Home Original page

FOUR-21235 | Enforce File Upload Limit When Using Chunked File Upload Component by mcraeteisha · Pull Request #7975 · ProcessMaker/processmaker

Issue

Ticket: FOUR-21235

This PR implements FileSizeCheck middleware to enforce file upload limits for chunked uploads processed by vue-simple-uploader and laravel-chunk-upload. The middleware compares the file size against user-specific limits set in app.php.

Solution

  • Implement FileCheckMiddleware in processmaker
  • Set maximum file size limits in app.php

How to Test

  1. Go to branch task/FOUR-21235 in processmaker.
  2. Attempt to hit any of the following routes with a file size that exceeds your max file size limits in app.php:
    • Create a Screen with a File Upload component → Add the Screen to a Process Task → Run the Process → Upload a File
      • https://processmaker.test/api/1.0/requests/{request}/files
    • Import a Process
      • https://processmaker.test/api/1.0/processes/import/validation
    • Import a Project
      • https://processmaker.test/api/1.0/projects/import/validation
    • Import a PM Block
      • https://processmaker.test/api/1.0/pm-blocks/import/validation
    • Import a Collection
      • https://processmaker.test/collections/import-chunked
    • Import a Screen
      • https://processmaker.test/api/1.0/screens/import
    • Import a Decision Table
      • https://processmaker.test/designer/decision-tables/import-chunked
    • Go to Admin → File Manager → Public Files → Upload a Public File
      • https://processmaker.test/api/1.0/file-manager
  • If you don't have a file that exceeds the upload_max_filesize, such as a really large Collection or Screen, you can test to ensure that no errors are thrown when hitting these endpoints. But for the File Upload control in a Screen and the Public File upload, you should be able to upload any type of large file to test the functionality of the middleware.

ci:package-collections:task/FOUR-21235-b

Code Review Checklist

  • I have pulled this code locally and tested it on my instance, along with any associated packages.
  • This code adheres to ProcessMaker Coding Guidelines.
  • This code includes a unit test or an E2E test that tests its functionality, or is covered by an existing test.
  • This solution fixes the bug reported in the original ticket.
  • This solution does not alter the expected output of a component in a way that would break existing Processes.
  • This solution does not implement any breaking changes that would invalidate documentation or cause existing Processes to fail.
  • This solution has been tested with enterprise packages that rely on its functionality and does not introduce bugs in those packages.
  • This code does not duplicate functionality that already exists in the framework or in ProcessMaker.
  • This ticket conforms to the PRD associated with this part of ProcessMaker.