Feature Wiki
Tabs
Customizable Maximum File Upload Size
Page Overview
[Hide]1 Initial Problem
TH Köln as well as others need to balance the need for uploading huge files to ILIAS with keeping data storage to a minimum to ensure quick backup times. In addition, given the option users often upload files to ILIAS only to offer the download of said files for students instead of using a cloud service like Sciebo, OneDrive, Dropbox etc. and linking the files. No tracking of working progress for those files is done in ILIAS.
However, some users need to be able to upload bigger files than most ILIAS users:
- ILIAS administrators
- ILIAS Support staff handling service requests by users (for example: importing courses)
- Key users from faculties/departments
- etc.
Currently there is only one global size limit for uploading/importing files in ILIAS which is set via PHP.INI:
upload_max_filesize
This one limit also applies to features where different size limits should be made available:
- personal profile picture
- personal and shared resources
- forum post attachments
- upload questions in tests (?)
- upload assignments in exercises (?)
2 Conceptual Summary
2.1 Initial situation
ILIAS has many functions where users can upload files. Currently there is a global maximum in all places, which is set by two PHP settings (and possibly also limits to web servers):
- post_max_size
- upload_max_filesize
Modifiers on the upload elements (e.g. UI\Input\Field\File) can be used to set smaller upload limits than the global limit, but this applies equally to all users.
A limit greater than the global limit is currently not possible. To upload files larger than the limit set by PHP, the upload must be done via a so-called chunked upload. The file is sent to the server asynchronously in smaller parts and then merged into one file on the server before it can be processed further.
This feature request is intended to describe various configuration options for upload limits. The implementation will take place over several releases and many places have to be adjusted gradually so that the configurable upload limits can be applied.
In total, the following configurable upload limits (Policies) should be possible in the future:
- Global upload limit per user
- Global upload limit per role
- Local upload limit use case (e.g. upload of a profile picture)
For ILIAS 9 we suggest the first two variants, the third case requires adjustments to the individual upload points/use cases.
Basically, configurable upload limits can only be applied where one of the following components is used:
- ILIAS\UI\Component\Input\Field\File
- ILIAS\UI\Component\Dropzone\File\Wrapper
- ILIAS\UI\Component\Dropzone\File\Wrapper
2.2 Policies
Policies always contain the following attributes:
- Title (to describe it's purpose)
- Limit (in MB)
- Audience (User or Role or Global)
- Scope (Global, later other scopes such as use case, repository location, ...)
- Validity (always, or until date)
- Status (active/inactive)
2.3 General Rules for Policies and Fallbacks
With the enhancement, which later allows different configurable limits (Policies) that influence each other, the following general rules are defined:
- If no policy is applied, the upload limit is always equal to the PHP settings.
- If multiple policies apply to a user and/or use case, the highest limit applies
- Policies are applied only in places where chunked upload is also possible.
- If a upload location defines an explicit upload limit, policies are only applied if they have a smaller limit than the defined.
3 User Interface Modifications
3.1 List of Affected Views
New Tab "Upload Limits" in Administration -> System Settings and Maintenance -> File Services ("fils") which
- lists existing policies
- allows to create new policy
- allows to edit existing policy
- allows to delete existing policy
3.2 User Interface Details
The Tab consist of a Toolbar with a "Add Policy" Button and a Presentation-Table for existing Policies:
Deleting a policy is done with a UI\Modal\Interruptive.
Adding and Editing a Policy uses UI\Input-Components:
3.3 New User Interface Concepts
4 Technical Information
Technically, the upload limit valid for a user is made based on his polcies via the already available \ILIAS\UI\Implementation\Component\Input\UploadLimitResolver.
As explained in the introduction, this only applies to places that make file uploads with components from the UI service. Therefore, due to the elimination of all legacy components with ILIAS 10 (see BigProjects), all jobs will benefit from this in the future.
The implementation for use case specific policies is proposed as a separate feature request for ILIAS 10 or later.
5 Privacy Information
No direct user-related data is stored by this feature. A policy can only have a reference to a user ID.
6 Security Implications
The server-side limit through PHP cannot be bypassed, server admins can still use this to limit how much data can be sent to the server via a request.
7 Archives
A workshop on this topic was held on 11 Aug 2022, 14:15 - 15:45: Workshop 'Customizable Maximum File Upload Size'.
7.1 RFC 2119
In order to provide a clear understanding of the importance/relevance of a requirement we use the following keywords as described in RFC 2119:
- MUST, MUST NOT
- REQUIRED
- SHALL, SHALL NOT
- SHOULD, SHOULD NOT
- RECOMMENDED
- MAY
- OPTIONAL
7.2 Requirements
ILIAS administrators must be able to limit the max. file size for uploads/imports for certain users and use cases. However, ILIAS admins must not be able to exceed the set PHP limit. That means that the PHP setting still defines the max. possible file size everywhere (system admin > ILIAS admin).
It should be able to customize the max. file size by/for:
- user-id
- role-id (for repository uploads)
- object type, i.e. a higher limit for importing courses than for uploading files (?)
