ENH: refs #0377. Server side validation of upload quota for simpleupload

zachmullen · zachmullen · commit 0c101e533fe1 · 2012-01-11T12:29:33.000-05:00
Also make sure we delete temporary upload file in both the error condition and
the success condition.
diff --git a/core/controllers/UploadController.php b/core/controllers/UploadController.php
@@ -412,14 +412,28 @@ public function saveuploadedAction()
             }
           $parent = $parentDao->getKey();
           }
+        $validations = Zend_Registry::get('notifier')->callback('CALLBACK_CORE_VALIDATE_UPLOAD',
+                                                                array('filename' => $filename,
+                                                                      'size' => $file_size,
+                                                                      'path' => $path,
+                                                                      'folderId' => $parent));
+        foreach($validations as $validation)
+          {
+          if(!$validation['status'])
+            {
+            unlink($path);
+            throw new Zend_Exception($validation['message']);
+            }
+          }
         $item = $this->Component->Upload->createUploadedItem($this->userSession->Dao, $filename, $path, $parent, $license);
+        unlink($path);
         $this->userSession->uploaded[] = $item->getKey();
         }
 
       $info = array();
       $info['name'] = basename($path);
       $info['size'] = $file_size;
-      echo json_encode($info);
+      echo JsonComponent::encode($info);
       }
     }//end saveuploaded
 
diff --git a/modules/sizequota/Notification.php b/modules/sizequota/Notification.php
@@ -95,10 +95,38 @@ public function getSimpleuploadExtraHtml($args)
   /** 
    * Return whether or not the upload is allowed.  If uploading the file
    * will cause the size to surpass the quota, it will be rejected.
+   * @param size Size of the uploaded file
+   * @param folderId The id of the folder being uploaded into
+   * @return array('status' => boolean, 'message' => 'error message if status is false')
    */
   public function validateUpload($args)
     {
-    return true;
+    $modelLoader = new MIDAS_ModelLoader();
+    $folderModel = $modelLoader->loadModel('Folder');
+    $folderQuotaModel = $modelLoader->loadModel('FolderQuota', $this->moduleName);
+
+    $folder = $folderModel->load($args['folderId']);
+    if(!$folder)
+      {
+      return array('status' => false, 'message' => 'Invalid folder id');
+      }
+    $rootFolder = $folderModel->getRoot($folder);
+    $quota = $folderQuotaModel->getFolderQuota($rootFolder);
+    if($quota == '')
+      {
+      return array('status' => true);
+      }
+
+    $freeSpace = $quota - $folderModel->getSize($rootFolder);
+    $uploadSize = $args['size'];
+    if($uploadSize > $freeSpace)
+      {
+      return array('status' => false,
+                   'message' => 'Upload quota exceeded. Free space: '.$freeSpace.
+                                '. Attempted upload size: '.$uploadSize.
+                                ' into folder '.$args['folderId']);
+      }
+    return array('status' => true);
     }
   } //end class
 ?>
