|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace SilverStripe\AssetAdmin\Tests; |
|
4
|
|
|
|
|
5
|
|
|
use SilverStripe\Assets\File; |
|
6
|
|
|
use SilverStripe\Assets\Folder; |
|
7
|
|
|
use SilverStripe\Control\Director; |
|
8
|
|
|
use SilverStripe\Control\Session; |
|
9
|
|
|
use SilverStripe\Dev\FunctionalTest; |
|
10
|
|
|
use SilverStripe\Dev\TestOnly; |
|
11
|
|
|
use SilverStripe\ORM\DataExtension; |
|
12
|
|
|
use SilverStripe\ORM\Versioning\Versioned; |
|
13
|
|
|
use SilverStripe\Security\SecurityToken; |
|
14
|
|
|
use AssetStoreTest_SpyStore; |
|
15
|
|
|
|
|
16
|
|
|
/** |
|
17
|
|
|
* Tests {@see AssetAdmin} |
|
18
|
|
|
*/ |
|
19
|
|
|
class AssetAdminTest extends FunctionalTest |
|
20
|
|
|
{ |
|
21
|
|
|
|
|
22
|
|
|
protected static $fixture_file = 'AssetAdminTest.yml'; |
|
23
|
|
|
|
|
24
|
|
|
/** |
|
25
|
|
|
* @var Session |
|
26
|
|
|
*/ |
|
27
|
|
|
protected $session = null; |
|
28
|
|
|
|
|
29
|
|
|
public function setUp() |
|
30
|
|
|
{ |
|
31
|
|
|
parent::setUp(); |
|
32
|
|
|
|
|
33
|
|
|
AssetStoreTest_SpyStore::activate('AssetAdminTest'); |
|
34
|
|
|
$memberID = $this->logInWithPermission('ADMIN'); |
|
35
|
|
|
$this->session = Session::create(array('loggedInAs' => $memberID)); |
|
36
|
|
|
|
|
37
|
|
|
File::add_extension('SilverStripe\\AssetAdmin\\Tests\\AssetAdminTest_File'); |
|
38
|
|
|
Folder::add_extension('SilverStripe\\AssetAdmin\\Tests\\AssetAdminTest_Folder'); |
|
39
|
|
|
|
|
40
|
|
|
// Create a test folders for each of the fixture references |
|
41
|
|
|
foreach (File::get()->filter('ClassName', 'SilverStripe\\Assets\\Folder') as $folder) { |
|
42
|
|
|
/** @var Folder $folder */ |
|
43
|
|
|
$folder->copyVersionToStage(Versioned::DRAFT, Versioned::LIVE); |
|
44
|
|
|
} |
|
45
|
|
|
|
|
46
|
|
|
// Create a test files for each of the fixture references |
|
47
|
|
|
$content = str_repeat('x', 1000000); |
|
48
|
|
|
foreach (File::get()->exclude('ClassName', 'SilverStripe\\Assets\\Folder') as $file) { |
|
49
|
|
|
/** @var File $file */ |
|
50
|
|
|
$file->setFromString($content, $file->generateFilename()); |
|
51
|
|
|
$file->copyVersionToStage(Versioned::DRAFT, Versioned::LIVE); |
|
52
|
|
|
} |
|
53
|
|
|
|
|
54
|
|
|
// Override FunctionalTest defaults |
|
55
|
|
|
SecurityToken::enable(); |
|
56
|
|
|
$this->session->inst_set('SecurityID', SecurityToken::inst()->getValue()); |
|
57
|
|
|
} |
|
58
|
|
|
|
|
59
|
|
|
public function tearDown() |
|
60
|
|
|
{ |
|
61
|
|
|
File::remove_extension('SilverStripe\\AssetAdmin\\Tests\\AssetAdminTest_File'); |
|
62
|
|
|
Folder::remove_extension('SilverStripe\\AssetAdmin\\Tests\\AssetAdminTest_Folder'); |
|
63
|
|
|
|
|
64
|
|
|
AssetStoreTest_SpyStore::reset(); |
|
65
|
|
|
parent::tearDown(); |
|
66
|
|
|
} |
|
67
|
|
|
|
|
68
|
|
|
|
|
69
|
|
|
public function testApiHistory() { |
|
70
|
|
|
$file = $this->objFromFixture( |
|
71
|
|
|
'SilverStripe\\Assets\\File', |
|
72
|
|
|
'file1' |
|
73
|
|
|
); |
|
74
|
|
|
