2019-04-15 06:17:05 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2018-03-09 09:16:06 -05:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2020-06-03 23:08:05 -04:00
|
|
|
RSpec.describe SendFileUpload do
|
2018-03-09 09:16:06 -05:00
|
|
|
let(:uploader_class) do
|
|
|
|
Class.new(GitlabUploader) do
|
|
|
|
include ObjectStorage::Concern
|
|
|
|
|
|
|
|
storage_options Gitlab.config.uploads
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
# user/:id
|
|
|
|
def dynamic_segment
|
2019-05-11 08:06:44 -04:00
|
|
|
File.join(model.class.underscore, model.id.to_s)
|
2018-03-09 09:16:06 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
let(:controller_class) do
|
|
|
|
Class.new do
|
|
|
|
include SendFileUpload
|
2020-08-10 14:09:54 -04:00
|
|
|
|
|
|
|
def params
|
|
|
|
{}
|
|
|
|
end
|
|
|
|
|
|
|
|
def current_user; end
|
2018-03-09 09:16:06 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
let(:object) { build_stubbed(:user) }
|
|
|
|
let(:uploader) { uploader_class.new(object, :file) }
|
|
|
|
|
|
|
|
describe '#send_upload' do
|
|
|
|
let(:controller) { controller_class.new }
|
|
|
|
let(:temp_file) { Tempfile.new('test') }
|
2018-11-07 10:54:37 -05:00
|
|
|
let(:params) { {} }
|
2018-03-09 09:16:06 -05:00
|
|
|
|
2018-11-07 10:54:37 -05:00
|
|
|
subject { controller.send_upload(uploader, **params) }
|
2018-03-09 09:16:06 -05:00
|
|
|
|
|
|
|
before do
|
|
|
|
FileUtils.touch(temp_file)
|
|
|
|
end
|
|
|
|
|
|
|
|
after do
|
|
|
|
FileUtils.rm_f(temp_file)
|
|
|
|
end
|
|
|
|
|
2020-08-10 14:09:54 -04:00
|
|
|
shared_examples 'handles image resize requests' do
|
2020-08-31 14:10:43 -04:00
|
|
|
let(:headers) { double }
|
|
|
|
let(:image_requester) { build(:user) }
|
|
|
|
let(:image_owner) { build(:user) }
|
2020-08-28 02:10:45 -04:00
|
|
|
let(:params) do
|
|
|
|
{ attachment: 'avatar.png' }
|
|
|
|
end
|
|
|
|
|
2020-08-10 14:09:54 -04:00
|
|
|
before do
|
2020-08-28 02:10:45 -04:00
|
|
|
allow(uploader).to receive(:image_safe_for_scaling?).and_return(true)
|
2020-08-10 14:09:54 -04:00
|
|
|
allow(uploader).to receive(:mounted_as).and_return(:avatar)
|
|
|
|
|
|
|
|
allow(controller).to receive(:headers).and_return(headers)
|
|
|
|
# both of these are valid cases, depending on whether we are dealing with
|
|
|
|
# local or remote files
|
|
|
|
allow(controller).to receive(:send_file)
|
|
|
|
allow(controller).to receive(:redirect_to)
|
2020-08-31 14:10:43 -04:00
|
|
|
|
|
|
|
allow(controller).to receive(:current_user).and_return(image_requester)
|
|
|
|
allow(uploader).to receive(:model).and_return(image_owner)
|
2020-08-10 14:09:54 -04:00
|
|
|
end
|
|
|
|
|
2020-11-09 10:08:56 -05:00
|
|
|
it_behaves_like 'handles image resize requests allowed by FF'
|
2020-08-10 14:09:54 -04:00
|
|
|
|
2020-11-09 10:08:56 -05:00
|
|
|
context 'when FF is disabled' do
|
2020-08-31 14:10:43 -04:00
|
|
|
before do
|
2020-11-09 10:08:56 -05:00
|
|
|
stub_feature_flags(dynamic_image_resizing: false)
|
2020-08-10 14:09:54 -04:00
|
|
|
end
|
|
|
|
|
