diff options
Diffstat (limited to 'modules/gallery/tests')
| -rw-r--r-- | modules/gallery/tests/Data_Rest_Helper_Test.php | 9 | ||||
| -rw-r--r-- | modules/gallery/tests/Database_Test.php | 6 | ||||
| -rw-r--r-- | modules/gallery/tests/File_Structure_Test.php | 48 | ||||
| -rw-r--r-- | modules/gallery/tests/Gallery_Filters.php | 6 | ||||
| -rw-r--r-- | modules/gallery/tests/Gallery_Graphics_Helper_Test.php | 137 | ||||
| -rw-r--r-- | modules/gallery/tests/Graphics_Helper_Test.php | 89 | ||||
| -rw-r--r-- | modules/gallery/tests/Item_Helper_Test.php | 18 | ||||
| -rw-r--r-- | modules/gallery/tests/Item_Model_Test.php | 213 | ||||
| -rw-r--r-- | modules/gallery/tests/Legal_File_Helper_Test.php | 57 | ||||
| -rw-r--r-- | modules/gallery/tests/Movie_Helper_Test.php | 32 | ||||
| -rw-r--r-- | modules/gallery/tests/Photo_Helper_Test.php | 56 | ||||
| -rw-r--r-- | modules/gallery/tests/controller_auth_data.txt | 1 | ||||
| -rw-r--r-- | modules/gallery/tests/xss_data.txt | 28 |
13 files changed, 657 insertions, 43 deletions
diff --git a/modules/gallery/tests/Data_Rest_Helper_Test.php b/modules/gallery/tests/Data_Rest_Helper_Test.php index 69d17997..e6a94864 100644 --- a/modules/gallery/tests/Data_Rest_Helper_Test.php +++ b/modules/gallery/tests/Data_Rest_Helper_Test.php @@ -99,4 +99,13 @@ class Data_Rest_Helper_Test extends Gallery_Unit_Test_Case { // pass } } + + public function cache_buster_test() { + $photo = test::random_photo(); + + $this->assert_same( + url::abs_site("rest/data/{$photo->id}?size=thumb&m=" . filemtime($photo->thumb_path())), + data_rest::url($photo, "thumb")); + } } + diff --git a/modules/gallery/tests/Database_Test.php b/modules/gallery/tests/Database_Test.php index ab3290a9..106062f5 100644 --- a/modules/gallery/tests/Database_Test.php +++ b/modules/gallery/tests/Database_Test.php @@ -147,6 +147,12 @@ class Database_Test extends Gallery_Unit_Test_Case { $sql = str_replace("\n", " ", $sql); $this->assert_same("UPDATE [test_tables] SET [name] = [Test Name] WHERE [1] = [1]", $sql); } + + function escape_for_like_test() { + // Note: literal double backslash is written as \\\ + $this->assert_same('basic\_test', Database::escape_for_like("basic_test")); + $this->assert_same('\\\100\%\_test/', Database::escape_for_like('\100%_test/')); + } } class Database_Mock extends Database { diff --git a/modules/gallery/tests/File_Structure_Test.php b/modules/gallery/tests/File_Structure_Test.php index 8f6e480c..ce75ea13 100644 --- a/modules/gallery/tests/File_Structure_Test.php +++ b/modules/gallery/tests/File_Structure_Test.php @@ -283,4 +283,52 @@ class File_Structure_Test extends Gallery_Unit_Test_Case { $this->assert_true(false, $errors); } } + + public function all_public_functions_in_test_files_end_in_test() { + // Who tests the tests? :-) (ref: http://www.xkcd.com/1163) + $dir = new PhpCodeFilterIterator( + new GalleryCodeFilterIterator( + new RecursiveIteratorIterator( + new RecursiveDirectoryIterator(DOCROOT)))); + foreach ($dir as $file) { + $scan = 0; + if (basename(dirname($file)) == "tests") { + foreach (file($file) as $line) { + if (!substr($file, -9, 9) == "_Test.php") { + continue; + } + + if (preg_match("/class.*extends.*Gallery_Unit_Test_Case/", $line)) { + $scan = 1; + } else if (preg_match("/class.*extends/", $line)) { + $scan = 0; + } + + if ($scan) { + if (preg_match("/^\s*public\s+function/", $line)) { + $this->assert_true( + preg_match("/^\s*public\s+function (setup|teardown|.*_test)\(\) {/", $line), + "public functions must end in _test:\n$file\n$line\n"); + } + } + } + } + } + } + + public function no_extra_spaces_at_end_of_line_test() { + $dir = new GalleryCodeFilterIterator( + new RecursiveIteratorIterator(new RecursiveDirectoryIterator(DOCROOT))); + $errors = ""; + foreach ($dir as $file) { + if (preg_match("/\.(php|css|html|js)$/", $file)) { + foreach (file($file) as $line_num => $line) { + if ((substr($line, -2) == " \n") || (substr($line, -1) == " ")) { + $errors .= "$file at line " . ($line_num + 1) . "\n"; + } + } + } + } + $this->assert_true(empty($errors), "Extra spaces at end of line found at:\n$errors"); + } } diff --git a/modules/gallery/tests/Gallery_Filters.php b/modules/gallery/tests/Gallery_Filters.php index 7209bc93..6c2a6aa3 100644 --- a/modules/gallery/tests/Gallery_Filters.php +++ b/modules/gallery/tests/Gallery_Filters.php @@ -26,7 +26,7 @@ class PhpCodeFilterIterator extends FilterIterator { class GalleryCodeFilterIterator extends FilterIterator { public function accept() { - // Skip anything that we didn"t write + // Skip anything that we didn't write $path_name = $this->getInnerIterator()->getPathName(); $file_name = $this->getInnerIterator()->getFileName(); return !