You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2019/10/16 19:15:33 UTC
[airavata-django-portal] 01/02: AIRAVATA-3081 enforce max file size
in tus upload finisher
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git
commit 4821097487d60f1ec4b8887c52a8ca604fbca2d7
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Wed Oct 16 12:56:26 2019 -0400
AIRAVATA-3081 enforce max file size in tus upload finisher
---
django_airavata/apps/api/exceptions.py | 7 +++++++
django_airavata/apps/api/tus.py | 8 ++++++++
django_airavata/apps/api/views.py | 15 +++++++++------
3 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/django_airavata/apps/api/exceptions.py b/django_airavata/apps/api/exceptions.py
index e95eee8..59d5271 100644
--- a/django_airavata/apps/api/exceptions.py
+++ b/django_airavata/apps/api/exceptions.py
@@ -1,6 +1,7 @@
import logging
from django.core.exceptions import ObjectDoesNotExist
+from django.http import JsonResponse
from rest_framework import status
from rest_framework.response import Response
from rest_framework.views import exception_handler
@@ -52,3 +53,9 @@ def custom_exception_handler(exc, context):
)
return response
+
+
+# For non-Django REST Framework error responses
+def generic_json_exception_response(
+ exc, status=status.HTTP_500_INTERNAL_SERVER_ERROR):
+ return JsonResponse({'detail': str(exc)}, status=status)
diff --git a/django_airavata/apps/api/tus.py b/django_airavata/apps/api/tus.py
index c9cf64a..41d7640 100644
--- a/django_airavata/apps/api/tus.py
+++ b/django_airavata/apps/api/tus.py
@@ -23,6 +23,14 @@ def move_tus_upload(upload_url, move_function):
logger.debug(f"upload_bin_path={upload_bin_path}")
upload_info_path = os.path.join(settings.TUS_DATA_DIR,
f"{upload_uuid}.info")
+ if os.path.getsize(upload_bin_path) > settings.FILE_UPLOAD_MAX_FILE_SIZE:
+ error_message = (f"File size of {upload_bin_path} is greater than "
+ f"the max of {settings.FILE_UPLOAD_MAX_FILE_SIZE} "
+ f"bytes")
+ logger.error(error_message)
+ os.remove(upload_bin_path)
+ os.remove(upload_info_path)
+ raise Exception(error_message)
with open(upload_info_path) as upload_info_file:
upload_info = json.load(upload_info_file)
filename = upload_info['MetaData']['filename']
diff --git a/django_airavata/apps/api/views.py b/django_airavata/apps/api/views.py
index 4ba414c..656f620 100644
--- a/django_airavata/apps/api/views.py
+++ b/django_airavata/apps/api/views.py
@@ -46,6 +46,7 @@ from django_airavata.apps.auth.models import EmailVerification
from . import (
data_products_helper,
+ exceptions,
helpers,
models,
output_views,
@@ -910,17 +911,19 @@ def upload_input_file(request):
@login_required
def tus_upload_finish(request):
- log.debug("POST={}".format(request.POST))
uploadURL = request.POST['uploadURL']
def move_input_file(file_path, file_name):
return data_products_helper.move_input_file_upload_from_filepath(
request, file_path, name=file_name)
- data_product = tus.move_tus_upload(uploadURL, move_input_file)
- serializer = serializers.DataProductSerializer(
- data_product, context={'request': request})
- return JsonResponse({'uploaded': True,
- 'data-product': serializer.data})
+ try:
+ data_product = tus.move_tus_upload(uploadURL, move_input_file)
+ serializer = serializers.DataProductSerializer(
+ data_product, context={'request': request})
+ return JsonResponse({'uploaded': True,
+ 'data-product': serializer.data})
+ except Exception as e:
+ return exceptions.generic_json_exception_response(e, status=400)
@login_required