FIX: Correctly implement of max_size_bytes to avoid signature mismatch

Author: thclark

django_gcp/static/django_gcp/cloud_object_widget.js

@@ -191,12 +191,17 @@ $(document).ready(function($) {
       // var field = wrapper.find("input[type=hidden]");
       var file = wrapper.find(".gcp-file-input").get(0).files[0];
       const signed_ingress_url = wrapper.data("signed-ingress-url")
-      // const ingress_path = wrapper.data("ingress-path")
+      const max_size_bytes = wrapper.data("max-size-bytes")
+      const headers = {}
+      if (max_size_bytes !== 0) {
+        headers["X-Goog-Content-Length-Range"] = `0,${max_size_bytes}`
+      }
       $.ajax({
         url: signed_ingress_url,
         type: "PUT",
         data: file,
         contentType: "application/octet-stream",
+        headers: headers,
         success: function() {
           // field.val(JSON.stringify({_tmp_path: ingress_path, name: file.name, content_type: file.type}));
           window.gcp_number_of_files--;

django_gcp/storage/fields.py

@@ -12,16 +12,11 @@
 
 from .forms import CloudObjectFormField
 from .gcloud import GoogleCloudStorage
-from .operations import blob_exists, copy_blob, get_signed_upload_url
+from .operations import UNLIMITED_MAX_SIZE, blob_exists, copy_blob, get_signed_upload_url
 from .widgets import DEFAULT_ACCEPT_MIMETYPE, CloudObjectWidget
 
 logger = logging.getLogger(__name__)
 
-
-# 32 megabyte default size chosen to be consistent with Cloud Run's
-# largest request size
-DEFAULT_MAX_SIZE_BYTES = 32 * 1024 * 1024
-
 DEFAULT_OVERWRITE_MODE = "never"
 
 OVERWRITE_MODES = [
@@ -102,8 +97,8 @@ def __init__(
         ingress_to="_tmp/",
         store_key="media",
         accept_mimetype=DEFAULT_ACCEPT_MIMETYPE,
-        max_size_bytes=DEFAULT_MAX_SIZE_BYTES,
         overwrite_mode=DEFAULT_OVERWRITE_MODE,
+        max_size_bytes=None,
         on_change=None,
         update_attributes=None,
         **kwargs,
@@ -114,6 +109,7 @@ def __init__(
         self._on_commit_valid = None
         self._versioning_enabled = None
         self._temporary_path = None
+        self._max_size_bytes = max_size_bytes
         self._primary_key_set_explicitly = "primary_key" in kwargs
         self._choices_set_explicitly = "choices" in kwargs
         self.overwrite_mode = overwrite_mode
@@ -123,7 +119,6 @@ def __init__(
         self.ingress_path = None
         self.store_key = store_key
         self.accept_mimetype = accept_mimetype
-        self.max_size_bytes = max_size_bytes
         self.on_change = on_change
         kwargs["default"] = kwargs.pop("default", None)
         kwargs["help_text"] = kwargs.pop("help_text", "GCP cloud storage object")
@@ -178,6 +173,7 @@ def formfield(self, **kwargs):
             widget = CloudObjectWidget(
                 accept_mimetype=self.accept_mimetype,
                 signed_ingress_url=self._get_signed_ingress_url(),
+                max_size_bytes=self.max_size_bytes,
                 ingress_path=self._get_temporary_path(),
             )
 
@@ -195,6 +191,23 @@ def override_blobfield_value(self):
             DEFAULT_OVERRIDE_BLOBFIELD_VALUE,
         )
 
+    @property
+    def max_size_bytes(self):
+        """Shortcut to determine the max size in bytes allowable as an upload
+
+        Defaults to unlimited upload size (which is dangerous, but since you're
+        signing a URL for the user to upload we assume you've established trust
+        in the user and know what you're doing!).
+        """
+        if self._max_size_bytes is not None:
+            return self._max_size_bytes
+
+        return getattr(
+            settings,
+            "GCP_STORAGE_BLOBFIELD_MAX_SIZE_BYTES",
+            UNLIMITED_MAX_SIZE,
+        )
+
     def clean(self, value, model_instance, skip_validation=False):
         """Clean the value to ensure correct state and on_commit hooks.
         This method is called during clean_fields on model save.

