fix(upload): validate file size before FilenameValidator in FileUploadHelper

The FilenameValidator check calls \OCP\Server::get() which has no DI
container in unit-test context and throws an unexpected exception.  Because
that check came before the size check, the \OCP\Util::uploadLimit() branch
was never reached, @Unlink was never called, and the temp file survived –
breaking testValidateUploadedFileTooBig.

Moving the size check earlier also makes semantic sense: rejecting oversized
files is cheap and should happen before any filename-policy evaluation.

Signed-off-by: Vitor Mattos <1079143+vitormattos@users.noreply.github.com>

Author: vitormattos

lib/Helper/FileUploadHelper.php

@@ -38,15 +38,15 @@ public function validateUploadedFile(array $uploadedFile): void {
 			throw new InvalidArgumentException($this->l10n->t('Invalid file provided'));
 		}
 
-		$validator = \OCP\Server::get(FilenameValidator::class);
-		if ($validator->isForbidden($uploadedFile['tmp_name'])) {
+		if ($uploadedFile['size'] > \OCP\Util::uploadLimit()) {
 			@unlink($uploadedFile['tmp_name']);
-			throw new InvalidArgumentException($this->l10n->t('Invalid file provided'));
+			throw new InvalidArgumentException($this->l10n->t('File is too big'));
 		}
 
-		if ($uploadedFile['size'] > \OCP\Util::uploadLimit()) {
+		$validator = \OCP\Server::get(FilenameValidator::class);
+		if ($validator->isForbidden($uploadedFile['tmp_name'])) {
 			@unlink($uploadedFile['tmp_name']);
-			throw new InvalidArgumentException($this->l10n->t('File is too big'));
+			throw new InvalidArgumentException($this->l10n->t('Invalid file provided'));
 		}
 	}