Merge branch 'sh-log-upload-api-exceed-size' into 'master'

Log message when upload via API exceeds limit

See merge request gitlab-org/gitlab!57774

changelogs/unreleased/sh-log-upload-api-exceed-size.yml

+---
+title: Log message when upload via API exceeds limit
+merge_request: 57774
+author:
+type: added

lib/api/projects.rb

@@ -67,6 +67,16 @@ module API
 
         PROJECT_ATTACHMENT_SIZE_EXEMPT
       end
+
+      # This is to help determine which projects to use in https://gitlab.com/gitlab-org/gitlab/-/issues/325788
+      def log_if_upload_exceed_max_size(user_project, file)
+        return if file.size <= user_project.max_attachment_size
+        return if exempt_from_global_attachment_size?(user_project)
+
+        if file.size > user_project.max_attachment_size
+          Gitlab::AppLogger.info({ message: "File exceeds maximum size", file_bytes: file.size, project_id: user_project.id, project_path: user_project.full_path })
+        end
+      end
     end
 
     helpers do
@@ -576,6 +586,8 @@ module API
         requires :file, types: [Rack::Multipart::UploadedFile, ::API::Validations::Types::WorkhorseFile], desc: 'The attachment file to be uploaded'
       end
       post ":id/uploads", feature_category: :not_owned do
+        log_if_upload_exceed_max_size(user_project, params[:file])
+
         service = UploadService.new(user_project, params[:file])
         service.override_max_attachment_size = project_attachment_size(user_project)
         upload = service.execute

spec/requests/api/projects_spec.rb

@@ -1519,6 +1519,8 @@ RSpec.describe API::Projects do
   end
 
   describe "POST /projects/:id/uploads" do
+    let(:file) { fixture_file_upload("spec/fixtures/dk.png", "image/png") }
+
     before do
       project
     end
@@ -1528,7 +1530,7 @@ RSpec.describe API::Projects do
         expect(instance).to receive(:override_max_attachment_size=).with(project.max_attachment_size).and_call_original
       end
 
-      post api("/projects/#{project.id}/uploads", user), params: { file: fixture_file_upload("spec/fixtures/dk.png", "image/png") }
+      post api("/projects/#{project.id}/uploads", user), params: { file: file }
 
       expect(response).to have_gitlab_http_status(:created)
       expect(json_response['alt']).to eq("dk")
@@ -1538,13 +1540,21 @@ RSpec.describe API::Projects do
       expect(json_response['full_path']).to start_with("/#{project.namespace.path}/#{project.path}/uploads")
     end
 
+    it "logs a warning if file exceeds attachment size" do
+      allow(Gitlab::CurrentSettings).to receive(:max_attachment_size).and_return(0)
+
+      expect(Gitlab::AppLogger).to receive(:info).with(hash_including(message: 'File exceeds maximum size')).and_call_original
+
+      post api("/projects/#{project.id}/uploads", user), params: { file: file }
+    end
+
     shared_examples 'capped upload attachments' do
       it "limits the upload to 1 GB" do
         expect_next_instance_of(UploadService) do |instance|
           expect(instance).to receive(:override_max_attachment_size=).with(1.gigabyte).and_call_original
         end
 
-        post api("/projects/#{project.id}/uploads", user), params: { file: fixture_file_upload("spec/fixtures/dk.png", "image/png") }
+        post api("/projects/#{project.id}/uploads", user), params: { file: file }
 
         expect(response).to have_gitlab_http_status(:created)
       end