nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-18 16:22:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

DisabledMimetypes.php validation rule fix

Browse Source
This commit is contained in:
Peter Papp
2021-04-11 10:46:07 +02:00
parent 1568eab905
commit 3e18dbd4f9
6 changed files with 45 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/Http/Requests/FileFunctions/UploadRequest.php
View File

@@ -2,9 +2,8 @@
namespace App\Http\Requests\FileFunctions;
use App\Rules\MimetypeBlacklistValidation;
use App\Rules\DisabledMimetypes;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Auth;
class UploadRequest extends FormRequest
{
@@ -27,7 +26,7 @@ class UploadRequest extends FormRequest
{
return [
'folder_id' => 'nullable|uuid',
'file' => ['required', 'file', new MimetypeBlacklistValidation]
'file' => ['required', 'file', new DisabledMimetypes]
];
}
}

18
app/Rules/MimetypeBlacklistValidation.php → app/Rules/DisabledMimetypes.php
View File

@@ -3,18 +3,8 @@
namespace App\Rules;
use Illuminate\Contracts\Validation\Rule;
class MimetypeBlacklistValidation implements Rule
class DisabledMimetypes implements Rule
{
/**
* Create a new rule instance.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Determine if the validation rule passes.
*
@@ -24,10 +14,10 @@ class MimetypeBlacklistValidation implements Rule
*/
public function passes($attribute, $value)
{
$mimetype_blacklist = explode(',' ,get_setting('mimetypes_blacklist'));
$mimetype_blacklist = explode(',', get_setting('mimetypes_blacklist'));
$file_mimetype = explode('/' ,$value->getMimeType());
return !array_intersect($file_mimetype , $mimetype_blacklist);
return ! array_intersect($file_mimetype, $mimetype_blacklist);
}
/**
@@ -37,6 +27,6 @@ class MimetypeBlacklistValidation implements Rule
*/
public function message()
{
abort (415,'Type of this mime type is not allowed.');
return 'Type of this mime type is not allowed.';
}
}

