diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-09 12:06:13 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-09 12:06:13 +0000 |
commit | 0a850868dfb85086cba8320cee9dac4657dcae6c (patch) | |
tree | 40d17228fe23d9db7b861fe2a20d024d64c50323 /spec/lib/gitlab/file_type_detection_spec.rb | |
parent | 3744bcc0d10d24104e39985b6833a0ec51791c0a (diff) | |
download | gitlab-ce-0a850868dfb85086cba8320cee9dac4657dcae6c.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'spec/lib/gitlab/file_type_detection_spec.rb')
-rw-r--r-- | spec/lib/gitlab/file_type_detection_spec.rb | 419 |
1 files changed, 357 insertions, 62 deletions
diff --git a/spec/lib/gitlab/file_type_detection_spec.rb b/spec/lib/gitlab/file_type_detection_spec.rb index 1edf882afe2..05008bf895c 100644 --- a/spec/lib/gitlab/file_type_detection_spec.rb +++ b/spec/lib/gitlab/file_type_detection_spec.rb @@ -3,7 +3,21 @@ require 'spec_helper' describe Gitlab::FileTypeDetection do context 'when class is an uploader' do - shared_examples '#image? for an uploader' do + let(:uploader) do + example_uploader = Class.new(CarrierWave::Uploader::Base) do + include Gitlab::FileTypeDetection + + storage :file + end + + example_uploader.new + end + + def upload_fixture(filename) + fixture_file_upload(File.join('spec', 'fixtures', filename)) + end + + describe '#image?' do it 'returns true for an image file' do uploader.store!(upload_fixture('dk.png')) @@ -23,6 +37,12 @@ describe Gitlab::FileTypeDetection do expect(uploader).not_to be_image end + it 'returns false for an audio file' do + uploader.store!(upload_fixture('audio_sample.wav')) + + expect(uploader).not_to be_image + end + it 'returns false if filename is blank' do uploader.store!(upload_fixture('dk.png')) @@ -32,7 +52,7 @@ describe Gitlab::FileTypeDetection do end end - shared_examples '#video? for an uploader' do + describe '#video?' do it 'returns true for a video file' do uploader.store!(upload_fixture('video_sample.mp4')) @@ -45,8 +65,21 @@ describe Gitlab::FileTypeDetection do expect(uploader).not_to be_video end + it 'returns false for an audio file' do + uploader.store!(upload_fixture('audio_sample.wav')) + + expect(uploader).not_to be_video + end + + it 'returns false if file has a dangerous image extension' do + uploader.store!(upload_fixture('unsanitized.svg')) + + expect(uploader).to be_dangerous_image + expect(uploader).not_to be_video + end + it 'returns false if filename is blank' do - uploader.store!(upload_fixture('dk.png')) + uploader.store!(upload_fixture('video_sample.mp4')) allow(uploader).to receive(:filename).and_return(nil) @@ -54,7 +87,83 @@ describe Gitlab::FileTypeDetection do end end - shared_examples '#dangerous_image? for an uploader' do + describe '#audio?' do + it 'returns true for an audio file' do + uploader.store!(upload_fixture('audio_sample.wav')) + + expect(uploader).to be_audio + end + + it 'returns false for an image file' do + uploader.store!(upload_fixture('dk.png')) + + expect(uploader).not_to be_audio + end + + it 'returns false for a video file' do + uploader.store!(upload_fixture('video_sample.mp4')) + + expect(uploader).not_to be_audio + end + + it 'returns false if file has a dangerous image extension' do + uploader.store!(upload_fixture('unsanitized.svg')) + + expect(uploader).to be_dangerous_image + expect(uploader).not_to be_audio + end + + it 'returns false if filename is blank' do + uploader.store!(upload_fixture('audio_sample.wav')) + + allow(uploader).to receive(:filename).and_return(nil) + + expect(uploader).not_to be_audio + end + end + + describe '#embeddable?' do + it 'returns true for an image file' do + uploader.store!(upload_fixture('dk.png')) + + expect(uploader).to be_embeddable + end + + it 'returns true for a video file' do + uploader.store!(upload_fixture('video_sample.mp4')) + + expect(uploader).to be_embeddable + end + + it 'returns true for an audio file' do + uploader.store!(upload_fixture('audio_sample.wav')) + + expect(uploader).to be_embeddable + end + + it 'returns false if not an embeddable file' do + uploader.store!(upload_fixture('doc_sample.txt')) + + expect(uploader).not_to be_embeddable + end + + it 'returns false if filename has a dangerous image extension' do + uploader.store!