X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/a6c6c6e300c60e4dd2b02501c827571da1adf1be..refs/pull/716/head:/tests/AttachmentTest.php diff --git a/tests/AttachmentTest.php b/tests/AttachmentTest.php index f22faa740..bb3a92706 100644 --- a/tests/AttachmentTest.php +++ b/tests/AttachmentTest.php @@ -1,4 +1,8 @@ -getTestFile($name); - return $this->call('POST', '/files/upload', ['uploaded_to' => $uploadedTo], [], ['file' => $file], []); + return $this->call('POST', '/attachments/upload', ['uploaded_to' => $uploadedTo], [], ['file' => $file], []); } /** @@ -40,15 +44,15 @@ class AttachmentTest extends TestCase */ protected function deleteUploads() { - $fileService = $this->app->make(\BookStack\Services\FileService::class); - foreach (\BookStack\File::all() as $file) { + $fileService = $this->app->make(\BookStack\Services\AttachmentService::class); + foreach (\BookStack\Attachment::all() as $file) { $fileService->deleteFile($file); } } public function test_file_upload() { - $page = \BookStack\Page::first(); + $page = Page::first(); $this->asAdmin(); $admin = $this->getAdmin(); $fileName = 'upload_test_file.txt'; @@ -63,38 +67,41 @@ class AttachmentTest extends TestCase 'path' => $this->getUploadPath($fileName) ]; - $this->uploadFile($fileName, $page->id); - $this->assertResponseOk(); - $this->seeJsonContains($expectedResp); - $this->seeInDatabase('files', $expectedResp); + $upload = $this->uploadFile($fileName, $page->id); + $upload->assertStatus(200); + $upload->assertJson($expectedResp); + $this->assertDatabaseHas('attachments', $expectedResp); $this->deleteUploads(); } public function test_file_display_and_access() { - $page = \BookStack\Page::first(); + $page = Page::first(); $this->asAdmin(); - $admin = $this->getAdmin(); $fileName = 'upload_test_file.txt'; - $this->uploadFile($fileName, $page->id); - $this->assertResponseOk(); - $this->visit($page->getUrl()) - ->seeLink($fileName) - ->click($fileName) - ->see('Hi, This is a test file for testing the upload process.'); + $upload = $this->uploadFile($fileName, $page->id); + $upload->assertStatus(200); + $attachment = Attachment::orderBy('id', 'desc')->take(1)->first(); + + $pageGet = $this->get($page->getUrl()); + $pageGet->assertSeeText($fileName); + $pageGet->assertSee($attachment->getUrl()); + + $attachmentGet = $this->get($attachment->getUrl()); + $attachmentGet->assertSee('Hi, This is a test file for testing the upload process.'); $this->deleteUploads(); } public function test_attaching_link_to_page() { - $page = \BookStack\Page::first(); + $page = Page::first(); $admin = $this->getAdmin(); $this->asAdmin(); - $this->call('POST', 'files/link', [ + $linkReq = $this->call('POST', 'attachments/link', [ 'link' => 'https://example.com', 'name' => 'Example Attachment Link', 'uploaded_to' => $page->id, @@ -111,30 +118,35 @@ class AttachmentTest extends TestCase 'extension' => '' ]; - $this->assertResponseOk(); - $this->seeJsonContains($expectedResp); - $this->seeInDatabase('files', $expectedResp); + $linkReq->assertStatus(200); + $linkReq->assertJson($expectedResp); + $this->assertDatabaseHas('attachments', $expectedResp); + $attachment = Attachment::orderBy('id', 'desc')->take(1)->first(); - $this->visit($page->getUrl())->seeLink('Example Attachment Link') - ->click('Example Attachment Link')->seePageIs('https://example.com'); + $pageGet = $this->get($page->getUrl()); + $pageGet->assertSeeText('Example Attachment Link'); + $pageGet->assertSee($attachment->getUrl()); + + $attachmentGet = $this->get($attachment->getUrl()); + $attachmentGet->assertRedirect('https://example.com'); $this->deleteUploads(); } public function test_attachment_updating() { - $page = \BookStack\Page::first(); + $page = Page::first(); $this->asAdmin(); - $this->call('POST', 'files/link', [ + $this->call('POST', 'attachments/link', [ 'link' => 'https://example.com', 'name' => 'Example Attachment Link', 'uploaded_to' => $page->id, ]); - $attachmentId = \BookStack\File::first()->id; + $attachmentId = \BookStack\Attachment::first()->id; - $this->call('PUT', 'files/' . $attachmentId, [ + $update = $this->call('PUT', 'attachments/' . $attachmentId, [ 'uploaded_to' => $page->id, 'name' => 'My new attachment name', 'link' => 'https://test.example.com' @@ -146,28 +158,27 @@ class AttachmentTest extends TestCase 'uploaded_to' => $page->id ]; - $this->assertResponseOk(); - $this->seeJsonContains($expectedResp); - $this->seeInDatabase('files', $expectedResp); + $update->assertStatus(200); + $update->assertJson($expectedResp); + $this->assertDatabaseHas('attachments', $expectedResp); $this->deleteUploads(); } public function test_file_deletion() { - $page = \BookStack\Page::first(); + $page = Page::first(); $this->asAdmin(); $fileName = 'deletion_test.txt'; $this->uploadFile($fileName, $page->id); $filePath = base_path('storage/' . $this->getUploadPath($fileName)); - $this->assertTrue(file_exists($filePath), 'File at path ' . $filePath . ' does not exist'); - $attachmentId = \BookStack\File::first()->id; - $this->call('DELETE', 'files/' . $attachmentId); + $attachment = \BookStack\Attachment::first(); + $this->delete($attachment->getUrl()); - $this->dontSeeInDatabase('files', [ + $this->assertDatabaseMissing('attachments', [ 'name' => $fileName ]); $this->assertFalse(file_exists($filePath), 'File at path ' . $filePath . ' was not deleted as expected'); @@ -177,7 +188,7 @@ class AttachmentTest extends TestCase public function test_attachment_deletion_on_page_deletion() { - $page = \BookStack\Page::first(); + $page = Page::first(); $this->asAdmin(); $fileName = 'deletion_test.txt'; $this->uploadFile($fileName, $page->id); @@ -185,17 +196,42 @@ class AttachmentTest extends TestCase $filePath = base_path('storage/' . $this->getUploadPath($fileName)); $this->assertTrue(file_exists($filePath), 'File at path ' . $filePath . ' does not exist'); - $this->seeInDatabase('files', [ + $this->assertDatabaseHas('attachments', [ 'name' => $fileName ]); $this->call('DELETE', $page->getUrl()); - $this->dontSeeInDatabase('files', [ + $this->assertDatabaseMissing('attachments', [ 'name' => $fileName ]); $this->assertFalse(file_exists($filePath), 'File at path ' . $filePath . ' was not deleted as expected'); $this->deleteUploads(); } + + public function test_attachment_access_without_permission_shows_404() + { + $admin = $this->getAdmin(); + $viewer = $this->getViewer(); + $page = Page::first(); + + $this->actingAs($admin); + $fileName = 'permission_test.txt'; + $this->uploadFile($fileName, $page->id); + $attachment = Attachment::orderBy('id', 'desc')->take(1)->first(); + + $page->restricted = true; + $page->permissions()->delete(); + $page->save(); + $this->app[PermissionService::class]->buildJointPermissionsForEntity($page); + $page->load('jointPermissions'); + + $this->actingAs($viewer); + $attachmentGet = $this->get($attachment->getUrl()); + $attachmentGet->assertStatus(404); + $attachmentGet->assertSee("Attachment not found"); + + $this->deleteUploads(); + } }