$response = Director::test( |
|
75
|
|
|
'admin/assets/api/history?fileId='. $file->ID, |
|
76
|
|
|
null, |
|
77
|
|
|
$this->session, |
|
78
|
|
|
'GET' |
|
79
|
|
|
); |
|
80
|
|
|
|
|
81
|
|
|
$this->assertFalse($response->isError()); |
|
82
|
|
|
|
|
83
|
|
|
$body = json_decode($response->getBody()); |
|
84
|
|
|
|
|
85
|
|
|
$this->assertArrayHasKey('summary', $body[0]); |
|
86
|
|
|
$this->assertArrayHasKey('versionid', $body[0]); |
|
87
|
|
|
$this->assertArrayHasKey('summary', $body[0]); |
|
88
|
|
|
|
|
89
|
|
|
// test permission filtering and |
|
90
|
|
|
} |
|
91
|
|
|
|
|
92
|
|
|
|
|
93
|
|
|
public function testItCreatesFolder() |
|
94
|
|
|
{ |
|
95
|
|
|
$folder1 = $this->objFromFixture('SilverStripe\\Assets\\Folder', 'folder1'); |
|
96
|
|
|
|
|
97
|
|
|
$response = Director::test( |
|
98
|
|
|
'admin/assets/api/createFolder', |
|
99
|
|
|
[ |
|
100
|
|
|
'ParentID' => $folder1->ID, |
|
101
|
|
|
'Name' => 'testItCreatesFolder', |
|
102
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
103
|
|
|
], |
|
104
|
|
|
$this->session, |
|
105
|
|
|
'POST' |
|
106
|
|
|
); |
|
107
|
|
|
$this->assertFalse($response->isError()); |
|
108
|
|
|
$responseData = json_decode($response->getBody(), true); |
|
109
|
|
|
$newFolder = Folder::get()->byID($responseData['id']); |
|
110
|
|
|
$this->assertNotNull($newFolder); |
|
111
|
|
|
$this->assertEquals($folder1->ID, $newFolder->ParentID); |
|
112
|
|
|
$this->assertEquals('testItCreatesFolder', $newFolder->Name); |
|
113
|
|
|
} |
|
114
|
|
|
|
|
115
|
|
View Code Duplication |
public function testItRestrictsCreateFolderByCanCreate() |
|
|
|
|
|
|
116
|
|
|
{ |
|
117
|
|
|
$folder = $this->objFromFixture('SilverStripe\\Assets\\Folder', 'folder1'); |
|
118
|
|
|
|
|
119
|
|
|
$response = Director::test( |
|
120
|
|
|
'admin/assets/api/createFolder', |
|
121
|
|
|
[ |
|
122
|
|
|
'ParentID' => $folder->ID, |
|
123
|
|
|
'Name' => 'disallowCanCreate', |
|
124
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
125
|
|
|
], |
|
126
|
|
|
$this->session, |
|
127
|
|
|
'POST' |
|
128
|
|
|
); |
|
129
|
|
|
$this->assertTrue($response->isError()); |
|
130
|
|
|
$this->assertEquals(403, $response->getStatusCode()); |
|
131
|
|
|
} |
|
132
|
|
|
|
|
133
|
|
View Code Duplication |
public function testItRestrictsCreateFolderByCanAddChildren() |
|
|
|
|
|
|
134
|
|
|
{ |
|
135
|
|
|
$folder = $this->objFromFixture('SilverStripe\\Assets\\Folder', 'disallowCanAddChildren'); |
|
136
|
|
|
|
|
137
|
|
|
$response = Director::test( |
|
138
|
|
|
'admin/assets/api/createFolder', |
|
139
|
|
|
[ |
|
140
|
|
|
'ParentID' => $folder->ID, |
|
141
|
|
|
'Name' => 'testItRestrictsCreateFolderByCanAddChildren', |
|
142
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
143
|
|
|
], |
|
144
|
|
|
$this->session, |
|
145
|
|
|
'POST' |
|
146
|
|
|
); |
|
147
|
|
|
$this->assertTrue($response->isError()); |
|
148
|
|
|
$this->assertEquals(403, $response->getStatusCode()); |
|
149
|
|
|
} |
