#696 - scan existing files for viruses

[HalcyonJAC]

Author checklist

• Include primary ticket number in title - e.g. "Move uploaded references to Google Drive #123 New styling for widget" - and any additional tickets in description
• Fill in the details below and delete as appropriate
• Be proactive in getting your work approved 💪

---

What's included?

Several months ago a virus scanning module was developed to scan documents as they are uploaded to the Firebase bucket. Metadata is then added to scanned files to indicate whether a virus was found or not. Firebase storage files then prevent the file from being downloaded if it has been scanned and found to have a virus.

The above works fine however many files had already been uploaded to the JAC system before the above was deployed. This piece of development is to make something that can scan all existing files in the bucket.

• Create a new endpoint to scan all files in the bucket for viruses.
  • The endpoint should write its results to a log file in the bucket.
    • The log file should contain a list of all files that were processed and the outcome of each.
    • If an error occurs, the details of the error should be written to the end of the log file.
  • By default, the endpoint should only scan files that have not been scanned before, but have an option to force all files to be scanned.
  • The endpoint should have an option of limiting the number of files to scan, for testing purposes.
  • By default, the endpoint should execute the virus scanning asynchronously, but have the option to running synchronously for testing purposes. For example: scan 5 files synchronously.
• Schedule a job to run the endpoint overnight every day (all unscanned files, asynchronously).

IMPORTANT: Once testing has been done on develop, the Virus Scanning service on develop should be switched off, as each instance

Who should test?

✅ Product owner
✅ Developers

How to test?

• Import the latest version of the Postman collection into Postman
• Run the scanAllFiles endpoint in Postman
• Inspect the log file that was produced (in Firebase storage bucket)
• Check the metadata of some of the files that were scanned.

Risk - how likely is this to impact other areas?

🟢 No risk - this is a self-contained piece of work

Related permissions

Have permissions been considered for this functionality?

• No permission changes required

---

PREVIEW:DEVELOP
can be OFF, DEVELOP or STAGING

[andrew-isaac]

Happy to sign off @HalcyonJAC and see demo at the end of week

[warrensearle]

Great stuff, thank you 👍