hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

more tests for admin uploads

Browse Source
v1.18.x
Barış Soner Uşaklı 8 years ago
parent 29c0b8337e
commit 66dee3452f
4 changed files with 72 additions and 46 deletions
Show Stats Download Patch File Download Diff File

73
src/controllers/admin/uploads.js
Unescape Escape View File

@ -14,7 +14,7 @@ var plugins = require('../../plugins');
var allowedImageTypes = ['image/png', 'image/jpeg', 'image/pjpeg', 'image/jpg', 'image/gif', 'image/svg+xml']; var allowedImageTypes = ['image/png', 'image/jpeg', 'image/pjpeg', 'image/jpg', 'image/gif', 'image/svg+xml'];
var uploadsController = {}; var uploadsController = module.exports;
uploadsController.uploadCategoryPicture = function (req, res, next) { uploadsController.uploadCategoryPicture = function (req, res, next) {
var uploadedFile = req.files.files[0]; var uploadedFile = req.files.files[0];
@ -23,11 +23,7 @@ uploadsController.uploadCategoryPicture = function (req, res, next) {
try { try {
params = JSON.parse(req.body.params); params = JSON.parse(req.body.params);
} catch (e) { } catch (e) {
fs.unlink(uploadedFile.path, function (err) { deleteTempFile(uploadedFile.path);
if (err) {
winston.error(err);
}
});
return next(e); return next(e);
} }
@ -43,11 +39,7 @@ uploadsController.uploadFavicon = function (req, res, next) {
if (validateUpload(req, res, next, uploadedFile, allowedTypes)) { if (validateUpload(req, res, next, uploadedFile, allowedTypes)) {
file.saveFileToLocal('favicon.ico', 'system', uploadedFile.path, function (err, image) { file.saveFileToLocal('favicon.ico', 'system', uploadedFile.path, function (err, image) {
fs.unlink(uploadedFile.path, function (err) { deleteTempFile(uploadedFile.path);
if (err) {
winston.error(err);
}
});
if (err) { if (err) {
return next(err); return next(err);
} }
@ -80,11 +72,7 @@ uploadsController.uploadTouchIcon = function (req, res, next) {
}), }),
], next); ], next);
}, function (err) { }, function (err) {
fs.unlink(uploadedFile.path, function (err) { deleteTempFile(uploadedFile.path);
if (err) {
winston.error(err);
}
});
if (err) { if (err) {
return next(err); return next(err);
@ -108,19 +96,20 @@ uploadsController.uploadSound = function (req, res, next) {
return next(Error('[[error:invalid-data]]')); return next(Error('[[error:invalid-data]]'));
} }
file.saveFileToLocal(uploadedFile.name, 'sounds', uploadedFile.path, function (err) { async.waterfall([
function (next) {
file.saveFileToLocal(uploadedFile.name, 'sounds', uploadedFile.path, next);
},
function (uploadedSound, next) {
meta.sounds.build(next);
},
], function (err) {
deleteTempFile(uploadedFile.path);
if (err) { if (err) {
return next(err); return next(err);
} }
meta.sounds.build(function (err) {
if (err) {
return next(err);
}
res.json([{}]); res.json([{}]);
}); });
});
}; };
uploadsController.uploadDefaultAvatar = function (req, res, next) { uploadsController.uploadDefaultAvatar = function (req, res, next) {
@ -142,12 +131,7 @@ function upload(name, req, res, next) {
function validateUpload(req, res, next, uploadedFile, allowedTypes) { function validateUpload(req, res, next, uploadedFile, allowedTypes) {
if (allowedTypes.indexOf(uploadedFile.type) === -1) { if (allowedTypes.indexOf(uploadedFile.type) === -1) {
fs.unlink(uploadedFile.path, function (err) { deleteTempFile(uploadedFile.path);
if (err) {
winston.error(err);
}
});
res.json({ error: '[[error:invalid-image-type, ' + allowedTypes.join(', ') + ']]' }); res.json({ error: '[[error:invalid-image-type, ' + allowedTypes.join(', ') + ']]' });
return false; return false;
} }
@ -156,24 +140,27 @@ function validateUpload(req, res, next, uploadedFile, allowedTypes) {
} }
function uploadImage(filename, folder, uploadedFile, req, res, next) { function uploadImage(filename, folder, uploadedFile, req, res, next) {
function done(err, image) { async.waterfall([
fs.unlink(uploadedFile.path, function (err) { function (next) {
if (err) { if (plugins.hasListeners('filter:uploadImage')) {
winston.error(err); plugins.fireHook('filter:uploadImage', { image: uploadedFile, uid: req.user.uid }, next);
} else {
file.saveFileToLocal(filename, folder, uploadedFile.path, next);
} }
}); },
], function (err, image) {
deleteTempFile(uploadedFile.path);
if (err) { if (err) {
return next(err); return next(err);
} }
res.json([{ name: uploadedFile.name, url: image.url.startsWith('http') ? image.url : nconf.get('relative_path') + image.url }]); res.json([{ name: uploadedFile.name, url: image.url.startsWith('http') ? image.url : nconf.get('relative_path') + image.url }]);
} });
}
if (plugins.hasListeners('filter:uploadImage')) { function deleteTempFile(path) {
plugins.fireHook('filter:uploadImage', { image: uploadedFile, uid: req.user.uid }, done); fs.unlink(path, function (err) {
} else { if (err) {
file.saveFileToLocal(filename, folder, uploadedFile.path, done); winston.error(err);
} }
});
} }
module.exports = uploadsController;

