Gallery: enable blocking packages with too many package entries (#6358)

Progress on #6357.

Author: dtivel

src/NuGetGallery/Configuration/AppConfiguration.cs

@@ -313,8 +313,10 @@ public class AppConfiguration : IAppConfiguration
         /// Gets/sets a string that is brand string to display in the footer, this also
         /// accepts a single {0} string format token which is replaced by the UTC year
         /// </summary>
-        public string ExternalBrandingMessage {
-            get {
+        public string ExternalBrandingMessage
+        {
+            get
+            {
                 return _ExternalBrandingMessage;
             }
 
@@ -338,5 +340,7 @@ public string ExternalBrandingMessage {
         public bool IsHosted { get; set; }
 
         public bool RejectSignedPackagesWithNoRegisteredCertificate { get; set; }
+
+        public bool RejectPackagesWithTooManyPackageEntries { get; set; }
     }
-}
+}

src/NuGetGallery/Configuration/IAppConfiguration.cs

@@ -339,5 +339,10 @@ public interface IAppConfiguration : ICoreMessageServiceConfiguration
         /// by the owner.
         /// </summary>
         bool RejectSignedPackagesWithNoRegisteredCertificate { get; set; }
+
+        /// <summary>
+        /// Whether or not to synchronously reject packages on push/upload that have too many package entries.
+        /// </summary>
+        bool RejectPackagesWithTooManyPackageEntries { get; set; }
     }
-}
+}

src/NuGetGallery/Services/PackageUploadService.cs

@@ -44,7 +44,14 @@ public async Task<PackageValidationResult> ValidateBeforeGeneratePackageAsync(Pa
         {
             var warnings = new List<string>();
 
-            var result = await CheckForUnsignedPushAfterAuthorSignedAsync(
+            var result = await CheckPackageEntryCountAsync(nuGetPackage, warnings);
+
+            if (result != null)
+            {
+                return result;
+            }
+
+            result = await CheckForUnsignedPushAfterAuthorSignedAsync(
                 nuGetPackage,
                 warnings);
 
@@ -63,6 +70,34 @@ public async Task<PackageValidationResult> ValidateBeforeGeneratePackageAsync(Pa
             return PackageValidationResult.AcceptedWithWarnings(warnings);
         }
 
+        private async Task<PackageValidationResult> CheckPackageEntryCountAsync(
+            PackageArchiveReader nuGetPackage,
+            List<string> warnings)
+        {
+            if (!_config.RejectPackagesWithTooManyPackageEntries)
+            {
+                return null;
+            }
+
+            const ushort maxPackageEntryCount = ushort.MaxValue - 1;
+
+            var packageEntryCount = nuGetPackage.GetFiles().Count();
+
+            if (await nuGetPackage.IsSignedAsync(CancellationToken.None))
+            {
+                if (packageEntryCount > maxPackageEntryCount)
+                {
+                    return PackageValidationResult.Invalid(Strings.UploadPackage_PackageContainsTooManyEntries);
+                }
+            }
+            else if (packageEntryCount >= maxPackageEntryCount)
+            {
+                return PackageValidationResult.Invalid(Strings.UploadPackage_PackageContainsTooManyEntries);
+            }
+
+            return null;
+        }
+
         /// <summary>
         /// Validate repository metadata: 
         /// 1. If the type is "git" - allow the URL scheme "git://" or "https://". We will translate "git://" to "https://" at display time for known domains.
@@ -212,10 +247,10 @@ private async Task<PackageValidationResult> ValidateSignatureFilePresenceAsync(
                         else
                         {
                             return new PackageValidationResult(
-                               PackageValidationResultType.PackageShouldNotBeSigned,
-                               string.Format(
-                                   Strings.UploadPackage_PackageIsSignedButMissingCertificate_RequiredSigner,
-                                   owner.Username));
+                                PackageValidationResultType.PackageShouldNotBeSigned,
+                                string.Format(
+                                    Strings.UploadPackage_PackageIsSignedButMissingCertificate_RequiredSigner,
+                                    owner.Username));
                         }
                     }
                 }

src/NuGetGallery/Strings.Designer.cs

@@ -986,4 +986,7 @@ Policy violations: {0}</value>
   <data name="WarningNotHttpsRepositoryUrlScheme" xml:space="preserve">
     <value>Repository URL scheme should be 'https'. The provided URL will not be displayed.</value>
   </data>
+  <data name="UploadPackage_PackageContainsTooManyEntries" xml:space="preserve">
+    <value>The package contains too many files and/or folders.</value>
+  </data>
 </root>

