nexus/vuefilemanager
2
0
Fork 0
mirror of https://github.com/VueFileManager/vuefilemanager.git synced 2026-04-05 18:23:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
19cc01131b93d27bb6343b85943ce06f3cb93c24
vuefilemanager/tests/Domain/Sharing/VisitorManipulatingTest.php
Čarodej 19cc01131b - gate implementation 
- protected shared view fix
2021-09-24 10:52:19 +02:00

504 lines
17 KiB
PHP
Raw Blame History

<?php
namespace Tests\Domain\Sharing;
use Storage;
use Tests\TestCase;
use App\Users\Models\User;
use Domain\Files\Models\File;
use Domain\Sharing\Models\Share;
use Domain\Folders\Models\Folder;
use Illuminate\Http\UploadedFile;
class VisitorManipulatingTest extends TestCase
{
/**
* @test
*/
public function editor_rename_shared_file()
{
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$user = User::factory(User::class)
->create();
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$file = File::factory(File::class)
->create([
'parent_id' => $folder->id,
'user_id' => $user->id,
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->patch("/api/editor/rename/{$file->id}/$share->token", [
'name' => 'Renamed Item',
'type' => 'file',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Item',
]);
}
// Check public shared item
if (! $is_protected) {
$this->patchJson("/api/editor/rename/{$file->id}/$share->token", [
'name' => 'Renamed Item',
'type' => 'file',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Item',
]);
}
$this->assertDatabaseHas('files', [
'name' => 'Renamed Item',
'id' => $file->id,
]);
});
}
/**
* @test
*/
public function editor_rename_shared_folder()
{
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$user = User::factory(User::class)
->create();
$root = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$children = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->patch("/api/editor/rename/{$children->id}/$share->token", [
'name' => 'Renamed Folder',
'type' => 'folder',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Folder',
]);
}
// Check public shared item
if (! $is_protected) {
$this->patchJson("/api/editor/rename/{$children->id}/$share->token", [
'name' => 'Renamed Folder',
'type' => 'folder',
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Renamed Folder',
]);
}
$this->assertDatabaseHas('folders', [
'name' => 'Renamed Folder',
'id' => $children->id,
]);
});
}
/**
* @test
*/
public function editor_create_new_folder_in_shared_folder()
{
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$user = User::factory(User::class)
->create();
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/create-folder/$share->token", [
'name' => 'Awesome New Folder',
'parent_id' => $folder->id,
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Awesome New Folder',
]);
}
// Check public shared item
if (! $is_protected) {
$this->postJson("/api/editor/create-folder/$share->token", [
'name' => 'Awesome New Folder',
'parent_id' => $folder->id,
])
->assertStatus(201)
->assertJsonFragment([
'name' => 'Awesome New Folder',
]);
}
$this->assertDatabaseHas('folders', [
'name' => 'Awesome New Folder',
'parent_id' => $folder->id,
'author' => 'visitor',
]);
});
}
/**
* @test
*/
public function editor_delete_multiple_files_in_shared_folder()
{
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$user = User::factory(User::class)
->create();
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$files = File::factory(File::class)
->count(2)
->create([
'user_id' => $user->id,
'parent_id' => $folder->id,
]);
$payload = [
'items' => [
[
'id' => $files[0]->id,
'type' => 'file',
'force_delete' => false,
],
[
'id' => $files[1]->id,
'type' => 'file',
'force_delete' => false,
],
],
];
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/remove/$share->token", $payload)
->assertStatus(204);
}
// Check public shared item
if (! $is_protected) {
$this->postJson("/api/editor/remove/$share->token", $payload)
->assertStatus(204);
}
$files
->each(function ($file) {
$this->assertSoftDeleted('files', [
'id' => $file->id,
]);
});
});
}
/**
* @test
*/
public function editor_upload_file_into_shared_folder()
{
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$user = User::factory(User::class)
->create();
$folder = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'author' => 'user',
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $folder->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$file = UploadedFile::fake()
->create('fake-file.pdf', 1000, 'application/pdf');
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/upload/$share->token", [
'filename' => $file->name,
'file' => $file,
'parent_id' => $folder->id,
'is_last' => 'true',
])->assertStatus(201);
}
// Check public shared item
if (! $is_protected) {
$this->postJson("/api/editor/upload/$share->token", [
'filename' => $file->name,
'file' => $file,
'parent_id' => $folder->id,
'is_last' => 'true',
])->assertStatus(201);
}
$this->assertDatabaseHas('files', [
'author' => 'visitor',
]);
Storage::disk('local')
->assertExists(
"files/$user->id/fake-file.pdf"
);
});
}
/**
* @test
*/
public function editor_move_file_to_another_folder()
{
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$user = User::factory(User::class)
->create();
$root = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$children = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$file = File::factory(File::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$payload = [
'to_id' => $children->id,
'items' => [
[
'type' => 'file',
'id' => $file->id,
],
],
];
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/move/$share->token", $payload)
->assertStatus(204);
}
// Check public shared item
if (! $is_protected) {
$this->postJson("/api/editor/move/$share->token", $payload)
->assertStatus(204);
}
$this->assertDatabaseHas('files', [
'id' => $file->id,
'parent_id' => $children->id,
]);
});
}
/**
* @test
*/
public function editor_move_folder_to_another_folder()
{
// check private or public share record
collect([true, false])
->each(function ($is_protected) {
$user = User::factory(User::class)
->create();
$root = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
]);
$brother = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$sister = Folder::factory(Folder::class)
->create([
'user_id' => $user->id,
'parent_id' => $root->id,
]);
$share = Share::factory(Share::class)
->create([
'item_id' => $root->id,
'user_id' => $user->id,
'type' => 'folder',
'is_protected' => $is_protected,
'permission' => 'editor',
]);
$payload = [
'to_id' => $brother->id,
'items' => [
[
'type' => 'folder',
'id' => $sister->id,
],
],
];
// Check shared item protected by password
if ($is_protected) {
$cookie = ['share_session' => json_encode([
'token' => $share->token,
'authenticated' => true,
])];
$this
->withUnencryptedCookies($cookie)
->post("/api/editor/move/$share->token", $payload)
->assertStatus(204);
}
// Check public shared item
if (! $is_protected) {
$this->postJson("/api/editor/move/$share->token", $payload)
->assertStatus(204);
}
$this->assertDatabaseHas('folders', [
'id' => $sister->id,
'parent_id' => $brother->id,
]);
});
}
}
Reference in New Issue View Git Blame Copy Permalink