mirror of
https://github.com/discourse/discourse.git
synced 2024-12-05 09:56:30 +08:00
b89e634dd4
Meta: https://meta.discourse.org/t/image-name-has-20-in-file-name/134136
We were ending up with [file%20name](url) in the markdown preview, which looked weird and
affected the alt text. this is because we were calling encodeURIComponent, which has been left in place because this is a valid thing to do for some cases. (e.g. f674b9e
)
228 lines
6.3 KiB
JavaScript
228 lines
6.3 KiB
JavaScript
import {
|
|
validateUploadedFiles,
|
|
authorizedExtensions,
|
|
isAnImage,
|
|
allowsImages,
|
|
allowsAttachments,
|
|
getUploadMarkdown
|
|
} from "discourse/lib/uploads";
|
|
import * as Utilities from "discourse/lib/utilities";
|
|
import User from "discourse/models/user";
|
|
|
|
QUnit.module("lib:uploads");
|
|
|
|
const validUpload = validateUploadedFiles;
|
|
|
|
QUnit.test("validateUploadedFiles", assert => {
|
|
assert.not(validUpload(null), "no files are invalid");
|
|
assert.not(validUpload(undefined), "undefined files are invalid");
|
|
assert.not(validUpload([]), "empty array of files is invalid");
|
|
});
|
|
|
|
QUnit.test("uploading one file", assert => {
|
|
sandbox.stub(bootbox, "alert");
|
|
|
|
assert.not(validUpload([1, 2]));
|
|
assert.ok(bootbox.alert.calledWith(I18n.t("post.errors.too_many_uploads")));
|
|
});
|
|
|
|
QUnit.test("new user cannot upload images", assert => {
|
|
Discourse.SiteSettings.newuser_max_images = 0;
|
|
sandbox.stub(bootbox, "alert");
|
|
|
|
assert.not(
|
|
validUpload([{ name: "image.png" }], { user: User.create() }),
|
|
"the upload is not valid"
|
|
);
|
|
assert.ok(
|
|
bootbox.alert.calledWith(
|
|
I18n.t("post.errors.image_upload_not_allowed_for_new_user")
|
|
),
|
|
"the alert is called"
|
|
);
|
|
});
|
|
|
|
QUnit.test("new user cannot upload attachments", assert => {
|
|
Discourse.SiteSettings.newuser_max_attachments = 0;
|
|
sandbox.stub(bootbox, "alert");
|
|
|
|
assert.not(validUpload([{ name: "roman.txt" }], { user: User.create() }));
|
|
assert.ok(
|
|
bootbox.alert.calledWith(
|
|
I18n.t("post.errors.attachment_upload_not_allowed_for_new_user")
|
|
)
|
|
);
|
|
});
|
|
|
|
QUnit.test("ensures an authorized upload", assert => {
|
|
sandbox.stub(bootbox, "alert");
|
|
assert.not(validUpload([{ name: "unauthorized.html" }]));
|
|
assert.ok(
|
|
bootbox.alert.calledWith(
|
|
I18n.t("post.errors.upload_not_authorized", {
|
|
authorized_extensions: authorizedExtensions()
|
|
})
|
|
)
|
|
);
|
|
});
|
|
|
|
QUnit.test("skipping validation works", assert => {
|
|
const files = [{ name: "backup.tar.gz" }];
|
|
sandbox.stub(bootbox, "alert");
|
|
|
|
assert.not(validUpload(files, { skipValidation: false }));
|
|
assert.ok(validUpload(files, { skipValidation: true }));
|
|
});
|
|
|
|
QUnit.test("staff can upload anything in PM", assert => {
|
|
const files = [{ name: "some.docx" }];
|
|
Discourse.SiteSettings.authorized_extensions = "jpeg";
|
|
sandbox.stub(bootbox, "alert");
|
|
|
|
let user = User.create({ moderator: true });
|
|
assert.not(validUpload(files, { user }));
|
|
assert.ok(
|
|
validUpload(files, {
|
|
isPrivateMessage: true,
|
|
allowStaffToUploadAnyFileInPm: true,
|
|
user
|
|
})
|
|
);
|
|
});
|
|
|
|
const imageSize = 10 * 1024;
|
|
|
|
const dummyBlob = function() {
|
|
const BlobBuilder =
|
|
window.BlobBuilder ||
|
|
window.WebKitBlobBuilder ||
|
|
window.MozBlobBuilder ||
|
|
window.MSBlobBuilder;
|
|
if (BlobBuilder) {
|
|
let bb = new BlobBuilder();
|
|
bb.append([new Int8Array(imageSize)]);
|
|
return bb.getBlob("image/png");
|
|
} else {
|
|
return new Blob([new Int8Array(imageSize)], { type: "image/png" });
|
|
}
|
|
};
|
|
|
|
