.drone.yml

@@ -62,6 +62,10 @@ steps:
       CODEFIRST_CLIENTDRONE_ENV_SERVER_NAME: http://codefirst.iut.uca.fr
       CODEFIRST_CLIENTDRONE_ENV_CORS_ALLOW_ORIGIN: https://codefirst.iut.uca.fr
       CODEFIRST_CLIENTDRONE_ENV_TRUSTED_PROXIES: REMOTE_ADDR
+      CODEFIRST_CLIENTDRONE_ENV_API_USER_SIGHT_ENGINE:
+        from_secret: API_USER_SIGHT_ENGINE
+      CODEFIRST_CLIENTDRONE_ENV_API_KEY_SIGHT_ENGINE:
+        from_secret: API_KEY_SIGHT_ENGINE
     depends_on:
       - docker-image
     when:

config/services.yaml

@@ -26,5 +26,11 @@ services:
         bind:
             $processor: '@api_platform.doctrine.orm.state.persist_processor'
 
+    App\Service\ImageSafetyServiceInterface: '@App\Service\DummyImageSafetyService'
+
     # add more service definitions when explicit configuration is needed
     # please note that last definitions always *replace* previous ones
+
+when@prod:
+    services:
+        App\Service\ImageSafetyServiceInterface: '@App\Service\SightEngineImageSafetyService'

src/Entity/Post.php

@@ -8,6 +8,7 @@ use ApiPlatform\Metadata\ApiProperty;
 use ApiPlatform\Metadata\ApiResource;
 use ApiPlatform\Metadata\GetCollection;
 use App\Repository\PostRepository;
+use App\Validator\ImageSafety;
 use Doctrine\Common\Collections\ArrayCollection;
 use Doctrine\Common\Collections\Collection;
 use Doctrine\DBAL\Types\Types;
@@ -64,6 +65,7 @@ class Post
 
     #[Vich\UploadableField(mapping: 'posts', fileNameProperty: 'image')]
     #[Assert\Image]
+    #[ImageSafety]
     private ?File $imageFile = null;
 
     #[ORM\Column(type: Types::TEXT)]
@@ -184,6 +186,9 @@ class Post
     public function setImageFile(?File $imageFile): static
     {
         $this->imageFile = $imageFile;
+        if ($imageFile !== null) {
+            $this->updatedAt = new \DateTimeImmutable();
+        }
 
         return $this;
     }

src/Form/PostType.php

@@ -21,7 +21,9 @@ class PostType extends AbstractType
             ->add('latitude')
             ->add('longitude')
             ->add('altitude')
-            ->add('imageFile', FileType::class)
+            ->add('imageFile', FileType::class, [
+                'required' => false,
+            ])
             ->add('commentary')
             ->add('species', EntityType::class, [
                 'class' => Species::class,

src/Service/DummyImageSafetyService.php

@@ -0,0 +1,13 @@
+<?php
+
+namespace App\Service;
+
+use Symfony\Component\HttpFoundation\File\File;
+
+class DummyImageSafetyService implements ImageSafetyServiceInterface
+{
+    public function isValid(File $file): bool
+    {
+        return true;
+    }
+}

src/Service/ImageSafetyServiceInterface.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace App\Service;
+
+use Symfony\Component\HttpFoundation\File\File;
+
+interface ImageSafetyServiceInterface
+{
+    public function isValid(File $file): bool;
+}

src/Service/SightEngineImageSafetyService.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Service;
+
+use Symfony\Component\DependencyInjection\Attribute\Autowire;
+use Symfony\Component\HttpFoundation\File\File;
+use Symfony\Contracts\HttpClient\HttpClientInterface;
+
+readonly class SightEngineImageSafetyService implements ImageSafetyServiceInterface
+{
+    public function __construct(
+        private HttpClientInterface $client,
+        #[Autowire(env: 'API_USER_SIGHT_ENGINE')] private string $apiUser,
+        #[Autowire(env: 'API_KEY_SIGHT_ENGINE')] private string $apiKey,
+    )
+    {
+    }
+
+    public function isValid(File $file): bool
+    {
+        $handle = fopen($file->getRealPath(), 'r');
+        if ($handle === false) {
+            return false;
+        }
+        $response = $this->client->request('POST', 'https://api.sightengine.com/1.0/check.json', [
+            'body' => [
+                'media' => $handle,
+                'models' => 'nudity-2.1',
+                'api_user' => $this->apiUser,
+                'api_secret' => $this->apiKey,
+            ],
+        ]);
+        fclose($handle);
+
+        $output = $response->toArray();
+        $scoreNudity = $output['nudity'];
+
+        return $scoreNudity['sexual_activity'] < 0.8 &&
+            $scoreNudity['sexual_display'] < 0.8 &&
+            $scoreNudity['erotica'] < 0.8;
+    }
+}

src/Validator/ImageSafety.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace App\Validator;
+
+use Symfony\Component\Validator\Constraint;
+
+/**
+ * @Annotation
+ * @Target({"PROPERTY", "METHOD", "ANNOTATION"})
+ */
+#[\Attribute(\Attribute::TARGET_PROPERTY | \Attribute::TARGET_METHOD | \Attribute::IS_REPEATABLE)]
+class ImageSafety extends Constraint
+{
+    public string $message = 'The uploaded image is not safe.';
+}

src/Validator/ImageSafetyValidator.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Validator;
+
+use App\Service\ImageSafetyServiceInterface;
+use Symfony\Component\Validator\Constraint;
+use Symfony\Component\Validator\ConstraintValidator;
+
+class ImageSafetyValidator extends ConstraintValidator
+{
+    public function __construct(private readonly ImageSafetyServiceInterface $imageSafetyService)
+    {
+    }
+
+    /**
+     * @param mixed $value
+     * @param ImageSafety $constraint
+     * @return void
+     */
+    public function validate(mixed $value, Constraint $constraint): void
+    {
+        if (null === $value || '' === $value) {
+            return;
+        }
+
+        if (!$this->imageSafetyService->isValid($value)) {
+            $this->context->buildViolation($constraint->message)->addViolation();
+        }
+    }
+}