Prevent upload of empty submission corrections (#552)

* Prevent upload of empty files * Add console log for empty file * Add more specific error message for empty files * Validate file size in backend * Improve locale strings * Undo automatic linting * Undo unwanted changes * Reset whitespaces * Fix multiple files stats for bulk upload * Provide info about which file is empty to user
MaMpf-HD · Nov 1, 2023 · 6a8deab · 6a8deab
1 parent 3d860b3
commit 6a8deab
Show file tree

Hide file tree

Showing 7 changed files with 86 additions and 25 deletions.
diff --git a/app/assets/javascripts/upload.coffee b/app/assets/javascripts/upload.coffee
@@ -262,6 +262,21 @@ imageUpload = (fileInput,endpoint='/screenshots/upload', classname="course") ->
 
       metaData.innerHTML = data.metadata.filename + ' (' + formatBytes(data.metadata.size) + ')'
       metaData.style.display = 'inline'
+
+      # Disable upload if empty files were uploaded
+      # Temporary fix for ":type option required" error in the
+      # app/controllers/submissions_controller.rb -> show_correction
+      if data.metadata.size == 0
+        console.log('empty file encountered')
+        $(actualButton).hide()
+        $('#submit-correction-btn').addClass('disabled')
+        alert($(actualButton).data('tr-failure-empty-file'))
+      else
+        $(uploadButton).hide()
+        $(actualButton).show()
+        $(actualButton).addClass('disabled')
+        $('#submit-correction-btn').removeClass('disabled')
+
     null
     hiddenInput
     true
@@ -285,23 +300,35 @@ bulkCorrectionUpload = (fileInput) ->
       null
       '/corrections/upload'
       '#bulk-uploadButton-button-actual'
-      (data) =>
-
-        data = JSON.parse data.response
-        console.log(data)
-        result = (successful: [data])
-        console.log result
-        if result.successful.length > 0
-          uploaded_files = result.successful.map (file) -> file
-          console.log uploaded_files
-          $('#upload-bulk-correction-save').prop('disabled', false)
+      (_, dataAll) =>
+        console.log(dataAll)
+
+        if dataAll.length == 0
+          console.error('No files uploaded, fatal error')
+          return
+
+        # Disable upload if uploaded (zip)-file is empty
+        # Temporary fix for ":type option required" error in the
+        # app/controllers/submissions_controller.rb -> show_correction
+        for data in dataAll
+          if data.metadata.size > 0
+            continue
+          console.log('empty file encountered during bulk upload: ' + data.metadata.filename)
+          alert(data.metadata.filename + ' ' +
+            $('#bulk-uploadButton-button-actual').data('tr-failure-empty-file-bulk'))
+          $('#bulk-uploadButton-button-actual').hide()
           $(metaData).empty()
-            .append(fileInput.files.length+ ' ' +$(metaData).data('tr-uploads'))
-          $(uploadButton).hide()
-        return
-        $("#bulk-upload-area").toggle()
+          return
+
+        # Successfully uploaded
+        console.log('bulk upload successful')
+        $('#upload-bulk-correction-save').prop('disabled', false)
+        $(metaData).empty()
+          .append(fileInput.files.length+ ' ' +$(metaData).data('tr-uploads'))
+        $(uploadButton).hide()
       null
       'upload-bulk-correction-hidden'
+      false
       )
   $('#show-bulk-upload-area').on 'click', ->
     $(this).hide()
@@ -345,17 +372,19 @@ directUpload provides an interface to upload (multiple) files to an endpoint
     fileInput =document.getElementById(fileInputElement)
     fI = $("#"+fileInputElement)
     fileInput.style.display = 'none'
-    result = undefined
-    merged = undefined
-    files = []
-    filez= []
 
-
-    uploadedFiles = []
-    progressOptimize = 0
     $(uploadStatusElement).hide()
     uploadButton = $(uploadButtonElement)
     $(actualUploadButtonElement).on 'click', (e) ->
+      # Reset variables
+      result = undefined
+      merged = undefined
+      files = []
+      filez= []
+      uploadedFiles = []
+      progressOptimize = 0
+      hiddenInput.value = ''
+
       e.preventDefault()
       if permissionElement == null || $(permissionElement).is(":checked")
         #Upload blob
@@ -383,8 +412,11 @@ directUpload provides an interface to upload (multiple) files to an endpoint
               $(progressBarElement).text(
                 $(progressBarElement).data 'tr-success'
               )
-              if successCallback != undefined 
-                successCallback(xhr)
+              if successCallback != undefined
+                # The second argument is currently only used by the
+                # bulk upload to get all uploaded files and not just
+                # the last one.
+                successCallback(xhr, uploadedFiles2)
               hiddenInput.value = JSON.stringify uploadedFiles2
               fileInput.value = null
               $(progressBarElement)

