diff --git a/src/actions/report.ts b/src/actions/report.ts
index c0a7f29..cf89067 100644
--- a/src/actions/report.ts
+++ b/src/actions/report.ts
@@ -3,11 +3,12 @@ import { Session } from '@util/session.ts';
import { Permissions } from '@util/permissions.ts';
import { db } from '@db/database.ts';
import { z } from 'astro:schema';
-import { UPLOAD_PATH } from 'astro:env/server';
+import { MAX_UPLOAD_BYTES, UPLOAD_PATH } from 'astro:env/server';
import fs from 'node:fs';
import crypto from 'node:crypto';
import path from 'node:path';
import { sendWebhook, WebhookAction } from '@util/webhook.ts';
+import { allowedImageTypes, allowedVideoTypes } from '@util/media.ts';
export const report = {
submitReport: defineAction({
@@ -15,9 +16,22 @@ export const report = {
urlHash: z.string(),
reason: z.string(),
body: z.string(),
- files: z.array(z.instanceof(File)).nullable()
+ files: z
+ .array(
+ z
+ .instanceof(File)
+ .refine((f) => [...allowedImageTypes, ...allowedVideoTypes].findIndex((v) => v === f.type) !== -1)
+ )
+ .nullable()
}),
handler: async (input) => {
+ const fileSize = input.files?.reduce((prev, curr) => prev + curr.size, 0);
+ if (fileSize && fileSize > MAX_UPLOAD_BYTES) {
+ throw new ActionError({
+ code: 'BAD_REQUEST'
+ });
+ }
+
const report = await db.getReportByUrlHash({ urlHash: input.urlHash });
if (!report) {
throw new ActionError({
diff --git a/src/app/admin/reports/Reports.svelte b/src/app/admin/reports/Reports.svelte
index 3715e58..2684f95 100644
--- a/src/app/admin/reports/Reports.svelte
+++ b/src/app/admin/reports/Reports.svelte
@@ -38,8 +38,7 @@
{ key: 'report.status?.status', label: 'Bearbeitungsstatus' }
]}
onClick={(report) => (activeReport = report)}
->
-
+/>
{#key activeReport}
diff --git a/src/app/website/report/Dropzone.svelte b/src/app/website/report/Dropzone.svelte
index e6426d4..18e983a 100644
--- a/src/app/website/report/Dropzone.svelte
+++ b/src/app/website/report/Dropzone.svelte
@@ -1,15 +1,12 @@