I can define a MultipartResolver
like this with a maxUploadSize
of 10K (10000 bytes):
<bean id="multipartResolver"
class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<property name="maxUploadSize" value="10000"/>
</bean
However, if the admin needs to upload some large files via the admin interface which exceed this limit, the app needs to be temporarily re-configured to allow this - and then re-configured again to make sure regular users don't exceed this limit.
While this is happening, of course, a regular user could potentially sneak a large file in without receiving a warning.
Is there a way to configure the resolver to use a different maxUploadSize
in these two situations?
The simplest method is to use differently-configured implementations of the bean for admins instead of for normal users. The most elegant way of doing that is to have a Spring 3.0 @Configuration bean that produces a session-scoped bean instance (I add a scoped proxy below as well, in case you're not using it in a session-scoped bean; otherwise you could just use a simpler annotation like this: @Scope(WebApplicationContext.SCOPE_SESSION)
).
@Configuration
public class MultipartResolverBuilder {
@Bean @Scope(value = WebApplicationContext.SCOPE_SESSION,
proxyMode = ScopedProxyMode.TARGET_CLASS)
public CommonsMultipartResolver getMultipartResolver() {
CommonsMultipartResolver mr = new CommonsMultipartResolver();
if (user_is_not_admin) {
mr.setMaxUploadSize(10000);
}
return mr;
}
}
You'll need to add the code to determine whether the user is an admin or not, of course, and you'll need to add in support for scanning for annotation-based configuration (if you've not already got it; <context:annotation-config/>
/<context:component-scan .../>
are pretty common things to have).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With