2013-04-02 19:17:17 -04:00
|
|
|
require 'spec_helper'
|
|
|
|
|
|
|
|
describe UploadsController do
|
|
|
|
|
2013-09-06 13:18:42 -04:00
|
|
|
context '.create' do
|
2013-04-02 19:17:17 -04:00
|
|
|
|
2013-09-06 13:18:42 -04:00
|
|
|
it 'requires you to be logged in' do
|
2015-01-09 12:04:02 -05:00
|
|
|
expect { xhr :post, :create }.to raise_error(Discourse::NotLoggedIn)
|
2013-04-02 19:17:17 -04:00
|
|
|
end
|
|
|
|
|
2013-09-06 13:18:42 -04:00
|
|
|
context 'logged in' do
|
|
|
|
|
|
|
|
before { @user = log_in :user }
|
2013-04-02 19:17:17 -04:00
|
|
|
|
2013-06-15 03:54:49 -04:00
|
|
|
let(:logo) do
|
|
|
|
ActionDispatch::Http::UploadedFile.new({
|
|
|
|
filename: 'logo.png',
|
2014-07-14 11:34:23 -04:00
|
|
|
tempfile: file_from_fixtures("logo.png")
|
2013-06-15 03:54:49 -04:00
|
|
|
})
|
2013-04-02 19:17:17 -04:00
|
|
|
end
|
|
|
|
|
2013-06-15 03:54:49 -04:00
|
|
|
let(:logo_dev) do
|
|
|
|
ActionDispatch::Http::UploadedFile.new({
|
|
|
|
filename: 'logo-dev.png',
|
2014-07-14 11:34:23 -04:00
|
|
|
tempfile: file_from_fixtures("logo-dev.png")
|
2013-06-15 03:54:49 -04:00
|
|
|
})
|
|
|
|
end
|
2013-04-02 19:17:17 -04:00
|
|
|
|
2013-06-15 03:54:49 -04:00
|
|
|
let(:text_file) do
|
|
|
|
ActionDispatch::Http::UploadedFile.new({
|
2014-04-29 13:12:35 -04:00
|
|
|
filename: 'LICENSE.TXT',
|
2013-06-15 03:54:49 -04:00
|
|
|
tempfile: File.new("#{Rails.root}/LICENSE.txt")
|
|
|
|
})
|
|
|
|
end
|
2013-04-02 19:17:17 -04:00
|
|
|
|
2013-06-15 03:54:49 -04:00
|
|
|
let(:files) { [ logo_dev, logo ] }
|
2013-04-02 19:17:17 -04:00
|
|
|
|
2013-06-15 03:54:49 -04:00
|
|
|
context 'with a file' do
|
2013-07-10 16:59:07 -04:00
|
|
|
|
|
|
|
context 'when authorized' do
|
|
|
|
|
2014-04-29 13:12:35 -04:00
|
|
|
before { SiteSetting.stubs(:authorized_extensions).returns(".PNG|.txt") }
|
2013-07-10 16:59:07 -04:00
|
|
|
|
2013-07-23 18:54:18 -04:00
|
|
|
it 'is successful with an image' do
|
|
|
|
xhr :post, :create, file: logo
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq 200
|
2013-07-23 18:54:18 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'is successful with an attachment' do
|
2013-07-10 16:59:07 -04:00
|
|
|
xhr :post, :create, file: text_file
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq 200
|
2013-07-10 16:59:07 -04:00
|
|
|
end
|
|
|
|
|
2014-09-23 01:50:26 -04:00
|
|
|
it 'correctly sets retain_hours for admins' do
|
|
|
|
log_in :admin
|
|
|
|
xhr :post, :create, file: logo, retain_hours: 100
|
2015-05-19 06:31:12 -04:00
|
|
|
id = JSON.parse(response.body)["id"]
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(Upload.find(id).retain_hours).to eq(100)
|
2014-09-23 01:50:26 -04:00
|
|
|
end
|
|
|
|
|
2013-07-23 18:54:18 -04:00
|
|
|
context 'with a big file' do
|
|
|
|
|
|
|
|
before { SiteSetting.stubs(:max_attachment_size_kb).returns(1) }
|
|
|
|
|
|
|
|
it 'rejects the upload' do
|
|
|
|
xhr :post, :create, file: text_file
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq 422
|
2013-07-23 18:54:18 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
2013-07-10 16:59:07 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'when not authorized' do
|
|
|
|
|
|
|
|
before { SiteSetting.stubs(:authorized_extensions).returns(".png") }
|
|
|
|
|
|
|
|
it 'rejects the upload' do
|
|
|
|
xhr :post, :create, file: text_file
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq 422
|
2013-07-10 16:59:07 -04:00
|
|
|
end
|
|
|
|
|
2013-04-02 19:17:17 -04:00
|
|
|
end
|
2013-07-10 16:59:07 -04:00
|
|
|
|
