Lars/shinkan-jinkendo
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 3 Wiki Activity

feat: implement dynamic upload limits for exercise media
Some checks failed
Deploy Development / deploy (push) Successful in 33s
Details
Test Suite / lint-backend (push) Successful in 1s
Details
Test Suite / build-frontend (push) Successful in 6s
Details
Test Suite / playwright-tests (push) Failing after 1m54s
Details

Browse Source 
- Introduced role-based upload limits for exercise media, allowing users to upload up to 1 MB while admins and superadmins can upload up to 1024 MB.
- Updated the media upload logic to enforce these limits, enhancing the flexibility and control over media management in the application.
This commit is contained in:
Lars 2026-04-28 13:56:26 +02:00
parent 91b3fec5cc
commit 756263bad4
1 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
backend/routers/exercises.py
View File

@ -70,12 +70,23 @@ def normalize_exercise_skill_level(value) -> Optional[str]:
MEDIA_ROOT = Path(os.getenv("MEDIA_ROOT", str(Path(__file__).resolve().parent.parent / "media")))
MAX_EXERCISE_MEDIA = 10
MAX_UPLOAD_BYTES = 50 * 1024 * 1024
# Upload-Limits (Übungs-Medien): Trainer wie bisher kleiner; Admin/Superadmin höheres Limit für große Videos
_MAX_UPLOAD_MB_USER = max(1, int(os.getenv("EXERCISE_MEDIA_MAX_UPLOAD_MB", "50")))
_MAX_UPLOAD_MB_ADMIN = max(_MAX_UPLOAD_MB_USER, int(os.getenv("EXERCISE_MEDIA_ADMIN_MAX_UPLOAD_MB", "1024")))
MAX_UPLOAD_BYTES_USER = _MAX_UPLOAD_MB_USER * 1024 * 1024
MAX_UPLOAD_BYTES_ADMIN = _MAX_UPLOAD_MB_ADMIN * 1024 * 1024
ALLOWED_UPLOAD_MIMES = frozenset(
{"image/jpeg", "image/png", "image/gif", "video/mp4", "application/pdf"}
)
def _upload_limit_bytes(session: dict) -> int:
role = session.get("role") or ""
if role in ("admin", "superadmin"):
return MAX_UPLOAD_BYTES_ADMIN
return MAX_UPLOAD_BYTES_USER
# ============================================================================
# Pydantic Models
# ============================================================================
@ -1201,10 +1212,11 @@ async def upload_exercise_media(
)
else:
raw = await file.read()
if len(raw) > MAX_UPLOAD_BYTES:
max_upload = _upload_limit_bytes(session)
if len(raw) > max_upload:
raise HTTPException(
status_code=413,
detail=f"Datei zu groß (max. {MAX_UPLOAD_BYTES // (1024 * 1024)} MB)",
detail=f"Datei zu groß (max. {max_upload // (1024 * 1024)} MB)",
)
mime = file.content_type or ""
if mime not in ALLOWED_UPLOAD_MIMES: