Blog

Virus Scan 4 Mendix

When you have an app that users can use to upload files, there is always a risk that the file can cause problems. If you or your customer wants to protect their app from malware, phishing, spam and other malicious content, the Virus Scan 4 Mendix is the solution.

It’s a 3-step process:

It's easy to implement:

Download the module from the Mendix Appstore
 

Download the dependent modules


Fix some layout issues (the layout module has never the same name in every project ;-))

Add the ASU_VirusScan4Mendix to your After-startup microflows (Settings -> tab Runtime). This will configure the process queue module for you. It will create the queue and the process for doing the actual scan. Please check if the process queue is already initialized after this microflow (if you use this great module already). If not add ProcessQueue.ASu_InitialiseQueue at the end:




Add a new association from QueuedAction to System.Filedocument. This is generic for every app, so the executed action can always find your file, independent of the generalization:


It is always best practice to inherit from Filedocument or Image and never to use System.Filedocument or System.Image directly.

As in this Company Expenses sample app, we have the entity Receipt, which has a generalization of System.Image. We have to protect Receipt from the user until its scanned. So, you have to change your model for every role in your app that can only access the entity if [IsScanned = true()]. By default, the Boolean of IsScanned is false. You can also use this Boolean to show the user a friendly information message while the document is scanned (normally in the few seconds it takes for the scan to complete).
 

The next step is to modify the following microflow and add your own submicroflows (so they are not affected when upgrading the module): SF_HandleDocumentAfterScanning This microflow is called after the scan and will delete the file if it contains viruses of malware. If not, it will handle the file as clean, so the Boolean IsScanned can be flipped to true. Example;
 
Also check the microflow SF_CheckAlreadyScanned so the function can verify that the scan is completed.
 
The last important step is to check your model uses files and images and change their Commit microflows or events (beware of infinite loops (!) because the scan will also perform a commit just before scanning, you can change this). You can use Find Usages and/or Find Microflow actions. In this example, we have to change an event:
 
So that’s it. Look at the QueueOverview to see which scans are performed:


This file is cancelled due to an invalid license. In this case or similar issues, you can reschedule the scan if fixed (like invalid api key, not enough credits or network issues).

You can obtain a license to use the module by contacting sales: pricing starts from €1069/year for 60.000 file scans, rising to the level you need.


About me

Pim works as a Senior Business Engineer at Appronto and is certified as Mendix Expert

  nl.linkedin.com/in/pimvdnoll
 
 
Mendix developer profile