diff --git a/CHANGELOG.md b/CHANGELOG.md index 53baff4b8..05a5fdf29 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ - Ability to configure and export the accounting data to the ACD accounting software - Compute the VAT per item in each invoices, instead of globally - Use Alpine Linux to build the Docker image (#147) +- Ability to set project's CAO attachement maximum upload size - Fix a bug: invoices with total = 0, are marked as paid on site even if paid by card - Fix a bug: after disabling a group, its associated plans are hidden from the interface - Fix a bug: in case of unexpected server error during stripe payment process, the confirm button is not unlocked @@ -11,6 +12,7 @@ - [TODO DEPLOY] `rake db:migrate` - [TODO DEPLOY] -> (only dev) yarn install - [TODO DEPLOY] add `RECAPTCHA_SITE_KEY` and `RECAPTCHA_SECRET_KEY` environment variables (see [doc/environment.md](doc/environment.md) for configuration details) +- [TODO DEPLOY] add `MAX_CAO_SIZE` environment variable (see [doc/environment.md](doc/environment.md) for configuration details) ## v4.1.0 2019 September 12 diff --git a/app/models/asset.rb b/app/models/asset.rb index be970566a..439ee708d 100644 --- a/app/models/asset.rb +++ b/app/models/asset.rb @@ -1,5 +1,8 @@ +# frozen_string_literal: true + require 'file_size_validator' +# Generic class, parent of uploadable items class Asset < ActiveRecord::Base belongs_to :viewable, polymorphic: true end diff --git a/app/models/concerns/image_validator_concern.rb b/app/models/concerns/image_validator_concern.rb index 4ba1c56b5..dde3edf9d 100644 --- a/app/models/concerns/image_validator_concern.rb +++ b/app/models/concerns/image_validator_concern.rb @@ -1,3 +1,7 @@ +# frozen_string_literal: true + +# Validates uploaded images to check that it matches the env parameters +# You must `include ImageValidatorConcern` in your class to use it module ImageValidatorConcern extend ActiveSupport::Concern diff --git a/app/models/project_cao.rb b/app/models/project_cao.rb index a394a7811..de92c7fa7 100644 --- a/app/models/project_cao.rb +++ b/app/models/project_cao.rb @@ -1,6 +1,15 @@ +# frozen_string_literal: true + +# CAO file attached to a project documentation class ProjectCao < Asset mount_uploader :attachment, ProjectCaoUploader - validates :attachment, file_size: { maximum: 20.megabytes.to_i } - validates :attachment, :file_mime_type => { :content_type => ENV['ALLOWED_MIME_TYPES'].split(' ') } + validates :attachment, file_size: { maximum: max_size } + validates :attachment, file_mime_type: { content_type: ENV['ALLOWED_MIME_TYPES'].split(' ') } + + private + + def max_size + Rails.application.secrets.max_cao_size&.to_i || 5.megabytes.to_i + end end diff --git a/app/uploaders/project_cao_uploader.rb b/app/uploaders/project_cao_uploader.rb index fb5e4903e..bb06a27bc 100644 --- a/app/uploaders/project_cao_uploader.rb +++ b/app/uploaders/project_cao_uploader.rb @@ -1,13 +1,13 @@ +# frozen_string_literal: true + +# CarrierWave uploader for project CAO attachments. +# This file defines the parameters for these uploads class ProjectCaoUploader < CarrierWave::Uploader::Base - # Include RMagick or MiniMagick support: - # include CarrierWave::RMagick - #include CarrierWave::MiniMagick include UploadHelper # Choose what kind of storage to use for this uploader: storage :file after :remove, :delete_empty_dirs - # storage :fog # Override the directory where uploaded files will be stored. # This is a sensible default for uploaders that are meant to be mounted: @@ -20,31 +20,9 @@ class ProjectCaoUploader < CarrierWave::Uploader::Base "uploads/#{model.class.to_s.underscore}" end - # Provide a default URL as a default if there hasn't been a file uploaded: - # def default_url - # # For Rails 3.1+ asset pipeline compatibility: - # # ActionController::Base.helpers.asset_path("fallback/" + [version_name, "default.png"].compact.join('_')) - # - # "/images/fallback/" + [version_name, "default.png"].compact.join('_') - # end - - # Process files as they are uploaded: - # process :scale => [200, 300] - # - # def scale(width, height) - # # do something - # end - - # Add a white list of extensions which are allowed to be uploaded. # For images you might use something like this: def extension_white_list ENV['ALLOWED_EXTENSIONS'].split(' ') end - - # Override the filename of the uploaded files: - # Avoid using model.id or version_name here, see uploader/store.rb for details. - #def filename - #"avatar.