2020-11-09 10:08:56 -05:00
|
|
|
it_behaves_like 'bypasses image resize requests not allowed by FF'
|
2020-08-31 14:10:43 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-11-09 10:08:56 -05:00
|
|
|
shared_examples 'bypasses image resize requests not allowed by FF' do
|
2020-08-31 14:10:43 -04:00
|
|
|
it 'does not write workhorse command header' do
|
|
|
|
expect(headers).not_to receive(:store).with(Gitlab::Workhorse::SEND_DATA_HEADER, /^send-scaled-img:/)
|
|
|
|
|
|
|
|
subject
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-11-09 10:08:56 -05:00
|
|
|
shared_examples 'handles image resize requests allowed by FF' do
|
2020-08-31 14:10:43 -04:00
|
|
|
context 'with valid width parameter' do
|
|
|
|
it 'renders OK with workhorse command header' do
|
|
|
|
expect(controller).not_to receive(:send_file)
|
|
|
|
expect(controller).to receive(:params).at_least(:once).and_return(width: '64')
|
|
|
|
expect(controller).to receive(:head).with(:ok)
|
2020-08-10 14:09:54 -04:00
|
|
|
|
2020-08-31 14:10:43 -04:00
|
|
|
expect(Gitlab::Workhorse).to receive(:send_scaled_image).with(a_string_matching('^(/.+|https://.+)'), 64, 'image/png').and_return([
|
|
|
|
Gitlab::Workhorse::SEND_DATA_HEADER, "send-scaled-img:faux"
|
|
|
|
])
|
|
|
|
expect(headers).to receive(:store).with(Gitlab::Workhorse::SEND_DATA_HEADER, "send-scaled-img:faux")
|
|
|
|
|
|
|
|
subject
|
2020-08-10 14:09:54 -04:00
|
|
|
end
|
2020-08-31 14:10:43 -04:00
|
|
|
end
|
2020-08-10 14:09:54 -04:00
|
|
|
|
2020-08-31 14:10:43 -04:00
|
|
|
context 'with missing width parameter' do
|
|
|
|
it 'does not write workhorse command header' do
|
|
|
|
expect(headers).not_to receive(:store).with(Gitlab::Workhorse::SEND_DATA_HEADER, /^send-scaled-img:/)
|
2020-08-10 14:09:54 -04:00
|
|
|
|
2020-08-31 14:10:43 -04:00
|
|
|
subject
|
2020-08-10 14:09:54 -04:00
|
|
|
end
|
2020-08-31 14:10:43 -04:00
|
|
|
end
|
2020-08-10 14:09:54 -04:00
|
|
|
|
2020-08-31 14:10:43 -04:00
|
|
|
context 'with invalid width parameter' do
|
|
|
|
it 'does not write workhorse command header' do
|
|
|
|
expect(controller).to receive(:params).at_least(:once).and_return(width: 'not a number')
|
|
|
|
expect(headers).not_to receive(:store).with(Gitlab::Workhorse::SEND_DATA_HEADER, /^send-scaled-img:/)
|
2020-08-10 14:09:54 -04:00
|
|
|
|
2020-08-31 14:10:43 -04:00
|
|
|
subject
|
2020-08-10 14:09:54 -04:00
|
|
|
end
|
2020-08-31 14:10:43 -04:00
|
|
|
end
|
2020-08-28 02:10:45 -04:00
|
|
|
|
2020-08-31 14:10:43 -04:00
|
|
|
context 'with width that is not allowed' do
|
|
|
|
it 'does not write workhorse command header' do
|
|
|
|
expect(controller).to receive(:params).at_least(:once).and_return(width: '63')
|
|
|
|
expect(headers).not_to receive(:store).with(Gitlab::Workhorse::SEND_DATA_HEADER, /^send-scaled-img:/)
|
2020-08-28 02:10:45 -04:00
|
|
|
|
2020-08-31 14:10:43 -04:00
|
|
|
subject
|
2020-08-28 02:10:45 -04:00
|
|
|
end
|
2020-08-10 14:09:54 -04:00
|
|
|
end
|
|
|
|
|
2020-08-31 14:10:43 -04:00
|
|
|
context 'when image file is not an avatar' do
