nextcloud/tests/lib/avatar.php

<?php

/**
 * Copyright (c) 2013 Christopher Schäpers <christopher@schaepers.it>
 * This file is licensed under the Affero General Public License version 3 or
 * later.
 * See the COPYING-README file.
 */

use OC\Avatar;

class Test_Avatar extends \Test\TestCase {
	private static $trashBinStatus;

	/** @var  @var string */
	private $user;

	protected function setUp() {
		parent::setUp();

		$this->user = $this->getUniqueID();
		$storage = new \OC\Files\Storage\Temporary(array());
		\OC\Files\Filesystem::mount($storage, array(), '/' . $this->user . '/');
	}

	public static function setUpBeforeClass() {
		self::$trashBinStatus = \OC_App::isEnabled('files_trashbin');
		\OC_App::disable('files_trashbin');
	}

	public static function tearDownAfterClass() {
		if (self::$trashBinStatus) {
			\OC_App::enable('files_trashbin');
		}
	}

	/**
	 * @return array
	 */
	public function traversalProvider() {
		return [
			['Pot\..\entiallyDangerousUsername'],
			['Pot/..\entiallyDangerousUsername'],
			['PotentiallyDangerousUsername/..'],
			['PotentiallyDangerousUsername\../'],
			['/../PotentiallyDangerousUsername'],
		];
	}

	/**
	 * @dataProvider traversalProvider
	 * @expectedException \Exception
	 * @expectedExceptionMessage Username may not contain slashes
	 * @param string $dangerousUsername
	 */
	public function testAvatarTraversal($dangerousUsername) {
		new Avatar($dangerousUsername);
	}

	public function testAvatar() {

		$avatar = new Avatar($this->user);

		$this->assertEquals(false, $avatar->get());

		$expected = new OC_Image(\OC::$SERVERROOT . '/tests/data/testavatar.png');
		$expected->resize(64);
		$avatar->set($expected->data());
		$this->assertEquals($expected->data(), $avatar->get()->data());

		$avatar->remove();
		$this->assertEquals(false, $avatar->get());
	}

	public function testAvatarApi() {
		$avatarManager = \OC::$server->getAvatarManager();
		$avatar = $avatarManager->getAvatar($this->user);

		$this->assertEquals(false, $avatar->get());

		$expected = new OC_Image(\OC::$SERVERROOT . '/tests/data/testavatar.png');
		$expected->resize(64);
		$avatar->set($expected->data());
		$this->assertEquals($expected->data(), $avatar->get()->data());

		$avatar->remove();
		$this->assertEquals(false, $avatar->get());
	}
}
Add unittests & check filetype in setLocalAvatar() TODO: Fix OC_Image->mimetype(), it always returns "image/png" 2013-07-30 18:09:54 +04:00			`<?php`
Make OC_Avatar unit tests independent of currently loggedin user 2014-01-02 19:08:08 +04:00
Add unittests & check filetype in setLocalAvatar() TODO: Fix OC_Image->mimetype(), it always returns "image/png" 2013-07-30 18:09:54 +04:00			`/**`
			`* Copyright (c) 2013 Christopher Schäpers <christopher@schaepers.it>`
			`* This file is licensed under the Affero General Public License version 3 or`
			`* later.`
			`* See the COPYING-README file.`
			`*/`
Avatar controller moved to AppFrameWork * Original avatarcontroller migrated to the appframework * Added DataDisplayResponse that show data inline in the browser (used to retrun the image) * Removed some unneeded code * Added unit tests for the avatarcontroller 2015-03-03 14:52:27 +03:00
			`use OC\Avatar;`

Make root tests extend the \Test\TestCase 2014-11-11 00:59:50 +03:00			`class Test_Avatar extends \Test\TestCase {`
fixing unit test execution related to trashbin 2015-04-07 13:46:07 +03:00			`private static $trashBinStatus;`
Add unittests & check filetype in setLocalAvatar() TODO: Fix OC_Image->mimetype(), it always returns "image/png" 2013-07-30 18:09:54 +04:00
fixing unit test execution related to trashbin 2015-04-07 13:46:07 +03:00			`/** @var @var string */`
Make OC_Avatar unit tests independent of currently loggedin user 2014-01-02 19:08:08 +04:00			`private $user;`

Make root tests extend the \Test\TestCase 2014-11-11 00:59:50 +03:00			`protected function setUp() {`
			`parent::setUp();`

			`$this->user = $this->getUniqueID();`
Make OC_Avatar unit tests independent of currently loggedin user 2014-01-02 19:08:08 +04:00			`$storage = new \OC\Files\Storage\Temporary(array());`
			`\OC\Files\Filesystem::mount($storage, array(), '/' . $this->user . '/');`
			`}`

fixing unit test execution related to trashbin 2015-04-07 13:46:07 +03:00			`public static function setUpBeforeClass() {`
			`self::$trashBinStatus = \OC_App::isEnabled('files_trashbin');`
			`\OC_App::disable('files_trashbin');`
			`}`

