From cf4a2f16bd9110d426bd1af12ca348cf7ba53e08 Mon Sep 17 00:00:00 2001
From: GeorgeWebberley <george@brain-plus.com>
Date: Sun, 1 Mar 2026 12:18:53 +0100
Subject: [PATCH] Added file validation pipe

---
 src/cases/cases.resolver.ts              |  3 ++-
 src/common/pipes/file-validation.pipe.ts | 23 +++++++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 src/common/pipes/file-validation.pipe.ts

diff --git a/src/cases/cases.resolver.ts b/src/cases/cases.resolver.ts
index e637da8..6d084c0 100644
--- a/src/cases/cases.resolver.ts
+++ b/src/cases/cases.resolver.ts
@@ -3,6 +3,7 @@ import { GraphQLUpload } from 'graphql-upload-ts';
 import type { FileUpload } from 'graphql-upload-ts';
 import { CasesService } from './cases.service';
 import { CaseLaw } from './entities/case-law.entity';
+import { CaseFileValidationPipe } from 'src/common/pipes/file-validation.pipe';
 
 @Resolver(() => CaseLaw)
 export class CasesResolver {
@@ -21,7 +22,7 @@ export class CasesResolver {
 
   @Mutation(() => CaseLaw)
   async uploadCase(
-    @Args({ name: 'file', type: () => GraphQLUpload })
+    @Args({ name: 'file', type: () => GraphQLUpload }, CaseFileValidationPipe)
     { createReadStream, filename, mimetype }: FileUpload,
   ) {
     const chunks: any[] = [];
diff --git a/src/common/pipes/file-validation.pipe.ts b/src/common/pipes/file-validation.pipe.ts
new file mode 100644
index 0000000..b1fed66
--- /dev/null
+++ b/src/common/pipes/file-validation.pipe.ts
@@ -0,0 +1,23 @@
+import { PipeTransform, Injectable, BadRequestException } from '@nestjs/common';
+import type { FileUpload } from 'graphql-upload-ts';
+
+@Injectable()
+export class CaseFileValidationPipe implements PipeTransform {
+  private readonly allowedMimeTypes = ['application/pdf', 'text/html'];
+
+  async transform(value: FileUpload): Promise<FileUpload> {
+    if (!value) {
+      throw new BadRequestException('No file provided');
+    }
+
+    const { mimetype } = value;
+
+    if (!this.allowedMimeTypes.includes(mimetype)) {
+      throw new BadRequestException(
+        `Invalid file type: ${mimetype}. Only PDF and HTML are allowed.`,
+      );
+    }
+
+    return value;
+  }
+}