BP_Docs_Attachments_Tests

The BuddyPress Docs BP Docs Attachments Tests class.

Defined (1)

The class is defined in the following location(s).

/tests/test-attachments.php  
  1. class BP_Docs_Attachments_Tests extends BP_Docs_TestCase { 
  2. function test_filename_is_safe() { 
  3. $this->assertTrue( BP_Docs_Attachments::filename_is_safe( 'foo.jpg' ) ); 
  4.  
  5. // No traversing 
  6. $this->assertFalse( BP_Docs_Attachments::filename_is_safe( '../foo.jpg' ) ); 
  7.  
  8. // No leading dots 
  9. $this->assertFalse( BP_Docs_Attachments::filename_is_safe( '.foo.jpg' ) ); 
  10.  
  11. // No slashes 
  12. $this->assertFalse( BP_Docs_Attachments::filename_is_safe( 'foo/bar.jpg' ) ); 
  13.  
  14. // No forbidden extensions 
  15. $this->assertFalse( BP_Docs_Attachments::filename_is_safe( 'foo.php' ) ); 
  16.  
  17.  
  18. /** 
  19. * There's no great unit test way to do this 
  20. */ 
  21. function test_htaccess_creation() { 
  22. $doc_id = $this->factory->doc->create(); 
  23.  
  24. $uploads = wp_upload_dir(); 
  25. $subdir = DIRECTORY_SEPARATOR . 'bp-attachments' . DIRECTORY_SEPARATOR . $doc_id; 
  26. $dir = $uploads['basedir'] . $subdir; 
  27. $htaccess_path = $dir . DIRECTORY_SEPARATOR . '.htaccess'; 
  28.  
  29. // for cleanup later 
  30. $dir_exists = file_exists( $dir ); 
  31. $htaccess_exists = file_exists( $htaccess_path ); 
  32.  
  33. if ( $dir_exists ) { 
  34. rename( $dir, $dir . '.bu' ); 
  35. } else if ( $htaccess_exists ) { 
  36. rename( $htaccess_path, $htaccess_path . '.bu' ); 
  37.  
  38. $settings = bp_docs_get_doc_settings(); 
  39.  
  40. // Test private first 
  41. $settings['read'] = 'loggedin'; 
  42. update_post_meta( $doc_id, 'bp_docs_settings', $settings ); 
  43. bp_docs_update_doc_access( $doc_id, 'loggedin' ); 
  44.  
  45. $query = new BP_Docs_Query; 
  46. $query->doc_id = $doc_id; 
  47.  
  48. do_action( 'bp_docs_doc_saved', $query ); 
  49.  
  50. $this->assertTrue( file_exists( $htaccess_path ) ); 
  51.  
  52. // Clean up and test with public 
  53. unlink( $htaccess_path ); 
  54. rmdir( $dir ); 
  55.  
  56. $settings['read'] = 'anyone'; 
  57. update_post_meta( $doc_id, 'bp_docs_settings', $settings ); 
  58. bp_docs_update_doc_access( $doc_id, 'anyone' ); 
  59.  
  60. $query2 = new BP_Docs_Query; 
  61. $query2->doc_id = $doc_id; 
  62.  
  63. do_action( 'bp_docs_doc_saved', $query2 ); 
  64.  
  65. $this->assertFalse( file_exists( $htaccess_path ) ); 
  66.  
  67. // Clean up 
  68. @unlink( $htaccess_path ); 
  69. @rmdir( $dir ); 
  70.  
  71. if ( $dir_exists ) { 
  72. rename( $dir . '.bu', $dir ); 
  73. } else if ( $htaccess_exists ) { 
  74. rename( $htaccess_path . '.bu', $htaccess_path );