self-hosted/joplin
1
0
Fork 0
mirror of https://github.com/laurent22/joplin.git synced 2024-11-24 08:12:24 +02:00
Code Issues Releases Activity

Server: Renamed users.item_max_size => users.max_item_size

Browse Source
This commit is contained in:
Laurent Cozic 2021-05-18 15:11:03 +02:00
parent dc2cdb7d3a
commit e6c4eb7cdf
9 changed files with 17 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
packages/server/schema.sqlite
View File

Binary file not shown.

6
packages/server/src/db.ts
View File

@ -275,7 +275,8 @@ export interface User extends WithDates, WithUuid {
password?: string;
full_name?: string;
is_admin?: number;
item_max_size?: number;
max_item_size?: number;
max_share_recipients?: number;
}
export interface Session extends WithDates, WithUuid {
@ -378,7 +379,8 @@ export const databaseSchema: DatabaseTables = {
is_admin: { type: 'number' },
updated_time: { type: 'string' },
created_time: { type: 'string' },
item_max_size: { type: 'number' },
max_item_size: { type: 'number' },
max_share_recipients: { type: 'number' },
},
sessions: {
id: { type: 'string' },

2
packages/server/src/migrations/20210517173042_user_item_size_limit.ts
View File

@ -3,7 +3,7 @@ import { DbConnection } from '../db';
export async function up(db: DbConnection): Promise<any> {
await db.schema.alterTable('users', function(table: Knex.CreateTableBuilder) {
table.integer('item_max_size').defaultTo(0).notNullable();
table.integer('max_item_size').defaultTo(0).notNullable();
});
}

4
packages/server/src/models/ItemModel.ts
View File

@ -330,12 +330,12 @@ export default class ItemModel extends BaseModel<Item> {
// If the item is encrypted, we apply a multipler because encrypted
// items can be much larger (seems to be up to twice the size but for
// safety let's go with 2.2).
const maxSize = user.item_max_size * (item.jop_encryption_applied ? 2.2 : 1);
const maxSize = user.max_item_size * (item.jop_encryption_applied ? 2.2 : 1);
if (maxSize && buffer.byteLength > maxSize) {
throw new ErrorPayloadTooLarge(_('Cannot save %s "%s" because it is larger than than the allowed limit (%s)',
isNote ? _('note') : _('attachment'),
itemTitle ? itemTitle : name,
prettyBytes(user.item_max_size)
prettyBytes(user.max_item_size)
));
}

4
packages/server/src/models/UserModel.ts
View File

@ -29,7 +29,7 @@ export default class UserModel extends BaseModel<User> {
if ('password' in object) user.password = object.password;
if ('is_admin' in object) user.is_admin = object.is_admin;
if ('full_name' in object) user.full_name = object.full_name;
if ('item_max_size' in object) user.item_max_size = object.item_max_size;
if ('max_item_size' in object) user.max_item_size = object.max_item_size;
return user;
}
@ -56,7 +56,7 @@ export default class UserModel extends BaseModel<User> {
if (!user.is_admin && resource.id !== user.id) throw new ErrorForbidden('non-admin user cannot modify another user');
if (!user.is_admin && 'is_admin' in resource) throw new ErrorForbidden('non-admin user cannot make themselves an admin');
if (user.is_admin && user.id === resource.id && 'is_admin' in resource && !resource.is_admin) throw new ErrorForbidden('admin user cannot make themselves a non-admin');
if (!user.is_admin && resource.item_max_size !== previousResource.item_max_size) throw new ErrorForbidden('non-admin user cannot change item_max_size');
if (!user.is_admin && resource.max_item_size !== previousResource.max_item_size) throw new ErrorForbidden('non-admin user cannot change max_item_size');
}
if (action === AclAction.Delete) {

6
packages/server/src/routes/api/items.test.ts
View File

@ -243,7 +243,7 @@ describe('api_items', function() {
const { user: user1, session: session1 } = await createUserAndSession(1);
{
await models().user().save({ id: user1.id, item_max_size: 4 });
await models().user().save({ id: user1.id, max_item_size: 4 });
await expectHttpError(
async () => createNote(session1.id, {
@ -254,7 +254,7 @@ describe('api_items', function() {
}
{
await models().user().save({ id: user1.id, item_max_size: 1000 });
await models().user().save({ id: user1.id, max_item_size: 1000 });
await expectNoHttpError(
async () => createNote(session1.id, {
@ -265,7 +265,7 @@ describe('api_items', function() {
}
{
await models().user().save({ id: user1.id, item_max_size: 0 });
await models().user().save({ id: user1.id, max_item_size: 0 });
await expectNoHttpError(
async () => createNote(session1.id, {

4
packages/server/src/routes/index/users.test.ts
View File

@ -181,8 +181,8 @@ describe('index_users', function() {
// cannot delete own user
await expectHttpError(async () => execRequest(adminSession.id, 'POST', `users/${admin.id}`, { delete_button: true }), ErrorForbidden.httpCode);
// non-admin cannot change item_max_size
await expectHttpError(async () => patchUser(session1.id, { id: admin.id, item_max_size: 1000 }), ErrorForbidden.httpCode);
// non-admin cannot change max_item_size
await expectHttpError(async () => patchUser(session1.id, { id: admin.id, max_item_size: 1000 }), ErrorForbidden.httpCode);
});

4
packages/server/src/routes/index/users.ts
View File

@ -16,7 +16,7 @@ function makeUser(isNew: boolean, fields: any): User {
if ('email' in fields) user.email = fields.email;
if ('full_name' in fields) user.full_name = fields.full_name;
if ('is_admin' in fields) user.is_admin = fields.is_admin;
if ('item_max_size' in fields) user.item_max_size = fields.item_max_size;
if ('max_item_size' in fields) user.max_item_size = fields.max_item_size;
if (fields.password) {
if (fields.password !== fields.password2) throw new ErrorUnprocessableEntity('Passwords do not match');
@ -48,7 +48,7 @@ router.get('users', async (_path: SubPath, ctx: AppContext) => {
view.content.users = users.map(user => {
return {
...user,
formattedItemMaxSize: user.item_max_size ? prettyBytes(user.item_max_size) : '∞',
formattedItemMaxSize: user.max_item_size ? prettyBytes(user.max_item_size) : '∞',
};
});
return view;

2
packages/server/src/views/index/user.mustache
View File

@ -18,7 +18,7 @@
<div class="field">
<label class="label">Max item size</label>
<div class="control">
<input class="input" type="number" name="item_max_size" value="{{user.item_max_size}}"/>
<input class="input" type="number" name="max_item_size" value="{{user.max_item_size}}"/>
</div>
</div>
{{/global.owner.is_admin}}