( @@ -47,6 +47,10 @@ class GalleryCodeFilterIterator extends FilterIterator { strpos($path_name, SYSPATH) !== false || strpos($path_name, MODPATH . "gallery/libraries/HTMLPurifier") !== false || strpos($path_name, MODPATH . "gallery/vendor/joomla") !== false || + strpos($path_name, MODPATH . "organize/vendor/ext") !== false || + strpos($path_name, DOCROOT . "lib") !== false || + strpos($path_name, DOCROOT . "themes/admin_wind/css/themeroller") !== false || + strpos($path_name, DOCROOT . "themes/wind/css/themeroller") !== false || substr($path_name, -1, 1) == "~"); } } diff --git a/modules/gallery/tests/Gallery_Graphics_Helper_Test.php b/modules/gallery/tests/Gallery_Graphics_Helper_Test.php new file mode 100644 index 00000000..20096b23 --- /dev/null +++ b/modules/gallery/tests/Gallery_Graphics_Helper_Test.php @@ -0,0 +1,137 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2013 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Gallery_Graphics_Helper_Test extends Gallery_Unit_Test_Case { + public function rotate_jpg_test() { + // Input is a 1024x768 jpg, output is rotated 90 degrees + $input_file = MODPATH . "gallery/tests/test.jpg"; + $output_file = TMPPATH . test::random_name() . ".jpg"; + $options = array("degrees" => 90); + gallery_graphics::rotate($input_file, $output_file, $options, null); + + // Output is rotated to 768x1024 jpg + $this->assert_equal(array(768, 1024, "image/jpeg", "jpg"), photo::get_file_metadata($output_file)); + } + + public function rotate_jpg_without_options_test() { + // Input is a 1024x768 jpg, output options undefined + $input_file = MODPATH . "gallery/tests/test.jpg"; + $output_file = TMPPATH . test::random_name() . ".jpg"; + gallery_graphics::rotate($input_file, $output_file, null, null); + + // Output is not rotated, still a 1024x768 jpg + $this->assert_equal(array(1024, 768, "image/jpeg", "jpg"), photo::get_file_metadata($output_file)); + } + + public function rotate_bad_jpg_test() { + // Input is a garbled jpg, output is jpg autofit to 300x300 + $input_file = TMPPATH . test::random_name() . ".jpg"; + $output_file = TMPPATH . test::random_name() . ".jpg"; + $options = array("degrees" => 90); + file_put_contents($input_file, test::lorem_ipsum(200)); + + // Should get passed to Image library and throw an exception + try { + gallery_graphics::rotate($input_file, $output_file, $options, null); + $this->assert_true(false, "Shouldn't get here"); + } catch (Exception $e) { + // pass + } + } + + public function resize_jpg_test() { + // Input is a 1024x768 jpg, output is jpg autofit to 300x300 + $input_file = MODPATH . "gallery/tests/test.jpg"; + $output_file = TMPPATH . test::random_name() . ".jpg"; + $options = array("width" => 300, "height" => 300, "master" => Image::AUTO); + gallery_graphics::resize($input_file, $output_file, $options, null); + + // Output is resized to 300x225 jpg + $this->assert_equal(array(300, 225, "image/jpeg", "jpg"), photo::get_file_metadata($output_file)); + } + + public function resize_jpg_to_png_test() { + // Input is a 1024x768 jpg, output is png autofit to 300x300 + $input_file = MODPATH . "gallery/tests/test.jpg"; + $output_file = TMPPATH . test::random_name() . ".png"; + $options = array("width" => 300, "height" => 300, "master" => Image::AUTO); + gallery_graphics::resize($input_file, $output_file, $options, null); + + // Output is resized to 300x225 png + $this->assert_equal(array(300, 225, "image/png", "png"), photo::get_file_metadata($output_file)); + } + + public function resize_jpg_with_no_upscale_test() { + // Input is a 1024x768 jpg, output is jpg autofit to 1200x1200 - should not upscale + $input_file = MODPATH . "gallery/tests/test.jpg"; + $output_file = TMPPATH . test::random_name() . ".jpg"; + $options = array("width" => 1200, "height" => 1200, "master" => Image::AUTO); + gallery_graphics::resize($input_file, $output_file, $options, null); + + // Output is copied directly from input + $this->assert_equal(file_get_contents($input_file), file_get_contents($output_file)); + } + + public function resize_jpg_to_png_with_no_upscale_test() { + // Input is a 1024x768 jpg, output is png autofit to 1200x1200 - should not upscale + $input_file = MODPATH . "gallery/tests/test.jpg"; + $output_file = TMPPATH . test::random_name() . ".png"; + $options = array("width" => 1200, "height" => 