From 99f4cdcdad027adcbfd36ae074a0a3f2cce6f702 Mon Sep 17 00:00:00 2001
From: Juan Tejada <juans.tejada@gmail.com>
Date: Fri, 13 Jan 2017 19:01:57 -0800
Subject: [PATCH] fix(send): Impose stricter attachment size limits on send

Summary: See title

Test Plan: Manual

Reviewers: jackie, halla, evan

Reviewed By: halla, evan

Differential Revision: https://phab.nylas.com/D3670
---
 src/K2                                |  2 +-
 src/flux/stores/file-upload-store.es6 | 36 +++++++++++++++++----------
 2 files changed, 24 insertions(+), 14 deletions(-)

diff --git a/src/K2 b/src/K2
index f141b7253..239aa6120 160000
--- a/src/K2
+++ b/src/K2
@@ -1 +1 @@
-Subproject commit f141b7253a66d966c043bf0c33539ad2c1e8d308
+Subproject commit 239aa612095facabd0386762459da45b09e749c2
diff --git a/src/flux/stores/file-upload-store.es6 b/src/flux/stores/file-upload-store.es6
index 3a65add4f..3dc9e7157 100644
--- a/src/flux/stores/file-upload-store.es6
+++ b/src/flux/stores/file-upload-store.es6
@@ -68,8 +68,15 @@ class FileUploadStore extends NylasStore {
     .catch(() => Promise.reject(new Error(`${filePath} could not be found, or has invalid file permissions.`)));
   }
 
-  _prepareTargetDir(upload) {
-    return mkdirpAsync(upload.targetDir).thenReturn(upload);
+  async _getTotalDirSize(dirpath) {
+    const items = await fs.readdirAsync(dirpath)
+    let total = 0
+    for (const filename of items) {
+      const filepath = path.join(dirpath, filename)
+      const stats = await this._getFileStats(filepath)
+      total += stats.size
+    }
+    return total
   }
 
   _copyUpload(upload) {
@@ -148,20 +155,23 @@ class FileUploadStore extends NylasStore {
     this._assertIdPresent(messageClientId);
 
     return this._getFileStats(filePath)
-    .then((stats) => {
+    .then(async (stats) => {
       const upload = new Upload({messageClientId, filePath, stats, inline});
       if (stats.isDirectory()) {
-        return Promise.reject(new Error(`${upload.filename} is a directory. Try compressing it and attaching it again.`));
-      } else if (stats.size > 25 * 1000000) {
-        return Promise.reject(new Error(`${upload.filename} cannot be attached because it is larger than 25MB.`));
+        throw new Error(`${upload.filename} is a directory. Try compressing it and attaching it again.`);
+      } else if (stats.size > 15 * 1000000) {
+        throw new Error(`${upload.filename} cannot be attached because it is larger than 5MB.`);
       }
-      return Promise.resolve(upload);
-    })
-    .then((upload) => this._prepareTargetDir(upload))
-    .then((upload) => this._copyUpload(upload))
-    .then((upload) => {
-      return this._applySessionChanges(upload.messageClientId, (uploads) => uploads.concat([upload]))
-      .then(() => onUploadCreated(upload));
+      await mkdirpAsync(upload.targetDir)
+
+      const totalSize = await this._getTotalDirSize(upload.targetDir)
+      if (totalSize >= 15 * 1000000) {
+        throw new Error(`Can't upload more than 15MB of attachments`);
+      }
+
+      await this._copyUpload(upload)
+      await this._applySessionChanges(upload.messageClientId, (uploads) => uploads.concat([upload]))
+      onUploadCreated(upload)
     })
     .catch(this._onAttachFileError);
   }