(upload_fixture('unsanitized.svg')) + + expect(uploader).to be_dangerous_image + expect(uploader).not_to be_embeddable + end + + it 'returns false if filename is blank' do + uploader.store!(upload_fixture('dk.png')) + + allow(uploader).to receive(:filename).and_return(nil) + + expect(uploader).not_to be_embeddable + end + end + + describe '#dangerous_image?' do it 'returns true if filename has a dangerous extension' do uploader.store!(upload_fixture('unsanitized.svg')) @@ -73,6 +182,12 @@ describe Gitlab::FileTypeDetection do expect(uploader).not_to be_dangerous_image end + it 'returns false for an audio file' do + uploader.store!(upload_fixture('audio_sample.wav')) + + expect(uploader).not_to be_dangerous_image + end + it 'returns false if filename is blank' do uploader.store!(upload_fixture('dk.png')) @@ -82,7 +197,7 @@ describe Gitlab::FileTypeDetection do end end - shared_examples '#dangerous_video? for an uploader' do + describe '#dangerous_video?' do it 'returns false for a safe video file' do uploader.store!(upload_fixture('video_sample.mp4')) @@ -101,6 +216,12 @@ describe Gitlab::FileTypeDetection do expect(uploader).not_to be_dangerous_video end + it 'returns false for an audio file' do + uploader.store!(upload_fixture('audio_sample.wav')) + + expect(uploader).not_to be_dangerous_video + end + it 'returns false if filename is blank' do uploader.store!(upload_fixture('dk.png')) @@ -110,49 +231,91 @@ describe Gitlab::FileTypeDetection do end end - let(:uploader) do - example_uploader = Class.new(CarrierWave::Uploader::Base) do - include Gitlab::FileTypeDetection + describe '#dangerous_audio?' do + it 'returns false for a safe audio file' do + uploader.store!(upload_fixture('audio_sample.wav')) - storage :file + expect(uploader).not_to be_dangerous_audio end - example_uploader.new - end + it 'returns false if filename is a dangerous image extension' do + uploader.store!(upload_fixture('unsanitized.svg')) - def upload_fixture(filename) - fixture_file_upload(File.join('spec', 'fixtures', filename)) - end + expect(uploader).not_to be_dangerous_audio + end - describe '#image?' do - include_examples '#image? for an uploader' - end + it 'returns false for an image file' do + uploader.store!(upload_fixture('dk.png')) - describe '#video?' do - include_examples '#video? for an uploader' - end + expect(uploader).not_to be_dangerous_audio + end - describe '#image_or_video?' do - include_examples '#image? for an uploader' - include_examples '#video? for an uploader' - end + it 'returns false for an video file' do + uploader.store!(upload_fixture('video_sample.mp4')) - describe '#dangerous_image?' do - include_examples '#dangerous_image? for an uploader' - end + expect(uploader).not_to be_dangerous_audio + end - describe '#dangerous_video?' do - include_examples '#dangerous_video? for an uploader' + it 'returns false if filename is blank' do + uploader.store!(upload_fixture('dk.png')) + + allow(uploader).to receive(:filename).and_return(nil) + + expect(uploader).not_to be_dangerous_audio + end end - describe '#dangerous_image_or_video?' do - include_examples '#dangerous_image? for an uploader' - include_examples '#dangerous_video? for an uploader' + describe '#dangerous_embeddable?' do + it 'returns true if filename has a dangerous image extension' do + uploader.store!(upload_fixture('unsanitized.svg')) + + expect(uploader).to be_dangerous_embeddable + end + + it 'returns false for an image file' do + uploader.store!(upload_fixture('dk.png')) + + expect(uploader).not_to be_dangerous_embeddable + end + + it 'returns false for a video file' do + uploader.store!(upload_fixture('video_sample.mp4')) + + expect(uploader).not_to be_dangerous_embeddable + end + + it 'returns false for an audio file' do + uploader.store!(upload_fixture('audio_sample.wav')) + + expect(uploader).not_to be_dangerous_embeddable + end + + it 'returns false for a non-embeddable file' do + uploader.store!(upload_fixture('doc_sample.txt')) + + expect(uploader).not_to be_dangerous_embeddable + end + + it 'returns false if filename is blank' do + uploader.store!