Commit Graph

82 Commits

Author SHA1 Message Date
131ac29df4 Images: Added testing to cover animated avif handling 2025-05-23 17:19:34 +01:00
5ab31a8191 Images: Updated local disk to have open dir perms
Closes #5605
2025-05-14 18:15:20 +01:00
fcf0bf79a9 Attachments: Hid edit/delete controls where lacking permission
Some checks failed
analyse-php / build (push) Waiting to run
lint-php / build (push) Waiting to run
test-migrations / build (8.1) (push) Waiting to run
test-migrations / build (8.2) (push) Waiting to run
test-migrations / build (8.3) (push) Waiting to run
test-migrations / build (8.4) (push) Waiting to run
test-php / build (8.1) (push) Waiting to run
test-php / build (8.2) (push) Waiting to run
test-php / build (8.3) (push) Waiting to run
test-php / build (8.4) (push) Waiting to run
lint-js / build (push) Has been cancelled
test-js / build (push) Has been cancelled
Added test to cover.
Also migrated related ajax-delete-row component to ts.

For #5323
2024-12-11 20:38:30 +00:00
e9f906ce56 Attachments: Fixed full range request handling
We were not responsing with a range request, where the requested range
was for the full extent of content. This changes things to always
provide a range request, even for the full range.

Change made since our existing logic could cause problems in chromium
browsers.

Elseif statement removed as its was likley redundant based upon other
existing checks.
This also changes responses for requested ranges beyond content, but I
think that's technically correct looking at the spec (416 are for when
there are no overlapping request/response ranges at all).

Updated tests to cover.
For #5342
2024-11-29 13:19:55 +00:00
ca310966b2 Actually add the test this time 2024-07-05 03:59:49 +00:00
25f92ce584 Add test to verify different case on extensions works 2024-07-04 19:48:12 -04:00
3406846c82 Images: Updated GIF handling to use native methods
Changes GIF image thumbnail handling to direcly load via gd instead of
going through interventions own handling (which supports frames) since
we don't need animation for our thumbnails, and since performance issues
could arise with GIFs that have large frame counts.

For #5029
2024-06-09 17:00:58 +01:00
a75d5b8bc1 Sessions: Prevent image urls being part of session URL history
To prevent them being considered for redirects.
Includes test to cover.
For #4863
2024-02-22 11:23:59 +00:00
91d8d6eaaa Range requests: Added test cases to cover functionality
Fixed some found issues in the process.
2024-01-14 15:50:00 +00:00
fabc854390 My Account: Updated and started adding to tests
- Updated existing tests now affected by my-account changes.
- Updated some existing tests to more accuractly check the scenario.
- Updated some code styling in SocialController.
- Fixed redirects for social account flows to fit my-account.
- Added test for social account attaching.
- Added test for api token redirect handling.
2023-10-19 14:18:42 +01:00
20bcbd76ef Images: Extracted out image resizing to its own class 2023-09-30 20:00:48 +01:00
97274a8140 Images: Added test to cover thubmnail regen endpoint 2023-09-30 12:29:49 +01:00
06490f624c Removed use of HttpFetcher
- Fixed some existing issues in new aligned process.
- Manually tested each external call scenario.
2023-09-08 17:16:57 +01:00
96819b7bd9 Images: Updated image timestamp upon file change
For #4354
2023-07-05 11:28:03 +01:00
c35080d6ce Modify HttpFetchException handle to log exception
Within the flow of HttpFetchException, the actual exception from curl is preserved and logged. Make HttpFetchException a pretty exception for when it is shown to users.
2023-06-16 09:21:25 +02:00
948e95e1ad Updated test to align with image manager HTML changes 2023-05-29 15:16:16 +01:00
e3c4a9d167 Added the ability to replace existing image files
- Updated UI with image form dropdown containing delete and replace
  image actions.
- Adds new endpoint and service/repo handling for replacing existing
  image.
- Includes tests to cover.
2023-05-28 17:32:22 +01:00
295cd01605 Played around with a new app structure 2023-05-17 17:56:55 +01:00
1135d477ba Fixed linting and failing test issues from dropzone work 2023-04-27 13:31:03 +01:00
c80396136f Increased attachment link limit from 192 to 2k
Added test to cover.
Did attempt a 64k limit, but values over 2k significantly increase
chance of other issues since this URL may be used in redirect headers.
Would rather catch issues in-app.

For #4044
2023-02-20 13:05:23 +00:00
08b39500b3 Fixed gallery images not visible until draft publish
For #4028
2023-02-16 17:57:34 +00:00
da1a66abd3 Extracted test file handling to its own class
Closes #3995
2023-02-08 14:39:13 +00:00
48df8725d8 Added better drawing load failure handling
Failure of loading drawings will now close the drawing view and show an
error message, hinting at file or permission issues, instead of leaving
the user facing a continuosly loading interface.

Adds test to cover.

This also updates errors from our HTTP service to be wrapped in a custom
error type for better identification and so the error is an actual
javascript error. Should be object compatible.

