From 3e18dbd4f92a6596acedcd2fbb2e36f26f43aa37 Mon Sep 17 00:00:00 2001
From: Peter Papp <peterpapp@makingcg.com>
Date: Sun, 11 Apr 2021 10:46:07 +0200
Subject: [PATCH] DisabledMimetypes.php validation rule fix

---
 .../Requests/FileFunctions/UploadRequest.php  |  5 +--
 ...stValidation.php => DisabledMimetypes.php} | 18 ++------
 public/mix-manifest.json                      | 42 ++-----------------
 resources/js/helpers.js                       |  2 +-
 resources/js/store/modules/fileFunctions.js   |  2 +-
 tests/Feature/FileManager/FileTest.php        | 33 +++++++++++++++
 6 files changed, 45 insertions(+), 57 deletions(-)
 rename app/Rules/{MimetypeBlacklistValidation.php => DisabledMimetypes.php} (57%)

diff --git a/app/Http/Requests/FileFunctions/UploadRequest.php b/app/Http/Requests/FileFunctions/UploadRequest.php
index a4139684..08579000 100644
--- a/app/Http/Requests/FileFunctions/UploadRequest.php
+++ b/app/Http/Requests/FileFunctions/UploadRequest.php
@@ -2,9 +2,8 @@
 
 namespace App\Http\Requests\FileFunctions;
 
-use App\Rules\MimetypeBlacklistValidation;
+use App\Rules\DisabledMimetypes;
 use Illuminate\Foundation\Http\FormRequest;
-use Illuminate\Support\Facades\Auth;
 
 class UploadRequest extends FormRequest
 {
@@ -27,7 +26,7 @@ class UploadRequest extends FormRequest
     {
         return [
             'folder_id' => 'nullable|uuid',
-            'file'      => ['required', 'file', new MimetypeBlacklistValidation]
+            'file'      => ['required', 'file', new DisabledMimetypes]
         ];
     }
 }
diff --git a/app/Rules/MimetypeBlacklistValidation.php b/app/Rules/DisabledMimetypes.php
similarity index 57%
rename from app/Rules/MimetypeBlacklistValidation.php
rename to app/Rules/DisabledMimetypes.php
index 390da73f..8d7f0ab9 100644
--- a/app/Rules/MimetypeBlacklistValidation.php
+++ b/app/Rules/DisabledMimetypes.php
@@ -3,18 +3,8 @@
 namespace App\Rules;
 use Illuminate\Contracts\Validation\Rule;
 
-class MimetypeBlacklistValidation implements Rule
+class DisabledMimetypes implements Rule
 {
-    /**
-     * Create a new rule instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        //
-    }
-
     /**
      * Determine if the validation rule passes.
      *
@@ -24,10 +14,10 @@ class MimetypeBlacklistValidation implements Rule
      */
     public function passes($attribute, $value)
     {
-        $mimetype_blacklist = explode(',' ,get_setting('mimetypes_blacklist'));
+        $mimetype_blacklist = explode(',', get_setting('mimetypes_blacklist'));
         $file_mimetype = explode('/' ,$value->getMimeType());
         
-        return !array_intersect($file_mimetype , $mimetype_blacklist);
+        return ! array_intersect($file_mimetype, $mimetype_blacklist);
     }
 
