2023-09-06 07:39:09 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
describe "Uploading files in the composer to S3", type: :system do
|
|
|
|
fab!(:current_user) { Fabricate(:admin) }
|
|
|
|
fab!(:other_user) { Fabricate(:user, username: "otherguy") }
|
|
|
|
|
|
|
|
let(:modal) { PageObjects::Modals::Base.new }
|
|
|
|
let(:composer) { PageObjects::Components::Composer.new }
|
|
|
|
let(:topic_page) { PageObjects::Pages::Topic.new }
|
|
|
|
|
|
|
|
describe "secure uploads" do
|
|
|
|
def first_post_img(wait: Capybara.default_max_wait_time)
|
|
|
|
first_post = topic_page.post_by_number(1, wait: wait)
|
|
|
|
expect(first_post).to have_css("img[data-base62-sha1]")
|
|
|
|
first_post.find(".cooked").first("img")
|
|
|
|
end
|
|
|
|
|
|
|
|
def expect_first_post_to_have_secure_upload
|
|
|
|
img = first_post_img
|
|
|
|
expect(img["src"]).to include("/secure-uploads")
|
|
|
|
topic = topic_page.current_topic
|
|
|
|
expect(topic.first_post.uploads.first.secure).to eq(true)
|
|
|
|
end
|
|
|
|
|
|
|
|
it "marks uploads inside of private message posts as secure" do
|
|
|
|
skip_unless_s3_system_specs_enabled!
|
|
|
|
|
|
|
|
setup_s3_system_test(enable_secure_uploads: true)
|
|
|
|
sign_in(current_user)
|
|
|
|
|
|
|
|
topic_page.open_new_message
|
|
|
|
|
|
|
|
composer.fill_title("This is a test PM for secure uploads")
|
|
|
|
composer.select_pm_user("otherguy")
|
|
|
|
|
|
|
|
file_path = file_from_fixtures("logo.png", "images").path
|
|
|
|
attach_file(file_path) { composer.click_toolbar_button("upload") }
|
|
|
|
|
|
|
|
expect(page).to have_no_css("#file-uploading")
|
|
|
|
expect(composer.preview).to have_css(".image-wrapper")
|
|
|
|
|
|
|
|
composer.submit
|
|
|
|
|
|
|
|
expect_first_post_to_have_secure_upload
|
|
|
|
end
|
|
|
|
|
|
|
|
it "marks uploads inside of private category posts as secure" do
|
|
|
|
skip_unless_s3_system_specs_enabled!
|
|
|
|
|
|
|
|
private_category = Fabricate(:private_category, group: Fabricate(:group))
|
|
|
|
setup_s3_system_test(enable_secure_uploads: true)
|
|
|
|
sign_in(current_user)
|
|
|
|
|
|
|
|
topic_page.open_new_topic
|
|
|
|
|
|
|
|
composer.fill_title("This is a test PM for secure uploads")
|
|
|
|
composer.switch_category(private_category.name)
|
|
|
|
|
|
|
|
file_path = file_from_fixtures("logo.png", "images").path
|
|
|
|
attach_file(file_path) { composer.click_toolbar_button("upload") }
|
|
|
|
|
|
|
|
expect(page).to have_no_css("#file-uploading")
|
|
|
|
expect(composer.preview).to have_css(".image-wrapper")
|
|
|
|
|
|
|
|
composer.submit
|
|
|
|
|
|
|
|
expect_first_post_to_have_secure_upload
|
|
|
|
end
|
|
|
|
|
|
|
|
it "marks uploads for all posts as secure when login_required" do
|
|
|
|
skip_unless_s3_system_specs_enabled!
|
|
|
|
|
|
|
|
SiteSetting.login_required = true
|
|
|
|
setup_s3_system_test(enable_secure_uploads: true)
|
|
|
|
sign_in(current_user)
|
|
|
|
|
|
|
|
topic_page.open_new_topic
|
|
|
|
|
|
|
|
composer.fill_title("This is a test PM for secure uploads")
|
|
|
|
|
|
|
|
file_path = file_from_fixtures("logo.png", "images").path
|
|
|
|
attach_file(file_path) { composer.click_toolbar_button("upload") }
|
|
|
|
|
|
|
|
expect(page).to have_no_css("#file-uploading")
|
|
|
|
expect(composer.preview).to have_css(".image-wrapper")
|
|
|
|
|
|
|
|
composer.submit
|
|
|
|
|
|
|
|
expect_first_post_to_have_secure_upload
|
|
|
|
end
|
|
|
|
|
|
|
|
it "doesn't mark uploads for public posts as secure" do
|
|
|
|
skip_unless_s3_system_specs_enabled!
|
|
|
|
|
|
|
|
setup_s3_system_test(enable_secure_uploads: true)
|
|
|
|
sign_in(current_user)
|
|
|
|
|
|
|
|
topic_page.open_new_topic
|
|
|
|
|
|
|
|
composer.fill_title("This is a test PM for secure uploads")
|
|
|
|
|
|
|
|
file_path = file_from_fixtures("logo.png", "images").path
|
|
|
|
attach_file(file_path) { composer.click_toolbar_button("upload") }
|
|
|
|
|
|
|
|
expect(page).to have_no_css("#file-uploading")
|
|
|
|
expect(composer.preview).to have_css(".image-wrapper")
|
|
|
|
|
|
|
|
Jobs.run_immediately!
|
|
|
|
composer.submit
|
|
|
|
|
|
|
|
# Extra wait time is added because the job can slow down the processing of the request.
|
|
|
|
img = first_post_img(wait: 10)
|
2023-10-24 10:43:14 +08:00
|
|
|
|
|
|
|
# At first the image will be secure when created via the composer, usually the
|
|
|
|
# CookedPostProcessor job fixes this but running it immediately when creating the
|
|
|
|
# post doesn't work in the test, so we need to rebake here to get the correct result.
|
|
|
|
expect(page).to have_css("img[src*='secure-uploads']")
|
|
|
|
Post.last.rebake!
|
|
|
|
expect(page).not_to have_css("img[src*='secure-uploads']", wait: 5)
|
2023-09-06 07:39:09 +08:00
|
|
|
topic = topic_page.current_topic
|
|
|
|
expect(topic.first_post.uploads.first.secure).to eq(false)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|