src/NuGetGallery/Strings.resx

@@ -146,6 +146,7 @@
     <add key="Gallery.TrademarksUrl" value=""/>
     <add key="Gallery.EnforceDefaultSecurityPolicies" value="false"/>
     <add key="Gallery.RejectSignedPackagesWithNoRegisteredCertificate" value="false"/>
+    <add key="Gallery.RejectPackagesWithTooManyPackageEntries" value="false"/>
     <!-- This is also the default so you can remove this setting if you really want. -->
     <!-- Set this to false if you want to disable search indexing in the background. -->
     <add key="Gallery.AutoUpdateSearchIndex" value="true"/>

src/NuGetGallery/Web.config

@@ -4,6 +4,7 @@
 using System;
 using System.Collections.Generic;
 using System.IO;
+using System.IO.Compression;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
@@ -376,6 +377,69 @@ public async Task AggregatesWarnings()
                 Assert.Equal(2, result.Warnings.Count());
             }
 
+            [Theory]
+            [InlineData(true)]
+            [InlineData(false)]
+            public async Task WithTooManyPackageEntries_WhenRejectPackagesWithTooManyPackageEntriesIsFalse_AcceptsPackage(bool isSigned)
+            {
+                var desiredTotalEntryCount = isSigned ? ushort.MaxValue : ushort.MaxValue - 1;
+
+                _nuGetPackage = GeneratePackage(isSigned: isSigned, desiredTotalEntryCount: desiredTotalEntryCount);
+                _config
+                    .Setup(x => x.RejectPackagesWithTooManyPackageEntries)
+                    .Returns(false);
+
+                var result = await _target.ValidateBeforeGeneratePackageAsync(
+                    _nuGetPackage.Object,
+                    GetPackageMetadata(_nuGetPackage));
+
+                Assert.Equal(PackageValidationResultType.Accepted, result.Type);
+                Assert.Null(result.Message);
+                Assert.Empty(result.Warnings);
+            }
+
+            [Theory]
+            [InlineData(true)]
+            [InlineData(false)]
+            public async Task WithTooManyPackageEntries_WhenRejectPackagesWithTooManyPackageEntriesIsTrue_RejectsPackage(bool isSigned)
+            {
+                var desiredTotalEntryCount = isSigned ? ushort.MaxValue : ushort.MaxValue - 1;
+
+                _nuGetPackage = GeneratePackage(isSigned: isSigned, desiredTotalEntryCount: desiredTotalEntryCount);
+                _config
+                    .Setup(x => x.RejectPackagesWithTooManyPackageEntries)
+                    .Returns(true);
+
+                var result = await _target.ValidateBeforeGeneratePackageAsync(
+                    _nuGetPackage.Object,
+                    GetPackageMetadata(_nuGetPackage));
+
+                Assert.Equal(PackageValidationResultType.Invalid, result.Type);
+                Assert.Equal("The package contains too many files and/or folders.", result.Message);
+                Assert.Empty(result.Warnings);
+            }
+
+            [Theory]
+            [InlineData(true)]
+            [InlineData(false)]
+            public async Task WithNotTooManyPackageEntries_WhenRejectPackagesWithTooManyPackageEntriesIsTrue_AcceptsPackage(bool isSigned)
+            {
+                var desiredTotalEntryCount = (isSigned ? ushort.MaxValue : ushort.MaxValue - 1) - 1;
+
+                _nuGetPackage = GeneratePackage(isSigned: isSigned, desiredTotalEntryCount: desiredTotalEntryCount);
+                _config
+                    .Setup(x => x.RejectPackagesWithTooManyPackageEntries)
+                    .Returns(true);
+
+                var result = await _target.ValidateBeforeGeneratePackageAsync(
+                    _nuGetPackage.Object,
+                    GetPackageMetadata(_nuGetPackage));
+
+                Assert.Equal(PackageValidationResultType.Accepted, result.Type);
+                Assert.Null(result.Message);
+                Assert.Empty(result.Warnings);
+            }
+
             private PackageMetadata GetPackageMetadata(Mock<TestPackageReader> mockPackage)
             {
                 return PackageMetadata.FromNuspecReader(mockPackage.Object.GetNuspecReader(), strict: true);
@@ -934,13 +998,18 @@ public FactsBase()
                     _config.Object);
             }
 
