vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

fix: bypass size limit check for requesting personal information (#36584)

Browse source 
* fix: bypass size limit check for requesting personal information

* refactor: make size check skip generalized using flags and fix email sending test

* fix: test for large file request

* fix: update file size check flag name

Co-authored-by: Suraj Shetty <13928957+surajshetty3416@users.noreply.github.com>

* fix: Update flag name to skip_file_size_check

---------

Co-authored-by: Suraj Shetty <13928957+surajshetty3416@users.noreply.github.com>
This commit is contained in:
Shrihari Mahabal 2026-02-09 07:29:06 +05:30 committed by GitHub
parent b8ade4bb23
commit 193cb67e9c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 35 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
frappe/core/doctype/file/file.py
View file

@ -767,7 +767,7 @@ class File(Document):
max_file_size = get_max_file_size() max_file_size = get_max_file_size()
file_size = len(self._content or b"") file_size = len(self._content or b"")
if file_size > max_file_size: if not self.flags.skip_file_size_check and file_size > max_file_size:
msg = _("File size exceeded the maximum allowed size of {0} MB").format(max_file_size / 1048576) msg = _("File size exceeded the maximum allowed size of {0} MB").format(max_file_size / 1048576)
if frappe.has_permission("System Settings", "write"): if frappe.has_permission("System Settings", "write"):
msg += ".<br>" + _("You can increase the limit from System Settings.") msg += ".<br>" + _("You can increase the limit from System Settings.")

1
frappe/website/doctype/personal_data_download_request/personal_data_download_request.py
View file

@ -48,6 +48,7 @@ class PersonalDataDownloadRequest(Document):
"is_private": 1, "is_private": 1,
} }
) )
f.flags.skip_file_size_check = True
f.save(ignore_permissions=True) f.save(ignore_permissions=True)
file_link = ( file_link = (

33
frappe/website/doctype/personal_data_download_request/test_personal_data_download_request.py
View file

@ -13,10 +13,12 @@ from frappe.website.doctype.personal_data_download_request.personal_data_downloa
class TestRequestPersonalData(IntegrationTestCase): class TestRequestPersonalData(IntegrationTestCase):
def setUp(self): def setUp(self):
frappe.set_user("Administrator")
create_user_if_not_exists(email="test_privacy@example.com") create_user_if_not_exists(email="test_privacy@example.com")
def tearDown(self): def tearDown(self):
frappe.db.delete("Personal Data Download Request") frappe.db.delete("Personal Data Download Request")
frappe.set_user("Administrator")
def test_user_data_creation(self): def test_user_data_creation(self):
user_data = json.loads(get_user_data("test_privacy@example.com")) user_data = json.loads(get_user_data("test_privacy@example.com"))
@ -49,6 +51,37 @@ class TestRequestPersonalData(IntegrationTestCase):
frappe.db.delete("Email Queue") frappe.db.delete("Email Queue")
def test_large_file_request(self):
from unittest.mock import patch
frappe.db.delete("File")
frappe.db.delete("Email Queue")
frappe.set_user("test_privacy@example.com")
with patch("frappe.sendmail"):
req = frappe.new_doc("Personal Data Download Request")
req.user = "test_privacy@example.com"
req.insert(ignore_permissions=True)
req.generate_file_and_send_mail(
{
"data": "x" * (60 * 1024 * 1024) # 60MB
}
)
files = frappe.get_all(
"File",
filters={
"attached_to_doctype": "Personal Data Download Request",
"attached_to_name": req.name,
},
fields=["file_size"],
)
large_files = [f for f in files if f.file_size >= 60 * 1024 * 1024]
self.assertEqual(len(large_files), 1)
def create_user_if_not_exists(email, first_name=None): def create_user_if_not_exists(email, first_name=None):
frappe.delete_doc_if_exists("User", email) frappe.delete_doc_if_exists("User", email)