file extension validation
This commit is contained in:
Damodar Lohani
parent
305dd37eeb
commit
9a955e0244
|
|
@ -24,7 +24,7 @@ use Appwrite\Utopia\Response;
|
|||
use Utopia\Config\Config;
|
||||
use Utopia\Validator\Integer;
|
||||
use Utopia\Database\Query;
|
||||
use Utopia\Storage\Validator\FileType;
|
||||
use Utopia\Storage\Validator\FileExt;
|
||||
|
||||
App::post('/v1/storage/buckets')
|
||||
->desc('Create storage bucket')
|
||||
|
|
@ -289,7 +289,8 @@ App::post('/v1/storage/buckets/:bucketId/files')
|
|||
/*
|
||||
* Validators
|
||||
*/
|
||||
// $fileType = new FileType($bucket->getAttribute('allowedFileExtensions', ['*']));
|
||||
$allowedFileExtensions = $bucket->getAttribute('allowedFileExtensions', []);
|
||||
$fileExt = new FileExt($allowedFileExtensions);
|
||||
$fileSize = new FileSize($bucket->getAttribute('maximumFileSize', 0));
|
||||
$upload = new Upload();
|
||||
|
||||
|
|
@ -303,9 +304,9 @@ App::post('/v1/storage/buckets/:bucketId/files')
|
|||
$file['size'] = (\is_array($file['size']) && isset($file['size'][0])) ? $file['size'][0] : $file['size'];
|
||||
|
||||
// Check if file type is allowed (feature for project settings?)
|
||||
// if (!$fileType->isValid($file['tmp_name'])) {
|
||||
// throw new Exception('File type not allowed', 400);
|
||||
// }
|
||||
if (!empty($allowedFileExtensions) && !$fileExt->isValid($file['name'])) {
|
||||
throw new Exception('File extension not allowed', 400);
|
||||
}
|
||||
|
||||
if (!$fileSize->isValid($file['size'])) { // Check if file size is exceeding allowed limit
|
||||
throw new Exception('File size not allowed', 400);
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ trait StorageBase
|
|||
], $this->getHeaders()), [
|
||||
'name' => 'Test Bucket',
|
||||
'maximumFileSize' => 2000000, //2MB
|
||||
'allowedFileExtensions' => ["jpg", "png"],
|
||||
'read' => ['role:all'],
|
||||
'write' => ['role:all'],
|
||||
]);
|
||||
|
|
@ -92,7 +93,7 @@ trait StorageBase
|
|||
$this->assertEquals(404, $res['headers']['status-code']);
|
||||
|
||||
/**
|
||||
* Test for FAILURE large file size
|
||||
* Test for FAILURE file above bucket's file size limit
|
||||
*/
|
||||
|
||||
$res = $this->client->call(Client::METHOD_POST, '/storage/buckets/' . $bucketId . '/files', array_merge([
|
||||
|
|
@ -108,10 +109,21 @@ trait StorageBase
|
|||
$this->assertEquals('File size not allowed', $res['body']['message']);
|
||||
|
||||
/**
|
||||
* Test for FAILURE unsupported bucket extension
|
||||
* TODO awaiting FileType validator update
|
||||
* Test for FAILURE unsupported bucket file extension
|
||||
*/
|
||||
|
||||
$res = $this->client->call(Client::METHOD_POST, '/storage/buckets/' . $bucketId . '/files', array_merge([
|
||||
'content-type' => 'multipart/form-data',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
], $this->getHeaders()), [
|
||||
'file' => new CURLFile(realpath(__DIR__ . '/../../../resources/disk-a/kitten-3.gif'), 'image/gif', 'kitten-3.gif'),
|
||||
'read' => ['role:all'],
|
||||
'write' => ['role:all'],
|
||||
]);
|
||||
|
||||
$this->assertEquals(400, $res['headers']['status-code']);
|
||||
$this->assertEquals('File extension not allowed', $res['body']['message']);
|
||||
|
||||
return ['bucketId' => $bucketId, 'fileId' => $file['body']['$id'], 'largeFileId' => $file2['body']['$id'], 'largeBucketId' => $bucket2['body']['$id']];
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue