DisabledMimetypes.php validation rule fix

2026-04-18 16:22:14 +00:00 · 2021-04-11 10:46:07 +02:00
parent 1568eab905
commit 3e18dbd4f9
6 changed files with 45 additions and 57 deletions
--- a/app/Http/Requests/FileFunctions/UploadRequest.php
+++ b/app/Http/Requests/FileFunctions/UploadRequest.php
@@ -2,9 +2,8 @@

 namespace App\Http\Requests\FileFunctions;

-use App\Rules\MimetypeBlacklistValidation;
+use App\Rules\DisabledMimetypes;
 use Illuminate\Foundation\Http\FormRequest;
-use Illuminate\Support\Facades\Auth;

 class UploadRequest extends FormRequest
 {
@@ -27,7 +26,7 @@ class UploadRequest extends FormRequest
    {
        return [
            'folder_id' => 'nullable|uuid',
-            'file'      => ['required', 'file', new MimetypeBlacklistValidation]
+            'file'      => ['required', 'file', new DisabledMimetypes]
        ];
    }
 }
--- a/app/Rules/MimetypeBlacklistValidation.php
+++ b/app/Rules/MimetypeBlacklistValidation.php
@@ -3,18 +3,8 @@
 namespace App\Rules;
 use Illuminate\Contracts\Validation\Rule;

-class MimetypeBlacklistValidation implements Rule
+class DisabledMimetypes implements Rule
 {
-    /**
-     * Create a new rule instance.
-     *
-     * @return void
-     */
-    public function __construct()
-    {
-        //
-    }
-
    /**
     * Determine if the validation rule passes.
     *
@@ -37,6 +27,6 @@ class MimetypeBlacklistValidation implements Rule
     */
    public function message()
    {
-       abort (415,'Type of this mime type is not allowed.');
+       return 'Type of this mime type is not allowed.';
    }
 }
--- a/public/mix-manifest.json
+++ b/public/mix-manifest.json
@@ -16,7 +16,7 @@
    "/chunks/app-billings.js": "/chunks/app-billings.js?id=82133cc16f55222bbbe6",
    "/chunks/app-email.js": "/chunks/app-email.js?id=c578a85112c6a4b1ed0e",
    "/chunks/app-index.js": "/chunks/app-index.js?id=7f07dceace5c9c8255bb",
-    "/chunks/app-language.js": "/chunks/app-language.js?id=4cecb39459ed4cd51ce5",
+    "/chunks/app-language.js": "/chunks/app-language.js?id=5fb4e79c821a6931f9b3",
    "/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/pages~chunks/plans~chunks/s~38c276fc.js": "/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/pages~chunks/plans~chunks/s~38c276fc.js?id=e4abf38870f961cb6979",
    "/chunks/app-others.js": "/chunks/app-others.js?id=9156adba3b1697a8bf3e",
    "/chunks/app-payments.js": "/chunks/app-payments.js?id=7e1a982c90174f568fb2",
@@ -71,7 +71,7 @@
    "/chunks/shared/authenticate.js": "/chunks/shared/authenticate.js?id=3d5c7754d438830a4204",
    "/chunks/shared/file-browser.js": "/chunks/shared/file-browser.js?id=3127fab4cfd3d5f00a72",
    "/chunks/shared/single-file.js": "/chunks/shared/single-file.js?id=e8aedb75df7fe227d693",
-    "/chunks/sign-in.js": "/chunks/sign-in.js?id=61e5b97e8273aec430ad",
+    "/chunks/sign-in.js": "/chunks/sign-in.js?id=162161aa204ab6931826",
    "/chunks/sign-up.js": "/chunks/sign-up.js?id=ce15b1156cf37c0a9703",
    "/chunks/stripe-credentials.js": "/chunks/stripe-credentials.js?id=1acdec3a157c8943a88d",
    "/chunks/subscription-plans.js": "/chunks/subscription-plans.js?id=a843f8cf90ff1e3168e8",
@@ -91,40 +91,6 @@
    "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~2fac28cc.js": "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~2fac28cc.js?id=57c854adb91ed9a9d088",
    "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~d5e36d91.js": "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~d5e36d91.js?id=170765b4fd923b62195c",
    "/vendors~chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser~ch~52c14f2e.js": "/vendors~chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser~ch~52c14f2e.js?id=66afa0e341251a68c3d3",
-    "/chunks/files~chunks/shared-files~chunks/shared/file-browser.d1c4278d07311f1b0de2.hot-update.js": "/chunks/files~chunks/shared-files~chunks/shared/file-browser.d1c4278d07311f1b0de2.hot-update.js",
-    "/js/main.a41bb052f7b6c50309be.hot-update.js": "/js/main.a41bb052f7b6c50309be.hot-update.js",
-    "/chunks/users.e009d73120176bfd575b.hot-update.js": "/chunks/users.e009d73120176bfd575b.hot-update.js",
-    "/chunks/platform.679e5b78be08be00b456.hot-update.js": "/chunks/platform.679e5b78be08be00b456.hot-update.js",
-    "/js/main.26c236a3e4651b9372bf.hot-update.js": "/js/main.26c236a3e4651b9372bf.hot-update.js",
-    "/js/main.07f7c31b5d396b12b5b8.hot-update.js": "/js/main.07f7c31b5d396b12b5b8.hot-update.js",
-    "/js/main.5c76647b0e017eaab734.hot-update.js": "/js/main.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/app-index~chunks/app-others~chunks~605f4c49.5c76647b0e017eaab734.hot-update.js": "/chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/app-index~chunks/app-others~chunks~605f4c49.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/app-language.5c76647b0e017eaab734.hot-update.js": "/chunks/app-language.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/dashboard.5c76647b0e017eaab734.hot-update.js": "/chunks/dashboard.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser.5c76647b0e017eaab734.hot-update.js": "/chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/homepage.5c76647b0e017eaab734.hot-update.js": "/chunks/homepage.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/installation-disclaimer.5c76647b0e017eaab734.hot-update.js": "/chunks/installation-disclaimer.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/invoices.5c76647b0e017eaab734.hot-update.js": "/chunks/invoices.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/page-edit.5c76647b0e017eaab734.hot-update.js": "/chunks/page-edit.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/pages.5c76647b0e017eaab734.hot-update.js": "/chunks/pages.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/plan.5c76647b0e017eaab734.hot-update.js": "/chunks/plan.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/plans.5c76647b0e017eaab734.hot-update.js": "/chunks/plans.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/settings.5c76647b0e017eaab734.hot-update.js": "/chunks/settings.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/upgrade-billing~chunks/upgrade-plan.5c76647b0e017eaab734.hot-update.js": "/chunks/upgrade-billing~chunks/upgrade-plan.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/user.5c76647b0e017eaab734.hot-update.js": "/chunks/user.5c76647b0e017eaab734.hot-update.js",
-    "/chunks/users.5c76647b0e017eaab734.hot-update.js": "/chunks/users.5c76647b0e017eaab734.hot-update.js",
-    "/js/main.844f624f247515289c02.hot-update.js": "/js/main.844f624f247515289c02.hot-update.js",
-    "/js/main.7e86ff928328fca2c702.hot-update.js": "/js/main.7e86ff928328fca2c702.hot-update.js",
-    "/js/main.e456cbd528bca91f48a6.hot-update.js": "/js/main.e456cbd528bca91f48a6.hot-update.js",
-    "/chunks/admin~chunks/platform.ff2f47a2fcf634fb6996.hot-update.js": "/chunks/admin~chunks/platform.ff2f47a2fcf634fb6996.hot-update.js",
-    "/js/main.c01ab0c5b71f7999980d.hot-update.js": "/js/main.c01ab0c5b71f7999980d.hot-update.js",
-    "/chunks/admin~chunks/platform.ff841aad86b0e94b8055.hot-update.js": "/chunks/admin~chunks/platform.ff841aad86b0e94b8055.hot-update.js",
-    "/js/main.a43fd27afa3d129fab29.hot-update.js": "/js/main.a43fd27afa3d129fab29.hot-update.js",
-    "/js/main.08259350560c643add38.hot-update.js": "/js/main.08259350560c643add38.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.72f5bef15d6e81b04f0f.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.72f5bef15d6e81b04f0f.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.925c0dd3d2550d1eabab.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.925c0dd3d2550d1eabab.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.d010b8f6819834422ff0.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.d010b8f6819834422ff0.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.a06576ed51205a993112.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.a06576ed51205a993112.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.5b1c19c5f32462447e05.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.5b1c19c5f32462447e05.hot-update.js",
-    "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.510df2af06c4e4dba50e.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.510df2af06c4e4dba50e.hot-update.js"
+    "/js/main.9d7b080a308ce9f6dc68.hot-update.js": "/js/main.9d7b080a308ce9f6dc68.hot-update.js",
+    "/js/main.336b731cf44faf091068.hot-update.js": "/js/main.336b731cf44faf091068.hot-update.js"
 }
--- a/resources/js/helpers.js
+++ b/resources/js/helpers.js
@@ -182,7 +182,7 @@ const Helpers = {
                            this.$isSomethingWrong()

