From: Dan Brown Date: Tue, 11 Mar 2025 23:42:54 +0000 (+0000) Subject: DownloadVendorCommand: Added check for ZIP file access X-Git-Url: http://source.bookstackapp.com/system-cli/commitdiff_plain/refs/pull/21/head?ds=inline DownloadVendorCommand: Added check for ZIP file access --- diff --git a/src/Commands/DownloadVendorCommand.php b/src/Commands/DownloadVendorCommand.php index 2f8e927..7c18fed 100644 --- a/src/Commands/DownloadVendorCommand.php +++ b/src/Commands/DownloadVendorCommand.php @@ -123,7 +123,12 @@ class DownloadVendorCommand extends Command $tempFile = tempnam(sys_get_temp_dir(), 'bs-cli-vendor-zip'); $targetUrl = "https://files.bookstackapp.com/vendor/{$version}.zip"; - file_put_contents($tempFile, fopen($targetUrl, 'rb')); + $targetFile = @fopen($targetUrl, 'rb'); + if ($targetFile === false) { + throw new CommandError("Failed to download ZIP file from $targetUrl"); + } + + file_put_contents($tempFile, $targetFile); return $tempFile; } diff --git a/tests/Commands/DownloadVendorCommandTest.php b/tests/Commands/DownloadVendorCommandTest.php index cc5e730..20a2fb8 100644 --- a/tests/Commands/DownloadVendorCommandTest.php +++ b/tests/Commands/DownloadVendorCommandTest.php @@ -66,4 +66,20 @@ class DownloadVendorCommandTest extends TestCase }); } + public function test_command_fails_on_zip_not_found() + { + $this->withOwnBookStackFolder(function (string $basePath) { + file_put_contents("$basePath/version", 'v10.02'); + mkdir("$basePath/dev/checksums", 0777, true); + file_put_contents("$basePath/dev/checksums/vendor", 'abc'); + + $result = $this->runCommand('download-vendor'); + + $result->assertErrorExit(); + $result->assertStdoutContains('Downloading ZIP from files.bookstackapp.com...'); + $result->assertStderrContains('Failed to download ZIP file from https://files.bookstackapp.com/vendor/v10.02.zip'); + + $this->assertDirectoryExists("$basePath/vendor/composer"); + }); + } } \ No newline at end of file