2014-04-29 13:12:35 -04:00
|
|
|
context 'when everything is authorized' do
|
|
|
|
|
|
|
|
before { SiteSetting.stubs(:authorized_extensions).returns("*") }
|
|
|
|
|
|
|
|
it 'is successful with an image' do
|
|
|
|
xhr :post, :create, file: logo
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq 200
|
2014-04-29 13:12:35 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'is successful with an attachment' do
|
|
|
|
xhr :post, :create, file: text_file
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.status).to eq 200
|
2014-04-29 13:12:35 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
2013-06-15 03:54:49 -04:00
|
|
|
end
|
2013-04-02 19:17:17 -04:00
|
|
|
|
2013-06-15 03:54:49 -04:00
|
|
|
context 'with some files' do
|
2013-04-02 19:17:17 -04:00
|
|
|
|
2013-07-10 16:59:07 -04:00
|
|
|
it 'is successful' do
|
2013-06-15 03:54:49 -04:00
|
|
|
xhr :post, :create, files: files
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response).to be_success
|
2013-06-15 03:54:49 -04:00
|
|
|
end
|
2013-04-02 19:17:17 -04:00
|
|
|
|
2013-06-15 03:54:49 -04:00
|
|
|
it 'takes the first file' do
|
|
|
|
xhr :post, :create, files: files
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.body).to match /logo-dev.png/
|
2013-04-02 19:17:17 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
2013-09-06 13:18:42 -04:00
|
|
|
context '.show' do
|
|
|
|
|
2015-05-19 06:31:12 -04:00
|
|
|
let(:site) { "default" }
|
|
|
|
let(:sha) { Digest::SHA1.hexdigest("discourse") }
|
|
|
|
|
2013-09-06 13:18:42 -04:00
|
|
|
it "returns 404 when using external storage" do
|
|
|
|
store = stub(internal?: false)
|
|
|
|
Discourse.stubs(:store).returns(store)
|
2014-05-06 09:41:59 -04:00
|
|
|
Upload.expects(:find_by).never
|
2015-05-19 06:31:12 -04:00
|
|
|
|
|
|
|
get :show, site: site, sha: sha, extension: "pdf"
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.response_code).to eq(404)
|
2013-09-06 13:18:42 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it "returns 404 when the upload doens't exist" do
|
2015-05-20 09:32:31 -04:00
|
|
|
Upload.stubs(:find_by).returns(nil)
|
2014-09-23 01:50:26 -04:00
|
|
|
|
2015-05-19 06:31:12 -04:00
|
|
|
get :show, site: site, sha: sha, extension: "pdf"
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.response_code).to eq(404)
|
2013-09-06 13:18:42 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'uses send_file' do
|
2014-04-14 16:55:57 -04:00
|
|
|
upload = build(:upload)
|
2015-05-19 06:31:12 -04:00
|
|
|
Upload.expects(:find_by).with(sha1: sha).returns(upload)
|
2014-04-14 16:55:57 -04:00
|
|
|
|
2013-09-06 13:18:42 -04:00
|
|
|
controller.stubs(:render)
|
|
|
|
controller.expects(:send_file)
|
2014-04-14 16:55:57 -04:00
|
|
|
|
2015-05-19 06:31:12 -04:00
|
|
|
get :show, site: site, sha: sha, extension: "zip"
|
2013-09-06 13:18:42 -04:00
|
|
|
end
|
|
|
|
|
2014-09-09 12:40:11 -04:00
|
|
|
context "prevent anons from downloading files" do
|
|
|
|
|
|
|
|
before { SiteSetting.stubs(:prevent_anons_from_downloading_files).returns(true) }
|
|
|
|
|
|
|
|
it "returns 404 when an anonymous user tries to download a file" do
|
|
|
|
Upload.expects(:find_by).never
|
2015-05-19 06:31:12 -04:00
|
|
|
|
|
|
|
get :show, site: site, sha: sha, extension: "pdf"
|
2015-01-09 12:04:02 -05:00
|
|
|
expect(response.response_code).to eq(404)
|
2014-09-09 12:40:11 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|
|
|
|
|
2013-09-06 13:18:42 -04:00
|
|
|
end
|
|
|
|
|
2013-04-02 19:17:17 -04:00
|
|
|
end
|