(upload_fixture('dk.png')) + + allow(uploader).to receive(:filename).and_return(nil) + + expect(uploader).not_to be_dangerous_embeddable + end end end context 'when class is a regular class' do - shared_examples '#image? for a regular class' do + let(:custom_class) do + custom_class = Class.new do + include Gitlab::FileTypeDetection + end + + custom_class.new + end + + describe '#image?' do it 'returns true for an image file' do allow(custom_class).to receive(:filename).and_return('dk.png') @@ -166,12 +329,18 @@ describe Gitlab::FileTypeDetection do expect(custom_class).not_to be_image end - it 'returns false for any non image file' do + it 'returns false for a video file' do allow(custom_class).to receive(:filename).and_return('video_sample.mp4') expect(custom_class).not_to be_image end + it 'returns false for an audio file' do + allow(custom_class).to receive(:filename).and_return('audio_sample.wav') + + expect(custom_class).not_to be_image + end + it 'returns false if filename is blank' do allow(custom_class).to receive(:filename).and_return(nil) @@ -179,19 +348,25 @@ describe Gitlab::FileTypeDetection do end end - shared_examples '#video? for a regular class' do + describe '#video?' do it 'returns true for a video file' do allow(custom_class).to receive(:filename).and_return('video_sample.mp4') expect(custom_class).to be_video end - it 'returns false for any non-video file' do + it 'returns false for an image file' do allow(custom_class).to receive(:filename).and_return('dk.png') expect(custom_class).not_to be_video end + it 'returns false for an audio file' do + allow(custom_class).to receive(:filename).and_return('audio_sample.wav') + + expect(custom_class).not_to be_video + end + it 'returns false if file has a dangerous image extension' do allow(custom_class).to receive(:filename).and_return('unsanitized.svg') @@ -206,7 +381,79 @@ describe Gitlab::FileTypeDetection do end end - shared_examples '#dangerous_image? for a regular class' do + describe '#audio?' do + it 'returns true for an audio file' do + allow(custom_class).to receive(:filename).and_return('audio_sample.wav') + + expect(custom_class).to be_audio + end + + it 'returns false for an image file' do + allow(custom_class).to receive(:filename).and_return('dk.png') + + expect(custom_class).not_to be_audio + end + + it 'returns false for a video file' do + allow(custom_class).to receive(:filename).and_return('video_sample.mp4') + + expect(custom_class).not_to be_audio + end + + it 'returns false if file has a dangerous image extension' do + allow(custom_class).to receive(:filename).and_return('unsanitized.svg') + + expect(custom_class).to be_dangerous_image + expect(custom_class).not_to be_audio + end + + it 'returns false if filename is blank' do + allow(custom_class).to receive(:filename).and_return(nil) + + expect(custom_class).not_to be_audio + end + end + + describe '#embeddable?' do + it 'returns true for an image file' do + allow(custom_class).to receive(:filename).and_return('dk.png') + + expect(custom_class).to be_embeddable + end + + it 'returns true for a video file' do + allow(custom_class).to receive(:filename).and_return('video_sample.mp4') + + expect(custom_class).to be_embeddable + end + + it 'returns true for an audio file' do + allow(custom_class).to receive(:filename).and_return('audio_sample.wav') + + expect(custom_class).to be_embeddable + end + + it 'returns false if not an embeddable file' do + allow(custom_class).to receive(:filename).and_return('doc_sample.txt') + + expect(custom_class).not_to be_embeddable + end + + it 'returns false if filename has a dangerous image extension' do + allow(custom_class).to receive(:filename).and_return('unsanitized.svg') + + expect(custom_class).to be_dangerous_image + expect(custom_class).not_to be_embeddable + end + + it 'returns false if filename is blank' do + allow(custom_class).to receive(:filename).and_return(nil) + + expect(custom_class).not_to be_embeddable + end + end + + describe '#dangerous_image?' do it 'returns true if file has a dangerous image extension' do allow(custom_class).to receive(:filename).and_return('unsanitized.svg') @@ -219,12 +466,18 @@ describe Gitlab::FileTypeDetection do expect(custom_class).not_to be_dangerous_image end - it 'returns false for any non image file' do + it 'returns false for a video file' do allow(custom_class).to receive(:filename).and_return('video_sample.mp4') expect(custom_class).not_to be_dangerous_image end + it 'returns false for an audio file' do + allow(custom_class).to receive(:filename).and_return('audio_sample.wav') + + expect(custom_class).not_to be_dangerous_image + end + it 'returns false if filename is blank' do allow(custom_class).to receive(:filename).and_return(nil) @@ -232,7 +485,7 @@ describe Gitlab::FileTypeDetection do end end - shared_examples '#dangerous_video? for a regular class' do + describe '#dangerous_video?' do it 'returns false for a safe video file' do allow(custom_class).to receive(:filename).and_return('video_sample.mp4') @@ -245,6 +498,12 @@ describe Gitlab::FileTypeDetection do expect(custom_class).not_to be_dangerous_video end + it 'returns false for an audio file' do + allow(custom_class).to receive(:filename).and_return('audio_sample.wav') + + expect(custom_class).not_to be_dangerous_video + end + it 'returns false if file has a dangerous image extension' do allow(custom_class).to receive(:filename).and_return('unsanitized.svg') @@ -258,38 +517,74 @@ describe Gitlab::FileTypeDetection do end end - let(:custom_class) do - custom_class = Class.new do - include Gitlab::FileTypeDetection + describe '#dangerous_audio?' do + it 'returns false for a safe audio file' do + allow(custom_class).to receive(:filename).and_return('audio_sample.wav') + + expect(custom_class).not_to be_dangerous_audio end - custom_class.new - end + it 'returns false for an image file' do + allow(custom_class).to receive(:filename).and_return('dk.png') - describe '#image?' do - include_examples '#image? for a regular class' - end + expect(custom_class).not_to be_dangerous_audio + end - describe '#video?' do - include_examples '#video? for a regular class' - end + it 'returns false for a video file' do + allow(custom_class).to receive(:filename).and_return('video_sample.mp4') - describe '#image_or_video?' do - include_examples '#image? for a regular class' - include_examples '#video? for a regular class' - end + expect(custom_class).not_to be_dangerous_audio + end - describe '#dangerous_image?' do - include_examples '#dangerous_image? for a regular class' - end + it 'returns false if file has a dangerous image extension' do + allow(custom_class).to receive(:filename).and_return('unsanitized.svg') - describe '#dangerous_video?' do - include_examples '#dangerous_video? for a regular class' + expect(custom_class).not_to be_dangerous_audio + end + + it 'returns false if filename is blank' do + allow(custom_class).to receive(:filename).and_return(nil) + + expect(custom_class).not_to be_dangerous_audio + end end - describe '#dangerous_image_or_video?' do - include_examples '#dangerous_image? for a regular class' - include_examples '#dangerous_video? for a regular class' + describe '#dangerous_embeddable?' do + it 'returns true if file has a dangerous image extension' do + allow(custom_class).to receive(:filename).and_return('unsanitized.svg') + + expect(custom_class).to be_dangerous_embeddable + end + + it 'returns false for an image file' do + allow(custom_class).to receive(:filename).and_return('dk.png') + + expect(custom_class).not_to be_dangerous_embeddable + end + + it 'returns false for a video file' do + allow(custom_class).to receive(:filename).and_return('video_sample.mp4') + + expect(custom_class).not_to be_dangerous_embeddable + end + + it 'returns false for an audio file' do + allow(custom_class).to receive(:filename).and_return('audio_sample.wav') + + expect(custom_class).not_to be_dangerous_embeddable + end + + it 'returns false for a non-embeddable file' do + allow(custom_class).to receive(:filename).and_return('doc_sample.txt') + + expect(custom_class).not_to be_dangerous_embeddable + end + + it 'returns false if filename is blank' do + allow(custom_class).to receive(:filename).and_return(nil) + + expect(custom_class).not_to be_dangerous_embeddable + end end end end |