]> BookStack Code Mirror - bookstack/blobdiff - tests/AttachmentTest.php
fix markdown editor resizing with long strings
[bookstack] / tests / AttachmentTest.php
index f22faa740f421f36f8bbe690ea95fa0f53efc324..bb3a92706511f2aa814533ec2d7ed8f5c767021d 100644 (file)
@@ -1,4 +1,8 @@
-<?php
+<?php namespace Tests;
+
+use BookStack\Attachment;
+use BookStack\Page;
+use BookStack\Services\PermissionService;
 
 class AttachmentTest extends TestCase
 {
@@ -16,12 +20,12 @@ class AttachmentTest extends TestCase
      * Uploads a file with the given name.
      * @param $name
      * @param int $uploadedTo
-     * @return string
+     * @return \Illuminate\Foundation\Testing\TestResponse
      */
     protected function uploadFile($name, $uploadedTo = 0)
     {
         $file = $this->getTestFile($name);
-        return $this->call('POST', '/files/upload', ['uploaded_to' => $uploadedTo], [], ['file' => $file], []);
+        return $this->call('POST', '/attachments/upload', ['uploaded_to' => $uploadedTo], [], ['file' => $file], []);
     }
 
     /**
@@ -40,15 +44,15 @@ class AttachmentTest extends TestCase
      */
     protected function deleteUploads()
     {
-        $fileService = $this->app->make(\BookStack\Services\FileService::class);
-        foreach (\BookStack\File::all() as $file) {
+        $fileService = $this->app->make(\BookStack\Services\AttachmentService::class);
+        foreach (\BookStack\Attachment::all() as $file) {
             $fileService->deleteFile($file);
         }
     }
 
     public function test_file_upload()
     {
-        $page = \BookStack\Page::first();
+        $page = Page::first();
         $this->asAdmin();
         $admin = $this->getAdmin();
         $fileName = 'upload_test_file.txt';
@@ -63,38 +67,41 @@ class AttachmentTest extends TestCase
             'path' => $this->getUploadPath($fileName)
         ];
 
-        $this->uploadFile($fileName, $page->id);
-        $this->assertResponseOk();
-        $this->seeJsonContains($expectedResp);
-        $this->seeInDatabase('files', $expectedResp);
+        $upload = $this->uploadFile($fileName, $page->id);
+        $upload->assertStatus(200);
+        $upload->assertJson($expectedResp);
+        $this->assertDatabaseHas('attachments', $expectedResp);
 
         $this->deleteUploads();
     }
 
     public function test_file_display_and_access()
     {
-        $page = \BookStack\Page::first();
+        $page = Page::first();
         $this->asAdmin();
-        $admin = $this->getAdmin();
         $fileName = 'upload_test_file.txt';
 
-        $this->uploadFile($fileName, $page->id);
-        $this->assertResponseOk();
-        $this->visit($page->getUrl())
-            ->seeLink($fileName)
-            ->click($fileName)
-            ->see('Hi, This is a test file for testing the upload process.');
+        $upload = $this->uploadFile($fileName, $page->id);
+        $upload->assertStatus(200);
+        $attachment = Attachment::orderBy('id', 'desc')->take(1)->first();
+
+        $pageGet = $this->get($page->getUrl());
+        $pageGet->assertSeeText($fileName);
+        $pageGet->assertSee($attachment->getUrl());
+
+        $attachmentGet = $this->get($attachment->getUrl());
+        $attachmentGet->assertSee('Hi, This is a test file for testing the upload process.');
 
         $this->deleteUploads();
     }
 
     public function test_attaching_link_to_page()
     {
-        $page = \BookStack\Page::first();
+        $page = Page::first();
         $admin = $this->getAdmin();
         $this->asAdmin();
 
-        $this->call('POST', 'files/link', [
+        $linkReq = $this->call('POST', 'attachments/link', [
             'link' => 'https://example.com',
             'name' => 'Example Attachment Link',
             'uploaded_to' => $page->id,
@@ -111,30 +118,35 @@ class AttachmentTest extends TestCase
             'extension' => ''
         ];
 
-        $this->assertResponseOk();
-        $this->seeJsonContains($expectedResp);
-        $this->seeInDatabase('files', $expectedResp);
+        $linkReq->assertStatus(200);
+        $linkReq->assertJson($expectedResp);
+        $this->assertDatabaseHas('attachments', $expectedResp);
+        $attachment = Attachment::orderBy('id', 'desc')->take(1)->first();
 
