MDL-52100 filelib: Files that are oversized are checked with user.
authorAdrian Greeve <adrian@moodle.com>
Mon, 18 Dec 2017 03:32:10 +0000 (11:32 +0800)
committerAdrian Greeve <adrian@moodle.com>
Mon, 18 Dec 2017 05:12:22 +0000 (13:12 +0800)
Files that are oversized could have been uploaded by a user who
can ignore the file size limits. These files should not be deleted
in these situations.

lib/filelib.php

index 6b4f1dc..4eeab3d 100644 (file)
@@ -904,6 +904,7 @@ function file_save_draft_area_files($draftitemid, $contextid, $component, $filea
 
         $newhashes = array();
         $filecount = 0;
+        $context = context::instance_by_id($contextid, MUST_EXIST);
         foreach ($draftfiles as $file) {
             if (!$options['subdirs'] && $file->get_filepath() !== '/') {
                 continue;
@@ -912,8 +913,11 @@ function file_save_draft_area_files($draftitemid, $contextid, $component, $filea
                 continue;
             }
             if (!$file->is_directory()) {
-                if ($options['maxbytes'] and $options['maxbytes'] < $file->get_filesize()) {
-                    // oversized file - should not get here at all
+                // Check to see if this file was uploaded by someone who can ignore the file size limits.
+                $fileusermaxbytes = get_user_max_upload_file_size($context, $options['maxbytes'], 0, 0, $file->get_userid());
+                if ($fileusermaxbytes != USER_CAN_IGNORE_FILE_SIZE_LIMITS
+                        && ($options['maxbytes'] and $options['maxbytes'] < $file->get_filesize())) {
+                    // Oversized file.
                     continue;
                 }
                 if ($options['maxfiles'] != -1 and $options['maxfiles'] <= $filecount) {