FileYard checks the file size against max_upload_size attribute

2005-02-21 14:00:00 +00:00 · 2005-02-21 14:00:00 +00:00 · 6ee7514fb3
commit 6ee7514fb3
parent 217dbdafdc
2 changed files with 42 additions and 1 deletions
--- a/app/models/file_yard.rb
+++ b/app/models/file_yard.rb
@ -16,9 +16,12 @@ class FileYard
    sanitize_file_name(name)
    if io.kind_of?(Tempfile)
      io.close
+      check_upload_size(io.size)
      FileUtils.mv(io.path, file_path(name))
    else
-      File.open(file_path(name), 'wb') { |f| f.write(io.read) }
+      content = io.read
+      check_upload_size(content.length)
+      File.open(file_path(name), 'wb') { |f| f.write(content) }
    end
    # just in case, restrict read access and prohibit write access to the uploaded file
    FileUtils.chmod(0440, file_path(name))
@ -44,5 +47,12 @@ class FileYard
            "Only latin characters, digits, dots, underscores and dashes are accepted.")
    end
  end
+  
+  def check_upload_size(actual_upload_size)
+    if actual_upload_size > @max_upload_size.kilobytes
+      raise Instiki::ValidationError.new("Uploaded file size (#{actual_upload_size / 1024} " + 
+              "kbytes) exceeds the maximum (#{@max_upload_size} kbytes) set for this wiki")
+    end
+  end

 end