mirror of
https://github.com/scinote-eln/scinote-web.git
synced 2024-12-27 10:14:17 +08:00
Merge pull request #1966 from okriuchykhin/ok_SCI_3681
Enforce file size limits for direct uploads on S3 [SCI-3681]
This commit is contained in:
commit
328f8dd8a0
2 changed files with 15 additions and 1 deletions
|
@ -31,7 +31,7 @@ class Users::RegistrationsController < Devise::RegistrationsController
|
|||
end
|
||||
elsif params.include? :change_avatar
|
||||
params.delete(:change_avatar)
|
||||
if !params.include?(:avatar)
|
||||
if !params.include?(:avatar) || (params[:avatar].length > Constants::AVATAR_MAX_SIZE_MB.megabytes * 2)
|
||||
resource.errors.add(:avatar, :blank)
|
||||
false
|
||||
else
|
||||
|
|
|
@ -113,6 +113,8 @@ module ActiveStorage
|
|||
end
|
||||
|
||||
def url_for_direct_upload(key, expires_in:, content_type:, content_length:, checksum:)
|
||||
raise ActiveStorage::IntegrityError if content_length > Rails.configuration.x.file_max_size_mb.megabytes
|
||||
|
||||
instrument :url, key: key do |payload|
|
||||
generated_url = object_for(key).presigned_url :put, expires_in: expires_in.to_i,
|
||||
content_type: content_type, content_length: content_length, content_md5: checksum
|
||||
|
@ -169,4 +171,16 @@ module ActiveStorage
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
module S3SignerModifier
|
||||
def build_signer(cfg)
|
||||
signer = super(cfg)
|
||||
signer.unsigned_headers.delete('content-length')
|
||||
signer
|
||||
end
|
||||
end
|
||||
|
||||
Aws::S3::Presigner.class_eval do
|
||||
prepend S3SignerModifier
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue