nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-05-25 14:14:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

- public sharing refactored part 3

Browse Source
This commit is contained in:
Peter Papp
2021-03-19 10:13:48 +01:00
parent ed8ab2978f
commit f4b3f1f163
10 changed files with 593 additions and 486 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/Feature/Share/VisitorAccessToItemsTest.php
+114 -85
View File
@@ -27,14 +27,14 @@ class VisitorAccessToItemsTest extends TestCase
/**
* @test
*/
public function it_get_public_file_record_and_download_file_within()
public function it_download_file()
{
Storage::fake('local');
$this->setup->create_directories();
collect(['private', 'public'])
->each(function ($permission) {
collect([true, false])
->each(function ($is_protected) {
$user = User::factory(User::class)
->create();
@@ -49,7 +49,7 @@ class VisitorAccessToItemsTest extends TestCase
'filesize' => $document->getSize(),
'user_id' => $user->id,
'basename' => $document->name,
'name' => 'fake-file.pdf',
'name' => $document->name,
]);
$share = Share::factory(Share::class)
@@ -57,46 +57,31 @@ class VisitorAccessToItemsTest extends TestCase
'item_id' => $file->id,
'user_id' => $user->id,
'type' => 'file',
'is_protected' => $permission === 'private',
'password' => \Hash::make('secret'),
'is_protected' => $is_protected,
]);
if ($permission === 'private') {
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this->disableCookieEncryption();
$this->defaultCookies = $cookie;
$this->get("/api/browse/file/$share->token/private")
->assertStatus(200)
->assertJsonFragment([
'basename' => $document->name
]);
$this->get("/file/$document->name/private/$share->token")
$this->withCookies($cookie)
->get("/file/$document->name/$share->token")
->assertStatus(200);
}
if ($permission === 'public') {
$this->get("/api/browse/file/$share->token/public")
->assertStatus(200)
->assertJsonFragment([
'basename' => $document->name
]);
if (!$is_protected) {
// Get shared file
$this->get("/file/$document->name/public/$share->token")
$this->get("/file/$document->name/$share->token")
->assertStatus(200);
}
/*$this->assertDatabaseHas('traffic', [
$this->assertDatabaseHas('traffic', [
'user_id' => $user->id,
]);*/
]);
});
}
@@ -112,7 +97,7 @@ class VisitorAccessToItemsTest extends TestCase
]);
// Get share record
$this->get("/api/browse/file/$share->token/public")
$this->get("/api/browse/file/$share->token")
->assertStatus(403);
}
@@ -125,34 +110,54 @@ class VisitorAccessToItemsTest extends TestCase
$this->setup->create_directories();
$user = User::factory(User::class)
->create();
collect([true, false])
->each(function ($is_protected) {
$thumbnail = UploadedFile::fake()
->image(Str::random() . '-fake-image.jpg');
$user = User::factory(User::class)
->create();
Storage::putFileAs("files/$user->id", $thumbnail, $thumbnail->name);
$thumbnail = UploadedFile::fake()
->image(Str::random() . '-fake-image.jpg');
$file = File::factory(File::class)
->create([
'user_id' => $user->id,
'thumbnail' => $thumbnail->name,
'basename' => $thumbnail->name,
'name' => 'fake-thumbnail.jpg',
'type' => 'image',
'mimetype' => 'jpg',
]);
Storage::putFileAs("files/$user->id", $thumbnail, $thumbnail->name);
$share = Share::factory(Share::class)
->create([
'item_id' => $file->id,
'user_id' => $user->id,
'type' => 'file',
'is_protected' => false,
]);
$file = File::factory(File::class)
->create([
'user_id' => $user->id,
'thumbnail' => $thumbnail->name,
'basename' => $thumbnail->name,
'name' => 'fake-thumbnail.jpg',
'type' => 'image',
'mimetype' => 'jpg',
]);
$this->get("/share/$share->token")
->assertStatus(200);
$share = Share::factory(Share::class)
->create([
'item_id' => $file->id,
'user_id' => $user->id,
'type' => 'file',
'is_protected' => $is_protected,
]);
if ($is_protected) {
$cookie = [
'share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])
];
$this->withCookies($cookie)
->get("/share/$share->token")
->assertStatus(200);
}
if (!$is_protected) {
$this->get("/share/$share->token")
->assertStatus(200);
}
});
}
/**
@@ -164,8 +169,8 @@ class VisitorAccessToItemsTest extends TestCase
$this->setup->create_directories();
collect(['private', 'public'])
->each(function ($permission) {
collect([true, false])
->each(function ($is_protected) {
$user = User::factory(User::class)
->create();
@@ -187,22 +192,26 @@ class VisitorAccessToItemsTest extends TestCase
'item_id' => $file->id,
'user_id' => $user->id,
'type' => 'file',
'is_protected' => $permission === 'private',
'password' => \Hash::make('secret'),
'is_protected' => $is_protected,
]);
// Get thumbnail file
if ($permission === 'private') {
$this->withCookie('share_session', json_encode([
'token' => $share->token,
'authenticated' => true,
]))
->get("/thumbnail/$thumbnail->name/private/$share->token")
if ($is_protected) {
$cookie = [
'share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])
];
$this->withCookies($cookie)
->get("/thumbnail/$thumbnail->name/$share->token")
->assertStatus(200);
}
if ($permission === 'public') {
$this->get("/thumbnail/$thumbnail->name/public/$share->token")
if (!$is_protected) {
$this->get("/thumbnail/$thumbnail->name/$share->token")
->assertStatus(200);
}
@@ -222,33 +231,53 @@ class VisitorAccessToItemsTest extends TestCase
$this->setup->create_directories();
$user = User::factory(User::class)
->create();
collect([true, false])
->each(function ($is_protected) {
$share = Share::factory(Share::class)
->create([
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => false,
]);
$user = User::factory(User::class)
->create();
$zip = Zip::factory(Zip::class)->create([
'basename' => 'EHWKcuvKzA4Gv29v-archive.zip',
'user_id' => $user->id,
'shared_token' => $share->token,
]);
$share = Share::factory(Share::class)
->create([
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
]);
$file = UploadedFile::fake()
->create($zip->basename, 1000, 'application/zip');
$zip = Zip::factory(Zip::class)->create([
'basename' => 'EHWKcuvKzA4Gv29v-archive.zip',
'user_id' => $user->id,
'shared_token' => $share->token,
]);
Storage::putFileAs("zip", $file, $file->name);
$file = UploadedFile::fake()
->create($zip->basename, 1000, 'application/zip');
$this->get("/zip/$zip->id/public/$share->token")
->assertStatus(200);
Storage::putFileAs("zip", $file, $file->name);
$this->assertDatabaseMissing('traffic', [
'user_id' => $user->id,
'download' => null,
]);
if ($is_protected) {
$cookie = [
'share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])
];
$this->withCookies($cookie)
->get("/zip/$zip->id/$share->token")
->assertStatus(200);
}
if (!$is_protected) {
$this->get("/zip/$zip->id/$share->token")
->assertStatus(200);
}
$this->assertDatabaseMissing('traffic', [
'user_id' => $user->id,
'download' => null,
]);
});
}
}
tests/Feature/Share/VisitorManipulatingTest.php
+423 -230
View File
@@ -9,6 +9,7 @@ use App\Models\User;
use App\Services\SetupService;
use Illuminate\Foundation\Testing\DatabaseMigrations;
use Illuminate\Http\UploadedFile;
use Storage;
use Tests\TestCase;
class VisitorManipulatingTest extends TestCase
@@ -26,40 +27,69 @@ class VisitorManipulatingTest extends TestCase
*/
public function editor_rename_shared_file()
{
$user = User::factory(User::class)
->create();
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id
]);
$user = User::factory(User::class)
->create();
$file = File::factory(File::class)
->create([
'folder_id' => $folder->id
]);
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => false,
'permission' => 'editor',
]);
$file = File::factory(File::class)
->create([
'folder_id' => $folder->id
]);
$this->patchJson("/api/editor/rename/{$file->id}/public/$share->token", [
'name' => 'Renamed Item',
'type' => 'file',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Item',
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$this->assertDatabaseHas('files', [
'name' => 'Renamed Item'
]);
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->patch("/api/editor/rename/{$file->id}/$share->token", [
'name' => 'Renamed Item',
'type' => 'file',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Item',
]);
}
// Check public shared item
if (!$is_protected) {
$this->patchJson("/api/editor/rename/{$file->id}/$share->token", [
'name' => 'Renamed Item',
'type' => 'file',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Item',
]);
}
$this->assertDatabaseHas('files', [
'name' => 'Renamed Item',
'id' => $file->id,
]);
});
}
/**
@@ -67,41 +97,71 @@ class VisitorManipulatingTest extends TestCase
*/
public function editor_rename_shared_folder()
{
$user = User::factory(User::class)
->create();
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$root = Folder::factory(Folder::class)
->create([
'user_id' => $user->id
]);
$user = User::factory(User::class)
->create();
$children = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id
]);
$root = Folder::factory(Folder::class)
->create([
'user_id' => $user->id
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => false,
'permission' => 'editor',
]);
$children = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id
]);
$this->patchJson("/api/editor/rename/{$children->id}/public/$share->token", [
'name' => 'Renamed Folder',
'type' => 'folder',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Folder',
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$this->assertDatabaseHas('folders', [
'name' => 'Renamed Folder'
]);
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->patch("/api/editor/rename/{$children->id}/$share->token", [
'name' => 'Renamed Folder',
'type' => 'folder',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Folder',
]);
}
// Check public shared item
if (!$is_protected) {
$this->patchJson("/api/editor/rename/{$children->id}/$share->token", [
'name' => 'Renamed Folder',
'type' => 'folder',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Folder',
]);
}
$this->assertDatabaseHas('folders', [
'name' => 'Renamed Folder',
'id' => $children->id
]);
});
}
/**
@@ -109,37 +169,66 @@ class VisitorManipulatingTest extends TestCase
*/
public function editor_create_new_folder_in_shared_folder()
{
$user = User::factory(User::class)
->create();
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$user = User::factory(User::class)
->create();
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => false,
'permission' => 'editor',
]);
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$this->postJson("/api/editor/create-folder/public/$share->token", [
'name' => 'Awesome New Folder',
'parent_id' => $folder->id,
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Awesome New Folder',
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$this->assertDatabaseHas('folders', [
'name' => 'Awesome New Folder',
'parent_id' => $folder->id,
'user_scope' => 'editor',
]);
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/create-folder/$share->token", [
'name' => 'Awesome New Folder',
'parent_id' => $folder->id,
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Awesome New Folder',
]);
}
// Check public shared item
if (!$is_protected) {
$this->postJson("/api/editor/create-folder/$share->token", [
'name' => 'Awesome New Folder',
'parent_id' => $folder->id,
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Awesome New Folder',
]);
}
$this->assertDatabaseHas('folders', [
'name' => 'Awesome New Folder',
'parent_id' => $folder->id,
'user_scope' => 'editor',
]);
});
}
/**
@@ -147,49 +236,75 @@ class VisitorManipulatingTest extends TestCase
*/
public function editor_delete_multiple_files_in_shared_folder()
{
$user = User::factory(User::class)
->create();
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$user = User::factory(User::class)
->create();
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => false,
'permission' => 'editor',
]);
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$files = File::factory(File::class)
->count(2)
->create([
'folder_id' => $folder->id
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$this->postJson("/api/editor/remove/public/$share->token", [
'items' => [
[
'id' => $files[0]->id,
'type' => 'file',
'force_delete' => false,
],
[
'id' => $files[1]->id,
'type' => 'file',
'force_delete' => false,
],
],
])->assertStatus(204);
$files = File::factory(File::class)
->count(2)
->create([
'folder_id' => $folder->id
]);
$files
->each(function ($file) {
$this->assertSoftDeleted('files', [
'id' => $file->id,
]);
$payload = [
'items' => [
[
'id' => $files[0]->id,
'type' => 'file',
'force_delete' => false,
],
[
'id' => $files[1]->id,
'type' => 'file',
'force_delete' => false,
],
],
];
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/remove/$share->token", $payload)
->assertStatus(204);
}
// Check public shared item
if (!$is_protected) {
$this->postJson("/api/editor/remove/$share->token", $payload)
->assertStatus(204);
}
$files
->each(function ($file) {
$this->assertSoftDeleted('files', [
'id' => $file->id,
]);
});
});
}
@@ -202,45 +317,71 @@ class VisitorManipulatingTest extends TestCase
$this->setup->create_directories();
$user = User::factory(User::class)
->create();
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'user_scope' => 'master',
]);
$user = User::factory(User::class)
->create();
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => false,