|
150
|
|
|
|
|
151
|
|
|
public function testItCreatesFile() |
|
|
|
|
|
|
152
|
|
|
{ |
|
153
|
|
|
$folder1 = $this->objFromFixture('SilverStripe\\Assets\\Folder', 'folder1'); |
|
154
|
|
|
|
|
155
|
|
|
/** @skipUpgrade */ |
|
156
|
|
|
$fileData = array('Upload' => $this->getUploadFile('Upload', 'testItCreatesFile.txt')); |
|
157
|
|
|
$_FILES = $fileData; |
|
158
|
|
|
$postedData = array_merge( |
|
159
|
|
|
$fileData, |
|
160
|
|
|
[ |
|
161
|
|
|
'ParentID' => $folder1->ID, |
|
162
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
163
|
|
|
] |
|
164
|
|
|
); |
|
165
|
|
|
$response = Director::test( |
|
166
|
|
|
'admin/assets/api/createFile', |
|
167
|
|
|
$postedData, |
|
168
|
|
|
$this->session, |
|
169
|
|
|
'POST' |
|
170
|
|
|
); |
|
171
|
|
|
$this->assertFalse($response->isError()); |
|
172
|
|
|
$responseData = json_decode($response->getBody(), true); |
|
173
|
|
|
$newFile = File::get()->byID($responseData[0]['id']); |
|
174
|
|
|
$this->assertNotNull($newFile); |
|
175
|
|
|
$this->assertEquals($folder1->ID, $newFile->ParentID); |
|
176
|
|
|
$this->assertEquals('testItCreatesFile.txt', $newFile->Name); |
|
177
|
|
|
|
|
178
|
|
|
// Test that duplicate uploads are renamed |
|
179
|
|
|
$response = Director::test( |
|
180
|
|
|
'admin/assets/api/createFile', |
|
181
|
|
|
$postedData, |
|
182
|
|
|
$this->session, |
|
183
|
|
|
'POST' |
|
184
|
|
|
); |
|
185
|
|
|
$this->assertFalse($response->isError()); |
|
186
|
|
|
$responseData = json_decode($response->getBody(), true); |
|
187
|
|
|
$newFile2 = File::get()->byID($responseData[0]['id']); |
|
188
|
|
|
$this->assertNotNull($newFile2); |
|
189
|
|
|
$this->assertEquals($folder1->ID, $newFile2->ParentID); |
|
190
|
|
|
$this->assertNotEquals($newFile->ID, $newFile2->ID); |
|
191
|
|
|
$this->assertEquals('testItCreatesFile-v2.txt', $newFile2->Name); |
|
192
|
|
|
} |
|
193
|
|
|
|
|
194
|
|
View Code Duplication |
public function testItRestrictsCreateFileOnCanCreate() |
|
|
|
|
|
|
195
|
|
|
{ |
|
196
|
|
|
$folder = $this->objFromFixture('SilverStripe\\Assets\\Folder', 'folder1'); |
|
197
|
|
|
|
|
198
|
|
|
$fileData = array('Upload' => $this->getUploadFile('Upload', 'disallowCanCreate.txt')); |
|
199
|
|
|
$_FILES = $fileData; |
|
200
|
|
|
$response = Director::test( |
|
201
|
|
|
'admin/assets/api/createFile', |
|
202
|
|
|
array_merge( |
|
203
|
|
|
$fileData, |
|
204
|
|
|
[ |
|
205
|
|
|
'ParentID' => $folder->ID, |
|
206
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
207
|
|
|
] |
|
208
|
|
|
), |
|
209
|
|
|
$this->session, |
|
210
|
|
|
'POST' |
|
211
|
|
|
); |
|
212
|
|
|
$this->assertTrue($response->isError()); |
|
213
|
|
|
$this->assertEquals(403, $response->getStatusCode()); |
|
214
|
|
|
} |
|
215
|
|
|
|
|
216
|
|
View Code Duplication |
public function testItRestrictsCreateFileOnCanAddChildren() |
|
|
|
|
|
|
217
|
|
|
{ |
|
218
|
|
|
$folder = $this->objFromFixture('SilverStripe\\Assets\\Folder', 'disallowCanAddChildren'); |
