Hi,

Is there a possibility (in Python3 scripts preferably) to disallow or block adding attachments of specific file types (e.g. ".png") to an incident or task? I experimented with the following, which does "run" without any problem - triggered by a rule on "attachment is created", but it does not "delete" the attachment.

Script on object type "attachment"

# Do not allow attachments  .png extensions are discarded
name = str(attachment.name)
alen = len(name)
extension = name[alen-3:alen]

if extension == "png":
    attachment.created == False
    log.error("deleted png")
else:
    log.error("no png")

Hi Guido,

I've followed up with the team to see if there is a way to essentially "delete" an attachment.

In the meantime, is there a specific script or playbook that is adding these .png files as attachments when the case gets created? Or a script or playbook that is enriching the case with these attachments? If there is an existing script or playbook that is actually adding these attachments to begin with, you may find it easier to add a condition in there to check if the incoming attachment type is .png and, if so, skip the process of adding the attachment in the first place.

Hope this helps.

Hi,

Is there a possibility (in Python3 scripts preferably) to disallow or block adding attachments of specific file types (e.g. ".png") to an incident or task? I experimented with the following, which does "run" without any problem - triggered by a rule on "attachment is created", but it does not "delete" the attachment.

Script on object type "attachment"

# Do not allow attachments  .png extensions are discarded
name = str(attachment.name)
alen = len(name)
extension = name[alen-3:alen]

if extension == "png":
    attachment.created == False
    log.error("deleted png")
else:
    log.error("no png")

Hi Guido,

There is no way to "delete" attachments from a script the way that you have described. Additionally, you may have meant to use `attachment.created = False` instead of `==` to try to set that value to be False, but this will still fail because attachment.created is a timestamp and read-only.

The best course of action for you may be to identify which script is creating or enriching the case with these attachments in the first place and filter out the `.png` files there.

Hope this helps.

Hi Guido,

I've followed up with the team to see if there is a way to essentially "delete" an attachment.

In the meantime, is there a specific script or playbook that is adding these .png files as attachments when the case gets created? Or a script or playbook that is enriching the case with these attachments? If there is an existing script or playbook that is actually adding these attachments to begin with, you may find it easier to add a condition in there to check if the incoming attachment type is .png and, if so, skip the process of adding the attachment in the first place.

Hope this helps.

Hi,

Is there a possibility (in Python3 scripts preferably) to disallow or block adding attachments of specific file types (e.g. ".png") to an incident or task? I experimented with the following, which does "run" without any problem - triggered by a rule on "attachment is created", but it does not "delete" the attachment.

Script on object type "attachment"

# Do not allow attachments  .png extensions are discarded
name = str(attachment.name)
alen = len(name)
extension = name[alen-3:alen]

if extension == "png":
    attachment.created == False
    log.error("deleted png")
else:
    log.error("no png")

Hi - Sorry for the late reply.

Thanks for you input. The attachments are not created by a script. We wanted to avoid users being able to add (manually) .png attachments. 
I understand that there is no solution to this issue now.

Hi Guido,

There is no way to "delete" attachments from a script the way that you have described. Additionally, you may have meant to use `attachment.created = False` instead of `==` to try to set that value to be False, but this will still fail because attachment.created is a timestamp and read-only.

The best course of action for you may be to identify which script is creating or enriching the case with these attachments in the first place and filter out the `.png` files there.

Hope this helps.

Hi Guido,

I've followed up with the team to see if there is a way to essentially "delete" an attachment.

In the meantime, is there a specific script or playbook that is adding these .png files as attachments when the case gets created? Or a script or playbook that is enriching the case with these attachments? If there is an existing script or playbook that is actually adding these attachments to begin with, you may find it easier to add a condition in there to check if the incoming attachment type is .png and, if so, skip the process of adding the attachment in the first place.

Hope this helps.

Hi,

Is there a possibility (in Python3 scripts preferably) to disallow or block adding attachments of specific file types (e.g. ".png") to an incident or task? I experimented with the following, which does "run" without any problem - triggered by a rule on "attachment is created", but it does not "delete" the attachment.

Script on object type "attachment"

# Do not allow attachments  .png extensions are discarded
name = str(attachment.name)
alen = len(name)
extension = name[alen-3:alen]

if extension == "png":
    attachment.created == False
    log.error("deleted png")
else:
    log.error("no png")