Chris@909: # Redmine - project management software Chris@1494: # Copyright (C) 2006-2014 Jean-Philippe Lang Chris@909: # Chris@909: # This program is free software; you can redistribute it and/or Chris@909: # modify it under the terms of the GNU General Public License Chris@909: # as published by the Free Software Foundation; either version 2 Chris@909: # of the License, or (at your option) any later version. Chris@909: # Chris@909: # This program is distributed in the hope that it will be useful, Chris@909: # but WITHOUT ANY WARRANTY; without even the implied warranty of Chris@909: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Chris@909: # GNU General Public License for more details. Chris@909: # Chris@909: # You should have received a copy of the GNU General Public License Chris@909: # along with this program; if not, write to the Free Software Chris@909: # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. Chris@909: Chris@909: require File.expand_path('../../../test_helper', __FILE__) Chris@909: Chris@1464: class Redmine::ApiTest::AttachmentsTest < Redmine::ApiTest::Base Chris@909: fixtures :projects, :trackers, :issue_statuses, :issues, Chris@909: :enumerations, :users, :issue_categories, Chris@909: :projects_trackers, Chris@909: :roles, Chris@909: :member_roles, Chris@909: :members, Chris@909: :enabled_modules, Chris@909: :attachments Chris@909: Chris@909: def setup Chris@909: Setting.rest_api_enabled = '1' Chris@1115: set_fixtures_attachments_directory Chris@909: end Chris@909: Chris@1115: def teardown Chris@1115: set_tmp_attachments_directory Chris@1115: end Chris@1115: Chris@1115: test "GET /attachments/:id.xml should return the attachment" do Chris@1115: get '/attachments/7.xml', {}, credentials('jsmith') Chris@1115: assert_response :success Chris@1115: assert_equal 'application/xml', @response.content_type Chris@1115: assert_tag :tag => 'attachment', Chris@1115: :child => { Chris@1115: :tag => 'id', Chris@1115: :content => '7', Chris@1115: :sibling => { Chris@1115: :tag => 'filename', Chris@1115: :content => 'archive.zip', Chris@1115: :sibling => { Chris@1115: :tag => 'content_url', Chris@1115: :content => 'http://www.example.com/attachments/download/7/archive.zip' Chris@909: } Chris@1115: } Chris@1115: } Chris@1115: end Chris@909: Chris@1115: test "GET /attachments/:id.xml should deny access without credentials" do Chris@1115: get '/attachments/7.xml' Chris@1115: assert_response 401 Chris@1115: set_tmp_attachments_directory Chris@1115: end Chris@1115: Chris@1115: test "GET /attachments/download/:id/:filename should return the attachment content" do Chris@1115: get '/attachments/download/7/archive.zip', {}, credentials('jsmith') Chris@1115: assert_response :success Chris@1115: assert_equal 'application/octet-stream', @response.content_type Chris@1115: set_tmp_attachments_directory Chris@1115: end Chris@1115: Chris@1115: test "GET /attachments/download/:id/:filename should deny access without credentials" do Chris@1115: get '/attachments/download/7/archive.zip' Chris@1115: assert_response 302 Chris@1115: set_tmp_attachments_directory Chris@1115: end Chris@1115: Chris@1115: test "POST /uploads.xml should return the token" do Chris@1115: set_tmp_attachments_directory Chris@1115: assert_difference 'Attachment.count' do Chris@1115: post '/uploads.xml', 'File content', {"CONTENT_TYPE" => 'application/octet-stream'}.merge(credentials('jsmith')) Chris@1115: assert_response :created Chris@1115: assert_equal 'application/xml', response.content_type Chris@1115: end Chris@1115: Chris@1115: xml = Hash.from_xml(response.body) Chris@1115: assert_kind_of Hash, xml['upload'] Chris@1115: token = xml['upload']['token'] Chris@1115: assert_not_nil token Chris@1115: Chris@1115: attachment = Attachment.first(:order => 'id DESC') Chris@1115: assert_equal token, attachment.token Chris@1115: assert_nil attachment.container Chris@1115: assert_equal 2, attachment.author_id Chris@1115: assert_equal 'File content'.size, attachment.filesize Chris@1115: assert attachment.content_type.blank? Chris@1115: assert attachment.filename.present? Chris@1115: assert_match /\d+_[0-9a-z]+/, attachment.diskfile Chris@1115: assert File.exist?(attachment.diskfile) Chris@1115: assert_equal 'File content', File.read(attachment.diskfile) Chris@1115: end Chris@1115: Chris@1115: test "POST /uploads.json should return the token" do Chris@1115: set_tmp_attachments_directory Chris@1115: assert_difference 'Attachment.count' do Chris@1115: post '/uploads.json', 'File content', {"CONTENT_TYPE" => 'application/octet-stream'}.merge(credentials('jsmith')) Chris@1115: assert_response :created Chris@1115: assert_equal 'application/json', response.content_type Chris@1115: end Chris@1115: Chris@1115: json = ActiveSupport::JSON.decode(response.body) Chris@1115: assert_kind_of Hash, json['upload'] Chris@1115: token = json['upload']['token'] Chris@1115: assert_not_nil token Chris@1115: Chris@1115: attachment = Attachment.first(:order => 'id DESC') Chris@1115: assert_equal token, attachment.token Chris@1115: end Chris@1115: Chris@1115: test "POST /uploads.xml should accept :filename param as the attachment filename" do Chris@1115: set_tmp_attachments_directory Chris@1115: assert_difference 'Attachment.count' do Chris@1115: post '/uploads.xml?filename=test.txt', 'File content', {"CONTENT_TYPE" => 'application/octet-stream'}.merge(credentials('jsmith')) Chris@1115: assert_response :created Chris@1115: end Chris@1115: Chris@1115: attachment = Attachment.order('id DESC').first Chris@1115: assert_equal 'test.txt', attachment.filename Chris@1115: assert_match /_test\.txt$/, attachment.diskfile Chris@1115: end Chris@1115: Chris@1115: test "POST /uploads.xml should not accept other content types" do Chris@1115: set_tmp_attachments_directory Chris@1115: assert_no_difference 'Attachment.count' do Chris@1115: post '/uploads.xml', 'PNG DATA', {"CONTENT_TYPE" => 'image/png'}.merge(credentials('jsmith')) Chris@1115: assert_response 406 Chris@1115: end Chris@1115: end Chris@1115: Chris@1115: test "POST /uploads.xml should return errors if file is too big" do Chris@1115: set_tmp_attachments_directory Chris@1115: with_settings :attachment_max_size => 1 do Chris@1115: assert_no_difference 'Attachment.count' do Chris@1115: post '/uploads.xml', ('x' * 2048), {"CONTENT_TYPE" => 'application/octet-stream'}.merge(credentials('jsmith')) Chris@1115: assert_response 422 Chris@1115: assert_tag 'error', :content => /exceeds the maximum allowed file size/ Chris@909: end Chris@909: end Chris@909: end Chris@909: end