-            protected static Mock<TestPackageReader> GeneratePackage(string version = "1.2.3-alpha.0", RepositoryMetadata repositoryMetadata = null, bool isSigned = true)
+            protected static Mock<TestPackageReader> GeneratePackage(
+                string version = "1.2.3-alpha.0",
+                RepositoryMetadata repositoryMetadata = null,
+                bool isSigned = true,
+                int? desiredTotalEntryCount = null)
             {
                 return PackageServiceUtility.CreateNuGetPackage(
                     id: "theId",
                     version: version,
                     repositoryMetadata: repositoryMetadata,
-                    isSigned: isSigned);
+                    isSigned: isSigned,
+                    desiredTotalEntryCount: desiredTotalEntryCount);
             }
         }
     }

tests/NuGetGallery.Facts/Services/PackageUploadServiceFacts.cs

@@ -171,7 +171,8 @@ public static Stream CreateTestPackageStream(
             IEnumerable<ClientPackageType> packageTypes = null,
             RepositoryMetadata repositoryMetadata = null,
             Action<ZipArchive> populatePackage = null,
-            bool isSymbolPackage = false)
+            bool isSymbolPackage = false,
+            int? desiredTotalEntryCount = null)
         {
             return CreateTestPackageStream(packageArchive =>
             {
@@ -187,7 +188,7 @@ public static Stream CreateTestPackageStream(
                 {
                     populatePackage(packageArchive);
                 }
-            });
+            }, desiredTotalEntryCount);
         }
 
         public static Stream CreateTestSymbolPackageStream(string id, string version, Action<ZipArchive> populatePackage = null)
@@ -218,17 +219,44 @@ public static Stream CreateTestPackageStreamFromNuspec(string id, string nuspec,
             });
         }
 
-        public static Stream CreateTestPackageStream(Action<ZipArchive> populatePackage)
+        public static Stream CreateTestPackageStream(Action<ZipArchive> populatePackage, int? desiredTotalEntryCount = null)
         {
             var packageStream = new MemoryStream();
-            using (var packageArchive = new ZipArchive(packageStream, ZipArchiveMode.Create, true))
+            using (var packageArchive = new ZipArchive(packageStream, ZipArchiveMode.Create, leaveOpen: true))
             {
                 if (populatePackage != null)
                 {
                     populatePackage(packageArchive);
                 }
             }
 
+            if (desiredTotalEntryCount.HasValue)
+            {
+                int packageEntryCount;
+
+                using (var packageArchive = new ZipArchive(packageStream, ZipArchiveMode.Read, leaveOpen: true))
+                {
+                    packageEntryCount = packageArchive.Entries.Count;
+                }
+
+                if (desiredTotalEntryCount.Value < packageEntryCount)
+                {
+                    throw new ArgumentException(
+                        $"The desired count ({desiredTotalEntryCount.Value}) of package entries is less than the actual count ({packageEntryCount}) of package entries.",
+                        nameof(desiredTotalEntryCount));
+                }
+
+                using (var packageArchive = new ZipArchive(packageStream, ZipArchiveMode.Update, leaveOpen: true))
+                {
+                    while (packageEntryCount < desiredTotalEntryCount.Value)
+                    {
+                        packageArchive.CreateEntry(Guid.NewGuid().ToString());
+
+                        ++packageEntryCount;
+                    }
+                }
+            }
+
             packageStream.Position = 0;
 
             return packageStream;

tests/NuGetGallery.Facts/TestPackage.cs

@@ -1,4 +1,13 @@
-using Moq;
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+using System.Collections.Generic;
+using System.Data.Entity;
+using System.IO;
+using System.Linq;
+using System.Linq.Expressions;
+using Moq;
 using NuGet.Frameworks;
 using NuGet.Packaging;
 using NuGet.Packaging.Core;
@@ -7,12 +16,6 @@
 using NuGetGallery.Configuration;
 using NuGetGallery.Framework;
 using NuGetGallery.Security;
-using System;
-using System.Collections.Generic;
-using System.Data.Entity;
-using System.IO;
-using System.Linq;
-using System.Linq.Expressions;
 
 namespace NuGetGallery.TestUtils
 {
@@ -78,7 +81,8 @@ public static Mock<TestPackageReader> CreateNuGetPackage(
             IEnumerable<PackageDependencyGroup> packageDependencyGroups = null,
             IEnumerable<NuGet.Packaging.Core.PackageType> packageTypes = null,
             RepositoryMetadata repositoryMetadata = null,
-            bool isSigned = false)
+            bool isSigned = false,
+            int? desiredTotalEntryCount = null)
         {
             if (packageDependencyGroups == null)
             {
@@ -136,7 +140,7 @@ public static Mock<TestPackageReader> CreateNuGetPackage(
                             writer.Write("Fake signature file.");
                         }
                     }
-                });
+                }, desiredTotalEntryCount: desiredTotalEntryCount);
 
             var mock = new Mock<TestPackageReader>(testPackage);
             mock.CallBase = true;