'permission' => 'editor',
]);
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'user_scope' => 'master',
]);
$file = UploadedFile::fake()
->create('fake-file.pdf', 1000, 'application/pdf');
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$this->postJson("/api/editor/upload/public/$share->token", [
'file' => $file,
'folder_id' => $folder->id,
'is_last' => true,
])->assertStatus(201);
$file = UploadedFile::fake()
->create('fake-file.pdf', 1000, 'application/pdf');
$this->assertDatabaseHas('traffic', [
'user_id' => $user->id,
]);
// Check shared item protected by password
if ($is_protected) {
$this->assertDatabaseHas('files', [
'user_scope' => 'editor',
]);
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
Storage::disk('local')
->assertExists(
"files/$user->id/fake-file.pdf"
);
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/upload/$share->token", [
'file' => $file,
'folder_id' => $folder->id,
'is_last' => true,
])->assertStatus(201);
}
// Check public shared item
if (!$is_protected) {
$this->postJson("/api/editor/upload/$share->token", [
'file' => $file,
'folder_id' => $folder->id,
'is_last' => true,
])->assertStatus(201);
}
$this->assertDatabaseHas('traffic', [
'user_id' => $user->id,
]);
$this->assertDatabaseHas('files', [
'user_scope' => 'editor',
]);
Storage::disk('local')
->assertExists(
"files/$user->id/fake-file.pdf"
);
});
}
/**
@@ -248,49 +389,75 @@ class VisitorManipulatingTest extends TestCase
*/
public function editor_move_file_to_another_folder()
{
$user = User::factory(User::class)
->create();
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$root = Folder::factory(Folder::class)
->create([
'user_id' => $user->id
]);
$user = User::factory(User::class)
->create();
$children = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$root = Folder::factory(Folder::class)
->create([
'user_id' => $user->id
]);
$file = File::factory(File::class)
->create([
'user_id' => $user->id,
'folder_id' => $root->id
]);
$children = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => false,
'permission' => 'editor',
]);
$file = File::factory(File::class)
->create([
'user_id' => $user->id,
'folder_id' => $root->id
]);
$this->postJson("/api/editor/move/public/$share->token", [
'to_id' => $children->id,
'items' => [
[
'type' => 'file',
'id' => $file->id,
]
],
])->assertStatus(204);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$this->assertDatabaseHas('files', [
'id' => $file->id,
'folder_id' => $children->id,
]);
$payload = [
'to_id' => $children->id,
'items' => [
[
'type' => 'file',
'id' => $file->id,
]
],
];
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/move/$share->token", $payload)
->assertStatus(204);
}
// Check public shared item
if (!$is_protected) {
$this->postJson("/api/editor/move/$share->token", $payload)
->assertStatus(204);
}
$this->assertDatabaseHas('files', [
'id' => $file->id,
'folder_id' => $children->id,
]);
});
}
/**
@@ -298,48 +465,74 @@ class VisitorManipulatingTest extends TestCase
*/
public function editor_move_folder_to_another_folder()
{
$user = User::factory(User::class)
->create();
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$root = Folder::factory(Folder::class)
->create([
'user_id' => $user->id
]);
$user = User::factory(User::class)
->create();
$brother = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$root = Folder::factory(Folder::class)
->create([
'user_id' => $user->id
]);
$sister = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$brother = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => false,
'permission' => 'editor',
]);
$sister = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$this->postJson("/api/editor/move/public/$share->token", [
'to_id' => $brother->id,
'items' => [
[
'type' => 'folder',
'id' => $sister->id,
]
],
])->assertStatus(204);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$this->assertDatabaseHas('folders', [
'id' => $sister->id,
'parent_id' => $brother->id,
]);
$payload = [
'to_id' => $brother->id,
'items' => [
[
'type' => 'folder',
'id' => $sister->id,
]
],
];
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/move/$share->token", $payload)
->assertStatus(204);
}
// Check public shared item
if (!$is_protected) {
$this->postJson("/api/editor/move/$share->token", $payload)
->assertStatus(204);
}
$this->assertDatabaseHas('folders', [
'id' => $sister->id,
'parent_id' => $brother->id,
]);
});
}
}