diff --git a/services/web/app/coffee/Features/Uploads/UploadsRouter.coffee b/services/web/app/coffee/Features/Uploads/UploadsRouter.coffee index bf4b9f3ea4..63ad6eb96d 100644 --- a/services/web/app/coffee/Features/Uploads/UploadsRouter.coffee +++ b/services/web/app/coffee/Features/Uploads/UploadsRouter.coffee @@ -1,13 +1,21 @@ SecurityManager = require('../../managers/SecurityManager') AuthenticationController = require('../Authentication/AuthenticationController') ProjectUploadController = require "./ProjectUploadController" +RateLimiterMiddlewear = require('../Security/RateLimiterMiddlewear') module.exports = apply: (webRouter, apiRouter) -> webRouter.post '/project/new/upload', AuthenticationController.requireLogin(), ProjectUploadController.uploadProject + webRouter.post '/Project/:Project_id/upload', + RateLimiterMiddlewear.rateLimit({ + endpointName: "file-upload" + params: ["Project_id"] + maxRequests: 100 + timeInterval: 60 * 20 + }), SecurityManager.requestCanModifyProject, ProjectUploadController.uploadFile diff --git a/services/web/app/views/project/editor/file-tree.jade b/services/web/app/views/project/editor/file-tree.jade index 20654953a6..348b7e1054 100644 --- a/services/web/app/views/project/editor/file-tree.jade +++ b/services/web/app/views/project/editor/file-tree.jade @@ -356,6 +356,7 @@ script(type="text/ng-template", id="uploadFileModalTemplate") h3 #{translate("upload_files")} span .alert.alert-warning.small(ng-if="tooManyFiles") #{translate("maximum_files_uploaded_together", {max:"{{max_files}}"})} + .alert.alert-warning.small(ng-if="rateLimitHit") Too many files uploaded, your uploads have been throttled for short period. .modal-body( fine-upload @@ -369,6 +370,7 @@ script(type="text/ng-template", id="uploadFileModalTemplate") on-complete-callback="onComplete" on-upload-callback="onUpload" on-validate-batch="onValidateBatch" + on-error-callback="onError" params="{'folder_id': parent_folder_id}" ) span #{translate("upload_files")} diff --git a/services/web/public/coffee/directives/fineUpload.coffee b/services/web/public/coffee/directives/fineUpload.coffee index d5a994dd1d..2fad1acf17 100644 --- a/services/web/public/coffee/directives/fineUpload.coffee +++ b/services/web/public/coffee/directives/fineUpload.coffee @@ -15,6 +15,7 @@ define [ onCompleteCallback: "=" onUploadCallback: "=" onValidateBatch: "=" + onErrorCallback: "=" params: "=" } link: (scope, element, attrs) -> @@ -34,6 +35,7 @@ define [ onComplete = scope.onCompleteCallback or () -> onUpload = scope.onUploadCallback or () -> + onError = scope.onErrorCallback or () -> onValidateBatch = scope.onValidateBatch or () -> params = scope.params or {} params._csrf = window.csrfToken @@ -52,6 +54,7 @@ define [ onComplete: onComplete onUpload: onUpload onValidateBatch: onValidateBatch + onError: onError text: text template: """