X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/b4fa82e3298a15443ca40bff205b7a16a1031d92..refs/pull/3598/head:/tests/Api/AttachmentsApiTest.php diff --git a/tests/Api/AttachmentsApiTest.php b/tests/Api/AttachmentsApiTest.php index bfa47343e..6077868b2 100644 --- a/tests/Api/AttachmentsApiTest.php +++ b/tests/Api/AttachmentsApiTest.php @@ -5,6 +5,7 @@ namespace Tests\Api; use BookStack\Entities\Models\Page; use BookStack\Uploads\Attachment; use Illuminate\Http\UploadedFile; +use Illuminate\Testing\AssertableJsonString; use Tests\TestCase; class AttachmentsApiTest extends TestCase @@ -102,6 +103,30 @@ class AttachmentsApiTest extends TestCase unlink(storage_path($newItem->path)); } + public function test_upload_limit_restricts_attachment_uploads() + { + $this->actingAsApiAdmin(); + /** @var Page $page */ + $page = Page::query()->first(); + + config()->set('app.upload_limit', 1); + + $file = tmpfile(); + $filePath = stream_get_meta_data($file)['uri']; + fwrite($file, str_repeat('a', 1200000)); + $file = new UploadedFile($filePath, 'test.txt', 'text/plain', null, true); + + $details = [ + 'name' => 'My attachment', + 'uploaded_to' => $page->id, + ]; + $resp = $this->call('POST', $this->baseEndpoint, $details, [], ['file' => $file]); + $resp->assertStatus(422); + $resp->assertJson($this->validationResponse([ + 'file' => ['The file may not be greater than 1000 kilobytes.'], + ])); + } + public function test_name_needed_to_create() { $this->actingAsApiAdmin(); @@ -115,15 +140,7 @@ class AttachmentsApiTest extends TestCase $resp = $this->postJson($this->baseEndpoint, $details); $resp->assertStatus(422); - $resp->assertJson([ - 'error' => [ - 'message' => 'The given data was invalid.', - 'validation' => [ - 'name' => ['The name field is required.'], - ], - 'code' => 422, - ], - ]); + $resp->assertJson($this->validationResponse(['name' => ['The name field is required.']])); } public function test_link_or_file_needed_to_create() @@ -139,16 +156,27 @@ class AttachmentsApiTest extends TestCase $resp = $this->postJson($this->baseEndpoint, $details); $resp->assertStatus(422); - $resp->assertJson([ - 'error' => [ - 'message' => 'The given data was invalid.', - 'validation' => [ - 'file' => ['The file field is required when link is not present.'], - 'link' => ['The link field is required when file is not present.'], - ], - 'code' => 422, - ], - ]); + $resp->assertJson($this->validationResponse([ + 'file' => ['The file field is required when link is not present.'], + 'link' => ['The link field is required when file is not present.'], + ])); + } + + public function test_message_shown_if_file_is_not_a_valid_file() + { + $this->actingAsApiAdmin(); + /** @var Page $page */ + $page = Page::query()->first(); + + $details = [ + 'name' => 'my attachment', + 'uploaded_to' => $page->id, + 'file' => 'cat', + ]; + + $resp = $this->postJson($this->baseEndpoint, $details); + $resp->assertStatus(422); + $resp->assertJson($this->validationResponse(['file' => ['The file must be provided as a valid file.']])); } public function test_read_endpoint_for_link_attachment() @@ -201,9 +229,11 @@ class AttachmentsApiTest extends TestCase $attachment = Attachment::query()->orderByDesc('id')->where('name', '=', $details['name'])->firstOrFail(); $resp = $this->getJson("{$this->baseEndpoint}/{$attachment->id}"); - $resp->assertStatus(200); - $resp->assertJson([ + $resp->assertHeader('Content-Type', 'application/json'); + + $json = new AssertableJsonString($resp->streamedContent()); + $json->assertSubset([ 'id' => $attachment->id, 'content' => base64_encode(file_get_contents(storage_path($attachment->path))), 'external' => false, @@ -232,7 +262,7 @@ class AttachmentsApiTest extends TestCase /** @var Page $page */ $page = Page::query()->first(); $page->draft = true; - $page->owned_by = $editor; + $page->owned_by = $editor->id; $page->save(); $this->regenEntityPermissions($page);