- personal profile picture
- personal and shared resources
- forum post attachments
- repository node (root, category, course, group, folder) (?)
In addition to the general "Maximum File Upload Size" there should be a "Customizable Maximum File Upload Size".
Tödt, Alexandra [atoedt] Ich würde das nicht zusätzlich machen, sondern einen default setzen und den fallweise änderbar machen.
Such a customizable upload limit could be attached to the following criteria: User | Role | Time | Scope/Area | Object Type
All have their advantages and disadvantages. #
A combination of Time and Scope/Area appears to be practical in the definition and management.
For example, it could be arranged like this:
- General Maximum File Upload Size = 100 MB
- Customizable Maximum File Upload Size:
- FB1 » BA Architecture »» 400 MB | today until 31.05.2020
- FB8 → 600 MB | 30.08.2020 until 31.10.2020
- Category » Category » Category » Course → nnn MB | dd.mm.yyyy until dd.mm.yyyy
Tödt, Alexandra [atoedt] Muss die Zeit dazu? Das ist unübersichtlich und ich würde nur Scope nehmen
Toolbar: Add new config
Form to set a new config
- Startdate + Enddate
- Max. Upload File Size in MB
- Scope via Repository Picker (only Container Objets can select)
List with configs in a Table:
- Startdate (sortable)
- Enddate (sortable)
- Max. Upload File Size (sortable)
- Scope (Full Path) (sortable)
- Actions (Deactivate/Activate | Edit | Delete)
8 Contact
- Author of the Request: Sesterhenn, Fabian [sesterhenn]
- Maintainer: Schmid, Fabian [fschmid]
- Implementation of the feature is done by: Fuhrer, Thibeau [tfuhrer] und Zehnder, Lukas [lzehnder]
9 Funding
If you are interest in funding this feature, please add your name and institution to this list.
10 Discussion
Sesterhenn, Fabian [sesterhenn] 25. Mar 2022: Reviving/Reworking this zombie with the blessing of Samoila, Oliver [oliver.samoila]
Lorenz, Katharina [klorenz] 26 Apr 2022: Hi Fabian and Oliver, we would like to focus on this feature request for ILIAS 9, what do you think, what is the current status? Do you actually want to revise this FR?
Sesterhenn, Fabian [sesterhenn] 26. Apr 2022: I think the most important part right now would be to define the scope of this FR. The ultimate goal should be (in my opinion) to be able to limit the max. upload file size per ILIAS object. This requires the coordinated work of a lot of maintainers, not only the maintainer for the file service. I think currently some modules use the file service, some do not. The ones that do not should start doing so, so that a centralized solution for this FR can be implemented via the file service. It would be great to get a first feedback on this by Fabian Schmid.
Schmid, Fabian [fschmid] 26-04-2022: You have already written it correctly, this implementation will need all maintainers who do anything with fileuploads. First and foremost, we would extend the upload service so that you can specify an upload configuration per component or per use case. But this also applies to the form elements.
From my point of view this only makes sense for components which already use
a) use the UploadService directly and not e.g. the legacy implementation of ilUtil
b) use the new forms (UI service)
c) preferably already using the storage service, which unfortunately are the fewest so far.
of course you could start with a smaller variant, which could e.g. provide upload limits per global role (not per module but per role). But here, too, many parts of ILIAS would already have to be adapted for this purpose. further expansion could then take place for components that already implement points a-c.
Kergomard, Stephan [skergomard] 28 NOV 2022: Please be aware that this also has consequences for WebDAV. As long as no chunked uploads are necessary, i.e. post_max_size
and upload_max_filesize
are respected, not much would need to be changed, but if this becomes an option, changes might get bigger.
Further: I would kindly ask you to not implement a limit per user. Appart from adding unnecessary complexity (you can always create a role and only add the one user to it), this will further increase the "individualisation" of the system and foster hard to debug and control usage patterns.
JourFixe, ILIAS [jourfixe], 28 NOV 2022 : We highly appreciate this suggestion and accept it for ILIAS 9. There are objections against allowing limits per users and limits per local role. This means, upload policies are only possible for "all users" and for a selected global role. And please add a short notice about the possibility of upload limits to the install.md, section "PHP Installation and Configuration".
11 Implementation
The feature was implemented as described. The administration of the new upload limits is as follows:
For the implementation, the UI\Input\File was also upgraded to handle new chunk uploads. This requires a chunk upload capable UploadHandler, which is implemented in the File object, for example. This means that upload limits can now also be offered that are greater than the configured PHP limit. The adjustments to the UI\Input\File were covered in this PR: https://github.com/ILIAS-eLearning/ILIAS/pull/6382
Test Cases
Test cases completed at 23/10/2023 by Schmid, Fabian [fschmid]
- C63551: Upload-Limit für alle Personen festlegen
- C63552: Upload-Limit für globale Rolle festlegen
- C63553: Upload-Limit deaktivieren
- C63554: Zeitliche Begrenzung für Upload-Limit festlegen
Approval
Approved at 2023/10/23 by Sesterhenn, Fabian [sesterhenn]
Last edited: 25. Sep 2024, 12:03, Spirou, Ilias [ispirou]