Fixed error on image deletion

Also Added tests to cover image upload and deletion. Fixes #136.

Fixed error on image deletion
Also Added tests to cover image upload and deletion. Fixes #136.
Dan Brown
Commit 7b6c88f17c595f3b0d88fe383827794b83dba3e7 7b6c88f1 1 parent 361ba8b2
Showing 7 changed files with 123 additions and 12 deletions
app/Http/Controllers/ImageController.php
app/Providers/AppServiceProvider.php
app/Services/PermissionService.php
app/helpers.php
tests/ImageTest.php
tests/TestCase.php
tests/test-image.jpg
--- a/app/Http/Controllers/ImageController.php
View file @7b6c88f
+++ b/app/Http/Controllers/ImageController.php
View file @7b6c88f
@@ -53,7 +53,7 @@ class ImageController extends Controller
         ]);
         $searchTerm = $request->get('term');
-        $imgData = $this->imageRepo->searchPaginatedByType($type, $page,24, $searchTerm);
+        $imgData = $this->imageRepo->searchPaginatedByType($type, $page, 24, $searchTerm);
         return response()->json($imgData);
     }
@@ -99,7 +99,7 @@ class ImageController extends Controller
     {
         $this->checkPermission('image-create-all');
         $this->validate($request, [
-            'file' => 'image|mimes:jpeg,gif,png'
+            'file' => 'is_image'
         ]);
         $imageUpload = $request->file('file');
--- a/app/Providers/AppServiceProvider.php
View file @7b6c88f
+++ b/app/Providers/AppServiceProvider.php
View file @7b6c88f
@@ -15,7 +15,12 @@ class AppServiceProvider extends ServiceProvider
      */
     public function boot()
     {
-        //
+        // Custom validation methods
+        \Validator::extend('is_image', function($attribute, $value, $parameters, $validator) {
+            $imageMimes = ['image/png', 'image/bmp', 'image/gif', 'image/jpeg', 'image/jpg', 'image/tiff', 'image/webp'];
+            return in_array($value->getMimeType(), $imageMimes);
+        });
+
     }
     /**
--- a/app/Services/PermissionService.php
View file @7b6c88f
+++ b/app/Services/PermissionService.php
View file @7b6c88f
@@ -4,6 +4,7 @@ use BookStack\Book;
 use BookStack\Chapter;
 use BookStack\Entity;
 use BookStack\JointPermission;
+use BookStack\Ownable;
 use BookStack\Page;
 use BookStack\Role;
 use BookStack\User;
@@ -307,16 +308,16 @@ class PermissionService
     /**
      * Checks if an entity has a restriction set upon it.
-     * @param Entity $entity
+     * @param Ownable $ownable
      * @param $permission
      * @return bool
      */
-    public function checkEntityUserAccess(Entity $entity, $permission)
+    public function checkOwnableUserAccess(Ownable $ownable, $permission)
     {
         if ($this->isAdmin) return true;
         $explodedPermission = explode('-', $permission);
-        $baseQuery = $entity->where('id', '=', $entity->id);
+        $baseQuery = $ownable->where('id', '=', $ownable->id);
         $action = end($explodedPermission);
         $this->currentAction = $action;
@@ -327,7 +328,7 @@ class PermissionService
             $allPermission = $this->currentUser && $this->currentUser->can($permission . '-all');
             $ownPermission = $this->currentUser && $this->currentUser->can($permission . '-own');
             $this->currentAction = 'view';
-            $isOwner = $this->currentUser && $this->currentUser->id === $entity->created_by;
+            $isOwner = $this->currentUser && $this->currentUser->id === $ownable->created_by;
             return ($allPermission || ($isOwner && $ownPermission));
         }
--- a/app/helpers.php
View file @7b6c88f
+++ b/app/helpers.php
View file @7b6c88f
 <?php
+use BookStack\Ownable;
+
 if (!function_exists('versioned_asset')) {
     /**
      * Get the path to a versioned file.
@@ -34,18 +36,18 @@ if (!function_exists('versioned_asset')) {
  * If an ownable element is passed in the jointPermissions are checked against
  * that particular item.