     /**
@@ -37,6 +27,6 @@ class MimetypeBlacklistValidation implements Rule
      */
     public function message()
     {
-       abort (415,'Type of this mime type is not allowed.');
+       return 'Type of this mime type is not allowed.';
     }
 }
diff --git a/public/mix-manifest.json b/public/mix-manifest.json
index 9ba7ff93..c267b61c 100644
--- a/public/mix-manifest.json
+++ b/public/mix-manifest.json
@@ -16,7 +16,7 @@
     "/chunks/app-billings.js": "/chunks/app-billings.js?id=82133cc16f55222bbbe6",
     "/chunks/app-email.js": "/chunks/app-email.js?id=c578a85112c6a4b1ed0e",
     "/chunks/app-index.js": "/chunks/app-index.js?id=7f07dceace5c9c8255bb",
-    "/chunks/app-language.js": "/chunks/app-language.js?id=4cecb39459ed4cd51ce5",
+    "/chunks/app-language.js": "/chunks/app-language.js?id=5fb4e79c821a6931f9b3",
     "/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/pages~chunks/plans~chunks/s~38c276fc.js": "/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/pages~chunks/plans~chunks/s~38c276fc.js?id=e4abf38870f961cb6979",
     "/chunks/app-others.js": "/chunks/app-others.js?id=9156adba3b1697a8bf3e",
     "/chunks/app-payments.js": "/chunks/app-payments.js?id=7e1a982c90174f568fb2",
@@ -71,7 +71,7 @@
     "/chunks/shared/authenticate.js": "/chunks/shared/authenticate.js?id=3d5c7754d438830a4204",
     "/chunks/shared/file-browser.js": "/chunks/shared/file-browser.js?id=3127fab4cfd3d5f00a72",
     "/chunks/shared/single-file.js": "/chunks/shared/single-file.js?id=e8aedb75df7fe227d693",
-    "/chunks/sign-in.js": "/chunks/sign-in.js?id=61e5b97e8273aec430ad",
+    "/chunks/sign-in.js": "/chunks/sign-in.js?id=162161aa204ab6931826",
     "/chunks/sign-up.js": "/chunks/sign-up.js?id=ce15b1156cf37c0a9703",
     "/chunks/stripe-credentials.js": "/chunks/stripe-credentials.js?id=1acdec3a157c8943a88d",
     "/chunks/subscription-plans.js": "/chunks/subscription-plans.js?id=a843f8cf90ff1e3168e8",
@@ -91,40 +91,6 @@
     "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~2fac28cc.js": "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~2fac28cc.js?id=57c854adb91ed9a9d088",
     "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~d5e36d91.js": "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~d5e36d91.js?id=170765b4fd923b62195c",
     "/vendors~chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser~ch~52c14f2e.js": "/vendors~chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser~ch~52c14f2e.js?id=66afa0e341251a68c3d3",
-    "/chunks/files~chunks/shared-files~chunks/shared/file-browser.d1c4278d07311f1b0de2.hot-update.js": "/chunks/files~chunks/shared-files~chunks/shared/file-browser.d1c4278d07311f1b0de2.hot-update.js",
-    "/js/main.a41bb052f7b6c50309be.hot-update.js": "/js/main.a41bb052f7b6c50309be.hot-update.js",
-    "/chunks/users.e009d73120176bfd575b.hot-update.js": "/chunks/users.e009d73120176bfd575b.hot-update.js",
-    "/chunks/platform.679e5b78be08be00b456.hot-update.js": "/chunks/platform.679e5b78be08be00b456.hot-update.js",
-    "/js/main.26c236a3e4651b9372bf.hot-update.js": "/js/main.26c236a3e4651b9372bf.hot-update.js",
-    "/js/main.07f7c31b5d396b12b5b8.hot-update.js": "/js/main.07f7c31b5d396b12b5b8.hot-update.js",
-    "/js/main.5c76647b0e017eaab734.hot-update.js": "/js/main.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/app-index~chunks/app-others~chunks~605f4c49.5c76647b0e017eaab734.hot-update.js": "/chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/app-index~chunks/app-others~chunks~605f4c49.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/app-language.5c76647b0e017eaab734.hot-update.js": "/chunks/app-language.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/dashboard.5c76647b0e017eaab734.hot-update.js": "/chunks/dashboard.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser.5c76647b0e017eaab734.hot-update.js": "/chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/homepage.5c76647b0e017eaab734.hot-update.js": "/chunks/homepage.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/installation-disclaimer.5c76647b0e017eaab734.hot-update.js": "/chunks/installation-disclaimer.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/invoices.5c76647b0e017eaab734.hot-update.js": "/chunks/invoices.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/page-edit.5c76647b0e017eaab734.hot-update.js": "/chunks/page-edit.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/pages.5c76647b0e017eaab734.hot-update.js": "/chunks/pages.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/plan.5c76647b0e017eaab734.hot-update.js": "/chunks/plan.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/plans.5c76647b0e017eaab734.hot-update.js": "/chunks/plans.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/settings.5c76647b0e017eaab734.hot-update.js": "/chunks/settings.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/upgrade-billing~chunks/upgrade-plan.5c76647b0e017eaab734.hot-update.js": "/chunks/upgrade-billing~chunks/upgrade-plan.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/user.5c76647b0e017eaab734.hot-update.js": "/chunks/user.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/users.5c76647b0e017eaab734.hot-update.js": "/chunks/users.5c76647b0e017eaab734.hot-update.js",
-    "/js/main.844f624f247515289c02.hot-update.js": "/js/main.844f624f247515289c02.hot-update.js",
-    "/js/main.7e86ff928328fca2c702.hot-update.js": "/js/main.7e86ff928328fca2c702.hot-update.js",
-    "/js/main.e456cbd528bca91f48a6.hot-update.js": "/js/main.e456cbd528bca91f48a6.hot-update.js",
-    "/chunks/admin~chunks/platform.ff2f47a2fcf634fb6996.hot-update.js": "/chunks/admin~chunks/platform.ff2f47a2fcf634fb6996.hot-update.js",
-    "/js/main.c01ab0c5b71f7999980d.hot-update.js": "/js/main.c01ab0c5b71f7999980d.hot-update.js",
-    "/chunks/admin~chunks/platform.ff841aad86b0e94b8055.hot-update.js": "/chunks/admin~chunks/platform.ff841aad86b0e94b8055.hot-update.js",
-    "/js/main.a43fd27afa3d129fab29.hot-update.js": "/js/main.a43fd27afa3d129fab29.hot-update.js",
-    "/js/main.08259350560c643add38.hot-update.js": "/js/main.08259350560c643add38.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.72f5bef15d6e81b04f0f.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.72f5bef15d6e81b04f0f.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.925c0dd3d2550d1eabab.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.925c0dd3d2550d1eabab.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.d010b8f6819834422ff0.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.d010b8f6819834422ff0.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.a06576ed51205a993112.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.a06576ed51205a993112.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.5b1c19c5f32462447e05.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.5b1c19c5f32462447e05.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.510df2af06c4e4dba50e.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.510df2af06c4e4dba50e.hot-update.js"
+    "/js/main.9d7b080a308ce9f6dc68.hot-update.js": "/js/main.9d7b080a308ce9f6dc68.hot-update.js",
+    "/js/main.336b731cf44faf091068.hot-update.js": "/js/main.336b731cf44faf091068.hot-update.js"
 }
diff --git a/resources/js/helpers.js b/resources/js/helpers.js
index 2f6f4ae8..ad6cb81f 100644
--- a/resources/js/helpers.js
+++ b/resources/js/helpers.js
@@ -182,7 +182,7 @@ const Helpers = {
                             this.$isSomethingWrong()
 