1200, "master" => Image::AUTO); + gallery_graphics::resize($input_file, $output_file, $options, null); + + // Output is converted from input without resize + $this->assert_equal(array(1024, 768, "image/png", "png"), photo::get_file_metadata($output_file)); + } + + public function resize_jpg_without_options_test() { + // Input is a 1024x768 jpg, output is jpg without options - should not attempt resize + $input_file = MODPATH . "gallery/tests/test.jpg"; + $output_file = TMPPATH . test::random_name() . ".jpg"; + gallery_graphics::resize($input_file, $output_file, null, null); + + // Output is copied directly from input + $this->assert_equal(file_get_contents($input_file), file_get_contents($output_file)); + } + + public function resize_jpg_to_png_without_options_test() { + // Input is a 1024x768 jpg, output is png without options - should not attempt resize + $input_file = MODPATH . "gallery/tests/test.jpg"; + $output_file = TMPPATH . test::random_name() . ".png"; + gallery_graphics::resize($input_file, $output_file, null, null); + + // Output is converted from input without resize + $this->assert_equal(array(1024, 768, "image/png", "png"), photo::get_file_metadata($output_file)); + } + + public function resize_bad_jpg_test() { + // Input is a garbled jpg, output is jpg autofit to 300x300 + $input_file = TMPPATH . test::random_name() . ".jpg"; + $output_file = TMPPATH . test::random_name() . ".jpg"; + $options = array("width" => 300, "height" => 300, "master" => Image::AUTO); + file_put_contents($input_file, test::lorem_ipsum(200)); + + // Should get passed to Image library and throw an exception + try { + gallery_graphics::resize($input_file, $output_file, $options, null); + $this->assert_true(false, "Shouldn't get here"); + } catch (Exception $e) { + // pass + } + } +}
\ No newline at end of file diff --git a/modules/gallery/tests/Graphics_Helper_Test.php b/modules/gallery/tests/Graphics_Helper_Test.php new file mode 100644 index 00000000..ddcb9dfd --- /dev/null +++ b/modules/gallery/tests/Graphics_Helper_Test.php @@ -0,0 +1,89 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2013 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Graphics_Helper_Test extends Gallery_Unit_Test_Case { + public function generate_photo_test() { + $photo = test::random_photo(); + // Check that the images were correctly resized + $this->assert_equal(array(640, 480, "image/jpeg", "jpg"), + photo::get_file_metadata($photo->resize_path())); + $this->assert_equal(array(200, 150, "image/jpeg", "jpg"), + photo::get_file_metadata($photo->thumb_path())); + // Check that the items table got updated + $this->assert_equal(array(640, 480), array($photo->resize_width, $photo->resize_height)); + $this->assert_equal(array(200, 150), array($photo->thumb_width, $photo->thumb_height)); + // Check that the images are not marked dirty + $this->assert_equal(0, $photo->resize_dirty); + $this->assert_equal(0, $photo->thumb_dirty); + } + + public function generate_movie_test() { + $movie = test::random_movie(); + // Check that the image was correctly resized + $this->assert_equal(array(200, 160, "image/jpeg", "jpg"), + photo::get_file_metadata($movie->thumb_path())); + // Check that the items table got updated + $this->assert_equal(array(200, 160), array($movie->thumb_width, $movie->thumb_height)); + // Check that the image is not marked dirty + $this->assert_equal(0, $movie->thumb_dirty); + } + + public function generate_bad_photo_test() { + $photo = test::random_photo(); + // At this point, the photo is valid and has a valid resize and thumb. Make it garble. + file_put_contents($photo->file_path(), test::lorem_ipsum(200)); + // Regenerate + $photo->resize_dirty = 1; + $photo->thumb_dirty = 1; + try { + graphics::generate($photo); + $this->assert_true(false, "Shouldn't get here"); + } catch (Exception $e) { + // Exception expected + } + // Check that the images got replaced with missing image placeholders + $this->assert_same(file_get_contents(MODPATH . "gallery/images/missing_photo.jpg"), + file_get_contents($photo->resize_path())); + $this->assert_same(file_get_contents(MODPATH . "gallery/images/missing_photo.jpg"), + file_get_contents($photo->thumb_path())); + // Check that the items table got updated with new metadata + $this->assert_equal(array(200, 200), array($photo->resize_width, $photo->resize_height)); + $this->assert_equal(array(200, 200), array($photo->thumb_width, $photo->thumb_height)); + // Check that the images are marked as dirty + $this->assert_equal(1, $photo->resize_dirty); + $this->assert_equal(1, $photo->thumb_dirty); + } + + public