if (!item.isFormField()) {
// Process form file field (input type="file").
files.put(item.getName(), item.getInputStream());
- if(item.getName().endsWith(".xls")){
- OutputStream outputStream = null;
- try{
- File file = new File(item.getName());
- outputStream = new FileOutputStream(file);
+ if(item.getName().endsWith(".xls") && item.getSize() <= PolicyController.getFileSizeLimit()){
+ File file = new File(item.getName());
+ try (OutputStream outputStream = new FileOutputStream(file);)
+ {
IOUtils.copy(item.getInputStream(), outputStream);
- outputStream.close();
newFile = file.toString();
PolicyExportAndImportController importController = new PolicyExportAndImportController();
importController.importRepositoryFile(newFile, request);
}catch(Exception e){
LOGGER.error("Upload error : " + e);
- }finally{
- if(outputStream != null){
- outputStream.close();
- }
}
}
+ else if (!item.getName().endsWith(".xls")) {
+ LOGGER.error("Non .xls filetype uploaded: " + item.getName());
+ }
+ else { //uploaded file size is greater than allowed
+ LOGGER.error("Upload file size limit exceeded! File size (Bytes) is: " + item.getSize());
+ }
}
}
Code Review / policy / engine.git / blobdiff