Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-33766

My private files does not properly handle userquota & maxbytes and empty itself

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 2.3
    • Fix Version/s: 2.4
    • Component/s: Files API
    • Labels:
    • Testing Instructions:
      Hide

      Test pre-requisites

      • Enable Dropbox repository
      • Enable File System repository
      • Enable System files repository
      • Place some files in your private files, and in your course (folder resource for instance)
        • < 1MB file
        • 1, 2, and 3MB files
        • .txt and .jpg ones, even if not real ones.

      You can create files using this command: dd if=/dev/urandom of=NameOfFile.txt bs=1024KB count=1_

      Test #1

      1. Use the attached file test_filemanager.php to test both the editor and the file manager.
      2. For each of the 3 repositories (dropbox, server files and upload), make sure:
        • The maximum number of files is respected
        • The maximum size per file is respected
        • The global size per area is respected
      3. Using Dropbox and Server files, make sure the restriction does not apply to file references

      Test #2

      1. Be destructive
      2. Navigate to your private files and try to bypass the limits
      3. Navigate to any other editor/file manager and try to be bypass the limits

      Known issues:

      • The editor does not support maxfiles.
      • Hacking the ajax request would allow files to be uploaded to the draft area, although they would not be saved when submitting the form
      Show
      Test pre-requisites Enable Dropbox repository Enable File System repository Enable System files repository Place some files in your private files, and in your course (folder resource for instance) < 1MB file 1, 2, and 3MB files .txt and .jpg ones, even if not real ones. You can create files using this command: dd if=/dev/urandom of=NameOfFile.txt bs=1024KB count=1 _ Test #1 Use the attached file test_filemanager.php to test both the editor and the file manager. For each of the 3 repositories (dropbox, server files and upload), make sure : The maximum number of files is respected The maximum size per file is respected The global size per area is respected Using Dropbox and Server files, make sure the restriction does not apply to file references Test #2 Be destructive Navigate to your private files and try to bypass the limits Navigate to any other editor/file manager and try to be bypass the limits Known issues: The editor does not support maxfiles. Hacking the ajax request would allow files to be uploaded to the draft area, although they would not be saved when submitting the form
    • Affected Branches:
      MOODLE_23_STABLE
    • Fixed Branches:
      MOODLE_24_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-33766-master

      Description

      In your private files, you can see 'Maximum size for new files: XXX'. This value is actually the 'userquota' setting where it should be:

      min(array('userquota' - 'used_disk_space', get_user_max_upload_file_size($context, $CFG->maxbytes))).

      The maxbytes setting can be bypassed using the capability 'moodle/course:ignorefilesizelimits'

      To be fixed

      1. Wording of 'Maximum size for new files' (or at least figuring out what it means, cf. MDL-27163)
      2. Upload limit based on maxbytes
      3. Upload limit based on user free disk space as well
      4. When the quota is exceeded, it is not clear that the files are not saved. User could lose all new uploaded files without knowing!

      To replicate

      • Upload a few files to exceed userquota, save your changes, logout, login, files are gone!
      • Play with the upload_max_size, userquota and maxbytes.

        Attachments

        1. patch-01.txt
          18 kB
        2. patch-02.txt
          19 kB
        3. patch-03.txt
          32 kB
        4. patch-04.txt
          33 kB
        5. test_filemanager.php
          2 kB

          Issue Links

            Activity

              People

              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  3/Dec/12