|
219
|
|
|
|
|
220
|
|
|
/** @skipUpgrade */ |
|
221
|
|
|
$fileData = array('Upload' => $this->getUploadFile('Upload', 'test.txt')); |
|
222
|
|
|
$_FILES = $fileData; |
|
223
|
|
|
$response = Director::test( |
|
224
|
|
|
'admin/assets/api/createFile', |
|
225
|
|
|
array_merge( |
|
226
|
|
|
$fileData, |
|
227
|
|
|
[ |
|
228
|
|
|
'ParentID' => $folder->ID, |
|
229
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
230
|
|
|
] |
|
231
|
|
|
), |
|
232
|
|
|
$this->session, |
|
233
|
|
|
'POST' |
|
234
|
|
|
); |
|
235
|
|
|
$this->assertTrue($response->isError()); |
|
236
|
|
|
$this->assertEquals(403, $response->getStatusCode()); |
|
237
|
|
|
} |
|
238
|
|
|
|
|
239
|
|
|
public function testItRestrictsCreateFileOnExtension() |
|
|
|
|
|
|
240
|
|
|
{ |
|
241
|
|
|
$folder1 = $this->objFromFixture( |
|
242
|
|
|
'SilverStripe\\Assets\\Folder', |
|
243
|
|
|
'folder1' |
|
244
|
|
|
); |
|
245
|
|
|
|
|
246
|
|
|
/** @skipUpgrade */ |
|
247
|
|
|
$fileData = array('Upload' => $this->getUploadFile('Upload', 'disallowed.php')); |
|
248
|
|
|
$_FILES = $fileData; |
|
249
|
|
|
$response = Director::test( |
|
250
|
|
|
'admin/assets/api/createFile', |
|
251
|
|
|
array_merge( |
|
252
|
|
|
$fileData, |
|
253
|
|
|
[ |
|
254
|
|
|
'ParentID' => $folder1->ID, |
|
255
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
256
|
|
|
] |
|
257
|
|
|
), |
|
258
|
|
|
$this->session, |
|
259
|
|
|
'POST' |
|
260
|
|
|
); |
|
261
|
|
|
$this->assertTrue($response->isError()); |
|
262
|
|
|
$this->assertEquals(400, $response->getStatusCode()); |
|
263
|
|
|
$responseData = json_decode($response->getBody(), true); |
|
264
|
|
|
$this->assertContains( |
|
265
|
|
|
'Extension is not allowed', |
|
266
|
|
|
$responseData['message']['value'] |
|
267
|
|
|
); |
|
268
|
|
|
} |
|
269
|
|
|
|
|
270
|
|
|
public function testItFiltersByDateInSearch() |
|
271
|
|
|
{ |
|
272
|
|
|
$file1 = $this->objFromFixture('SilverStripe\\Assets\\File', 'file1'); |
|
273
|
|
|
$file2 = $this->objFromFixture('SilverStripe\\Assets\\File', 'file2'); |
|
274
|
|
|
|
|
275
|
|
|
// Force creation times |
|
276
|
|
|
$file1->Created = '2014-01-05 23:11:39'; |
|
277
|
|
|
$file1->write(); |
|
278
|
|
|
$file2->Created = '2014-01-06 12:00:00'; |
|
279
|
|
|
$file2->write(); |
|
280
|
|
|
|
|
281
|
|
|
// Mock searches for 4th Jan |
|
282
|
|
|
$results = $this->getResultsForSearch([ |
|
283
|
|
|
'CreatedFrom' => '2014-01-04', |
|
284
|
|
|
'CreatedTo' => '2014-01-04' |
|
285
|
|
|
]); |
|
286
|
|
|
$this->assertEquals(count($results['files']), 0); |
|
287
|
|
|
|
|
288
|
|
|
// Mock searches for 5th Jan |
|
289
|
|
|
$results = $this->getResultsForSearch([ |
|
290
|
|
|
'CreatedFrom' => '2014-01-05', |
|
291
|
|
|
'CreatedTo' => '2014-01-05' |
|
292
|
|
|
]); |
|
293
|
|
|
$this->assertEquals(count($results['files']), 1); |
|
294
|
|
|
$this->assertContains($file1->ID, array_column($results['files'], 'id')); |
|
295
|
|
|
|
|
296
|
|
|
|
|
297
|