                        // Break uploading process
-                        if ([500, 415].includes(error.response.status))
+                        if ([500, 422].includes(error.response.status))
                            isNotGeneralError = false
                    })
                } while (isNotGeneralError && attempts !== 0 && attempts !== 3)
--- a/resources/js/store/modules/fileFunctions.js
+++ b/resources/js/store/modules/fileFunctions.js
@@ -233,7 +233,7 @@ const actions = {
                            title: i18n.t('popup_exceed_limit.title'),
                            message: i18n.t('popup_exceed_limit.message')
                        },
-                        '415': {
+                        '422': {
                            title: i18n.t('popup_mimetypes_blacklist.title'),
                            message: i18n.t('popup_mimetypes_blacklist.message')
                        },
--- a/tests/Feature/FileManager/FileTest.php
+++ b/tests/Feature/FileManager/FileTest.php
@@ -4,6 +4,7 @@ namespace Tests\Feature\FileManager;

 use App\Models\File;
 use App\Models\Folder;
+use App\Models\Setting;
 use App\Models\User;
 use App\Models\Zip;
 use App\Services\SetupService;
@@ -116,6 +117,38 @@ class FileTest extends TestCase
        ]);
    }

+    /**
+     * @test
+     */
+    public function it_upload_blacklisted_mimetype_file()
+    {
+        Storage::fake('local');
+
+        $this->setup->create_directories();
+
+        Setting::create([
+            'name'  => 'mimetypes_blacklist',
+            'value' => 'pdf',
+        ]);
+
+        $file = UploadedFile::fake()
+            ->create('fake-file.pdf', 1200, 'application/pdf');
+
+        $user = User::factory(User::class)
+            ->create();
+
+        Sanctum::actingAs($user);
+
+        $this->postJson('/api/upload', [
+            'file'      => $file,
+            'folder_id' => null,
+            'is_last'   => true,
+        ])->assertStatus(422);
+
+        Storage::disk('local')
+            ->assertMissing("files/$user->id/fake-file.pdf");
+    }
+
    /**
     * @test
     */