FEATURE: add system_user_max_attachment_size_kb site setting (#28351)

* System user attachment size WIP

* spec check

* controller update

* add max to system_user_max_attachment_size_kb

* DEV: update to use static method for `max_attachment_size_for_user`

add test to use large image.
add check for failure.

* DEV: update `system_user_max_attachment_size_kb` default value to 0

remove unecessary test.
update tests to reflect the new default value of `system_user_max_attachment_size_kb`

* DEV: update maximum_file_size to check when is an attachment made by a system user

Add tests for when `system_user_max_attachment_size_kb` is over and under the limit
Add test for checking interaction with `max_attachment_size_kb`

* DEV: move `max_attachment_size_for_user` to private methods

* DEV: turn `max_attachment_size_for_user` into a static method

* DEV: typo in test case

* DEV: move max_attachment_size_for_user to private class method

* Revert "DEV: move max_attachment_size_for_user to private class method"

This reverts commit 5d5ae0b715de7c3453dc1392df299ef3bb58990c.

---------

Co-authored-by: Gabriel Grubba <gabriel@discourse.org>
This commit is contained in:
Guhyoun Nam
2024-08-16 09:03:39 -05:00
committed by GitHub
parent a59c89211b
commit 9c1812e071
4 changed files with 94 additions and 5 deletions

View File

@ -25,7 +25,6 @@ class UploadsController < ApplicationController
def create
# capture current user for block later on
me = current_user
RateLimiter.new(
current_user,
"uploads-per-minute",
@ -228,7 +227,7 @@ class UploadsController < ApplicationController
"upload.attachments.too_large_humanized",
max_size:
ActiveSupport::NumberHelper.number_to_human_size(
SiteSetting.max_attachment_size_kb.kilobytes,
UploadsController.max_attachment_size_for_user(current_user).kilobytes,
),
),
)
@ -277,7 +276,7 @@ class UploadsController < ApplicationController
if url.present? && is_api
maximum_upload_size = [
SiteSetting.max_image_size_kb,
SiteSetting.max_attachment_size_kb,
UploadsController.max_attachment_size_for_user(current_user),
].max.kilobytes
tempfile =
begin
@ -319,12 +318,20 @@ class UploadsController < ApplicationController
private
def self.max_attachment_size_for_user(user)
if user.id == Discourse::SYSTEM_USER_ID && !SiteSetting.system_user_max_attachment_size_kb.zero?
SiteSetting.system_user_max_attachment_size_kb
else
SiteSetting.max_attachment_size_kb
end
end
# We can preemptively check size for attachments, but not for (most) images
# as they may be further reduced in size by UploadCreator (at this point
# they may have already been reduced in size by preprocessors)
def attachment_too_big?(file_name, file_size)
!FileHelper.is_supported_image?(file_name) &&
file_size >= SiteSetting.max_attachment_size_kb.kilobytes
file_size >= UploadsController.max_attachment_size_for_user(current_user).kilobytes
end
# Gifs are not resized on the client and not reduced in size by UploadCreator