
         super().save_related(request, form, formsets, change)
         add_to_index(form.instance)
-    # Will remove any characters from file names we do not want in it.
-    # Commas in file names causes issues in chrome on downloads since we rename the file.
 
     def upload_file(self, file, obj):
         key = obj.get_key()