summaryrefslogtreecommitdiff
path: root/modules/gallery/tests
diff options
context:
space:
mode:
Diffstat (limited to 'modules/gallery/tests')
-rw-r--r--modules/gallery/tests/Albums_Controller_Test.php2
-rw-r--r--modules/gallery/tests/Cache_Test.php30
-rw-r--r--modules/gallery/tests/Item_Helper_Test.php108
-rw-r--r--modules/gallery/tests/Item_Model_Test.php37
-rw-r--r--modules/gallery/tests/Items_Rest_Helper_Test.php14
-rw-r--r--modules/gallery/tests/xss_data.txt8
6 files changed, 164 insertions, 35 deletions
diff --git a/modules/gallery/tests/Albums_Controller_Test.php b/modules/gallery/tests/Albums_Controller_Test.php
index 6c64394d..35a3bdbb 100644
--- a/modules/gallery/tests/Albums_Controller_Test.php
+++ b/modules/gallery/tests/Albums_Controller_Test.php
@@ -31,7 +31,7 @@ class Albums_Controller_Test extends Gallery_Unit_Test_Case {
$album = test::random_album();
// Randomize to avoid conflicts.
- $new_name = "new_name_" . rand();
+ $new_name = "new_name_" . random::string(6);
$_POST["name"] = $new_name;
$_POST["title"] = "new title";
diff --git a/modules/gallery/tests/Cache_Test.php b/modules/gallery/tests/Cache_Test.php
index e8d8b6f4..b95ef0a2 100644
--- a/modules/gallery/tests/Cache_Test.php
+++ b/modules/gallery/tests/Cache_Test.php
@@ -27,7 +27,7 @@ class Cache_Test extends Gallery_Unit_Test_Case {
public function cache_exists_test() {
$this->assert_false($this->_driver->exists("test_key"), "test_key should not be defined");
- $id = md5(rand());
+ $id = random::hash();
db::build()
->insert("caches")
->columns("key", "tags", "expiration", "cache")
@@ -38,7 +38,7 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_get_test() {
- $id = md5(rand());
+ $id = random::hash();
db::build()
->insert("caches")
@@ -54,7 +54,7 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_set_test() {
- $id = md5(rand());
+ $id = random::hash();
$original_data = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id => $original_data), array("tag1", "tag2"), 84600);
@@ -63,15 +63,15 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_get_tag_test() {
- $id1 = md5(rand());
+ $id1 = random::hash();
$value1 = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600);
- $id2 = md5(rand());
+ $id2 = random::hash();
$value2 = array("field3" => "value3", "field4" => "value4");
$this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 84600);
- $id3 = md5(rand());
+ $id3 = random::hash();
$value3 = array("field5" => "value5", "field6" => "value6");
$this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600);
@@ -86,15 +86,15 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_delete_id_test() {
- $id1 = md5(rand());
+ $id1 = random::hash();
$value1 = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600);
- $id2 = md5(rand());
+ $id2 = random::hash();
$value2 = array("field3" => "value3", "field4" => "value4");
$this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000);
- $id3 = md5(rand());
+ $id3 = random::hash();
$value3 = array("field5" => "value5", "field6" => "value6");
$this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600);
@@ -106,15 +106,15 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_delete_tag_test() {
- $id1 = md5(rand());
+ $id1 = random::hash();
$value1 = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600);
- $id2 = md5(rand());
+ $id2 = random::hash();
$value2 = array("field3" => "value3", "field4" => "value4");
$this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000);
- $id3 = md5(rand());
+ $id3 = random::hash();
$value3 = array("field5" => "value5", "field6" => "value6");
$this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600);
@@ -126,15 +126,15 @@ class Cache_Test extends Gallery_Unit_Test_Case {
}
public function cache_delete_all_test() {
- $id1 = md5(rand());