diff --git a/app/uploaders/correction_uploader.rb b/app/uploaders/correction_uploader.rb
@@ -6,4 +6,11 @@ class CorrectionUploader < Shrine
   plugin :determine_mime_type, analyzer: :marcel
   plugin :upload_endpoint, max_size: 30 * 1024 * 1024 # 30 MB
   plugin :default_storage, cache: :submission_cache, store: :submission_store
+  plugin :validation_helpers
+
+  Attacher.validate do
+    # Reject empty file uploads
+    # at least 1 byte
+    validate_min_size 1, message: I18n.t('submission.upload_failure_empty_file')
+  end
 end
diff --git a/app/uploaders/submission_uploader.rb b/app/uploaders/submission_uploader.rb
@@ -7,4 +7,11 @@ class SubmissionUploader < Shrine
   plugin :upload_endpoint, max_size: 20 * 1024 * 1024 # 20 MB
   plugin :default_storage, cache: :submission_cache, store: :submission_store
   plugin :restore_cached_data
+  plugin :validation_helpers
+
+  Attacher.validate do
+    # Reject empty file uploads
+    # at least 1 byte
+    validate_min_size 1, message: I18n.t('submission.upload_failure_empty_file')
+  end
 end
diff --git a/app/views/submissions/_correction_upload.html.erb b/app/views/submissions/_correction_upload.html.erb
@@ -21,6 +21,7 @@
     <button id="correction-uploadButton-button-actual-<%=submission.id%>"
                     data-tr-success="<%= t('buttons.upload_success') %>"
                     data-tr-failure="<%= t('submission.upload_failure')%>"
+                    data-tr-failure-empty-file="<%= t('submission.upload_failure_empty_file')%>"
                     data-tr-missing-consent="<%= t('submission.missing_consent')%>"
                     data-tr-post-processing="<%= t('basics.post_processing')%>"
                     class="btn btn-sm btn-outline-secondary"
@@ -41,7 +42,8 @@
   <div class="row mt-2">
     <div class="col-12">
       <%= f.submit t('buttons.save'),
-                   class: 'btn btn-sm btn-primary' %>
+                  id: 'submit-correction-btn',
+                  class: 'btn btn-sm btn-primary' %>
       <%= link_to t('buttons.cancel'),
                   cancel_edit_correction_path(submission),
                   class: 'btn btn-sm btn-secondary',

diff --git a/app/views/tutorials/_bulk_correction_form.html.erb b/app/views/tutorials/_bulk_correction_form.html.erb
@@ -33,6 +33,8 @@
                     data-tr-success="<%= t('buttons.upload_success') %>"
                     data-tr-failure="<%= t('submission.upload_failure')%>"
                     data-tr-missing-consent="<%= t('submission.missing_consent')%>"
+                    data-tr-failure-empty-file="<%= t('submission.upload_failure_empty_file')%>"
+                    data-tr-failure-empty-file-bulk="<%= t('submission.upload_failure_empty_file_bulk')%>"
                     data-tr-post-processing="<%= t('basics.post_processing')%>"
                     class="btn btn-sm btn-outline-secondary"
                     >

diff --git a/config/locales/de.yml b/config/locales/de.yml
@@ -2664,6 +2664,12 @@ de:
     optimization_failed: >
       Optimierung fehlgeschlagen: Die Datei ist immer noch zu groß.
     upload_failure: "Fehler beim Upload! Bitte versuche es erneut!"
+    upload_failure_empty_file: >
+      Die hochgeladene Datei ist leer.
+      Bitte vergewissere dich, dass die Datei nicht beschädigt ist.
+    upload_failure_empty_file_bulk: >
+      ist leer.
+      Bitte vergewissere dich, dass die Datei nicht beschädigt ist.
     file_size_too_big: Die Datei ist eigentlich zu groß, kann aber hochgeladen werden.
     file_size_way_too_big:  Die Dateigröße überschreitet das Limit. Bitte optimiere sie.
     optimization_help_html: >

diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -2511,7 +2511,12 @@ en:
     optimization_failed: >
       Optimization failed: File is still to big.
     upload_failure: "Error while uploading! Please try again."
-    correct_file_size: The filesize does not exceed the limit.
+    upload_failure_empty_file: >
+      The uploaded file is empty.
+      Please make sure that the file is not corrupted.
+    upload_failure_empty_file_bulk: >
+      is empty.
+      Please make sure that the file is not corrupted.
     file_size_too_big: The filesize exceeds the limit, nevertheless it is uploadable.
     file_size_way_too_big: The filesize exceeds the limit. Please optimize it.
     optimization_help_html: >