  * @param $permission
- * @param \BookStack\Ownable $ownable
+ * @param Ownable $ownable
  * @return mixed
  */
-function userCan($permission, \BookStack\Ownable $ownable = null)
+function userCan($permission, Ownable $ownable = null)
 {
     if ($ownable === null) {
         return auth()->user() && auth()->user()->can($permission);
     }
     // Check permission on ownable item
-    $permissionService = app('BookStack\Services\PermissionService');
+    $permissionService = app(\BookStack\Services\PermissionService::class);
-    return $permissionService->checkEntityUserAccess($ownable, $permission);
+    return $permissionService->checkOwnableUserAccess($ownable, $permission);
 }
 /**
--- a/tests/ImageTest.php 0 → 100644
View file @7b6c88f
+++ b/tests/ImageTest.php 0 → 100644
View file @7b6c88f
+<?php
+
+class ImageTest extends TestCase
+{
+
+    /**
+     * Get a test image that can be uploaded
+     * @param $fileName
+     * @return \Illuminate\Http\UploadedFile
+     */
+    protected function getTestImage($fileName)
+    {
+        return new \Illuminate\Http\UploadedFile(base_path('tests/test-image.jpg'), $fileName, 'image/jpeg', 5238);
+    }
+
+    /**
+     * Get the path for a test image.
+     * @param $type
+     * @param $fileName
+     * @return string
+     */
+    protected function getTestImagePath($type, $fileName)
+    {
+        return '/uploads/images/' . $type . '/' . Date('Y-m-M') . '/' . $fileName;
+    }
+
+    /**
+     * Uploads an image with the given name.
+     * @param $name
+     * @param int $uploadedTo
+     * @return string
+     */
+    protected function uploadImage($name, $uploadedTo = 0)
+    {
+        $file = $this->getTestImage($name);
+        $this->call('POST', '/images/gallery/upload', ['uploaded_to' => $uploadedTo], [], ['file' => $file], []);
+        return $this->getTestImagePath('gallery', $name);
+    }
+
+    /**
+     * Delete an uploaded image.
+     * @param $relPath
+     */
+    protected function deleteImage($relPath)
+    {
+        unlink(public_path($relPath));
+    }
+
+
+    public function test_image_upload()
+    {
+        $page = \BookStack\Page::first();
+        $this->asAdmin();
+        $admin = $this->getAdmin();
+        $imageName = 'first-image.jpg';
+
+        $relPath = $this->uploadImage($imageName, $page->id);
+        $this->assertResponseOk();
+
+        $this->assertTrue(file_exists(public_path($relPath)), 'Uploaded image exists');
+
+        $this->seeInDatabase('images', [
+            'url' => $relPath,
+            'type' => 'gallery',
+            'uploaded_to' => $page->id,
+            'path' => $relPath,
+            'created_by' => $admin->id,
+            'updated_by' => $admin->id,
+            'name' => $imageName
+        ]);
+        
+        $this->deleteImage($relPath);
+    }
+
+    public function test_image_delete()
+    {
+        $page = \BookStack\Page::first();
+        $this->asAdmin();
+        $imageName = 'first-image.jpg';
+
+        $relPath = $this->uploadImage($imageName, $page->id);
+        $image = \BookStack\Image::first();
+
+        $this->call('DELETE', '/images/' . $image->id);
+        $this->assertResponseOk();
+
+        $this->dontSeeInDatabase('images', [
+            'url' => $relPath,
+            'type' => 'gallery'
+        ]);
+
+        $this->assertFalse(file_exists(public_path($relPath)), 'Uploaded image has been deleted');
+    }
+
+}
\ No newline at end of file
--- a/tests/TestCase.php
View file @7b6c88f
+++ b/tests/TestCase.php
View file @7b6c88f
@@ -39,11 +39,19 @@ class TestCase extends Illuminate\Foundation\Testing\TestCase
      */
     public function asAdmin()
     {
+        return $this->actingAs($this->getAdmin());
+    }
+
+    /**
+     * Get the current admin user.
+     * @return mixed
+     */
+    public function getAdmin() {
         if($this->admin === null) {
             $adminRole = \BookStack\Role::getRole('admin');
             $this->admin = $adminRole->users->first();
         }
-        return $this->actingAs($this->admin);
+        return $this->admin;
     }
     /**
--- a/tests/test-image.jpg 0 → 100644
View file @7b6c88f
+++ b/tests/test-image.jpg 0 → 100644
View file @7b6c88f