From 5b2253402e27fac4fb9b3241c070967845dcefa8 Mon Sep 17 00:00:00 2001
From: Michael Barz <mbarz@owncloud.com>
Date: Fri, 21 Jul 2023 15:45:41 +0200
Subject: [PATCH] use magicmime

---
 go.mod                                          |  3 ++-
 go.sum                                          |  2 ++
 services/policies/pkg/engine/opa/rf_mimetype.go | 17 +++++++++++++----
 vendor/modules.txt                              |  3 +++
 4 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/go.mod b/go.mod
index 90a3d83b8..9a7e002c0 100644
--- a/go.mod
+++ b/go.mod
@@ -17,7 +17,6 @@ require (
 	github.com/disintegration/imaging v1.6.2
 	github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e
 	github.com/egirna/icap-client v0.1.1
-	github.com/gabriel-vasile/mimetype v1.4.2
 	github.com/ggwhite/go-masker v1.0.9
 	github.com/go-chi/chi/v5 v5.0.8
 	github.com/go-chi/cors v1.2.1
@@ -68,6 +67,7 @@ require (
 	github.com/pkg/xattr v0.4.9
 	github.com/prometheus/client_golang v1.16.0
 	github.com/r3labs/sse/v2 v2.10.0
+	github.com/rakyll/magicmime v0.1.0
 	github.com/riandyrn/otelchi v0.5.1
 	github.com/rogpeppe/go-internal v1.10.0
 	github.com/rs/zerolog v1.29.1
@@ -176,6 +176,7 @@ require (
 	github.com/fatih/color v1.14.1 // indirect
 	github.com/felixge/httpsnoop v1.0.3 // indirect
 	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/gdexlab/go-render v1.0.1 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
 	github.com/go-acme/lego/v4 v4.4.0 // indirect
diff --git a/go.sum b/go.sum
index 2a921a5a0..2e55700c2 100644
--- a/go.sum
+++ b/go.sum
@@ -1477,6 +1477,8 @@ github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40T
 github.com/r3labs/sse/v2 v2.10.0 h1:hFEkLLFY4LDifoHdiCN/LlGBAdVJYsANaLqNYa1l/v0=
 github.com/r3labs/sse/v2 v2.10.0/go.mod h1:Igau6Whc+F17QUgML1fYe1VPZzTV6EMCnYktEmkNJ7I=
 github.com/rainycape/memcache v0.0.0-20150622160815-1031fa0ce2f2/go.mod h1:7tZKcyumwBO6qip7RNQ5r77yrssm9bfCowcLEBcU5IA=
+github.com/rakyll/magicmime v0.1.0 h1:aFIp1DqgzjcB3FI7rQk6uZl73i1VPpWswab1YKU4CL4=
+github.com/rakyll/magicmime v0.1.0/go.mod h1:OKs4S+1GpIAB1PCebhwp3rxhyipe7TiImiIeVyFlQt8=
 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
 github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 h1:MkV+77GLUNo5oJ0jf870itWm3D0Sjh7+Za9gazKc5LQ=
 github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
diff --git a/services/policies/pkg/engine/opa/rf_mimetype.go b/services/policies/pkg/engine/opa/rf_mimetype.go
index 033d664b6..8e317bb2c 100644
--- a/services/policies/pkg/engine/opa/rf_mimetype.go
+++ b/services/policies/pkg/engine/opa/rf_mimetype.go
@@ -1,13 +1,14 @@
 package opa
 
 import (
+	"log"
 	"mime"
 	"strings"
 
-	"github.com/gabriel-vasile/mimetype"
 	"github.com/open-policy-agent/opa/ast"
 	"github.com/open-policy-agent/opa/rego"
 	"github.com/open-policy-agent/opa/types"
+	"github.com/rakyll/magicmime"
 )
 
 var RFMimetypeExtensions = rego.Function1(
@@ -23,7 +24,9 @@ var RFMimetypeExtensions = rego.Function1(
 		if err := ast.As(a.Value, &mt); err != nil {
 			return nil, err
 		}
-
+		if err := mime.AddExtensionType(".oform", "application/vnd.openxmlformats-officedocument.wordprocessingml.document"); err != nil {
+			return nil, err
+		}
 		detectedExtensions, err := mime.ExtensionsByType(mt)
 		if err != nil {
 			return nil, err
@@ -52,8 +55,14 @@ var RFMimetypeDetect = rego.Function1(
 			return nil, err
 		}
 
-		mimetype := mimetype.Detect(body).String()
-
+		if err := magicmime.Open(magicmime.MAGIC_MIME_TYPE | magicmime.MAGIC_SYMLINK | magicmime.MAGIC_ERROR); err != nil {
+			log.Fatal(err)
+		}
+		defer magicmime.Close()
+		mimetype, err := magicmime.TypeByBuffer(body)
+		if err != nil {
+			return nil, err
+		}
 		return ast.StringTerm(strings.Split(mimetype, ";")[0]), nil
 	},
 )
diff --git a/vendor/modules.txt b/vendor/modules.txt
index d2d0f2675..a3bf4e648 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -1565,6 +1565,9 @@ github.com/prometheus/statsd_exporter/pkg/mapper/fsm
 # github.com/r3labs/sse/v2 v2.10.0
 ## explicit; go 1.13
 github.com/r3labs/sse/v2
+# github.com/rakyll/magicmime v0.1.0
+## explicit
+github.com/rakyll/magicmime
 # github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0
 ## explicit
 github.com/rcrowley/go-metrics