			`public static function tearDownAfterClass() {`
			`if (self::$trashBinStatus) {`
			`\OC_App::enable('files_trashbin');`
			`}`
			`}`

Filter potential dangerous filenames for avatars We don't want to have users misusing this API resulting in a potential file disclosure of "avatar.(jpg\|png)" files. 2015-04-28 17:57:23 +03:00			`/**`
			`* @return array`
			`*/`
			`public function traversalProvider() {`
			`return [`
			`['Pot\..\entiallyDangerousUsername'],`
			`['Pot/..\entiallyDangerousUsername'],`
			`['PotentiallyDangerousUsername/..'],`
			`['PotentiallyDangerousUsername\../'],`
			`['/../PotentiallyDangerousUsername'],`
			`];`
			`}`

			`/**`
			`* @dataProvider traversalProvider`
			`* @expectedException \Exception`
			`* @expectedExceptionMessage Username may not contain slashes`
			`* @param string $dangerousUsername`
			`*/`
			`public function testAvatarTraversal($dangerousUsername) {`
			`new Avatar($dangerousUsername);`
			`}`

Remove gravatar and no-avatar functionality, prepare for default avatars even more and reword some stuff 2013-08-19 14:15:48 +04:00			`public function testAvatar() {`
Finish cropper, Get rid of TODOs, Improve \OCP\Avatar and "fix" unitests 2013-08-30 11:00:37 +04:00
Avatar controller moved to AppFrameWork * Original avatarcontroller migrated to the appframework * Added DataDisplayResponse that show data inline in the browser (used to retrun the image) * Removed some unneeded code * Added unit tests for the avatarcontroller 2015-03-03 14:52:27 +03:00			`$avatar = new Avatar($this->user);`
Continue work on cropper 2013-08-28 18:39:00 +04:00
Pass view in \OC_Avatar to constructor and use $_ for enable_avatars 2013-09-09 18:57:46 +04:00			`$this->assertEquals(false, $avatar->get());`
Add unittests & check filetype in setLocalAvatar() TODO: Fix OC_Image->mimetype(), it always returns "image/png" 2013-07-30 18:09:54 +04:00
Make OC_Avatar unit tests independent of currently loggedin user 2014-01-02 19:08:08 +04:00			`$expected = new OC_Image(\OC::$SERVERROOT . '/tests/data/testavatar.png');`
Have /avatar.php as a central avatar-point 2013-08-08 19:03:19 +04:00			`$expected->resize(64);`
Fix avatar unittest 2013-10-15 19:23:47 +04:00			`$avatar->set($expected->data());`
Pass view in \OC_Avatar to constructor and use $_ for enable_avatars 2013-09-09 18:57:46 +04:00			`$this->assertEquals($expected->data(), $avatar->get()->data());`
Add unittests & check filetype in setLocalAvatar() TODO: Fix OC_Image->mimetype(), it always returns "image/png" 2013-07-30 18:09:54 +04:00
Pass view in \OC_Avatar to constructor and use $_ for enable_avatars 2013-09-09 18:57:46 +04:00			`$avatar->remove();`
			`$this->assertEquals(false, $avatar->get());`
Add unittests & check filetype in setLocalAvatar() TODO: Fix OC_Image->mimetype(), it always returns "image/png" 2013-07-30 18:09:54 +04:00			`}`
Round out Avatar Public API 2013-11-22 02:40:25 +04:00
			`public function testAvatarApi() {`
			`$avatarManager = \OC::$server->getAvatarManager();`
Make OC_Avatar unit tests independent of currently loggedin user 2014-01-02 19:08:08 +04:00			`$avatar = $avatarManager->getAvatar($this->user);`
Round out Avatar Public API 2013-11-22 02:40:25 +04:00
			`$this->assertEquals(false, $avatar->get());`

Make OC_Avatar unit tests independent of currently loggedin user 2014-01-02 19:08:08 +04:00			`$expected = new OC_Image(\OC::$SERVERROOT . '/tests/data/testavatar.png');`
Round out Avatar Public API 2013-11-22 02:40:25 +04:00			`$expected->resize(64);`
			`$avatar->set($expected->data());`
			`$this->assertEquals($expected->data(), $avatar->get()->data());`

			`$avatar->remove();`
			`$this->assertEquals(false, $avatar->get());`
			`}`
Add unittests & check filetype in setLocalAvatar() TODO: Fix OC_Image->mimetype(), it always returns "image/png" 2013-07-30 18:09:54 +04:00			`}`