function generate_bad_movie_test() { + // Unlike photos, its ok to have missing movies - no thrown exceptions, thumb_dirty can be reset. + $movie = test::random_movie(); + // At this point, the movie is valid and has a valid thumb. Make it garble. + file_put_contents($movie->file_path(), test::lorem_ipsum(200)); + // Regenerate + $movie->thumb_dirty = 1; + graphics::generate($movie); + // Check that the image got replaced with a missing image placeholder + $this->assert_same(file_get_contents(MODPATH . "gallery/images/missing_movie.jpg"), + file_get_contents($movie->thumb_path())); + // Check that the items table got updated with new metadata + $this->assert_equal(array(200, 200), array($movie->thumb_width, $movie->thumb_height)); + // Check that the image is *not* marked as dirty + $this->assert_equal(0, $movie->thumb_dirty); + } +}
\ No newline at end of file diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index 0c08d1af..f5b99bec 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -235,4 +235,22 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { $level3b->id, item::find_by_relative_url("{$level1->slug}/{$level2b->slug}/{$level3b->slug}")->id); } + + public function resequence_child_weights_test() { + $album = test::random_album_unsaved(); + $album->sort_column = "id"; + $album->save(); + + $photo1 = test::random_photo($album); + $photo2 = test::random_photo($album); + $this->assert_true($photo2->weight > $photo1->weight); + + $album->reload(); + $album->sort_order = "DESC"; + $album->save(); + item::resequence_child_weights($album); + + $this->assert_equal(2, $photo1->reload()->weight); + $this->assert_equal(1, $photo2->reload()->weight); + } } diff --git a/modules/gallery/tests/Item_Model_Test.php b/modules/gallery/tests/Item_Model_Test.php index dc4432a6..41361b32 100644 --- a/modules/gallery/tests/Item_Model_Test.php +++ b/modules/gallery/tests/Item_Model_Test.php @@ -66,7 +66,7 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { } public function rename_photo_test() { - $item = test::random_photo(); + $item = test::random_unique_photo(); $original_name = $item->name; $thumb_file = file_get_contents($item->thumb_path()); @@ -89,7 +89,7 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { public function rename_album_test() { $album = test::random_album(); - $photo = test::random_photo($album); + $photo = test::random_unique_photo($album); $album->reload(); $thumb_file = file_get_contents($photo->thumb_path()); @@ -136,23 +136,10 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $this->assert_true(false, "Shouldn't get here"); } - public function item_rename_over_existing_name_gets_uniqified_test() { - // Create a test photo - $item = test::random_photo(); - $item2 = test::random_photo(); - - $item->name = $item2->name; - $item->save(); - - // foo.jpg should become foo-####.jpg - $this->assert_true( - preg_match("/" . str_replace(".jpg", "", $item2->name) . "-\d+\.jpg/", $item->name)); - } - public function move_album_test() { $album2 = test::random_album(); $album1 = test::random_album($album2); - $photo = test::random_photo($album1); + $photo = test::random_unique_photo($album1); $thumb_file = file_get_contents($photo->thumb_path()); $resize_file = file_get_contents($photo->resize_path()); @@ -180,7 +167,7 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { public function move_photo_test() { $album1 = test::random_album(); - $photo = test::random_photo($album1); + $photo = test::random_unique_photo($album1); $album2 = test::random_album(); @@ -205,7 +192,7 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $this->assert_equal($fullsize_file, file_get_contents($photo->file_path())); } - public function move_album_with_conflicting_target_gets_uniqified_test() { + public function move_album_with_conflicting_target_gets_uniquified_test() { $album = test::random_album(); $source = test::random_album_unsaved($album); $source->name = $album->name; @@ -217,9 +204,9 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $source->parent_id = item::root()->id; $source->save(); - // foo should become foo-#### - $this->assert_true(preg_match("/{$album->name}-\d+/", $source->name)); - $this->assert_true(preg_match("/{$album->slug}-\d+/", $source->slug)); + // foo should become foo-01 + $this->assert_same("{$album->name}-01", $source->name); + $this->assert_same("{$album->slug}-01", $source->slug); } public function move_album_fails_wrong_target_type_test() { @@ -239,7 +226,7 