From 01de67b9a4fcdf01102ccc3cb7dc24beebf6c7ea Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Wed, 3 Jan 2018 11:10:40 +0100 Subject: Add avatar max size limit --- server/middlewares/validators/users.ts | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'server/middlewares/validators/users.ts') diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 7c77e9a39..7de3e442c 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts @@ -12,6 +12,7 @@ import { isSignupAllowed } from '../../helpers/utils' import { CONSTRAINTS_FIELDS } from '../../initializers' import { UserModel } from '../../models/account/user' import { areValidationErrors } from './utils' +import Multer = require('multer') const usersAddValidator = [ body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'), @@ -100,7 +101,7 @@ const usersUpdateMeValidator = [ const usersUpdateMyAvatarValidator = [ body('avatarfile').custom((value, { req }) => isAvatarFile(req.files)).withMessage( 'This file is not supported. Please, make sure it is of the following type : ' - + CONSTRAINTS_FIELDS.ACTOR.AVATAR.EXTNAME.join(', ') + + CONSTRAINTS_FIELDS.ACTORS.AVATAR.EXTNAME.join(', ') ), (req: express.Request, res: express.Response, next: express.NextFunction) => { @@ -108,6 +109,14 @@ const usersUpdateMyAvatarValidator = [ if (areValidationErrors(req, res)) return + const imageFile = req.files['avatarfile'][0] as Express.Multer.File + if (imageFile.size > CONSTRAINTS_FIELDS.ACTORS.AVATAR.FILE_SIZE.max) { + res.status(400) + .send({ error: `The size of the avatar is too big (>${CONSTRAINTS_FIELDS.ACTORS.AVATAR.FILE_SIZE.max}).` }) + .end() + return + } + return next() } ] -- cgit v1.2.3