|
|
// Mock searches for 5th-6th Jan |
|
298
|
|
|
$results = $this->getResultsForSearch([ |
|
299
|
|
|
'CreatedFrom' => '2014-01-05', |
|
300
|
|
|
'CreatedTo' => '2014-01-06' |
|
301
|
|
|
]); |
|
302
|
|
|
$this->assertEquals(count($results['files']), 2); |
|
303
|
|
|
$this->assertContains($file1->ID, array_column($results['files'], 'id')); |
|
304
|
|
|
$this->assertContains($file2->ID, array_column($results['files'], 'id')); |
|
305
|
|
|
|
|
306
|
|
|
// Mock searches for 6th Jan |
|
307
|
|
|
$results = $this->getResultsForSearch([ |
|
308
|
|
|
'CreatedFrom' => '2014-01-06', |
|
309
|
|
|
'CreatedTo' => '2014-01-06' |
|
310
|
|
|
]); |
|
311
|
|
|
$this->assertEquals(count($results['files']), 1); |
|
312
|
|
|
$this->assertContains($file2->ID, array_column($results['files'], 'id')); |
|
313
|
|
|
|
|
314
|
|
|
// Mock searches for 7th Jan |
|
315
|
|
|
$results = $this->getResultsForSearch([ |
|
316
|
|
|
'CreatedFrom' => '2014-01-07', |
|
317
|
|
|
'CreatedTo' => '2014-01-07' |
|
318
|
|
|
]); |
|
319
|
|
|
$this->assertEquals(count($results['files']), 0); |
|
320
|
|
|
} |
|
321
|
|
|
|
|
322
|
|
|
|
|
323
|
|
|
public function testItDoesNotFilterByDefaultInSearch() |
|
324
|
|
|
{ |
|
325
|
|
|
$rootfile = $this->objFromFixture('SilverStripe\\Assets\\File', 'rootfile'); |
|
326
|
|
|
$file1 = $this->objFromFixture('SilverStripe\\Assets\\File', 'file1'); |
|
327
|
|
|
$folder1 = $this->objFromFixture('SilverStripe\\Assets\\Folder', 'folder1'); |
|
328
|
|
|
|
|
329
|
|
|
$results = $this->getResultsForSearch(); |
|
330
|
|
|
$this->assertContains($rootfile->ID, array_column($results['files'], 'id'), |
|
331
|
|
|
'Contains top level file' |
|
332
|
|
|
); |
|
333
|
|
|
$this->assertContains($folder1->ID, array_column($results['files'], 'id'), |
|
334
|
|
|
'Contains top level folder' |
|
335
|
|
|
); |
|
336
|
|
|
$this->assertContains($file1->ID, array_column($results['files'], 'id'), |
|
337
|
|
|
'Contains files in subfolder' |
|
338
|
|
|
); |
|
339
|
|
|
} |
|
340
|
|
|
|
|
341
|
|
|
public function testItFiltersByParentInSearch() |
|
342
|
|
|
{ |
|
343
|
|
|
$file1 = $this->objFromFixture('SilverStripe\\Assets\\File', 'file1'); |
|
344
|
|
|
$file2 = $this->objFromFixture('SilverStripe\\Assets\\File', 'file2'); |
|
345
|
|
|
$file1Folder = $file1->Parent(); |
|
|
|
|
|
|
346
|
|
|
$file2Folder = $file2->Parent(); |
|
|
|
|
|
|
347
|
|
|
|
|
348
|
|
|
$results = $this->getResultsForSearch(['Name' => $file1->Name, 'ParentID' => $file1Folder->ID]); |
|
349
|
|
|
$this->assertEquals(count($results['files']), 1); |
|
350
|
|
|
$this->assertContains($file1->ID, array_column($results['files'], 'id'), |
|
351
|
|
|
'Returns file when contained in correct folder' |
|
352
|
|
|
); |
|
353
|
|
|
|
|
354
|
|
|
$results = $this->getResultsForSearch(['Name' => $file1->Name, 'ParentID' => $file2Folder->ID]); |
|
355
|
|
|
$this->assertEquals(count($results['files']), 0, |
|
356
|
|
|
'Does not return file when contained in different folder' |