#{file.extension}" if original_filename - #end end diff --git a/config/application.yml.default b/config/application.yml.default index 9377c0478..cc321d310 100644 --- a/config/application.yml.default +++ b/config/application.yml.default @@ -72,3 +72,5 @@ ALLOWED_MIME_TYPES: application/pdf application/postscript application/illustrat # 10485760 = 10 megabytes MAX_IMAGE_SIZE: '10485760' +# 20971520 = 20 megabytes +MAX_CAO_SIZE: '20971520' diff --git a/config/secrets.yml b/config/secrets.yml index ea41a6de2..178c53c05 100644 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -43,6 +43,7 @@ development: facebook_app_id: <%= ENV["FACEBOOK_APP_ID"] %> elaticsearch_host: <%= ENV["ELASTICSEARCH_HOST"] %> max_image_size: <%= ENV["MAX_IMAGE_SIZE"] %> + max_cao_size: <%= ENV["MAX_CAO_SIZE"] %> disk_space_mb_alert: <%= ENV["DISK_SPACE_MB_ALERT"] %> superadmin_email: <%= ENV["SUPERADMIN_EMAIL"] %> recaptcha_site_key: <%= ENV["RECAPTCHA_SITE_KEY"] %> @@ -81,6 +82,7 @@ test: facebook_app_id: <%= ENV["FACEBOOK_APP_ID"] %> elaticsearch_host: <%= ENV["ELASTICSEARCH_HOST"] %> max_image_size: <%= ENV["MAX_IMAGE_SIZE"] %> + max_cao_size: <%= ENV["MAX_CAO_SIZE"] %> disk_space_mb_alert: <%= ENV["DISK_SPACE_MB_ALERT"] %> superadmin_email: <%= ENV["SUPERADMIN_EMAIL"] %> recaptcha_site_key: <%= ENV["RECAPTCHA_SITE_KEY"] %> @@ -128,6 +130,7 @@ staging: facebook_app_id: <%= ENV["FACEBOOK_APP_ID"] %> elaticsearch_host: <%= ENV["ELASTICSEARCH_HOST"] %> max_image_size: <%= ENV["MAX_IMAGE_SIZE"] %> + max_cao_size: <%= ENV["MAX_CAO_SIZE"] %> disk_space_mb_alert: <%= ENV["DISK_SPACE_MB_ALERT"] %> superadmin_email: <%= ENV["SUPERADMIN_EMAIL"] %> recaptcha_site_key: <%= ENV["RECAPTCHA_SITE_KEY"] %> @@ -177,6 +180,7 @@ production: facebook_app_id: <%= ENV["FACEBOOK_APP_ID"] %> elaticsearch_host: <%= ENV["ELASTICSEARCH_HOST"] %> max_image_size: <%= ENV["MAX_IMAGE_SIZE"] %> + max_cao_size: <%= ENV["MAX_CAO_SIZE"] %> disk_space_mb_alert: <%= ENV["DISK_SPACE_MB_ALERT"] %> superadmin_email: <%= ENV["SUPERADMIN_EMAIL"] %> recaptcha_site_key: <%= ENV["RECAPTCHA_SITE_KEY"] %> diff --git a/doc/environment.md b/doc/environment.md index 907e4fba5..f1948c5c7 100644 --- a/doc/environment.md +++ b/doc/environment.md @@ -153,6 +153,11 @@ Maximum size (in bytes) allowed for image uploaded on the platform. This parameter concerns events, plans, user's avatars, projects and steps of projects. If this parameter is not specified the maximum size allowed will be 2MB. + MAX_CAO_SIZE + +Maximum size (in bytes) allowed for CAO files uploaded on the platform, as project attachments. +If this parameter is not specified, the maximum size allowed will be 5MB. + DISK_SPACE_MB_ALERT Threshold in MB of the minimum free disk space available on the current mount point. diff --git a/docker/env.example b/docker/env.example index 615e4d232..1b361a85f 100644 --- a/docker/env.example +++ b/docker/env.example @@ -74,3 +74,5 @@ ALLOWED_MIME_TYPES=application/pdf application/postscript application/illustrato # 10485760 = 10 megabytes MAX_IMAGE_SIZE=10485760 +# 20971520 = 20 megabytes +MAX_CAO_SIZE = '20971520' diff --git a/test/models/invoicing_profile_test.rb b/test/models/invoicing_profile_test.rb deleted file mode 100644 index 2cf8236d0..000000000 --- a/test/models/invoicing_profile_test.rb +++ /dev/null @@ -1,7 +0,0 @@ -require 'test_helper' - -class InvoicingProfileTest < ActiveSupport::TestCase - # test "the truth" do - # assert true - # end -end