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $this->assert_true(false, "Shouldn't get here"); } - public function move_photo_with_conflicting_target_gets_uniqified_test() { + public function move_photo_with_conflicting_target_gets_uniquified_test() { $photo1 = test::random_photo(); $album = test::random_album(); $photo2 = test::random_photo_unsaved($album); @@ -247,17 +234,16 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $photo2->save(); // $photo1 and $photo2 have the same name, so if we move $photo1 into the root they should - // conflict and get uniqified. + // conflict and get uniquified. $photo2->parent_id = item::root()->id; $photo2->save(); - // foo.jpg should become foo-####.jpg - $this->assert_true( - preg_match("/" . str_replace(".jpg", "", $photo1->name) . "-\d+\.jpg/", $photo2->name)); + // foo.jpg should become foo-01.jpg + $this->assert_same(pathinfo($photo1->name, PATHINFO_FILENAME) . "-01.jpg", $photo2->name); - // foo should become foo - $this->assert_true(preg_match("/{$photo1->slug}/", $photo2->name)); + // foo should become foo-01 + $this->assert_same("{$photo1->slug}-01", $photo2->slug); } public function move_album_inside_descendent_fails_test() { @@ -399,7 +385,16 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $this->assert_false($response["can_edit"]); } - public function first_photo_becomes_album_cover() { + public function as_restful_array_with_add_bit_test() { + $response = item::root()->as_restful_array(); + $this->assert_true($response["can_add"]); + + identity::set_active_user(identity::guest()); + $response = item::root()->as_restful_array(); + $this->assert_false($response["can_add"]); + } + + public function first_photo_becomes_album_cover_test() { $album = test::random_album(); $photo = test::random_photo($album); $album->reload(); @@ -526,4 +521,164 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $album->name = $album->name . ".foo.bar"; $album->save(); } + + public function no_conflict_when_parents_different_test() { + $parent1 = test::random_album(); + $parent2 = test::random_album(); + $photo1 = test::random_photo($parent1); + $photo2 = test::random_photo($parent2); + + $photo2->name = $photo1->name; + $photo2->slug = $photo1->slug; + $photo2->save(); + + // photo2 has same name and slug as photo1 but different parent - no conflict. + $this->assert_same($photo1->name, $photo2->name); + $this->assert_same($photo1->slug, $photo2->slug); + } + + public function fix_conflict_when_names_identical_test() { + $parent = test::random_album(); + $photo1 = test::random_photo($parent); + $photo2 = test::random_photo($parent); + + $photo1_orig_base = pathinfo($photo1->name, PATHINFO_FILENAME); + $photo2_orig_slug = $photo2->slug; + + $photo2->name = $photo1->name; + $photo2->save(); + + // photo2 has same name as photo1 - conflict resolved by renaming with -01. + $this->assert_same("{$photo1_orig_base}-01.jpg", $photo2->name); + $this->assert_same("{$photo2_orig_slug}-01", $photo2->slug); + } + + public function fix_conflict_when_slugs_identical_test() { + $parent = test::random_album(); + $photo1 = test::random_photo($parent); + $photo2 = test::random_photo($parent); + + $photo2_orig_base = pathinfo($photo2->name, PATHINFO_FILENAME); + + $photo2->slug = $photo1->slug; + $photo2->save(); + + // photo2 has same slug as photo1 - conflict resolved by renaming with -01. + $this->assert_same("{$photo2_orig_base}-01.jpg", $photo2->name); + $this->assert_same("{$photo1->slug}-01", $photo2->slug); + } + + public function no_conflict_when_parents_different_for_albums_test() { + $parent1 = test::random_album(); + $parent2 = test::random_album(); + $album1 = test::random_album($parent1); + $album2 = test::random_album($parent2); + + $album2->name = $album1->name; + $album2->slug = $album1->slug; + $album2->save(); + + // album2 has same name and slug as album1 but different parent - no conflict. + $this->assert_same($album1->name, $album2->name); + $this->assert_same($album1->slug, $album2->slug); + } + + public function fix_conflict_when_names_identical_for_albums_test() { + $parent = test::random_album(); + $album1 = test::random_album($parent); + $album2 = test::random_album($parent); + + $album2_orig_slug = $album2->slug; + + $album2->name = $album1->name; + $album2->save(); + + // album2 has same name as album1 - conflict resolved by renaming with -01. + $this->assert_same("{$album1->name}-01", $album2->name); + $this->assert_same("{$album2_orig_slug}-01", $album2->slug); + } + + public function