QUnit.test("allows valid uploads to go through", assert => {
|
|
sandbox.stub(bootbox, "alert");
|
|
|
|
let user = User.create({ trust_level: 1 });
|
|
|
|
// image
|
|
let image = { name: "image.png", size: imageSize };
|
|
assert.ok(validUpload([image], { user }));
|
|
// pasted image
|
|
let pastedImage = dummyBlob();
|
|
assert.ok(validUpload([pastedImage], { user }));
|
|
|
|
assert.not(bootbox.alert.calledOnce);
|
|
});
|
|
|
|
QUnit.test("isAnImage", assert => {
|
|
["png", "jpg", "jpeg", "gif", "ico"].forEach(extension => {
|
|
var image = "image." + extension;
|
|
assert.ok(isAnImage(image), image + " is recognized as an image");
|
|
assert.ok(
|
|
isAnImage("http://foo.bar/path/to/" + image),
|
|
image + " is recognized as an image"
|
|
);
|
|
});
|
|
assert.not(isAnImage("file.txt"));
|
|
assert.not(isAnImage("http://foo.bar/path/to/file.txt"));
|
|
assert.not(isAnImage(""));
|
|
});
|
|
|
|
QUnit.test("allowsImages", assert => {
|
|
Discourse.SiteSettings.authorized_extensions = "jpg|jpeg|gif";
|
|
assert.ok(allowsImages(), "works");
|
|
|
|
Discourse.SiteSettings.authorized_extensions = ".jpg|.jpeg|.gif";
|
|
assert.ok(allowsImages(), "works with old extensions syntax");
|
|
|
|
Discourse.SiteSettings.authorized_extensions = "txt|pdf|*";
|
|
assert.ok(
|
|
allowsImages(),
|
|
"images are allowed when all extensions are allowed"
|
|
);
|
|
|
|
Discourse.SiteSettings.authorized_extensions = "json|jpg|pdf|txt";
|
|
assert.ok(
|
|
allowsImages(),
|
|
"images are allowed when at least one extension is an image extension"
|
|
);
|
|
});
|
|
|
|
QUnit.test("allowsAttachments", assert => {
|
|
Discourse.SiteSettings.authorized_extensions = "jpg|jpeg|gif";
|
|
assert.not(allowsAttachments(), "no attachments allowed by default");
|
|
|
|
Discourse.SiteSettings.authorized_extensions = "jpg|jpeg|gif|*";
|
|
assert.ok(
|
|
allowsAttachments(),
|
|
"attachments are allowed when all extensions are allowed"
|
|
);
|
|
|
|
Discourse.SiteSettings.authorized_extensions = "jpg|jpeg|gif|pdf";
|
|
assert.ok(
|
|
allowsAttachments(),
|
|
"attachments are allowed when at least one extension is not an image extension"
|
|
);
|
|
|
|
Discourse.SiteSettings.authorized_extensions = ".jpg|.jpeg|.gif|.pdf";
|
|
assert.ok(allowsAttachments(), "works with old extensions syntax");
|
|
});
|
|
|
|
function testUploadMarkdown(filename, opts = {}) {
|
|
return getUploadMarkdown(
|
|
Object.assign(
|
|
{
|
|
original_filename: filename,
|
|
filesize: 42,
|
|
thumbnail_width: 100,
|
|
thumbnail_height: 200,
|
|
url: "/uploads/123/abcdef.ext"
|
|
},
|
|
opts
|
|
)
|
|
);
|
|
}
|
|
|
|
QUnit.test("getUploadMarkdown", assert => {
|
|
assert.equal(
|
|
testUploadMarkdown("lolcat.gif"),
|
|
"![lolcat|100x200](/uploads/123/abcdef.ext)"
|
|
);
|
|
assert.equal(
|
|
testUploadMarkdown("[foo|bar].png"),
|
|
"![%5Bfoo%7Cbar%5D|100x200](/uploads/123/abcdef.ext)"
|
|
);
|
|
assert.equal(
|
|
testUploadMarkdown("file name with space.png"),
|
|
"![file name with space|100x200](/uploads/123/abcdef.ext)"
|
|
);
|
|
|
|
const short_url = "uploads://asdaasd.ext";
|
|
|
|
assert.equal(
|
|
testUploadMarkdown("important.txt", { short_url }),
|
|
`[important.txt|attachment](${short_url}) (42 Bytes)`
|
|
);
|
|
});
|
|
|
|
QUnit.test("replaces GUID in image alt text on iOS", assert => {
|
|
assert.equal(
|
|
testUploadMarkdown("8F2B469B-6B2C-4213-BC68-57B4876365A0.jpeg"),
|
|
"![8F2B469B-6B2C-4213-BC68-57B4876365A0|100x200](/uploads/123/abcdef.ext)"
|
|
);
|
|
|
|
sandbox.stub(Utilities, "isAppleDevice").returns(true);
|
|
assert.equal(
|
|
testUploadMarkdown("8F2B469B-6B2C-4213-BC68-57B4876365A0.jpeg"),
|
|
"![image|100x200](/uploads/123/abcdef.ext)"
|
|
);
|
|
});
|