|
|
|
|
it 'does not write workhorse command header' do
|
|
|
|
expect(uploader).to receive(:mounted_as).and_return(nil) # FileUploader is not mounted
|
|
|
|
expect(headers).not_to receive(:store).with(Gitlab::Workhorse::SEND_DATA_HEADER, /^send-scaled-img:/)
|
|
|
|
|
|
|
|
subject
|
2020-08-10 14:09:54 -04:00
|
|
|
end
|
2020-08-31 14:10:43 -04:00
|
|
|
end
|
2020-08-10 14:09:54 -04:00
|
|
|
|
2020-08-31 14:10:43 -04:00
|
|
|
context 'when image file type is not considered safe for scaling' do
|
2020-08-10 14:09:54 -04:00
|
|
|
it 'does not write workhorse command header' do
|
2020-08-31 14:10:43 -04:00
|
|
|
expect(uploader).to receive(:image_safe_for_scaling?).and_return(false)
|
2020-08-10 14:09:54 -04:00
|
|
|
expect(headers).not_to receive(:store).with(Gitlab::Workhorse::SEND_DATA_HEADER, /^send-scaled-img:/)
|
|
|
|
|
|
|
|
subject
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-03-09 09:16:06 -05:00
|
|
|
context 'when local file is used' do
|
|
|
|
before do
|
|
|
|
uploader.store!(temp_file)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'sends a file' do
|
|
|
|
expect(controller).to receive(:send_file).with(uploader.path, anything)
|
|
|
|
|
|
|
|
subject
|
|
|
|
end
|
2020-08-10 14:09:54 -04:00
|
|
|
|
|
|
|
it_behaves_like 'handles image resize requests'
|
2018-03-09 09:16:06 -05:00
|
|
|
end
|
|
|
|
|
2019-02-13 13:46:14 -05:00
|
|
|
context 'with inline image' do
|
|
|
|
let(:filename) { 'test.png' }
|
|
|
|
let(:params) { { disposition: 'inline', attachment: filename } }
|
|
|
|
|
|
|
|
it 'sends a file with inline disposition' do
|
|
|
|
expected_params = {
|
|
|
|
filename: 'test.png',
|
2020-01-29 13:08:47 -05:00
|
|
|
disposition: 'inline'
|
2019-02-13 13:46:14 -05:00
|
|
|
}
|
|
|
|
expect(controller).to receive(:send_file).with(uploader.path, expected_params)
|
|
|
|
|
|
|
|
subject
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-05-14 00:43:48 -04:00
|
|
|
context 'with attachment' do
|
2019-02-04 20:27:22 -05:00
|
|
|
let(:filename) { 'test.js' }
|
|
|
|
let(:params) { { attachment: filename } }
|
2018-05-14 00:43:48 -04:00
|
|
|
|
|
|
|
it 'sends a file with content-type of text/plain' do
|
|
|
|
expected_params = {
|
|
|
|
content_type: 'text/plain',
|
|
|
|
filename: 'test.js',
|
2020-01-29 13:08:47 -05:00
|
|
|
disposition: 'attachment'
|
2018-05-14 00:43:48 -04:00
|
|
|
}
|
|
|
|
expect(controller).to receive(:send_file).with(uploader.path, expected_params)
|
|
|
|
|
2018-11-07 10:54:37 -05:00
|
|
|
subject
|
2018-08-13 18:36:15 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
context 'with a proxied file in object storage' do
|
|
|
|
before do
|
|
|
|
stub_uploads_object_storage(uploader: uploader_class)
|
|
|
|
uploader.object_store = ObjectStorage::Store::REMOTE
|
|
|
|
uploader.store!(temp_file)
|
|
|
|
allow(Gitlab.config.uploads.object_store).to receive(:proxy_download) { true }
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'sends a file with a custom type' do
|
|
|
|
headers = double
