From b7b5e182fa93ee5d689813e7239003828a11edaf Mon Sep 17 00:00:00 2001 From: Karl Hobley Date: Tue, 7 Oct 2014 14:56:46 +0100 Subject: [PATCH] Added image filesize validation --- wagtail/wagtailimages/models.py | 4 ++-- wagtail/wagtailimages/utils/validators.py | 27 +++++++++++++++++++++++ wagtail/wagtailimages/views/multiple.py | 3 ++- 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/wagtail/wagtailimages/models.py b/wagtail/wagtailimages/models.py index fa40e7d9a..36195120d 100644 --- a/wagtail/wagtailimages/models.py +++ b/wagtail/wagtailimages/models.py @@ -23,7 +23,7 @@ from unidecode import unidecode from wagtail.wagtailadmin.taggable import TagSearchable from wagtail.wagtailimages.backends import get_image_backend from wagtail.wagtailsearch import index -from wagtail.wagtailimages.utils.validators import validate_image_format +from wagtail.wagtailimages.utils.validators import validate_image_format, validate_image_filesize from wagtail.wagtailimages.utils.focal_point import FocalPoint from wagtail.wagtailimages.utils.feature_detection import FeatureDetector, opencv_available from wagtail.wagtailadmin.utils import get_object_usage @@ -46,7 +46,7 @@ def get_upload_to(instance, filename): @python_2_unicode_compatible class AbstractImage(models.Model, TagSearchable): title = models.CharField(max_length=255, verbose_name=_('Title') ) - file = models.ImageField(verbose_name=_('File'), upload_to=get_upload_to, width_field='width', height_field='height', validators=[validate_image_format]) + file = models.ImageField(verbose_name=_('File'), upload_to=get_upload_to, width_field='width', height_field='height', validators=[validate_image_format, validate_image_filesize]) width = models.IntegerField(editable=False) height = models.IntegerField(editable=False) created_at = models.DateTimeField(auto_now_add=True) diff --git a/wagtail/wagtailimages/utils/validators.py b/wagtail/wagtailimages/utils/validators.py index 13604a88e..5228cc479 100644 --- a/wagtail/wagtailimages/utils/validators.py +++ b/wagtail/wagtailimages/utils/validators.py @@ -4,6 +4,8 @@ from PIL import Image from django.core.exceptions import ValidationError from django.utils.translation import ugettext_lazy as _ +from django.template.defaultfilters import filesizeformat +from django.conf import settings def validate_image_format(f): @@ -34,3 +36,28 @@ def validate_image_format(f): if image.format.upper() != extension.upper(): raise ValidationError(_("Not a valid %s image. Please use a gif, jpeg or png file with the correct file extension (*.gif, *.jpg or *.png).") % (extension.upper())) + +def get_max_image_filesize(): + return getattr(settings, 'WAGTAILIMAGES_MAX_UPLOAD_SIZE', 10 * 1024 * 1024) + + +def validate_image_filesize(f): + # Get max size + max_size = get_max_image_filesize() + + # Upload size checking can be disabled by setting max upload size to None + if max_size is None: + return + + # Get the filesize + old_position = f.tell() + f.seek(0, 2) + file_size = f.tell() + f.seek(old_position) + + # Check the filesize + if file_size > max_size: + raise ValidationError(_("This file is too big (%s). Image files must not exceed %s.") % ( + filesizeformat(file_size), + filesizeformat(max_size), + )) diff --git a/wagtail/wagtailimages/views/multiple.py b/wagtail/wagtailimages/views/multiple.py index 2fcaa5f58..90d468769 100644 --- a/wagtail/wagtailimages/views/multiple.py +++ b/wagtail/wagtailimages/views/multiple.py @@ -14,7 +14,7 @@ from wagtail.wagtailsearch.backends import get_search_backends from wagtail.wagtailimages.models import get_image_model from wagtail.wagtailimages.forms import get_image_form_for_multi -from wagtail.wagtailimages.utils.validators import validate_image_format +from wagtail.wagtailimages.utils.validators import validate_image_format, validate_image_filesize def json_response(document): @@ -37,6 +37,7 @@ def add(request): # Check that the uploaded file is valid try: validate_image_format(request.FILES['files[]']) + validate_image_filesize(request.FILES['files[]']) except ValidationError as e: return json_response({ 'success': False,