Related to #3955.
2023-01-26 12:18:33 +00:00
c724bfe4d3 Copied over work from user_permissions branch
Only that relevant to the additional testing work.
2023-01-21 11:08:34 +00:00
d2260b234c Fixed app logo visibility with secure_restricted images
Includes test to cover.
For #3827
2022-11-10 14:15:59 +00:00
0f68be608d Removed most usages of restricted entitiy property 2022-10-10 16:58:26 +01:00
b56f7355aa Migrated much test entity usage via find/replace 2022-09-29 17:31:38 +01:00
068a8a068c Extracted entity testcase methods to own class
Also added some new fetch helper methods for future use.
2022-09-29 16:49:25 +01:00
8a749c6acf Added and ran PHPCS 2022-09-18 01:25:20 +01:00
fbef0d06f2 Added permission visiblity control to image-delete button
Includes test to cover.
For #3697
2022-09-05 15:52:12 +01:00
c76b5e2ec4 Fixed local_secure_restricted preventing attachment uploads
Due to option name change and therefore lack of handling.
Added test case to cover.
2022-09-02 14:40:17 +01:00
092b6d6378 Added test and handling for local_secure_restricted in exports 2022-09-02 14:21:43 +01:00
f88330202b Added test to cover secure restricted functionality 2022-09-02 14:03:23 +01:00
0bb5654f80 Updated composer deps, applied StyleCI changes 2022-07-27 11:07:41 +01:00
d4a119b2aa Fixed disabling of avatar urls, Removed id from gravatar image name
Included test to cover avatar url disabling.
Related to #1835
2022-07-26 12:10:19 +01:00
72c8b138e1 Updated tests to use ssddanbrown/asserthtml package
Closes #3519
2022-07-23 15:10:18 +01:00
829f808800 Merge pull request #3365 from BookStackApp/data_streaming
Add data streaming where beneficial to reduce memory usage
2022-04-24 13:59:47 +01:00
0003ce61cd Fixed failing test after drawio default url change 2022-04-20 23:42:47 +01:00
59d1fb2d10 Fixed tests from streaming changes
- Added testing check to buffer stop/clear on streaming output due to
  interference during tests.
- Made content-disposition header a little safer in download responses.
- Also aligned how we check for testing environment.
2022-04-03 16:22:31 +01:00
895f656897 Split out settings view and made functional
- Split settings out to new views using a core shared layout.
- Extracted added language text to translation files.
- Updated settings routes to be dynamic to category.
- Added redirect for old primary settings route.
- Updated existing tests to cover settings route changes.
- Added tests to cover settings view.
- Improved contrast of settings links for dark mode.
2022-03-28 11:09:55 +01:00
31f1dca8a8 Added detection and thumbnail bypass for apng images
Adds apng sniffing when generating thumbnails with retained ratios to
serve the original image files, as we do for GIF images, to prevent
the image being resized to a static version.

Is more tricky than GIF since apng file mimes and extensions
are the same as png, we have to detect part of the file header
to sniff the type. Means we have to sniff at a later stage
than GIF since we have to load the image file data.

Made some changes to the image thubmnail caching while doing
this work to fit in with this handling.

Added test to cover.
For #3136.
2022-01-04 13:10:35 +00:00
67b6c07548 Updated failing tests, Applied StyleCI changes 2021-12-18 16:41:42 +00:00
c9c4dbcb5b Merge branch 'laravel_upgrade' 2021-11-04 22:42:35 +00:00
a17be959d8 Applied latest styleci changes 2021-11-01 13:26:02 +00:00
bfbccbede1 Updated attachments to not be saved with a complete extension
Intended to limit impact in the event the storage path is potentially
exposed.
2021-11-01 11:32:00 +00:00
43830a372f Updated showImage file serving to not be traversable
For #3030
2021-10-31 23:53:17 +00:00
ae155d6745 Added safe mime sniffing to prevent serving HTML
(Amoung other content types)
For #3027
2021-10-31 17:58:56 +00:00
f139cded78 Laravel 8 shift squash & merge (#3029)
* Temporarily moved back config path
* Apply Laravel coding style
* Shift exception handler
* Shift HTTP kernel and middleware
* Shift service providers
* Convert options array to fluent methods
* Shift to class based routes
* Shift console routes
* Ignore temporary framework files
* Shift to class based factories
* Namespace seeders
* Shift PSR-4 autoloading
* Shift config files
* Default config files
* Shift Laravel dependencies
* Shift return type of base TestCase methods
* Shift cleanup
* Applied stylci style changes
* Reverted config files location
* Applied manual changes to Laravel 8 shift

Co-authored-by: Shift <shift@laravelshift.com>
2021-10-30 21:29:59 +01:00
f77236aa38 Laravel 7.x Shift (#3011)
* Apply Laravel coding style
* Shift bindings
* Shift core files
* Shift to Throwable
* Add laravel/ui dependency
* Shift Eloquent methods
* Shift config files
* Shift Laravel dependencies
* Shift cleanup
* Shift test config and references
* Applied styleci changes
* Applied fixes post shift to laravel 7

Co-authored-by: Shift <shift@laravelshift.com>
2021-10-26 22:04:18 +01:00
2409d1850f Added TestCase for attachments API methods 2021-10-20 00:58:56 +01:00