|
2019-06-16 19:40:22 -04:00
|
|
|
expected_headers = /response-content-disposition=attachment%3B%20filename%3D%22test.js%22%3B%20filename%2A%3DUTF-8%27%27test.js&response-content-type=application%2Fjavascript/
|
2018-08-13 18:36:15 -04:00
|
|
|
expect(Gitlab::Workhorse).to receive(:send_url).with(expected_headers).and_call_original
|
|
|
|
expect(headers).to receive(:store).with(Gitlab::Workhorse::SEND_DATA_HEADER, /^send-url:/)
|
|
|
|
|
|
|
|
expect(controller).not_to receive(:send_file)
|
|
|
|
expect(controller).to receive(:headers) { headers }
|
|
|
|
expect(controller).to receive(:head).with(:ok)
|
|
|
|
|
2018-11-07 10:54:37 -05:00
|
|
|
subject
|
2018-08-13 18:36:15 -04:00
|
|
|
end
|
2018-05-14 00:43:48 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-03-09 09:16:06 -05:00
|
|
|
context 'when remote file is used' do
|
|
|
|
before do
|
|
|
|
stub_uploads_object_storage(uploader: uploader_class)
|
|
|
|
uploader.object_store = ObjectStorage::Store::REMOTE
|
|
|
|
uploader.store!(temp_file)
|
|
|
|
end
|
|
|
|
|
2018-11-07 10:54:37 -05:00
|
|
|
shared_examples 'proxied file' do
|
2018-03-09 09:16:06 -05:00
|
|
|
it 'sends a file' do
|
2018-03-09 10:09:00 -05:00
|
|
|
headers = double
|
2018-08-13 18:36:15 -04:00
|
|
|
expect(Gitlab::Workhorse).not_to receive(:send_url).with(/response-content-disposition/)
|
|
|
|
expect(Gitlab::Workhorse).not_to receive(:send_url).with(/response-content-type/)
|
|
|
|
expect(Gitlab::Workhorse).to receive(:send_url).and_call_original
|
|
|
|
|
2018-03-09 10:09:00 -05:00
|
|
|
expect(headers).to receive(:store).with(Gitlab::Workhorse::SEND_DATA_HEADER, /^send-url:/)
|
2018-08-13 18:36:15 -04:00
|
|
|
expect(controller).not_to receive(:send_file)
|
2018-03-09 10:09:00 -05:00
|
|
|
expect(controller).to receive(:headers) { headers }
|
|
|
|
expect(controller).to receive(:head).with(:ok)
|
2018-03-09 09:16:06 -05:00
|
|
|
|
2018-03-09 10:09:00 -05:00
|
|
|
subject
|
2018-03-09 09:16:06 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-11-07 10:54:37 -05:00
|
|
|
context 'and proxying is enabled' do
|
|
|
|
before do
|
|
|
|
allow(Gitlab.config.uploads.object_store).to receive(:proxy_download) { true }
|
|
|
|
end
|
|
|
|
|
|
|
|
it_behaves_like 'proxied file'
|
|
|
|
end
|
|
|
|
|
2018-03-09 09:16:06 -05:00
|
|
|
context 'and proxying is disabled' do
|
|
|
|
before do
|
|
|
|
allow(Gitlab.config.uploads.object_store).to receive(:proxy_download) { false }
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'sends a file' do
|
|
|
|
expect(controller).to receive(:redirect_to).with(/#{uploader.path}/)
|
|
|
|
|
|
|
|
subject
|
|
|
|
end
|
2018-11-07 10:54:37 -05:00
|
|
|
|
|
|
|
context 'with proxy requested' do
|
|
|
|
let(:params) { { proxy: true } }
|
|
|
|
|
|
|
|
it_behaves_like 'proxied file'
|
|
|
|
end
|
2018-03-09 09:16:06 -05:00
|
|
|
end
|
2020-08-10 14:09:54 -04:00
|
|
|
|
|
|
|
it_behaves_like 'handles image resize requests'
|
2018-03-09 09:16:06 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|