File Access Control Expression


I am trying to block .eml files from being uploaded. I feel like I am really close with the expression, but just off enough that it is not working.

Search shows .eml files have the following mime type: message/rfc822

I have tried this expression with no luck: /^message/(rfc822)$/I

Any help would be great!

Thank you for your time.



1 Like

We have tried this expression and it still does allows eml files from users to be uploaded.

Any other ideas?

Thank you for your help.


Sorry, I was wrong! RegExp is for multiple MIME types. Please use the appropriate MIME type with the is operator.

File mime type (upload) | is | message/rfc822

But in the new NC release is a bug with File Access Control with FileSystemTags (/apps/workflowengine/lib/Check/FileSystemTags.php), imho. My old rules have blown the log file.

I will investigate it tomorrow.

1 Like

Thank you for all of your help.

Unfortunately this still did not work for us. We are running 10 or in the logs it says: version’ => '

Again thank you for your help.


Any progress with this? This is something that would really help us if we could get it working.

I appreciate all your help with this.

Thank you.

I just tested this and it works quite fine here.

You can try adding the following debug code:

if (substr($this->path, -4) === '.eml') {
   \OC::$server->getLogger()->error('Mimetype of "{file}" is "{mime}"', [
      'app' => 'files_accesscontrol',
      'file' => $this->path,
      'mime' => $mimeType,

Before the following line:

And upload the problematic file manually through the web UI. Then it will log the mimetype of your file, so you can see if it actually uses a different mimetype

1 Like

The GitHub code was way different then what was in our install.



  • @copyright Copyright © 2016 Joas Schilling
  • @license GNU AGPL version 3 or any later version
  • This program is free software: you can redistribute it and/or modify
  • it under the terms of the GNU Affero General Public License as
  • published by the Free Software Foundation, either version 3 of the
  • License, or (at your option) any later version.
  • This program is distributed in the hope that it will be useful,
  • but WITHOUT ANY WARRANTY; without even the implied warranty of
  • GNU Affero General Public License for more details.
  • You should have received a copy of the GNU Affero General Public License
  • along with this program. If not, see


namespace OCA\WorkflowEngine\Check;

use OCP\Files\IMimeTypeDetector;
use OCP\IL10N;
use OCP\IRequest;

class FileMimeType extends AbstractStringCheck {

/** @var string */
protected $mimeType;

/** @var IRequest */
protected $request;

/** @var IMimeTypeDetector */
protected $mimeTypeDetector;

 * @param IL10N $l
 * @param IRequest $request
 * @param IMimeTypeDetector $mimeTypeDetector
public function __construct(IL10N $l, IRequest $request, IMimeTypeDetector $mimeTypeDetector) {
	$this->request = $request;
	$this->mimeTypeDetector = $mimeTypeDetector;

 * @return string
protected function getActualValue() {
	if ($this->mimeType !== null) {
		return $this->mimeType;

	$this->mimeType = '';
	if ($this->isWebDAVRequest()) {
		if ($this->request->getMethod() === 'PUT') {
			$path = $this->request->getPathInfo();
			$this->mimeType = $this->mimeTypeDetector->detectPath($path);
	} else if (in_array($this->request->getMethod(), ['POST', 'PUT'])) {
		$files = $this->request->getUploadedFile('files');
		if (isset($files['type'][0])) {
			$this->mimeType = $files['type'][0];
	return $this->mimeType;

 * @return bool
protected function isWebDAVRequest() {
	return substr($this->request->getScriptName(), 0 - strlen('/remote.php')) === '/remote.php' && (
		$this->request->getPathInfo() === '/webdav' ||
		strpos($this->request->getPathInfo(), '/webdav/') === 0 ||
		$this->request->getPathInfo() === '/dav/files' ||
		strpos($this->request->getPathInfo(), '/dav/files/') === 0


I changed the code to GitHub and things seem to be working like we expected it to.

Thank you for your help with this. I really appreciate it :slight_smile: