diff options
author | Chocobozzz <me@florianbigard.com> | 2018-01-03 11:10:40 +0100 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-01-03 11:10:40 +0100 |
commit | 01de67b9a4fcdf01102ccc3cb7dc24beebf6c7ea (patch) | |
tree | 9e01809f09adbcd512a8dedf73093a123f88e02c /server/middlewares/validators | |
parent | 47564bbe2eeb2baae9b7e3f9b2b8d16522bc7e04 (diff) | |
download | PeerTube-01de67b9a4fcdf01102ccc3cb7dc24beebf6c7ea.tar.gz PeerTube-01de67b9a4fcdf01102ccc3cb7dc24beebf6c7ea.tar.zst PeerTube-01de67b9a4fcdf01102ccc3cb7dc24beebf6c7ea.zip |
Add avatar max size limit
Diffstat (limited to 'server/middlewares/validators')
-rw-r--r-- | server/middlewares/validators/users.ts | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 7c77e9a39..7de3e442c 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -12,6 +12,7 @@ import { isSignupAllowed } from '../../helpers/utils' | |||
12 | import { CONSTRAINTS_FIELDS } from '../../initializers' | 12 | import { CONSTRAINTS_FIELDS } from '../../initializers' |
13 | import { UserModel } from '../../models/account/user' | 13 | import { UserModel } from '../../models/account/user' |
14 | import { areValidationErrors } from './utils' | 14 | import { areValidationErrors } from './utils' |
15 | import Multer = require('multer') | ||
15 | 16 | ||
16 | const usersAddValidator = [ | 17 | const usersAddValidator = [ |
17 | body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'), | 18 | body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'), |
@@ -100,7 +101,7 @@ const usersUpdateMeValidator = [ | |||
100 | const usersUpdateMyAvatarValidator = [ | 101 | const usersUpdateMyAvatarValidator = [ |
101 | body('avatarfile').custom((value, { req }) => isAvatarFile(req.files)).withMessage( | 102 | body('avatarfile').custom((value, { req }) => isAvatarFile(req.files)).withMessage( |
102 | 'This file is not supported. Please, make sure it is of the following type : ' | 103 | 'This file is not supported. Please, make sure it is of the following type : ' |
103 | + CONSTRAINTS_FIELDS.ACTOR.AVATAR.EXTNAME.join(', ') | 104 | + CONSTRAINTS_FIELDS.ACTORS.AVATAR.EXTNAME.join(', ') |
104 | ), | 105 | ), |
105 | 106 | ||
106 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 107 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
@@ -108,6 +109,14 @@ const usersUpdateMyAvatarValidator = [ | |||
108 | 109 | ||
109 | if (areValidationErrors(req, res)) return | 110 | if (areValidationErrors(req, res)) return |
110 | 111 | ||
112 | const imageFile = req.files['avatarfile'][0] as Express.Multer.File | ||
113 | if (imageFile.size > CONSTRAINTS_FIELDS.ACTORS.AVATAR.FILE_SIZE.max) { | ||
114 | res.status(400) | ||
115 | .send({ error: `The size of the avatar is too big (>${CONSTRAINTS_FIELDS.ACTORS.AVATAR.FILE_SIZE.max}).` }) | ||
116 | .end() | ||
117 | return | ||
118 | } | ||
119 | |||
111 | return next() | 120 | return next() |
112 | } | 121 | } |
113 | ] | 122 | ] |