Enforce max upload size #4868
Enforce max upload size #4868
Conversation
✅ Deploy Preview for volto canceled.
|
Passing run #5601 ↗︎
Details:
This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. |
|||||||||||||||
| export const validateFileUploadSize = (file, intlFunc) => { | ||
| const isValid = | ||
| !config.settings.maxFileUploadSize || | ||
| file.size <= config.settings.maxFileUploadSize; | ||
| if (!isValid) { | ||
| toast.error( | ||
| <Toast | ||
| error | ||
| title={intlFunc(messages.error)} | ||
| content={intlFunc(messages.fileTooLarge, { | ||
| limit: `${Math.floor( | ||
| config.settings.maxFileUploadSize / 1024 / 1024, | ||
| )}MB`, | ||
| })} | ||
| />, | ||
| ); | ||
| } | ||
| return isValid; | ||
| }; |
There was a problem hiding this comment.
- May I suggest to distinguish between image files and other files.
- Two limits: one for image files, one for other files
- I think limits should be attributes of the Plone instance, rather than frontend configuration. This info would be available with Use the @navroot and @site controlpanels to render the <title> and the logo #3537 (assuming that every website has a logo ;-) ) together with an enhancement of the site attributes and an enhancement of the restapi endpoint @site.
There was a problem hiding this comment.
Moreover, if this is to be a frontend configuration, I think this setting should be overrideable per-block type too.
There was a problem hiding this comment.
Moreover, if this is to be a frontend configuration, I think this setting should be overrideable per-block type too.
Do you think this is necessary? I think restricting the upload size is just for preventing the users to upload big high resolution photos for small teaser images. It is unrelated to the actual scaling for rendering.
There was a problem hiding this comment.
I may want to restrict the file size in a given block, not only for images, but for files. Think on files that can be downloaded or whatever.
There was a problem hiding this comment.
@ksuess @erral My goal here is to implement a simple, optional catch-all limit on file uploads for the entire volto installation. I agree there are lots of possible use cases where limits with a more specific scope might be needed, but frankly, my client just wants one limit everywhere and I don't have time to implement all the complexity you are bringing up at the moment.
Fortunately, I think what I've implemented here is forward-compatible with adding more specific limits later, as people have time to work on it. I think the roadmap would look something like this:
- In the backend, add a way to specify a limit on a specific NamedBlobFile/NamedBlobImage field. If it's not specified, fall back to a sitewide limit from the registry. Expose the field-specific limit in the schema API service, and the sitewide limit in the site API service.
- Make the volto FileWidget use the limit from the schema when it is specified, otherwise fall back to the sitewide limit from the site service, otherwise fall back to the limit from config.settings.
- Add a block-level limit to blocks that accept file uploads without using the FileWidget. Use it if specified, otherwise fall back to site and global settings in the same way.
With that plan in mind, are you okay with adding what I have in this PR, as a first step?
Co-authored-by: Timo Stollenwerk <stollenwerk@kitconcept.com>
* master: Release 17.0.0-alpha.13 Enforce max upload size (#4868) Fix and improve the `addStyling` helper (#4880) Release 17.0.0-alpha.12 Fix regression in horizontal scroll in contents view, add it back (#4872) Configurable Container component from registry for some key route views. (#4871) Allow to deselect color in ColorPickerWidget. (#4839)
* master: Release 17.0.0-alpha.14 Linked headlines (#3540) Release notes for 16.20.8 16.21.0 16.21.1 (#4910) Spanish translation (#4896) Refactor Anontools (#4845) Update to plone-backend 6.0.5 (#4897) Release 17.0.0-alpha.13 Enforce max upload size (#4868) Fix and improve the `addStyling` helper (#4880) Release 17.0.0-alpha.12 Fix regression in horizontal scroll in contents view, add it back (#4872) Configurable Container component from registry for some key route views. (#4871) Allow to deselect color in ColorPickerWidget. (#4839) Release 17.0.0-alpha.11 Pagination with router params (#4698) Release 17.0.0-alpha.10 feat(slate): Add css identifier to slate style menu options (#4847) Update Brazilian Portuguese translations (Fixes #4853) Convert header class to function (#4767)
* master: (29 commits) Remove anonymous function calls. Remove default exports from. (#4917) Release 17.0.0-alpha.14 Linked headlines (#3540) Release notes for 16.20.8 16.21.0 16.21.1 (#4910) Spanish translation (#4896) Refactor Anontools (#4845) Update to plone-backend 6.0.5 (#4897) Release 17.0.0-alpha.13 Enforce max upload size (#4868) Fix and improve the `addStyling` helper (#4880) Release 17.0.0-alpha.12 Fix regression in horizontal scroll in contents view, add it back (#4872) Configurable Container component from registry for some key route views. (#4871) Allow to deselect color in ColorPickerWidget. (#4839) Release 17.0.0-alpha.11 Pagination with router params (#4698) Release 17.0.0-alpha.10 feat(slate): Add css identifier to slate style menu options (#4847) Update Brazilian Portuguese translations (Fixes #4853) Convert header class to function (#4767) ...
Add a config setting
maxFileUploadSize, and check it when files are selected for upload.If anyone has an idea about how to do this in a more centralized way, please let me know!