|
357
|
|
|
); |
|
358
|
|
|
} |
|
359
|
|
|
|
|
360
|
|
|
public function testItFiltersByNameInSearch() |
|
361
|
|
|
{ |
|
362
|
|
|
$file1 = $this->objFromFixture('SilverStripe\\Assets\\File', 'file1'); |
|
363
|
|
|
|
|
364
|
|
|
$results = $this->getResultsForSearch(['Name' => $file1->Name]); |
|
365
|
|
|
$this->assertEquals(count($results['files']), 1, |
|
366
|
|
|
'Finds by Name property' |
|
367
|
|
|
); |
|
368
|
|
|
$this->assertContains($file1->ID, array_column($results['files'], 'id')); |
|
369
|
|
|
|
|
370
|
|
|
$results = $this->getResultsForSearch(['Name' => 'First']); |
|
371
|
|
|
$this->assertEquals(count($results['files']), 1, |
|
372
|
|
|
'Finds by Title property' |
|
373
|
|
|
); |
|
374
|
|
|
$this->assertContains($file1->ID, array_column($results['files'], 'id')); |
|
375
|
|
|
} |
|
376
|
|
|
|
|
377
|
|
|
public function testItRestrictsViewInSearch() |
|
378
|
|
|
{ |
|
379
|
|
|
$allowedFile = $this->objFromFixture('SilverStripe\\Assets\\File', 'file1'); |
|
380
|
|
|
$disallowedFile = $this->objFromFixture('SilverStripe\\Assets\\File', 'disallowCanView'); |
|
381
|
|
|
|
|
382
|
|
|
$results = $this->getResultsForSearch(['Name' => $allowedFile->Name]); |
|
383
|
|
|
$this->assertEquals(count($results['files']), 1); |
|
384
|
|
|
$this->assertContains($allowedFile->ID, array_column($results['files'], 'id')); |
|
385
|
|
|
|
|
386
|
|
|
$results = $this->getResultsForSearch(['Name' => $disallowedFile->Name]); |
|
387
|
|
|
$this->assertEquals(count($results['files']), 0); |
|
388
|
|
|
} |
|
389
|
|
|
|
|
390
|
|
|
public function testItRestrictsViewInReadFolder() |
|
391
|
|
|
{ |
|
392
|
|
|
$folder1 = $this->objFromFixture('SilverStripe\\Assets\\Folder', 'folder1'); |
|
393
|
|
|
$allowedFile = $this->objFromFixture('SilverStripe\\Assets\\File', 'file1'); |
|
394
|
|
|
$disallowedFile = $this->objFromFixture('SilverStripe\\Assets\\File', 'disallowCanView'); |
|
395
|
|
|
|
|
396
|
|
|
$response = $this->get('admin/assets/api/readFolder?' . http_build_query(['id' => $folder1->ID])); |
|
397
|
|
|
$files = json_decode($response->getBody(), true); |
|
398
|
|
|
$this->assertArrayHasKey('files', $files); |
|
399
|
|
|
$ids = array_map(function ($file) { |
|
400
|
|
|
return $file['id']; |
|
401
|
|
|
}, $files['files']); |
|
402
|
|
|
$this->assertContains($allowedFile->ID, $ids); |
|
403
|
|
|
$this->assertEquals($allowedFile->ParentID, $folder1->ID); |
|
404
|
|
|
$this->assertNotContains($disallowedFile->ID, $ids); |
|
405
|
|
|
$this->assertEquals($disallowedFile->ParentID, $folder1->ID); |
|
406
|
|
|
} |
|
407
|
|
|
|
|
408
|
|
|
public function testItRestrictsUpdateFile() |
|
409
|
|
|
{ |
|
410
|
|
|
$allowedFile = $this->objFromFixture('SilverStripe\\Assets\\File', 'file1'); |
|
411
|
|
|
$disallowedFile = $this->objFromFixture('SilverStripe\\Assets\\File', 'disallowCanEdit'); |
|
412
|
|
|
|
|
413
|
|
|
$response = Director::test( |
|
414
|
|
|
'admin/assets/FileEditForm', |