                         // Break uploading process
-                        if ([500, 415].includes(error.response.status))
+                        if ([500, 422].includes(error.response.status))
                             isNotGeneralError = false
                     })
                 } while (isNotGeneralError && attempts !== 0 && attempts !== 3)
diff --git a/resources/js/store/modules/fileFunctions.js b/resources/js/store/modules/fileFunctions.js
index 1f396d2e..7db279f9 100644
--- a/resources/js/store/modules/fileFunctions.js
+++ b/resources/js/store/modules/fileFunctions.js
@@ -233,7 +233,7 @@ const actions = {
                             title: i18n.t('popup_exceed_limit.title'),
                             message: i18n.t('popup_exceed_limit.message')
                         },
-                        '415': {
+                        '422': {
                             title: i18n.t('popup_mimetypes_blacklist.title'),
                             message: i18n.t('popup_mimetypes_blacklist.message')
                         },
diff --git a/tests/Feature/FileManager/FileTest.php b/tests/Feature/FileManager/FileTest.php
index 0faa47fb..f45c32a3 100644
--- a/tests/Feature/FileManager/FileTest.php
+++ b/tests/Feature/FileManager/FileTest.php
@@ -4,6 +4,7 @@ namespace Tests\Feature\FileManager;
 
 use App\Models\File;
 use App\Models\Folder;
+use App\Models\Setting;
 use App\Models\User;
 use App\Models\Zip;
 use App\Services\SetupService;
@@ -116,6 +117,38 @@ class FileTest extends TestCase
         ]);
     }
 
+    /**
+     * @test
+     */
+    public function it_upload_blacklisted_mimetype_file()
+    {
+        Storage::fake('local');
+
+        $this->setup->create_directories();
+
+        Setting::create([
+            'name'  => 'mimetypes_blacklist',
+            'value' => 'pdf',
+        ]);
+
+        $file = UploadedFile::fake()
+            ->create('fake-file.pdf', 1200, 'application/pdf');
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/upload', [
+            'file'      => $file,
+            'folder_id' => null,
+            'is_last'   => true,
+        ])->assertStatus(422);
+
+        Storage::disk('local')
+            ->assertMissing("files/$user->id/fake-file.pdf");
+    }
+
     /**
      * @test
      */