Update put resource from file to use a limited input stream

Author: tylerjmchugh

core/src/main/java/org/fao/geonet/api/records/attachments/AbstractStore.java

@@ -195,7 +195,7 @@ protected String getFilenameFromUrl(final URL fileUrl) {
     @Override
     public final MetadataResource putResource(final ServiceContext context, final String metadataUuid, final MultipartFile file,
             final MetadataResourceVisibility visibility) throws Exception {
-        return putResource(context, metadataUuid, file.getOriginalFilename(), file.getInputStream(), null, visibility, true);
+        return putResource(context, metadataUuid, file, visibility, true);
     }
 
     @Override
@@ -205,7 +205,13 @@ public final MetadataResource putResource(final ServiceContext context, final St
             throw new NotAllowedException(String.format(
                 "Uploaded resource '%s' contains forbidden character ; for metadata '%s'.", file.getOriginalFilename(), metadataUuid));
         }
-        return putResource(context, metadataUuid, file.getOriginalFilename(), file.getInputStream(), null, visibility, approved);
+        long fileSize = file.getSize();
+        if (fileSize > maxUploadSize) {
+            throw new InputStreamLimitExceededException(maxUploadSize, fileSize);
+        }
+        try (LimitedInputStream is = new LimitedInputStream(file.getInputStream(), maxUploadSize, fileSize)) {
+            return putResource(context, metadataUuid, file.getOriginalFilename(), is, null, visibility, approved);
+        }
     }
 
     @Override