mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-21 01:25:55 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Increased the maximum file size from 16M to 100M and make it configurable

Browse source 
This fixes issue #228
This commit is contained in:
Jan Böhmer 2023-03-02 23:08:14 +01:00
parent 7394a23a83
commit 6fa5efc4ca
5 changed files with 18 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.docker/symfony.conf
View file

@ -27,7 +27,7 @@
# Pass the configuration from the docker env to the PHP environment (here you should list all .env options) # Pass the configuration from the docker env to the PHP environment (here you should list all .env options)
PassEnv APP_ENV APP_DEBUG APP_SECRET PassEnv APP_ENV APP_DEBUG APP_SECRET
PassEnv DATABASE_URL PassEnv DATABASE_URL
PassEnv DEFAULT_LANG DEFAULT_TIMEZONE BASE_CURRENCY INSTANCE_NAME ALLOW_ATTACHMENT_DOWNLOADS USE_GRAVATAR PassEnv DEFAULT_LANG DEFAULT_TIMEZONE BASE_CURRENCY INSTANCE_NAME ALLOW_ATTACHMENT_DOWNLOADS USE_GRAVATAR MAX_ATTACHMENT_FILE_SIZE
PassEnv MAILER_DSN ALLOW_EMAIL_PW_RESET EMAIL_SENDER_EMAIL EMAIL_SENDER_NAME PassEnv MAILER_DSN ALLOW_EMAIL_PW_RESET EMAIL_SENDER_EMAIL EMAIL_SENDER_NAME
PassEnv HISTORY_SAVE_CHANGED_FIELDS HISTORY_SAVE_CHANGED_DATA HISTORY_SAVE_REMOVED_DATA PassEnv HISTORY_SAVE_CHANGED_FIELDS HISTORY_SAVE_CHANGED_DATA HISTORY_SAVE_REMOVED_DATA
PassEnv ERROR_PAGE_ADMIN_EMAIL ERROR_PAGE_SHOW_HELP PassEnv ERROR_PAGE_ADMIN_EMAIL ERROR_PAGE_SHOW_HELP

3
.env
View file

@ -31,6 +31,9 @@ INSTANCE_NAME="Part-DB"
ALLOW_ATTACHMENT_DOWNLOADS=0 ALLOW_ATTACHMENT_DOWNLOADS=0
# Use gravatars for user avatars, when user has no own avatar defined # Use gravatars for user avatars, when user has no own avatar defined
USE_GRAVATAR=0 USE_GRAVATAR=0
# The maximum allowed size for attachment files in bytes (you can use M for megabytes and G for gigabytes)
# Please note that the php.ini setting upload_max_filesize also limits the maximum size of uploaded files
MAX_ATTACHMENT_FILE_SIZE="100M"
################################################################################### ###################################################################################
# Email settings # Email settings

9
config/parameters.yaml
View file

@ -29,9 +29,10 @@ parameters:
###################################################################################################################### ######################################################################################################################
# Attachments and files # Attachments and files
###################################################################################################################### ######################################################################################################################
partdb.attachments.allow_downloads: '%env(bool:ALLOW_ATTACHMENT_DOWNLOADS)%' # Allow users to download attachments to server. Warning: This can be dangerous, because via that feature attackers maybe can access ressources on your intranet! partdb.attachments.allow_downloads: '%env(bool:ALLOW_ATTACHMENT_DOWNLOADS)%' # Allow users to download attachments to server. Warning: This can be dangerous, because via that feature attackers maybe can access ressources on your intranet!
partdb.attachments.dir.media: 'public/media/' # The folder where uploaded attachment files are saved (must be in public folder) partdb.attachments.dir.media: 'public/media/' # The folder where uploaded attachment files are saved (must be in public folder)
partdb.attachments.dir.secure: 'uploads/' # The folder where secured attachment files are saved (must not be in public/) partdb.attachments.dir.secure: 'uploads/' # The folder where secured attachment files are saved (must not be in public/)
partdb.attachments.max_file_size: '%env(string:MAX_ATTACHMENT_FILE_SIZE)%' # The maximum size of an attachment file (in bytes, you can use M for megabytes and G for gigabytes)
###################################################################################################################### ######################################################################################################################
# Error pages # Error pages
@ -95,7 +96,7 @@ parameters:
env(INSTANCE_NAME): 'Part-DB' env(INSTANCE_NAME): 'Part-DB'
env(BASE_CURRENCY): 'EUR' env(BASE_CURRENCY): 'EUR'
env(USE_GRAVATAR): '0' env(USE_GRAVATAR): '0'
env(ALLOW_ATTACHMENT_DOWNLOADS): 0 env(MAX_ATTACHMENT_FILE_SIZE): '100M'
env(ERROR_PAGE_ADMIN_EMAIL): '' env(ERROR_PAGE_ADMIN_EMAIL): ''
env(ERROR_PAGE_SHOW_HELP): 1 env(ERROR_PAGE_SHOW_HELP): 1