+ $id1 = random::hash();
$value1 = array("field1" => "value1", "field2" => "value2");
$this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600);
- $id2 = md5(rand());
+ $id2 = random::hash();
$value2 = array("field3" => "value3", "field4" => "value4");
$this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000);
- $id3 = md5(rand());
+ $id3 = random::hash();
$value3 = array("field5" => "value5", "field6" => "value6");
$this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600);
diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php
index eb2458cb..42acfb18 100644
--- a/modules/gallery/tests/Item_Helper_Test.php
+++ b/modules/gallery/tests/Item_Helper_Test.php
@@ -92,7 +92,7 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case {
}
public function move_conflicts_result_in_a_rename_test() {
- $rand = rand();
+ $rand = random::int();
$photo1 = test::random_photo_unsaved(item::root());
$photo1->name = "{$rand}.jpg";
$photo1->slug = (string)$rand;
@@ -125,4 +125,110 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case {
$this->assert_same($photo2->id, $album->album_cover_item_id);
$this->assert_same($photo2->id, $parent->album_cover_item_id);
}
+
+ public function find_by_path_test() {
+ $level1 = test::random_album();
+ $level2 = test::random_album_unsaved($level1);
+ $level2->name = "plus + space";
+ $level2->save()->reload();
+
+ $level3 = test::random_photo_unsaved($level2);
+ $level3->name = "same.jpg";
+ $level3->save()->reload();
+
+ $level2b = test::random_album($level1);
+ $level3b = test::random_photo_unsaved($level2b);
+ $level3b->name = "same.jpg";
+ $level3b->save()->reload();
+
+ // Item in album
+ $this->assert_same(
+ $level3->id,
+ item::find_by_path("/{$level1->name}/{$level2->name}/{$level3->name}")->id);
+
+ // Album, ends with a slash
+ $this->assert_same(
+ $level2->id,
+ item::find_by_path("{$level1->name}/{$level2->name}/")->id);
+
+ // Album, ends without a slash
+ $this->assert_same(
+ $level2->id,
+ item::find_by_path("/{$level1->name}/{$level2->name}")->id);
+
+ // Return root if "" is passed
+ $this->assert_same(item::root()->id, item::find_by_path("")->id);
+
+ // Verify that we don't get confused by the part names, using the fallback code.
+ db::build()
+ ->update("items")
+ ->set(array("relative_path_cache" => null))
+ ->where("id", "IN", array($level3->id, $level3b->id))
+ ->execute();
+ $this->assert_same(
+ $level3->id,
+ item::find_by_path("{$level1->name}/{$level2->name}/{$level3->name}")->id);
+
+ $this->assert_same(
+ $level3b->id,
+ item::find_by_path("{$level1->name}/{$level2b->name}/{$level3b->name}")->id);
+
+ // Verify that we don't get false positives
+ $this->assert_false(
+ item::find_by_path("foo/bar/baz")->loaded());
+
+ // Verify that the fallback code works
+ $this->assert_same(
+ $level3b->id,
+ item::find_by_path("{$level1->name}/{$level2b->name}/{$level3b->name}")->id);
+ }
+
+ public function find_by_relative_url_test() {
+ $level1 = test::random_album();
+ $level2 = test::random_album($level1);
+ $level3 = test::random_photo_unsaved($level2);
+ $level3->slug = "same";
+ $level3->save()->reload();
+
+ $level2b = test::random_album($level1);
+ $level3b = test::random_photo_unsaved($level2b);
+ $level3b->slug = "same";
+ $level3b->save()->reload();
+
+ // Item in album
+ $this->assert_same(
+ $level3->id,
+ item::find_by_relative_url("{$level1->slug}/{$level2->slug}/{$level3->slug}")->id);
+
+ // Album, ends without a slash
+ $this->assert_same(
+ $level2->id,
+ item::find_by_relative_url("{$level1->slug}/{$level2->slug}")->id);
+
+ // Return root if "" is passed
+ $this->assert_same(item::root()->id, item::find_by_relative_url("")->id);
+
+ // Verify that we don't get confused by the part slugs, using the fallback code.