|
415
|
|
|
[ |
|
416
|
|
|
'action_save' => 1, |
|
417
|
|
|
'ID' => $allowedFile->ID, |
|
418
|
|
|
'Name' => 'disallowCanEdit.txt', |
|
419
|
|
|
'Title' => 'new', |
|
420
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
421
|
|
|
], |
|
422
|
|
|
$this->session |
|
423
|
|
|
); |
|
424
|
|
|
$this->assertFalse($response->isError()); |
|
425
|
|
|
|
|
426
|
|
|
$response = Director::test( |
|
427
|
|
|
'admin/assets/FileEditForm', |
|
428
|
|
|
[ |
|
429
|
|
|
'action_save' => 1, |
|
430
|
|
|
'ID' => $disallowedFile->ID, |
|
431
|
|
|
'Title' => 'new', |
|
432
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
433
|
|
|
], |
|
434
|
|
|
$this->session |
|
435
|
|
|
); |
|
436
|
|
|
$this->assertTrue($response->isError()); |
|
437
|
|
|
} |
|
438
|
|
|
|
|
439
|
|
|
public function testItRestrictsDelete() |
|
440
|
|
|
{ |
|
441
|
|
|
$allowedFile = $this->objFromFixture('SilverStripe\\Assets\\File', 'file1'); |
|
442
|
|
|
$disallowedFile = $this->objFromFixture('SilverStripe\\Assets\\File', |
|
443
|
|
|
'disallowCanDelete'); |
|
444
|
|
|
|
|
445
|
|
|
$response = Director::test( |
|
446
|
|
|
'admin/assets/api/delete', |
|
447
|
|
|
null, |
|
448
|
|
|
$this->session, |
|
449
|
|
|
'DELETE', |
|
450
|
|
|
http_build_query([ |
|
451
|
|
|
'ids' => [$allowedFile->ID, $disallowedFile->ID], |
|
452
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
453
|
|
|
]) |
|
454
|
|
|
); |
|
455
|
|
|
$this->assertTrue($response->isError()); |
|
456
|
|
|
|
|
457
|
|
|
$response = Director::test( |
|
458
|
|
|
'admin/assets/api/delete', |
|
459
|
|
|
null, |
|
460
|
|
|
$this->session, |
|
461
|
|
|
'DELETE', |
|
462
|
|
|
http_build_query([ |
|
463
|
|
|
'ids' => [$allowedFile->ID], |
|
464
|
|
|
'SecurityID' => SecurityToken::inst()->getValue(), |
|
465
|
|
|
]) |
|
466
|
|
|
); |
|
467
|
|
|
$this->assertFalse($response->isError()); |
|
468
|
|
|
} |
|
469
|
|
|
|
|
470
|
|
|
/** |
|
471
|
|
|
* @param array $params |
|
472
|
|
|
* @return array |
|
473
|
|
|
*/ |
|
474
|
|
|
protected function getResultsForSearch($params = array()) |
|
475
|
|
|
{ |
|
476
|
|
|
$response = $this->get('admin/assets/api/search?' . http_build_query($params)); |
|
477
|
|
|
$this->assertFalse($response->isError()); |
|
478
|
|
|
|
|
479
|
|
|
return json_decode($response->getBody(), true); |
|
480
|
|
|
} |
|
481
|
|
|
|
|
482
|
|
|
/** |
|
483
|
|
|
* @param string $paramName |
|
484
|
|
|
* @param string $tmpFileName |
|
485
|
|
|
* @return array Emulating an entry in the $_FILES superglobal |
|
486
|
|
|
*/ |
|
487
|
|
|
protected function getUploadFile($paramName, $tmpFileName = 'AssetAdminTest.txt') |
|
|
|
|
|
|
488
|
|
|
{ |
|
489
|
|
|
$tmpFilePath = TEMP_FOLDER . '/' . $tmpFileName; |
|
490
|
|
|
$tmpFileContent = ''; |
|
491
|
|
|
for ($i = 0; $i < 10000; $i++) { |
|
492
|
|
|
$tmpFileContent .= '0'; |
|
493
|
|
|
} |
|
494
|
|
|
file_put_contents($tmpFilePath, $tmpFileContent); |
|
495
|
|
|
|
|
496
|
|
|
