X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/ae155d67454d6b9f6c93b2bb457aaa4b2eb1a9ed..refs/pull/3918/head:/tests/Uploads/AttachmentTest.php

diff --git a/tests/Uploads/AttachmentTest.php b/tests/Uploads/AttachmentTest.php
index 26f092bcc..b6fcb8f69 100644
--- a/tests/Uploads/AttachmentTest.php
+++ b/tests/Uploads/AttachmentTest.php
@@ -9,7 +9,6 @@ use BookStack\Uploads\Attachment;
 use BookStack\Uploads\AttachmentService;
 use Illuminate\Http\UploadedFile;
 use Tests\TestCase;
-use Tests\TestResponse;
 
 class AttachmentTest extends TestCase
 {
@@ -18,13 +17,13 @@ class AttachmentTest extends TestCase
      */
     protected function getTestFile(string $fileName): UploadedFile
     {
-        return new UploadedFile(base_path('tests/test-data/test-file.txt'), $fileName, 'text/plain', 55, null, true);
+        return new UploadedFile(base_path('tests/test-data/test-file.txt'), $fileName, 'text/plain', null, true);
     }
 
     /**
      * Uploads a file with the given name.
      */
-    protected function uploadFile(string $name, int $uploadedTo = 0): \Illuminate\Foundation\Testing\TestResponse
+    protected function uploadFile(string $name, int $uploadedTo = 0): \Illuminate\Testing\TestResponse
     {
         $file = $this->getTestFile($name);
 
@@ -56,6 +55,7 @@ class AttachmentTest extends TestCase
         $upload = new UploadedFile($filePath, $filename, $mimeType, null, true);
 
         $this->call('POST', '/attachments/upload', ['uploaded_to' => $page->id], [], ['file' => $upload], []);
+
         return $page->attachments()->latest()->firstOrFail();
     }
 
@@ -73,14 +73,14 @@ class AttachmentTest extends TestCase
 
     public function test_file_upload()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $this->asAdmin();
         $admin = $this->getAdmin();
         $fileName = 'upload_test_file.txt';
 
         $expectedResp = [
             'name'       => $fileName,
-            'uploaded_to'=> $page->id,
+            'uploaded_to' => $page->id,
             'extension'  => 'txt',
             'order'      => 1,
             'created_by' => $admin->id,
@@ -101,7 +101,7 @@ class AttachmentTest extends TestCase
 
     public function test_file_upload_does_not_use_filename()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $fileName = 'upload_test_file.txt';
 
         $upload = $this->asAdmin()->uploadFile($fileName, $page->id);
@@ -109,12 +109,13 @@ class AttachmentTest extends TestCase
 
         $attachment = Attachment::query()->orderBy('id', 'desc')->first();
         $this->assertStringNotContainsString($fileName, $attachment->path);
-        $this->assertStringEndsWith('.txt', $attachment->path);
+        $this->assertStringEndsWith('-txt', $attachment->path);
+        $this->deleteUploads();
     }
 
     public function test_file_display_and_access()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $this->asAdmin();
         $fileName = 'upload_test_file.txt';
 
@@ -127,14 +128,15 @@ class AttachmentTest extends TestCase
         $pageGet->assertSee($attachment->getUrl());
 
         $attachmentGet = $this->get($attachment->getUrl());
-        $attachmentGet->assertSee('Hi, This is a test file for testing the upload process.');
+        $content = $attachmentGet->streamedContent();
+        $this->assertStringContainsString('Hi, This is a test file for testing the upload process.', $content);
 
         $this->deleteUploads();
     }
 
     public function test_attaching_link_to_page()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $admin = $this->getAdmin();
         $this->asAdmin();
 
@@ -171,7 +173,7 @@ class AttachmentTest extends TestCase
 
     public function test_attachment_updating()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $this->asAdmin();
 
         $attachment = $this->createAttachment($page);
@@ -195,7 +197,7 @@ class AttachmentTest extends TestCase
 
     public function test_file_deletion()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $this->asAdmin();
         $fileName = 'deletion_test.txt';
         $this->uploadFile($fileName, $page->id);
@@ -217,7 +219,7 @@ class AttachmentTest extends TestCase
 
     public function test_attachment_deletion_on_page_deletion()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $this->asAdmin();
         $fileName = 'deletion_test.txt';
         $this->uploadFile($fileName, $page->id);
@@ -245,17 +247,13 @@ class AttachmentTest extends TestCase
     {
         $admin = $this->getAdmin();
         $viewer = $this->getViewer();
-        $page = Page::query()->first(); /** @var Page $page */
+        $page = $this->entities->page(); /** @var Page $page */
         $this->actingAs($admin);
         $fileName = 'permission_test.txt';
         $this->uploadFile($fileName, $page->id);
         $attachment = Attachment::orderBy('id', 'desc')->take(1)->first();
 
-        $page->restricted = true;
-        $page->permissions()->delete();
-        $page->save();
-        $page->rebuildPermissions();
-        $page->load('jointPermissions');
+        $this->entities->setPermissions($page, [], []);
 
         $this->actingAs($viewer);
         $attachmentGet = $this->get($attachment->getUrl());
@@ -267,7 +265,7 @@ class AttachmentTest extends TestCase
 
     public function test_data_and_js_links_cannot_be_attached_to_a_page()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $this->asAdmin();
 
         $badLinks = [
@@ -308,7 +306,7 @@ class AttachmentTest extends TestCase
 
     public function test_file_access_with_open_query_param_provides_inline_response_with_correct_content_type()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $this->asAdmin();
         $fileName = 'upload_test_file.txt';
 
@@ -327,7 +325,7 @@ class AttachmentTest extends TestCase
 
     public function test_html_file_access_with_open_forces_plain_content_type()
     {
-        $page = Page::query()->first();
+        $page = $this->entities->page();
         $this->asAdmin();
 
         $attachment = $this->createUploadAttachment($page, 'test_file.html', '<html></html><p>testing</p>', 'text/html');
@@ -340,4 +338,18 @@ class AttachmentTest extends TestCase
         $this->deleteUploads();
     }
 
+    public function test_file_upload_works_when_local_secure_restricted_is_in_use()
+    {
+        config()->set('filesystems.attachments', 'local_secure_restricted');
+
+        $page = $this->entities->page();
+        $fileName = 'upload_test_file.txt';
+
+        $upload = $this->asAdmin()->uploadFile($fileName, $page->id);
+        $upload->assertStatus(200);
+
+        $attachment = Attachment::query()->orderBy('id', 'desc')->where('uploaded_to', '=', $page->id)->first();
+        $this->assertFileExists(storage_path($attachment->path));
+        $this->deleteUploads();
+    }
 }