42
public/mix-manifest.json
View File

@@ -16,7 +16,7 @@
"/chunks/app-billings.js": "/chunks/app-billings.js?id=82133cc16f55222bbbe6",
"/chunks/app-email.js": "/chunks/app-email.js?id=c578a85112c6a4b1ed0e",
"/chunks/app-index.js": "/chunks/app-index.js?id=7f07dceace5c9c8255bb",
"/chunks/app-language.js": "/chunks/app-language.js?id=4cecb39459ed4cd51ce5",
"/chunks/app-language.js": "/chunks/app-language.js?id=5fb4e79c821a6931f9b3",
"/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/pages~chunks/plans~chunks/s~38c276fc.js": "/chunks/app-language~chunks/dashboard~chunks/files~chunks/invoices~chunks/pages~chunks/plans~chunks/s~38c276fc.js?id=e4abf38870f961cb6979",
"/chunks/app-others.js": "/chunks/app-others.js?id=9156adba3b1697a8bf3e",
"/chunks/app-payments.js": "/chunks/app-payments.js?id=7e1a982c90174f568fb2",
@@ -71,7 +71,7 @@
"/chunks/shared/authenticate.js": "/chunks/shared/authenticate.js?id=3d5c7754d438830a4204",
"/chunks/shared/file-browser.js": "/chunks/shared/file-browser.js?id=3127fab4cfd3d5f00a72",
"/chunks/shared/single-file.js": "/chunks/shared/single-file.js?id=e8aedb75df7fe227d693",
"/chunks/sign-in.js": "/chunks/sign-in.js?id=61e5b97e8273aec430ad",
"/chunks/sign-in.js": "/chunks/sign-in.js?id=162161aa204ab6931826",
"/chunks/sign-up.js": "/chunks/sign-up.js?id=ce15b1156cf37c0a9703",
"/chunks/stripe-credentials.js": "/chunks/stripe-credentials.js?id=1acdec3a157c8943a88d",
"/chunks/subscription-plans.js": "/chunks/subscription-plans.js?id=a843f8cf90ff1e3168e8",
@@ -91,40 +91,6 @@
"/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~2fac28cc.js": "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~2fac28cc.js?id=57c854adb91ed9a9d088",
"/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~d5e36d91.js": "/vendors~chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~d5e36d91.js?id=170765b4fd923b62195c",
"/vendors~chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser~ch~52c14f2e.js": "/vendors~chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser~ch~52c14f2e.js?id=66afa0e341251a68c3d3",
"/chunks/files~chunks/shared-files~chunks/shared/file-browser.d1c4278d07311f1b0de2.hot-update.js": "/chunks/files~chunks/shared-files~chunks/shared/file-browser.d1c4278d07311f1b0de2.hot-update.js",
"/js/main.a41bb052f7b6c50309be.hot-update.js": "/js/main.a41bb052f7b6c50309be.hot-update.js",
"/chunks/users.e009d73120176bfd575b.hot-update.js": "/chunks/users.e009d73120176bfd575b.hot-update.js",
"/chunks/platform.679e5b78be08be00b456.hot-update.js": "/chunks/platform.679e5b78be08be00b456.hot-update.js",
"/js/main.26c236a3e4651b9372bf.hot-update.js": "/js/main.26c236a3e4651b9372bf.hot-update.js",
"/js/main.07f7c31b5d396b12b5b8.hot-update.js": "/js/main.07f7c31b5d396b12b5b8.hot-update.js",
"/js/main.5c76647b0e017eaab734.hot-update.js": "/js/main.5c76647b0e017eaab734.hot-update.js",
"/chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/app-index~chunks/app-others~chunks~605f4c49.5c76647b0e017eaab734.hot-update.js": "/chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/app-index~chunks/app-others~chunks~605f4c49.5c76647b0e017eaab734.hot-update.js",
"/chunks/app-language.5c76647b0e017eaab734.hot-update.js": "/chunks/app-language.5c76647b0e017eaab734.hot-update.js",
"/chunks/dashboard.5c76647b0e017eaab734.hot-update.js": "/chunks/dashboard.5c76647b0e017eaab734.hot-update.js",
"/chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser.5c76647b0e017eaab734.hot-update.js": "/chunks/files~chunks/platform~chunks/shared~chunks/shared-files~chunks/shared/file-browser.5c76647b0e017eaab734.hot-update.js",
"/chunks/homepage.5c76647b0e017eaab734.hot-update.js": "/chunks/homepage.5c76647b0e017eaab734.hot-update.js",
"/chunks/installation-disclaimer.5c76647b0e017eaab734.hot-update.js": "/chunks/installation-disclaimer.5c76647b0e017eaab734.hot-update.js",
"/chunks/invoices.5c76647b0e017eaab734.hot-update.js": "/chunks/invoices.5c76647b0e017eaab734.hot-update.js",
"/chunks/page-edit.5c76647b0e017eaab734.hot-update.js": "/chunks/page-edit.5c76647b0e017eaab734.hot-update.js",
"/chunks/pages.5c76647b0e017eaab734.hot-update.js": "/chunks/pages.5c76647b0e017eaab734.hot-update.js",
"/chunks/plan.5c76647b0e017eaab734.hot-update.js": "/chunks/plan.5c76647b0e017eaab734.hot-update.js",
"/chunks/plans.5c76647b0e017eaab734.hot-update.js": "/chunks/plans.5c76647b0e017eaab734.hot-update.js",
"/chunks/settings.5c76647b0e017eaab734.hot-update.js": "/chunks/settings.5c76647b0e017eaab734.hot-update.js",
"/chunks/upgrade-billing~chunks/upgrade-plan.5c76647b0e017eaab734.hot-update.js": "/chunks/upgrade-billing~chunks/upgrade-plan.5c76647b0e017eaab734.hot-update.js",
"/chunks/user.5c76647b0e017eaab734.hot-update.js": "/chunks/user.5c76647b0e017eaab734.hot-update.js",
"/chunks/users.5c76647b0e017eaab734.hot-update.js": "/chunks/users.5c76647b0e017eaab734.hot-update.js",
"/js/main.844f624f247515289c02.hot-update.js": "/js/main.844f624f247515289c02.hot-update.js",
"/js/main.7e86ff928328fca2c702.hot-update.js": "/js/main.7e86ff928328fca2c702.hot-update.js",
"/js/main.e456cbd528bca91f48a6.hot-update.js": "/js/main.e456cbd528bca91f48a6.hot-update.js",
"/chunks/admin~chunks/platform.ff2f47a2fcf634fb6996.hot-update.js": "/chunks/admin~chunks/platform.ff2f47a2fcf634fb6996.hot-update.js",
"/js/main.c01ab0c5b71f7999980d.hot-update.js": "/js/main.c01ab0c5b71f7999980d.hot-update.js",
"/chunks/admin~chunks/platform.ff841aad86b0e94b8055.hot-update.js": "/chunks/admin~chunks/platform.ff841aad86b0e94b8055.hot-update.js",
"/js/main.a43fd27afa3d129fab29.hot-update.js": "/js/main.a43fd27afa3d129fab29.hot-update.js",
"/js/main.08259350560c643add38.hot-update.js": "/js/main.08259350560c643add38.hot-update.js",
"/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.72f5bef15d6e81b04f0f.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.72f5bef15d6e81b04f0f.hot-update.js",
"/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.925c0dd3d2550d1eabab.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.925c0dd3d2550d1eabab.hot-update.js",
"/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.d010b8f6819834422ff0.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.d010b8f6819834422ff0.hot-update.js",
"/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.a06576ed51205a993112.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.a06576ed51205a993112.hot-update.js",
"/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.5b1c19c5f32462447e05.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.5b1c19c5f32462447e05.hot-update.js",
"/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.510df2af06c4e4dba50e.hot-update.js": "/chunks/admin~chunks/admin-account~chunks/app-appearance~chunks/app-billings~chunks/app-email~chunks/~eeab5771.510df2af06c4e4dba50e.hot-update.js"
"/js/main.9d7b080a308ce9f6dc68.hot-update.js": "/js/main.9d7b080a308ce9f6dc68.hot-update.js",
"/js/main.336b731cf44faf091068.hot-update.js": "/js/main.336b731cf44faf091068.hot-update.js"
}