4
src/meta/sounds.js
Unescape Escape View File

@ -89,7 +89,9 @@ module.exports = function (Meta) {
}, },
], cb); ], cb);
}, },
], callback); ], function (err) {
callback(err);
});
}); });
}; };

BIN
test/files/test.wav
View File

Binary file not shown.

37
test/uploads.js
Unescape Escape View File

@ -173,6 +173,23 @@ describe('Upload Controllers', function () {
}); });
}); });
it('should fail to upload invalid file type', function (done) {
helpers.uploadFile(nconf.get('url') + '/api/admin/category/uploadpicture', path.join(__dirname, '../test/files/503.html'), { params: JSON.stringify({ cid: cid }) }, jar, csrf_token, function (err, res, body) {
assert.ifError(err);
console.log(body);
assert.equal(body.error, '[[error:invalid-image-type, image/png, image/jpeg, image/pjpeg, image/jpg, image/gif, image/svg+xml]]');
done();
});
});
it('should fail to upload category image with invalid json params', function (done) {
helpers.uploadFile(nconf.get('url') + '/api/admin/category/uploadpicture', path.join(__dirname, '../test/files/test.png'), { params: 'invalid json' }, jar, csrf_token, function (err, res, body) {
assert.ifError(err);
assert.equal(body.error, 'Unexpected token i in JSON at position 0');
done();
});
});
it('should upload category image', function (done) { it('should upload category image', function (done) {
helpers.uploadFile(nconf.get('url') + '/api/admin/category/uploadpicture', path.join(__dirname, '../test/files/test.png'), { params: JSON.stringify({ cid: cid }) }, jar, csrf_token, function (err, res, body) { helpers.uploadFile(nconf.get('url') + '/api/admin/category/uploadpicture', path.join(__dirname, '../test/files/test.png'), { params: JSON.stringify({ cid: cid }) }, jar, csrf_token, function (err, res, body) {
assert.ifError(err); assert.ifError(err);
@ -183,6 +200,26 @@ describe('Upload Controllers', function () {
}); });
}); });
it('should fail to upload invalid sound file', function (done) {
helpers.uploadFile(nconf.get('url') + '/api/admin/upload/sound', path.join(__dirname, '../test/files/test.png'), { }, jar, csrf_token, function (err, res, body) {
assert.ifError(err);
assert.equal(res.statusCode, 500);
assert.equal(body.error, '[[error:invalid-data]]');
done();
});
});
it('should upload sound file', function (done) {
helpers.uploadFile(nconf.get('url') + '/api/admin/upload/sound', path.join(__dirname, '../test/files/test.wav'), { }, jar, csrf_token, function (err, res, body) {
assert.ifError(err);
assert.equal(res.statusCode, 200);
assert(body);
console.log(body);
done();
});
});
it('should upload favicon', function (done) { it('should upload favicon', function (done) {
helpers.uploadFile(nconf.get('url') + '/api/admin/uploadfavicon', path.join(__dirname, '../test/files/favicon.ico'), {}, jar, csrf_token, function (err, res, body) { helpers.uploadFile(nconf.get('url') + '/api/admin/uploadfavicon', path.join(__dirname, '../test/files/favicon.ico'), {}, jar, csrf_token, function (err, res, body) {
assert.ifError(err); assert.ifError(err);

Write Preview
Loading…
Cancel
Save