1
config/services.yaml
View file

@ -88,6 +88,7 @@ services:
App\Form\AttachmentFormType: App\Form\AttachmentFormType:
arguments: arguments:
$allow_attachments_downloads: '%partdb.attachments.allow_downloads%' $allow_attachments_downloads: '%partdb.attachments.allow_downloads%'
$max_file_size: '%partdb.attachments.max_file_size%'
App\Services\Attachments\AttachmentSubmitHandler: App\Services\Attachments\AttachmentSubmitHandler:
arguments: arguments:

14
src/Form/AttachmentFormType.php
View file

@ -50,13 +50,14 @@ class AttachmentFormType extends AbstractType
protected AttachmentManager $attachment_helper; protected AttachmentManager $attachment_helper;
protected UrlGeneratorInterface $urlGenerator; protected UrlGeneratorInterface $urlGenerator;
protected bool $allow_attachments_download; protected bool $allow_attachments_download;
protected string $max_file_size;
protected Security $security; protected Security $security;
protected AttachmentSubmitHandler $submitHandler; protected AttachmentSubmitHandler $submitHandler;
protected TranslatorInterface $translator; protected TranslatorInterface $translator;
public function __construct(AttachmentManager $attachmentHelper, public function __construct(AttachmentManager $attachmentHelper, UrlGeneratorInterface $urlGenerator,
UrlGeneratorInterface $urlGenerator, Security $security, Security $security, AttachmentSubmitHandler $submitHandler, TranslatorInterface $translator,
bool $allow_attachments_downloads, AttachmentSubmitHandler $submitHandler, TranslatorInterface $translator) bool $allow_attachments_downloads, string $max_file_size)
{ {
$this->attachment_helper = $attachmentHelper; $this->attachment_helper = $attachmentHelper;
$this->urlGenerator = $urlGenerator; $this->urlGenerator = $urlGenerator;
@ -64,6 +65,7 @@ class AttachmentFormType extends AbstractType
$this->security = $security; $this->security = $security;
$this->submitHandler = $submitHandler; $this->submitHandler = $submitHandler;
$this->translator = $translator; $this->translator = $translator;
$this->max_file_size = $max_file_size;
} }
public function buildForm(FormBuilderInterface $builder, array $options): void public function buildForm(FormBuilderInterface $builder, array $options): void
@ -140,8 +142,8 @@ class AttachmentFormType extends AbstractType
if ($attachment instanceof Attachment && $file instanceof UploadedFile && $attachment->getAttachmentType( if ($attachment instanceof Attachment && $file instanceof UploadedFile && $attachment->getAttachmentType(
) && !$this->submitHandler->isValidFileExtension($attachment->getAttachmentType(), $file)) { ) && !$this->submitHandler->isValidFileExtension($attachment->getAttachmentType(), $file)) {
$event->getForm()->get('file')->addError( $event->getForm()->get('file')->addError(
new FormError($this->translator->trans('validator.file_ext_not_allowed')) new FormError($this->translator->trans('validator.file_ext_not_allowed'))
); );
} }
}); });
@ -161,7 +163,7 @@ class AttachmentFormType extends AbstractType
{ {
$resolver->setDefaults([ $resolver->setDefaults([
'data_class' => Attachment::class, 'data_class' => Attachment::class,
'max_file_size' => '16M', 'max_file_size' => $this->max_file_size,
'allow_builtins' => true, 'allow_builtins' => true,
]); ]);
} }