2
resources/js/helpers.js vendored
View File

@@ -182,7 +182,7 @@ const Helpers = {
this.$isSomethingWrong()
// Break uploading process
if ([500, 415].includes(error.response.status))
if ([500, 422].includes(error.response.status))
isNotGeneralError = false
})
} while (isNotGeneralError && attempts !== 0 && attempts !== 3)

2
resources/js/store/modules/fileFunctions.js vendored
View File

@@ -233,7 +233,7 @@ const actions = {
title: i18n.t('popup_exceed_limit.title'),
message: i18n.t('popup_exceed_limit.message')
},
'415': {
'422': {
title: i18n.t('popup_mimetypes_blacklist.title'),
message: i18n.t('popup_mimetypes_blacklist.message')
},

33
tests/Feature/FileManager/FileTest.php
View File

@@ -4,6 +4,7 @@ namespace Tests\Feature\FileManager;
use App\Models\File;
use App\Models\Folder;
use App\Models\Setting;
use App\Models\User;
use App\Models\Zip;
use App\Services\SetupService;
@@ -116,6 +117,38 @@ class FileTest extends TestCase
]);
}
/**
* @test
*/
public function it_upload_blacklisted_mimetype_file()
{
Storage::fake('local');
$this->setup->create_directories();
Setting::create([
'name' => 'mimetypes_blacklist',
'value' => 'pdf',
]);
$file = UploadedFile::fake()
->create('fake-file.pdf', 1200, 'application/pdf');
$user = User::factory(User::class)
->create();
Sanctum::actingAs($user);
$this->postJson('/api/upload', [
'file' => $file,
'folder_id' => null,
'is_last' => true,
])->assertStatus(422);
Storage::disk('local')
->assertMissing("files/$user->id/fake-file.pdf");
}
/**
* @test
*/