From 48a9856da8362d2904cc8d15122b515b5c505bd2 Mon Sep 17 00:00:00 2001
From: Adrian Greeve <adrian@moodle.com>
Date: Mon, 18 Dec 2017 11:32:10 +0800
Subject: [PATCH 1/2] MDL-52100 filelib: Files that are oversized are checked
 with user.

Files that are oversized could have been uploaded by a user who
can ignore the file size limits. These files should not be deleted
in these situations.
---
 lib/filelib.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/filelib.php b/lib/filelib.php
index 6b4f1dc8210..4eeab3d03f3 100644
--- a/lib/filelib.php
+++ b/lib/filelib.php
@@ -904,6 +904,7 @@ function file_save_draft_area_files($draftitemid, $contextid, $component, $filea
 
         $newhashes = array();
         $filecount = 0;
+        $context = context::instance_by_id($contextid, MUST_EXIST);
         foreach ($draftfiles as $file) {
             if (!$options['subdirs'] && $file->get_filepath() !== '/') {
                 continue;
@@ -912,8 +913,11 @@ function file_save_draft_area_files($draftitemid, $contextid, $component, $filea
                 continue;
             }
             if (!$file->is_directory()) {
-                if ($options['maxbytes'] and $options['maxbytes'] < $file->get_filesize()) {
-                    // oversized file - should not get here at all
+                // Check to see if this file was uploaded by someone who can ignore the file size limits.
+                $fileusermaxbytes = get_user_max_upload_file_size($context, $options['maxbytes'], 0, 0, $file->get_userid());
+                if ($fileusermaxbytes != USER_CAN_IGNORE_FILE_SIZE_LIMITS
+                        && ($options['maxbytes'] and $options['maxbytes'] < $file->get_filesize())) {
+                    // Oversized file.
                     continue;
                 }
                 if ($options['maxfiles'] != -1 and $options['maxfiles'] <= $filecount) {

From c86189ae02e0619bc6c1b4d39f6e52684b48f6e5 Mon Sep 17 00:00:00 2001
From: Adrian Greeve <adrian@moodle.com>
Date: Mon, 18 Dec 2017 13:01:08 +0800
Subject: [PATCH 2/2] MDL-52100 filelib: Update to unit tests for maxbytes.

---
 lib/tests/filelib_test.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/tests/filelib_test.php b/lib/tests/filelib_test.php
index b6109d98164..b6a1b7efb05 100644
--- a/lib/tests/filelib_test.php
+++ b/lib/tests/filelib_test.php
@@ -1046,7 +1046,6 @@ EOF;
     public static function create_draft_file($filedata = array()) {
         global $USER;
 
-        self::setAdminUser();
         $fs = get_file_storage();
 
         $filerecord = array(
@@ -1208,7 +1207,9 @@ EOF;
         global $USER;
 
         $this->resetAfterTest(true);
-        $this->setAdminUser();
+        // The admin has no restriction for max file uploads, so use a normal user.
+        $user = $this->getDataGenerator()->create_user();
+        $this->setUser($user);
         $fs = get_file_storage();
 
         $file = self::create_draft_file();