tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-30 00:19:25 +02:00
Code Issues Projects Releases Wiki Activity

Test allowedExtensions in UploadField, return correct HTTP status

Browse Source
This commit is contained in:
Ingo Schommer 2013-07-12 13:16:25 +02:00
parent c2c8498c64
commit 920edf88e7
2 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
forms/UploadField.php
View File

@ -525,6 +525,7 @@ class UploadField extends FileField {
}
// Get the uploaded file into a new file object.
// The loadIntoFile() method also validates constraints like allowed extensions
try {
$this->upload->loadIntoFile($tmpfile, $fileObject, $this->folderName);
} catch (Exception $e) {
@ -559,6 +560,7 @@ class UploadField extends FileField {
}
$response = new SS_HTTPResponse(Convert::raw2json(array($return)));
$response->addHeader('Content-Type', 'text/plain');
if($return['error']) $response->setStatusCode(403);
return $response;
}

33
tests/forms/uploadfield/UploadFieldTest.php
View File

@ -123,6 +123,33 @@ class UploadFieldTest extends FunctionalTest {
$this->assertEquals($record->ManyManyFiles()->Last()->Name, $tmpFileName);
}
/**
* Partially covered by {@link UploadTest->testUploadAcceptsAllowedExtension()},
* but this test additionally verifies that those constraints are actually enforced
* in this controller method.
*/
public function testAllowedExtensions() {
$this->loginWithPermission('ADMIN');
$invalidFile = 'invalid.php';
$_FILES = array('AllowedExtensionsField' => $this->getUploadFile($invalidFile));
$response = $this->post(
'UploadFieldTest_Controller/Form/field/AllowedExtensionsField/upload',
array('AllowedExtensionsField' => $this->getUploadFile($invalidFile))
);
$this->assertTrue($response->isError());
$this->assertContains('Extension is not allowed', $response->getBody());
$validFile = 'valid.jpg';
$_FILES = array('AllowedExtensionsField' => $this->getUploadFile($validFile));
$response = $this->post(
'UploadFieldTest_Controller/Form/field/AllowedExtensionsField/upload',
array('AllowedExtensionsField' => $this->getUploadFile($validFile))
);
$this->assertFalse($response->isError());
$this->assertNotContains('Extension is not allowed', $response->getBody());
}
public function testAllowedMaxFileNumberWithHasOne() {
$this->loginWithPermission('ADMIN');
@ -831,6 +858,9 @@ class UploadFieldTest_Controller extends Controller implements TestOnly {
$fieldCanAttachExisting->setConfig('canAttachExisting', false);
$fieldCanAttachExisting->setRecord($record);
$fieldAllowedExtensions = new UploadField('AllowedExtensionsField');
$fieldAllowedExtensions->getValidator()->setAllowedExtensions(array('jpg'));
$form = new Form(
$this,
'Form',
@ -847,7 +877,8 @@ class UploadFieldTest_Controller extends Controller implements TestOnly {
$fieldDisabled,
$fieldSubfolder,
$fieldCanUploadFalse,
$fieldCanAttachExisting
$fieldCanAttachExisting,
$fieldAllowedExtensions
),
new FieldList(
new FormAction('submit')