From c257a2cb287fb5d40b28e04debb8313c9335bd42 Mon Sep 17 00:00:00 2001 From: giovanni Date: Fri, 30 Jan 2026 15:09:23 +0700 Subject: [PATCH] add validation max size upload file 5 MB --- .../controllers/daily-checklist.controller.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/internal/modules/daily-checklists/controllers/daily-checklist.controller.go b/internal/modules/daily-checklists/controllers/daily-checklist.controller.go index d97424fa..95848839 100644 --- a/internal/modules/daily-checklists/controllers/daily-checklist.controller.go +++ b/internal/modules/daily-checklists/controllers/daily-checklist.controller.go @@ -2,6 +2,7 @@ package controller import ( "math" + "mime/multipart" "strconv" "gitlab.com/mbugroup/lti-api.git/internal/modules/daily-checklists/dto" @@ -362,6 +363,9 @@ func (u *DailyChecklistController) UpdateOne(c *fiber.Ctx) error { return fiber.NewError(fiber.StatusBadRequest, "Invalid multipart form") } req.Documents = form.File["documents"] + if err := validateDailyChecklistDocumentSizes(req.Documents); err != nil { + return err + } if err := c.BodyParser(req); err != nil { return fiber.NewError(fiber.StatusBadRequest, "Invalid request body") @@ -381,6 +385,16 @@ func (u *DailyChecklistController) UpdateOne(c *fiber.Ctx) error { }) } +func validateDailyChecklistDocumentSizes(files []*multipart.FileHeader) error { + const maxDailyChecklistDocumentBytes = 5 * 1024 * 1024 // 5MB + for _, file := range files { + if file != nil && file.Size > maxDailyChecklistDocumentBytes { + return fiber.NewError(fiber.StatusRequestEntityTooLarge, "Document size must be <= 5MB") + } + } + return nil +} + func (u *DailyChecklistController) DeleteOne(c *fiber.Ctx) error { param := c.Params("idDailyChecklist")