4ca9f3b417
When direct_upload is enabled and a for file is being uploaded, then workhorse uses `public/uploads/tmp` path. If `uploads.storage_path` i sset to a different directory, then upload fails because `public/uploads/tmp` is not in allowed paths.
134 lines
4.9 KiB
Ruby
134 lines
4.9 KiB
Ruby
require 'spec_helper'
|
|
|
|
require 'tempfile'
|
|
|
|
describe Gitlab::Middleware::Multipart do
|
|
let(:app) { double(:app) }
|
|
let(:middleware) { described_class.new(app) }
|
|
let(:original_filename) { 'filename' }
|
|
|
|
shared_examples_for 'multipart upload files' do
|
|
it 'opens top-level files' do
|
|
Tempfile.open('top-level') do |tempfile|
|
|
env = post_env({ 'file' => tempfile.path }, { 'file.name' => original_filename, 'file.path' => tempfile.path, 'file.remote_id' => remote_id }, Gitlab::Workhorse.secret, 'gitlab-workhorse')
|
|
|
|
expect_uploaded_file(tempfile, %w(file))
|
|
|
|
middleware.call(env)
|
|
end
|
|
end
|
|
|
|
it 'opens files one level deep' do
|
|
Tempfile.open('one-level') do |tempfile|
|
|
in_params = { 'user' => { 'avatar' => { '.name' => original_filename, '.path' => tempfile.path, '.remote_id' => remote_id } } }
|
|
env = post_env({ 'user[avatar]' => tempfile.path }, in_params, Gitlab::Workhorse.secret, 'gitlab-workhorse')
|
|
|
|
expect_uploaded_file(tempfile, %w(user avatar))
|
|
|
|
middleware.call(env)
|
|
end
|
|
end
|
|
|
|
it 'opens files two levels deep' do
|
|
Tempfile.open('two-levels') do |tempfile|
|
|
in_params = { 'project' => { 'milestone' => { 'themesong' => { '.name' => original_filename, '.path' => tempfile.path, '.remote_id' => remote_id } } } }
|
|
env = post_env({ 'project[milestone][themesong]' => tempfile.path }, in_params, Gitlab::Workhorse.secret, 'gitlab-workhorse')
|
|
|
|
expect_uploaded_file(tempfile, %w(project milestone themesong))
|
|
|
|
middleware.call(env)
|
|
end
|
|
end
|
|
|
|
def expect_uploaded_file(tempfile, path, remote: false)
|
|
expect(app).to receive(:call) do |env|
|
|
file = Rack::Request.new(env).params.dig(*path)
|
|
expect(file).to be_a(::UploadedFile)
|
|
expect(file.path).to eq(tempfile.path)
|
|
expect(file.original_filename).to eq(original_filename)
|
|
expect(file.remote_id).to eq(remote_id)
|
|
end
|
|
end
|
|
end
|
|
|
|
it 'rejects headers signed with the wrong secret' do
|
|
env = post_env({ 'file' => '/var/empty/nonesuch' }, {}, 'x' * 32, 'gitlab-workhorse')
|
|
|
|
expect { middleware.call(env) }.to raise_error(JWT::VerificationError)
|
|
end
|
|
|
|
it 'rejects headers signed with the wrong issuer' do
|
|
env = post_env({ 'file' => '/var/empty/nonesuch' }, {}, Gitlab::Workhorse.secret, 'acme-inc')
|
|
|
|
expect { middleware.call(env) }.to raise_error(JWT::InvalidIssuerError)
|
|
end
|
|
|
|
context 'with remote file' do
|
|
let(:remote_id) { 'someid' }
|
|
|
|
it_behaves_like 'multipart upload files'
|
|
end
|
|
|
|
context 'with local file' do
|
|
let(:remote_id) { nil }
|
|
|
|
it_behaves_like 'multipart upload files'
|
|
end
|
|
|
|
it 'allows files in uploads/tmp directory' do
|
|
Dir.mktmpdir do |dir|
|
|
uploads_dir = File.join(dir, 'public/uploads/tmp')
|
|
FileUtils.mkdir_p(uploads_dir)
|
|
|
|
allow(Rails).to receive(:root).and_return(dir)
|
|
allow(Dir).to receive(:tmpdir).and_return(File.join(Dir.tmpdir, 'tmpsubdir'))
|
|
|
|
Tempfile.open('top-level', uploads_dir) do |tempfile|
|
|
env = post_env({ 'file' => tempfile.path }, { 'file.name' => original_filename, 'file.path' => tempfile.path }, Gitlab::Workhorse.secret, 'gitlab-workhorse')
|
|
|
|
expect(app).to receive(:call) do |env|
|
|
expect(Rack::Request.new(env).params['file']).to be_a(::UploadedFile)
|
|
end
|
|
|
|
middleware.call(env)
|
|
end
|
|
end
|
|
end
|
|
|
|
it 'allows symlinks for uploads dir' do
|
|
Tempfile.open('two-levels') do |tempfile|
|
|
symlinked_dir = '/some/dir/uploads'
|
|
symlinked_path = File.join(symlinked_dir, File.basename(tempfile.path))
|
|
env = post_env({ 'file' => symlinked_path }, { 'file.name' => original_filename, 'file.path' => symlinked_path }, Gitlab::Workhorse.secret, 'gitlab-workhorse')
|
|
|
|
allow(FileUploader).to receive(:root).and_return(symlinked_dir)
|
|
allow(UploadedFile).to receive(:allowed_paths).and_return([symlinked_dir, Gitlab.config.uploads.storage_path])
|
|
allow(File).to receive(:realpath).and_call_original
|
|
allow(File).to receive(:realpath).with(symlinked_dir).and_return(Dir.tmpdir)
|
|
allow(File).to receive(:realpath).with(symlinked_path).and_return(tempfile.path)
|
|
allow(File).to receive(:exist?).and_call_original
|
|
allow(File).to receive(:exist?).with(symlinked_dir).and_return(true)
|
|
|
|
# override Dir.tmpdir because this dir is in the list of allowed paths
|
|
# and it would match FileUploader.root path (which in this test is linked
|
|
# to /tmp too)
|
|
allow(Dir).to receive(:tmpdir).and_return(File.join(Dir.tmpdir, 'tmpsubdir'))
|
|
|
|
expect(app).to receive(:call) do |env|
|
|
expect(Rack::Request.new(env).params['file']).to be_a(::UploadedFile)
|
|
end
|
|
|
|
middleware.call(env)
|
|
end
|
|
end
|
|
|
|
def post_env(rewritten_fields, params, secret, issuer)
|
|
token = JWT.encode({ 'iss' => issuer, 'rewritten_fields' => rewritten_fields }, secret, 'HS256')
|
|
Rack::MockRequest.env_for(
|
|
'/',
|
|
method: 'post',
|
|
params: params,
|
|
described_class::RACK_ENV_KEY => token
|
|
)
|
|
end
|
|
end
|