-        $this->visit($page->getUrl())->seeLink('Example Attachment Link')
-            ->click('Example Attachment Link')->seePageIs('https://example.com');
+        $pageGet = $this->get($page->getUrl());
+        $pageGet->assertSeeText('Example Attachment Link');
+        $pageGet->assertSee($attachment->getUrl());
+
+        $attachmentGet = $this->get($attachment->getUrl());
+        $attachmentGet->assertRedirect('https://example.com');
 
         $this->deleteUploads();
     }
 
     public function test_attachment_updating()
     {
-        $page = \BookStack\Page::first();
+        $page = Page::first();
         $this->asAdmin();
 
-        $this->call('POST', 'files/link', [
+        $this->call('POST', 'attachments/link', [
             'link' => 'https://example.com',
             'name' => 'Example Attachment Link',
             'uploaded_to' => $page->id,
         ]);
 
-        $attachmentId = \BookStack\File::first()->id;
+        $attachmentId = \BookStack\Attachment::first()->id;
 
-        $this->call('PUT', 'files/' . $attachmentId, [
+        $update = $this->call('PUT', 'attachments/' . $attachmentId, [
             'uploaded_to' => $page->id,
             'name' => 'My new attachment name',
             'link' => 'https://test.example.com'
@@ -146,28 +158,27 @@ class AttachmentTest extends TestCase
             'uploaded_to' => $page->id
         ];
 
-        $this->assertResponseOk();
-        $this->seeJsonContains($expectedResp);
-        $this->seeInDatabase('files', $expectedResp);
+        $update->assertStatus(200);
+        $update->assertJson($expectedResp);
+        $this->assertDatabaseHas('attachments', $expectedResp);
 
         $this->deleteUploads();
     }
 
     public function test_file_deletion()
     {
-        $page = \BookStack\Page::first();
+        $page = Page::first();
         $this->asAdmin();
         $fileName = 'deletion_test.txt';
         $this->uploadFile($fileName, $page->id);
 
         $filePath = base_path('storage/' . $this->getUploadPath($fileName));
-
         $this->assertTrue(file_exists($filePath), 'File at path ' . $filePath . ' does not exist');
 
-        $attachmentId = \BookStack\File::first()->id;
-        $this->call('DELETE', 'files/' . $attachmentId);
+        $attachment = \BookStack\Attachment::first();
+        $this->delete($attachment->getUrl());
 
-        $this->dontSeeInDatabase('files', [
+        $this->assertDatabaseMissing('attachments', [
             'name' => $fileName
         ]);
         $this->assertFalse(file_exists($filePath), 'File at path ' . $filePath . ' was not deleted as expected');
@@ -177,7 +188,7 @@ class AttachmentTest extends TestCase
 
     public function test_attachment_deletion_on_page_deletion()
     {
-        $page = \BookStack\Page::first();
+        $page = Page::first();
         $this->asAdmin();
         $fileName = 'deletion_test.txt';
         $this->uploadFile($fileName, $page->id);
@@ -185,17 +196,42 @@ class AttachmentTest extends TestCase
         $filePath = base_path('storage/' . $this->getUploadPath($fileName));
 
         $this->assertTrue(file_exists($filePath), 'File at path ' . $filePath . ' does not exist');
-        $this->seeInDatabase('files', [
+        $this->assertDatabaseHas('attachments', [
             'name' => $fileName
         ]);
 
         $this->call('DELETE', $page->getUrl());
 
-        $this->dontSeeInDatabase('files', [
+        $this->assertDatabaseMissing('attachments', [
             'name' => $fileName
         ]);
         $this->assertFalse(file_exists($filePath), 'File at path ' . $filePath . ' was not deleted as expected');
 
         $this->deleteUploads();
     }
+
+    public function test_attachment_access_without_permission_shows_404()
+    {
+        $admin = $this->getAdmin();
+        $viewer = $this->getViewer();
+        $page = Page::first();
+
+        $this->actingAs($admin);
+        $fileName = 'permission_test.txt';
+        $this->uploadFile($fileName, $page->id);
+        $attachment = Attachment::orderBy('id', 'desc')->take(1)->first();
+
+        $page->restricted = true;
+        $page->permissions()->delete();
+        $page->save();
+        $this->app[PermissionService::class]->buildJointPermissionsForEntity($page);
+        $page->load('jointPermissions');
+
+        $this->actingAs($viewer);
+        $attachmentGet = $this->get($attachment->getUrl());
+        $attachmentGet->assertStatus(404);
+        $attachmentGet->assertSee("Attachment not found");
+
+        $this->deleteUploads();
+    }
 }