fix_conflict_when_slugs_identical_for_albums_test() { + $parent = test::random_album(); + $album1 = test::random_album($parent); + $album2 = test::random_album($parent); + + $album2_orig_name = $album2->name; + + $album2->slug = $album1->slug; + $album2->save(); + + // album2 has same slug as album1 - conflict resolved by renaming with -01. + $this->assert_same("{$album2_orig_name}-01", $album2->name); + $this->assert_same("{$album1->slug}-01", $album2->slug); + } + + public function no_conflict_when_base_names_identical_between_album_and_photo_test() { + $parent = test::random_album(); + $album = test::random_album($parent); + $photo = test::random_photo($parent); + + $photo_orig_slug = $photo->slug; + + $photo->name = "{$album->name}.jpg"; + $photo->save(); + + // photo has same base name as album - no conflict. + $this->assert_same("{$album->name}.jpg", $photo->name); + $this->assert_same($photo_orig_slug, $photo->slug); + } + + public function fix_conflict_when_full_names_identical_between_album_and_photo_test() { + $parent = test::random_album(); + $photo = test::random_photo($parent); + $album = test::random_album($parent); + + $album_orig_slug = $album->slug; + + $album->name = $photo->name; + $album->save(); + + // album has same full name as album - conflict resolved by renaming with -01. + $this->assert_same("{$photo->name}-01", $album->name); + $this->assert_same("{$album_orig_slug}-01", $album->slug); + } + + public function fix_conflict_when_slugs_identical_between_album_and_photo_test() { + $parent = test::random_album(); + $album = test::random_album($parent); + $photo = test::random_photo($parent); + + $photo_orig_base = pathinfo($photo->name, PATHINFO_FILENAME); + + $photo->slug = $album->slug; + $photo->save(); + + // photo has same slug as album - conflict resolved by renaming with -01. + $this->assert_same("{$photo_orig_base}-01.jpg", $photo->name); + $this->assert_same("{$album->slug}-01", $photo->slug); + } + + public function fix_conflict_when_base_names_identical_between_jpg_png_flv_test() { + $parent = test::random_album(); + $item1 = test::random_photo($parent); + $item2 = test::random_photo($parent); + $item3 = test::random_movie($parent); + + $item1_orig_base = pathinfo($item1->name, PATHINFO_FILENAME); + $item2_orig_slug = $item2->slug; + $item3_orig_slug = $item3->slug; + + $item2->set_data_file(MODPATH . "gallery/images/graphicsmagick.png"); + $item2->name = "{$item1_orig_base}.png"; + $item2->save(); + + $item3->name = "{$item1_orig_base}.flv"; + $item3->save(); + + // item2 and item3 have same base name as item1 - conflict resolved by renaming with -01 and -02. + $this->assert_same("{$item1_orig_base}-01.png", $item2->name); + $this->assert_same("{$item2_orig_slug}-01", $item2->slug); + $this->assert_same("{$item1_orig_base}-02.flv", $item3->name); + $this->assert_same("{$item3_orig_slug}-02", $item3->slug); + } } diff --git a/modules/gallery/tests/Legal_File_Helper_Test.php b/modules/gallery/tests/Legal_File_Helper_Test.php index 5db99935..84a29a52 100644 --- a/modules/gallery/tests/Legal_File_Helper_Test.php +++ b/modules/gallery/tests/Legal_File_Helper_Test.php @@ -40,6 +40,63 @@ class Legal_File_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal(3, count(legal_file::get_movie_types_by_extension())); } + public function get_types_by_extension_test() { + $this->assert_equal("image/jpeg", legal_file::get_types_by_extension("jpg")); // photo + $this->assert_equal("video/x-flv", legal_file::get_types_by_extension("FLV")); // movie + $this->assert_equal(null, legal_file::get_types_by_extension("php")); // invalid + $this->assert_equal(null, legal_file::get_types_by_extension("php.flv")); // invalid w/ . + + // No extension returns full array + $this->assert_equal(7, count(legal_file::get_types_by_extension())); + } + + public function get_photo_extensions_test() { + $this->assert_equal(true, legal_file::get_photo_extensions("jpg")); // regular + $this->assert_equal(true, legal_file::get_photo_extensions("JPG")); // all caps + $this->assert_equal(true, legal_file::get_photo_extensions("Png")); // some caps + $this->assert_equal(false, legal_file::get_photo_extensions("php")); // invalid + $this->assert_equal(false, legal_file::get_photo_extensions("php.jpg")); // invalid w/ . + + // No extension returns full array + $this->assert_equal(4, count(legal_file::get_photo_extensions())); + } + + public function get_movie_extensions_test() { + $this->assert_equal(true, legal_file::get_movie_extensions("flv")); // regular + $this->assert_equal(true, legal_file::get_movie_extensions("FLV")); // all caps + $this->assert_equal(true, legal_file::get_movie_extensions("Mp4")); // some caps + $this->assert_equal(false, legal_file::get_movie_extensions("php")); // invalid + $this->assert_equal(false, legal_file::get_movie_extensions("php.jpg")); // invalid w/ . + + // No extension returns full array + $this->assert_equal(3, count(legal_file::get_movie_extensions())); + } + + public function get_extensions_test() { + $this->assert_equal(true, legal_file::get_extensions("jpg")); // photo + $this->assert_equal(true, legal_file::get_extensions("FLV")); // movie + $this->assert_equal(false, legal_file::get_extensions("php")); // invalid + $this->assert_equal(false, legal_file::get_extensions("php.jpg")); // invalid w/ . + + // No extension returns full array + $this->assert_equal(7, count(legal_file::get_extensions())); + } + + public function get_filters_test() { + // All 7 extensions both uppercase and lowercase + $this->assert_equal(14, count(legal_file::get_filters())); + } + + public function get_photo_types_test() { + // Note that this is one *less* than photo extensions since jpeg and jpg have the same mime. + $this->assert_equal(3, count(legal_file::get_photo_types())); + } + + public function get_movie_types_test() { + // Note that this is one *more* than movie extensions since video/flv is added. + $this->assert_equal(4, count(legal_file::get_movie_types())); + } + public function change_extension_test() { $this->assert_equal("foo.jpg", legal_file::change_extension("foo.png", "jpg")); } diff --git a/modules/gallery/tests/Movie_Helper_Test.php b/modules/gallery/tests/Movie_Helper_Test.php index ff7f798c..0c262620 100644 --- a/modules/gallery/tests/Movie_Helper_Test.php +++ b/modules/gallery/tests/Movie_Helper_Test.php @@ -46,4 +46,36 @@ class Movie_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_equal($seconds, movie::hhmmssdd_to_seconds($hhmmssdd)); } } + + public function get_file_metadata_test() { + $movie = test::random_movie(); + $this->assert_equal(array(360, 288, "video/x-flv", "flv", 6.00), + movie::get_file_metadata($movie->file_path())); + } + + public function get_file_metadata_with_non_existent_file_test() { + try { + $metadata = movie::get_file_metadata(MODPATH . "gallery/tests/this_does_not_exist"); + $this->assert_true(false, "Shouldn't get here"); + } catch (Exception $e) { + // pass + } + } + + public function get_file_metadata_with_no_extension_test() { + copy(MODPATH . "gallery/tests/test.flv", TMPPATH . "test_flv_with_no_extension"); + $this->assert_equal(array(360, 288, null, null, 6.00), + movie::get_file_metadata(TMPPATH . "test_flv_with_no_extension")); + } + + public function get_file_metadata_with_illegal_extension_test() { + $this->assert_equal(array(0, 0, null, null, 0), + movie::get_file_metadata(MODPATH . "gallery/tests/Movie_Helper_Test.php")); + } + + public function get_file_metadata_with_illegal_extension_but_valid_file_contents_test() { + copy(MODPATH . "gallery/tests/test.flv", TMPPATH . "test_flv_with_php_extension.php"); + $this->assert_equal(array(360, 288, null, null, 6.00), + movie::get_file_metadata(TMPPATH . "test_flv_with_php_extension.php")); + } } diff --git a/modules/gallery/tests/Photo_Helper_Test.php b/modules/gallery/tests/Photo_Helper_Test.php new file mode 100644 index 00000000..5207a6db --- /dev/null +++ b/modules/gallery/tests/Photo_Helper_Test.php @@ -0,0 +1,56 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2013 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Photo_Helper_Test extends Gallery_Unit_Test_Case { + public function get_file_metadata_test() { + $photo = test::random_photo(); + $this->assert_equal(array(1024, 768, "image/jpeg", "jpg"), + photo::get_file_metadata($photo->file_path())); + } + + public function get_file_metadata_with_non_existent_file_test() { + try { + $metadata = photo::get_file_metadata(MODPATH . "gallery/tests/this_does_not_exist"); + $this->assert_true(false, "Shouldn't get here"); + } catch (Exception $e) { + // pass + } + } + + public function get_file_metadata_with_no_extension_test() { + copy(MODPATH . "gallery/tests/test.jpg", TMPPATH . "test_jpg_with_no_extension"); + $this->assert_equal(array(1024, 768, "image/jpeg", "jpg"), + photo::get_file_metadata(TMPPATH . "test_jpg_with_no_extension")); + } + + public function get_file_metadata_with_illegal_extension_test() { + $this->assert_equal(array(0, 0, null, null), + photo::get_file_metadata(MODPATH . "gallery/tests/Photo_Helper_Test.php")); + } + + public