Valdiate that uploaded files not greater than 500 Kb.

Fix #129

Author: cssru

src/main/java/ru/mystamps/web/model/AddImageForm.java

@@ -27,16 +27,21 @@
 
 import ru.mystamps.web.service.dto.AddImageDto;
 import ru.mystamps.web.validation.jsr303.ImageFile;
+import ru.mystamps.web.validation.jsr303.MaxFileSize;
+import ru.mystamps.web.validation.jsr303.MaxFileSize.Unit;
 import ru.mystamps.web.validation.jsr303.NotEmptyFile;
 import ru.mystamps.web.validation.jsr303.NotEmptyFilename;
 
+import static ru.mystamps.web.validation.ValidationRules.MAX_IMAGE_SIZE;
+
 @Getter
 @Setter
 public class AddImageForm implements AddImageDto {
 
 	@NotNull
 	@NotEmptyFilename(groups = Image1Checks.class)
 	@NotEmptyFile(groups = Image2Checks.class)
+	@MaxFileSize(value = MAX_IMAGE_SIZE, unit = Unit.Kbytes, groups = Image3Checks.class)
 	@ImageFile(groups = Image3Checks.class)
 	private MultipartFile image;
 

src/main/java/ru/mystamps/web/model/AddSeriesForm.java

@@ -38,12 +38,15 @@
 import ru.mystamps.web.service.dto.LinkEntityDto;
 import ru.mystamps.web.validation.jsr303.CatalogNumbers;
 import ru.mystamps.web.validation.jsr303.ImageFile;
+import ru.mystamps.web.validation.jsr303.MaxFileSize;
+import ru.mystamps.web.validation.jsr303.MaxFileSize.Unit;
 import ru.mystamps.web.validation.jsr303.NotEmptyFile;
 import ru.mystamps.web.validation.jsr303.NotEmptyFilename;
 import ru.mystamps.web.validation.jsr303.NotNullIfFirstField;
 import ru.mystamps.web.validation.jsr303.Price;
 
 import static ru.mystamps.web.validation.ValidationRules.MAX_DAYS_IN_MONTH;
+import static ru.mystamps.web.validation.ValidationRules.MAX_IMAGE_SIZE;
 import static ru.mystamps.web.validation.ValidationRules.MAX_MONTHS_IN_YEAR;
 import static ru.mystamps.web.validation.ValidationRules.MAX_SERIES_COMMENT_LENGTH;
 import static ru.mystamps.web.validation.ValidationRules.MAX_STAMPS_IN_SERIES;
@@ -118,6 +121,7 @@ public class AddSeriesForm implements AddSeriesDto {
 	@NotNull
 	@NotEmptyFilename(groups = Image1Checks.class)
 	@NotEmptyFile(groups = Image2Checks.class)
+	@MaxFileSize(value = MAX_IMAGE_SIZE, unit = Unit.Kbytes, groups = Image3Checks.class)
 	@ImageFile(groups = Image3Checks.class)
 	private MultipartFile image;
 

src/main/java/ru/mystamps/web/validation/ValidationRules.java

@@ -55,6 +55,9 @@ public final class ValidationRules {
 	public static final int MAX_SERIES_COMMENT_LENGTH = Series.COMMENT_LENGTH;
 	public static final String CATALOG_NUMBERS_REGEXP = "[1-9][0-9]{0,3}(,[1-9][0-9]{0,3})*";
 
+	/** Maximum uploading image size in kilobytes. */
+	public static final long MAX_IMAGE_SIZE = 500;
+	
 	public static final int MAX_DAYS_IN_MONTH = 31;
 	public static final int MAX_MONTHS_IN_YEAR = 12;
 

src/main/java/ru/mystamps/web/validation/jsr303/MaxFileSize.java

@@ -0,0 +1,59 @@
+/*
+ * Copyright (C) 2009-2016 Slava Semushin <slava.semushin@gmail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package ru.mystamps.web.validation.jsr303;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+
+import static java.lang.annotation.ElementType.ANNOTATION_TYPE;
+import static java.lang.annotation.ElementType.FIELD;
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+/**
+ * @author Sergey Chechenev
+ */
+@Target({ METHOD, FIELD, ANNOTATION_TYPE })
+@Retention(RUNTIME)
+@Constraint(validatedBy = MaxFileSizeValidator.class)
+@Documented
+public @interface MaxFileSize {
+	String message() default "{ru.mystamps.web.validation.jsr303.MaxFileSize.message}";
+	Class<?>[] groups() default {};
+	Class<? extends Payload>[] payload() default {};
+	long value();
+	Unit unit();
+	
+	enum Unit {
+		bytes(1), Kbytes(1024), Mbytes(1024 * 1024);
+		
+		private long size;
+		
+		Unit(long size) {
+			this.size = size;
+		}
+		
+		public long getSize() {
+			return size;
+		}
+	}
+}

src/main/java/ru/mystamps/web/validation/jsr303/MaxFileSizeValidator.java

@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2009-2016 Slava Semushin <slava.semushin@gmail.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package ru.mystamps.web.validation.jsr303;
+
+import javax.validation.ConstraintValidator;
+import javax.validation.ConstraintValidatorContext;
+
+import org.springframework.web.multipart.MultipartFile;
+
+/**
+ * @author Sergey Chechenev
+ */
+public class MaxFileSizeValidator implements ConstraintValidator<MaxFileSize, MultipartFile> {
+	private long maxFileSizeInBytes;
+	
+	@Override
+	public void initialize(MaxFileSize annotation) {
+		maxFileSizeInBytes = annotation.value() * annotation.unit().getSize();
+	}
+	
+	@Override
+	public boolean isValid(MultipartFile file, ConstraintValidatorContext context) {
+		
+		if (file == null) {
+			return true;
+		}
+		
+		return file.getSize() <= maxFileSizeInBytes;
+	}
+}

src/main/resources/ru/mystamps/i18n/ValidationMessages.properties

@@ -17,6 +17,7 @@ ru.mystamps.web.validation.jsr303.CatalogNumbers.message = Value must be comma d
 ru.mystamps.web.validation.jsr303.NotNullIfFirstField.message = Field '{second}' must not be empty
 ru.mystamps.web.validation.jsr303.Price.message = Invalid value
 ru.mystamps.web.validation.jsr303.ImageFile.message = Cannot detect file type. Must be image in JPEG or PNG format
+ru.mystamps.web.validation.jsr303.MaxFileSize.message = File size must be not greater than {value} ${unit.name()}
 
 value.too-short = Value is less than allowable minimum of {min} characters
 value.too-long = Value is greater than allowable maximum of {max} characters

src/main/resources/ru/mystamps/i18n/ValidationMessages_ru.properties

@@ -17,6 +17,7 @@ ru.mystamps.web.validation.jsr303.CatalogNumbers.message = Значение до
 ru.mystamps.web.validation.jsr303.NotNullIfFirstField.message = Поле '{second}' обязательно для заполнения
 ru.mystamps.web.validation.jsr303.Price.message = Некорректное значение
 ru.mystamps.web.validation.jsr303.ImageFile.message = Не удалось определить тип файла. Должен быть изображением в формате JPEG или PNG
+ru.mystamps.web.validation.jsr303.MaxFileSize.message = Размер файла должен быть не более {value} ${unit.name().equals('Mbytes') ? 'Мбайт' : unit.name().equals('Kbytes') ? 'Кбайт' : 'байт'}
 
 value.too-short = Значение должно быть не менее {min} символов
 value.too-long = Значение должно быть не более {max} символов