+ db::build()
+ ->update("items")
+ ->set(array("relative_url_cache" => null))
+ ->where("id", "IN", array($level3->id, $level3b->id))
+ ->execute();
+ $this->assert_same(
+ $level3->id,
+ item::find_by_relative_url("{$level1->slug}/{$level2->slug}/{$level3->slug}")->id);
+
+ $this->assert_same(
+ $level3b->id,
+ item::find_by_relative_url("{$level1->slug}/{$level2b->slug}/{$level3b->slug}")->id);
+
+ // Verify that we don't get false positives
+ $this->assert_false(
+ item::find_by_relative_url("foo/bar/baz")->loaded());
+
+ // Verify that the fallback code works
+ $this->assert_same(
+ $level3b->id,
+ item::find_by_relative_url("{$level1->slug}/{$level2b->slug}/{$level3b->slug}")->id);
+ }
}
diff --git a/modules/gallery/tests/Item_Model_Test.php b/modules/gallery/tests/Item_Model_Test.php
index 264a2128..4987d2f9 100644
--- a/modules/gallery/tests/Item_Model_Test.php
+++ b/modules/gallery/tests/Item_Model_Test.php
@@ -278,10 +278,10 @@ class Item_Model_Test extends Gallery_Unit_Test_Case {
public function basic_validation_test() {
$item = ORM::factory("item");
- $item->album_cover_item_id = rand(); // invalid
+ $item->album_cover_item_id = random::int(); // invalid
$item->description = str_repeat("x", 70000); // invalid
$item->name = null;
- $item->parent_id = rand();
+ $item->parent_id = random::int();
$item->slug = null;
$item->sort_column = "bogus";
$item->sort_order = "bogus";
@@ -411,24 +411,47 @@ class Item_Model_Test extends Gallery_Unit_Test_Case {
public function urls_test() {
$photo = test::random_photo();
$this->assert_true(
- preg_match("|http://./var/resizes/name_\d+\.jpg\?m=\d+|", $photo->resize_url()),
+ preg_match("|http://./var/resizes/name_\w+\.jpg\?m=\d+|", $photo->resize_url()),
$photo->resize_url() . " is malformed");
$this->assert_true(
- preg_match("|http://./var/thumbs/name_\d+\.jpg\?m=\d+|", $photo->thumb_url()),
+ preg_match("|http://./var/thumbs/name_\w+\.jpg\?m=\d+|", $photo->thumb_url()),
$photo->thumb_url() . " is malformed");
$this->assert_true(
- preg_match("|http://./var/albums/name_\d+\.jpg\?m=\d+|", $photo->file_url()),
+ preg_match("|http://./var/albums/name_\w+\.jpg\?m=\d+|", $photo->file_url()),
$photo->file_url() . " is malformed");
// Albums have special thumbnails. Empty album has cachebuster of 0 since it has no thumbnail
$album = test::random_album();
$this->assert_true(
- preg_match("|http://./var/thumbs/name_\d+/\.album\.jpg\?m=0|", $album->thumb_url()),
+ preg_match("|http://./var/thumbs/name_\w+/\.album\.jpg\?m=0|", $album->thumb_url()),
$album->thumb_url() . " is malformed");
$photo = test::random_photo($album);
$this->assert_true(
- preg_match("|http://./var/thumbs/name_\d+/\.album\.jpg\?m=\d+|", $album->thumb_url()),
+ preg_match("|http://./var/thumbs/name_\w+/\.album\.jpg\?m=\d+|", $album->thumb_url()),
$album->thumb_url() . " is malformed");
}
+
+ public function legal_extension_test() {
+ foreach (array("test.gif", "test.GIF", "test.Gif", "test.jpeg", "test.JPG") as $name) {
+ $photo = test::random_photo_unsaved(item::root());
+ $photo->name = $name;
+ $photo->save();
+ }
+ }
+
+ public function illegal_extension_test() {
+ foreach (array("test.php", "test.PHP", "test.php5", "test.php4", "test.pl") as $name) {
+ try {
+ $photo = test::random_photo_unsaved(item::root());
+ $photo->name = $name;
+ $photo->save();
+ } catch (ORM_Validation_Exception $e) {
+ $this->assert_equal(array("name" => "illegal_data_file_extension"),
+ $e->validation->errors());
+ continue;