function get_file_metadata_with_illegal_extension_but_valid_file_contents_test() { + // This ensures that we correctly "re-type" files with invalid extensions if the contents + // themselves are valid. This is needed to ensure that issues similar to those corrected by + // ticket #1855, where an image that looked valid (header said jpg) with a php extension was + // previously accepted without changing its extension, do not arise and cause security issues. + copy(MODPATH . "gallery/tests/test.jpg", TMPPATH . "test_jpg_with_php_extension.php"); + $this->assert_equal(array(1024, 768, "image/jpeg", "jpg"), + photo::get_file_metadata(TMPPATH . "test_jpg_with_php_extension.php")); + } +} diff --git a/modules/gallery/tests/controller_auth_data.txt b/modules/gallery/tests/controller_auth_data.txt index a7bc28dd..9473f9f6 100644 --- a/modules/gallery/tests/controller_auth_data.txt +++ b/modules/gallery/tests/controller_auth_data.txt @@ -25,6 +25,7 @@ modules/gallery/controllers/user_profile.php send modules/gallery/controllers/welcome_message.php index DIRTY_AUTH modules/organize/controllers/organize.php tree DIRTY_CSRF modules/organize/controllers/organize.php delete DIRTY_AUTH +modules/organize/controllers/organize.php tag DIRTY_AUTH modules/rest/controllers/rest.php index DIRTY_CSRF|DIRTY_AUTH modules/rest/controllers/rest.php reset_api_key_confirm DIRTY_AUTH modules/rest/controllers/rest.php reset_api_key DIRTY_AUTH diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 7d77645d..4a7153e1 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -295,19 +295,21 @@ modules/organize/views/organize_frame.html.php 12 DIRTY_JS url::f modules/organize/views/organize_frame.html.php 56 DIRTY_JS url::site("organize/album_info/__ID__") modules/organize/views/organize_frame.html.php 94 DIRTY_JS access::csrf_token() modules/organize/views/organize_frame.html.php 96 DIRTY_JS url::site("organize/set_sort/__ID__") -modules/organize/views/organize_frame.html.php 116 DIRTY_JS url::site("organize/delete") -modules/organize/views/organize_frame.html.php 125 DIRTY_JS access::csrf_token() -modules/organize/views/organize_frame.html.php 238 DIRTY_JS url::site("organize/rearrange") -modules/organize/views/organize_frame.html.php 249 DIRTY_JS access::csrf_token() -modules/organize/views/organize_frame.html.php 287 DIRTY_JS $key -modules/organize/views/organize_frame.html.php 410 DIRTY_JS url::site("organize/tree/{$album->id}") -modules/organize/views/organize_frame.html.php 468 DIRTY_JS url::site("organize/reparent") -modules/organize/views/organize_frame.html.php 491 DIRTY_JS access::csrf_token() -modules/organize/views/organize_frame.html.php 507 DIRTY_JS access::can("edit",item::root()) -modules/organize/views/organize_frame.html.php 509 DIRTY_JS html::clean(item::root()->title) -modules/organize/views/organize_frame.html.php 511 DIRTY_JS item::root()->id -modules/organize/views/organize_frame.html.php 519 DIRTY_JS $album->id -modules/organize/views/organize_frame.html.php 520 DIRTY_JS $album->id +modules/organize/views/organize_frame.html.php 116 DIRTY_JS url::site("organize/tag") +modules/organize/views/organize_frame.html.php 126 DIRTY_JS access::csrf_token() +modules/organize/views/organize_frame.html.php 140 DIRTY_JS url::site("organize/delete") +modules/organize/views/organize_frame.html.php 149 DIRTY_JS access::csrf_token() +modules/organize/views/organize_frame.html.php 262 DIRTY_JS url::site("organize/rearrange") +modules/organize/views/organize_frame.html.php 273 DIRTY_JS access::csrf_token() +modules/organize/views/organize_frame.html.php 312 DIRTY_JS $key +modules/organize/views/organize_frame.html.php 474 DIRTY_JS url::site("organize/tree/{$album->id}") +modules/organize/views/organize_frame.html.php 532 DIRTY_JS url::site("organize/reparent") +modules/organize/views/organize_frame.html.php 555 DIRTY_JS access::csrf_token() +modules/organize/views/organize_frame.html.php 571 DIRTY_JS access::can("edit",item::root()) +modules/organize/views/organize_frame.html.php 573 DIRTY_JS html::clean(item::root()->title) +modules/organize/views/organize_frame.html.php 575 DIRTY_JS item::root()->id +modules/organize/views/organize_frame.html.php 583 DIRTY_JS $album->id +modules/organize/views/organize_frame.html.php 584 DIRTY_JS $album->id modules/recaptcha/views/admin_recaptcha.html.php 11 DIRTY $form modules/recaptcha/views/admin_recaptcha.html.php 23 DIRTY_JS $public_key modules/recaptcha/views/form_recaptcha.html.php 3 DIRTY_ATTR request::protocol() |