django_gcp/storage/operations.py

@@ -11,6 +11,8 @@
 
 logger = logging.getLogger(__name__)
 
+UNLIMITED_MAX_SIZE = 0
+
 
 def blob_exists(bucket, blob_name):
     """Quick check that a blob with a given name exists in a bucket"""
@@ -182,7 +184,7 @@ def get_generations(bucket, blob_name):
     return list(bucket.client.list_blobs(bucket.name, versions=True, prefix=blob_name))
 
 
-def get_signed_upload_url(bucket, blob_name, timedelta=None, max_size_bytes=None, **kwargs):
+def get_signed_upload_url(bucket, blob_name, timedelta=None, max_size_bytes=UNLIMITED_MAX_SIZE, **kwargs):
     """Get a signed URL for uploading a blob to GCS
 
     :param google.cloud.storage.Bucket bucket: The bucket to which the blob will be uploaded
@@ -195,7 +197,8 @@ def get_signed_upload_url(bucket, blob_name, timedelta=None, max_size_bytes=None
         timedelta = datetime.timedelta(minutes=60)
 
     blob = bucket.blob(blob_name)
-    if max_size_bytes is not None:
+
+    if max_size_bytes != 0:
         content_length_range = f"0,{max_size_bytes}"
         headers = kwargs.pop("headers", {})
         headers["X-Goog-Content-Length-Range"] = content_length_range

django_gcp/storage/widgets.py

@@ -3,6 +3,8 @@
 from django.conf import settings
 from django.forms import Widget
 
+from .operations import UNLIMITED_MAX_SIZE
+
 DEFAULT_ACCEPT_MIMETYPE = "*/*"
 
 
@@ -28,6 +30,7 @@ def __init__(
         self,
         *args,
         signed_ingress_url=None,
+        max_size_bytes=UNLIMITED_MAX_SIZE,
         ingress_path=None,
         accept_mimetype=DEFAULT_ACCEPT_MIMETYPE,
         **kwargs,
@@ -37,14 +40,15 @@ def __init__(
         self._kwargs = kwargs
         self.accept_mimetype = accept_mimetype
         self.signed_ingress_url = signed_ingress_url
+        self.max_size_bytes = max_size_bytes
         self.ingress_path = ingress_path
 
         if "unfold" in settings.INSTALLED_APPS:
             self.template_name = "django_gcp/contrib/unfold/cloud_object_widget.html"
 
     def get_context(self, name, value, attrs):
         context = super().get_context(name, value, attrs)
-
+        context["max_size_bytes"] = self.max_size_bytes
         context["signed_ingress_url"] = self.signed_ingress_url
         context["ingress_path"] = self.ingress_path
         context["accept_mimetype"] = self.accept_mimetype

django_gcp/templates/django_gcp/cloud_object_widget.html

@@ -14,7 +14,7 @@
     </div>
 {% endwith %} -->
 
-<div class="gcp-wrapper" data-existing-path="{{ existing_path }}" data-signed-ingress-url="{{ signed_ingress_url }}" data-ingress-path="{{ ingress_path }}">
+<div class="gcp-wrapper" data-existing-path="{{ existing_path }}" data-signed-ingress-url="{{ signed_ingress_url }}" data-max-size-bytes="{{ max_size_bytes }}" data-ingress-path="{{ ingress_path }}">
 <div class="gcp-field-contents">
     <input
         type="hidden" name="{{ widget.name }}"

django_gcp/templates/django_gcp/contrib/unfold/cloud_object_widget.html

@@ -1,6 +1,6 @@
 {% load i18n %}
 
-<div class="gcp-wrapper" data-existing-path="{{ existing_path }}" data-signed-ingress-url="{{ signed_ingress_url }}" data-ingress-path="{{ ingress_path }}">
+<div class="gcp-wrapper" data-existing-path="{{ existing_path }}" data-signed-ingress-url="{{ signed_ingress_url }}" data-max-size-bytes="{{ max_size_bytes }}" data-ingress-path="{{ ingress_path }}">
     <div class="border flex flex-col overflow-hidden rounded-md shadow-sm text-sm max-w-2xl dark:border-gray-700">
         <input
             type="hidden" name="{{ widget.name }}"