+ }
+ $this->assert_true(false, "Shouldn't get here");
+ }
+ }
}
diff --git a/modules/gallery/tests/Items_Rest_Helper_Test.php b/modules/gallery/tests/Items_Rest_Helper_Test.php
index 8e53110a..49e77876 100644
--- a/modules/gallery/tests/Items_Rest_Helper_Test.php
+++ b/modules/gallery/tests/Items_Rest_Helper_Test.php
@@ -65,21 +65,21 @@ class Items_Rest_Helper_Test extends Gallery_Unit_Test_Case {
$request = new stdClass();
$request->params = new stdClass();
$request->params->urls = json_encode(array(
- rest::url("item", $photo1),
- rest::url("item", $album2)));
+ rest::url("item", $photo2),
+ rest::url("item", $album1)));
$request->params->type = "album";
$this->assert_equal_array(
array(
- array("url" => rest::url("item", $album2),
- "entity" => $album2->as_restful_array(),
+ array("url" => rest::url("item", $album1),
+ "entity" => $album1->as_restful_array(),
"relationships" => array(
"comments" => array(
- "url" => rest::url("item_comments", $album2)),
+ "url" => rest::url("item_comments", $album1)),
"tags" => array(
- "url" => rest::url("item_tags", $album2),
+ "url" => rest::url("item_tags", $album1),
"members" => array())),
"members" => array(
- rest::url("item", $photo2)))),
+ rest::url("item", $album2)))),
items_rest::get($request));
}
diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt
index 0345df96..7c5e803d 100644
--- a/modules/gallery/tests/xss_data.txt
+++ b/modules/gallery/tests/xss_data.txt
@@ -43,8 +43,8 @@ modules/digibug/views/digibug_form.html.php 6 DIRTY form::
modules/exif/views/exif_dialog.html.php 14 DIRTY $details[$i]["caption"]
modules/exif/views/exif_dialog.html.php 21 DIRTY $details[$i]["caption"]
modules/g2_import/views/admin_g2_import.html.php 9 DIRTY $form
-modules/gallery/views/admin_advanced_settings.html.php 20 DIRTY_ATTR text::alternate("g-odd","g-even")
-modules/gallery/views/admin_advanced_settings.html.php 21 DIRTY $var->module_name
+modules/gallery/views/admin_advanced_settings.html.php 21 DIRTY_ATTR text::alternate("g-odd","g-even")
+modules/gallery/views/admin_advanced_settings.html.php 22 DIRTY $var->module_name
modules/gallery/views/admin_block_log_entries.html.php 4 DIRTY_ATTR log::severity_class($entry->severity)
modules/gallery/views/admin_block_log_entries.html.php 8 DIRTY_JS user_profile::url($entry->user->id)
modules/gallery/views/admin_block_log_entries.html.php 10 DIRTY gallery::date_time($entry->timestamp)
@@ -260,8 +260,8 @@ modules/gallery/views/upgrader.html.php 123 DIRTY_ATTR $don
modules/gallery/views/user_languages_block.html.php 2 DIRTY form::dropdown("g-select-session-locale",$installed_locales,$selected)
modules/gallery/views/user_profile.html.php 34 DIRTY_ATTR $user->avatar_url(40,$theme->url(,true))
modules/gallery/views/user_profile.html.php 43 DIRTY $info->view
-modules/image_block/views/image_block_block.html.php 3 DIRTY_JS $item->url()
-modules/image_block/views/image_block_block.html.php 4 DIRTY $item->thumb_img(array("class"=>"g-thumbnail"))
+modules/image_block/views/image_block_block.html.php 4 DIRTY_JS $item->url()
+modules/image_block/views/image_block_block.html.php 5 DIRTY $item->thumb_img(array("class"=>"g-thumbnail"))
modules/info/views/info_block.html.php 22 DIRTY gallery::date_time($item->captured)
modules/info/views/info_block.html.php 29 DIRTY_JS $item->owner->url
modules/notification/views/comment_published.html.php 28 DIRTY_JS $comment->item()->abs_url()
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 20:06:24 +0000