// emulates the $_FILES array |
|
497
|
|
|
return array( |
|
498
|
|
|
'name' => $tmpFileName, |
|
499
|
|
|
'type' => 'text/plaintext', |
|
500
|
|
|
'size' => filesize($tmpFilePath), |
|
501
|
|
|
'tmp_name' => $tmpFilePath, |
|
502
|
|
|
'error' => UPLOAD_ERR_OK, |
|
503
|
|
|
); |
|
504
|
|
|
} |
|
505
|
|
|
} |
|
506
|
|
|
|
|
507
|
|
|
class AssetAdminTest_File extends DataExtension implements TestOnly |
|
|
|
|
|
|
508
|
|
|
{ |
|
509
|
|
|
public function canView($member = null) |
|
|
|
|
|
|
510
|
|
|
{ |
|
511
|
|
|
if ($this->owner->Name === 'disallowCanView.txt') { |
|
512
|
|
|
return false; |
|
513
|
|
|
} |
|
514
|
|
|
} |
|
515
|
|
|
|
|
516
|
|
|
public function canEdit($member = null) |
|
517
|
|
|
{ |
|
518
|
|
|
if ($this->owner->Name === 'disallowCanEdit.txt') { |
|
519
|
|
|
return false; |
|
520
|
|
|
} |
|
521
|
|
|
} |
|
522
|
|
|
|
|
523
|
|
|
public function canDelete($member = null) |
|
524
|
|
|
{ |
|
525
|
|
|
if ($this->owner->Name === 'disallowCanDelete.txt') { |
|
526
|
|
|
return false; |
|
527
|
|
|
} |
|
528
|
|
|
} |
|
529
|
|
|
|
|
530
|
|
|
public function canArchive($member = null) |
|
531
|
|
|
{ |
|
532
|
|
|
if ($this->owner->Name === 'disallowCanDelete.txt') { |
|
533
|
|
|
return false; |
|
534
|
|
|
} |
|
535
|
|
|
return $this->owner->canDelete($member); |
|
536
|
|
|
} |
|
537
|
|
|
|
|
538
|
|
|
public function canCreate($member = null, $context = []) |
|
539
|
|
|
{ |
|
540
|
|
|
if (isset($context['Parent']) && $context['Parent']->Name === 'disallowCanAddChildren') { |
|
541
|
|
|
return false; |
|
542
|
|
|
} |
|
543
|
|
|
if (isset($context['Upload']['name']) && $context['Upload']['name'] === 'disallowCanCreate.txt') { |
|
544
|
|
|
return false; |
|
545
|
|
|
} |
|
546
|
|
|
} |
|
547
|
|
|
} |
|
548
|
|
|
|
|
549
|
|
|
class AssetAdminTest_Folder extends DataExtension implements TestOnly |
|
|
|
|
|
|
550
|
|
|
{ |
|
551
|
|
|
public function canView($member = null, $context = array()) |
|
|
|
|
|
|
552
|
|
|
{ |
|
553
|
|
|
if ($this->owner->Name === 'disallowCanView') { |
|
554
|
|
|
return false; |
|
555
|
|
|
} |
|
556
|
|
|
} |
|
557
|
|
|
|
|
558
|
|
|
public function canEdit($member = null, $context = array()) |
|
|
|
|
|
|
559
|
|
|
{ |
|
560
|
|
|
if ($this->owner->Name === 'disallowCanEdit') { |
|
561
|
|
|
return false; |
|
562
|
|
|
} |
|
563
|
|
|
} |
|
564
|
|
|
|
|
565
|
|
|
public function canDelete($member = null, $context = array()) |
|
|
|
|
|
|
566
|
|
|
{ |
|
567
|
|
|
if ($this->owner->Name === 'disallowCanDelete') { |
|
568
|
|
|
return false; |
|
569
|
|
|
} |
|
570
|
|
|
} |
|
571
|
|
|
|
|
572
|
|
|
public function canCreate($member = null, $context = array()) |
|
573
|
|
|
{ |
|
574
|
|
|
if (isset($context['Name']) && $context['Name'] === 'disallowCanCreate') { |
|
575
|
|
|
return false; |
|
576
|
|
|
} |
|
577
|
|
|
} |
|
578
|
|
|
} |
|
579
|
|
|
|
silverstripe /
silverstripe-asset-admin
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.