mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-07 20:31:06 -05:00
clients can not rename docs/files/folders to blank name.
Client and server side checks added
This commit is contained in:
parent
8d092fc84d
commit
fe3b9bf07a
6 changed files with 92 additions and 23 deletions
|
@ -59,11 +59,16 @@ module.exports = EditorHttpController =
|
|||
doc_id: doc._id
|
||||
}
|
||||
|
||||
_nameIsAcceptableLength: (name)->
|
||||
return name? and name.length < 150 and name.length != 0
|
||||
|
||||
|
||||
addDoc: (req, res, next) ->
|
||||
project_id = req.params.Project_id
|
||||
name = req.body.name
|
||||
parent_folder_id = req.body.parent_folder_id
|
||||
if !EditorHttpController._nameIsAcceptableLength(name)
|
||||
return res.send 400
|
||||
EditorController.addDoc project_id, parent_folder_id, name, [], "editor", (error, doc) ->
|
||||
return next(error) if error?
|
||||
res.json doc
|
||||
|
@ -72,6 +77,8 @@ module.exports = EditorHttpController =
|
|||
project_id = req.params.Project_id
|
||||
name = req.body.name
|
||||
parent_folder_id = req.body.parent_folder_id
|
||||
if !EditorHttpController._nameIsAcceptableLength(name)
|
||||
return res.send 400
|
||||
EditorController.addFolder project_id, parent_folder_id, name, "editor", (error, doc) ->
|
||||
return next(error) if error?
|
||||
res.json doc
|
||||
|
@ -81,7 +88,7 @@ module.exports = EditorHttpController =
|
|||
entity_id = req.params.entity_id
|
||||
entity_type = req.params.entity_type
|
||||
name = req.body.name
|
||||
if name.length > 150
|
||||
if !EditorHttpController._nameIsAcceptableLength(name)
|
||||
return res.send 400
|
||||
EditorController.renameEntity project_id, entity_id, entity_type, name, (error) ->
|
||||
return next(error) if error?
|
||||
|
|
|
@ -30,6 +30,9 @@ module.exports = ProjectUploadController =
|
|||
{name, path} = req.files.qqfile
|
||||
project_id = req.params.Project_id
|
||||
folder_id = req.query.folder_id
|
||||
if !name? or name.length == 0 or name.length > 150
|
||||
logger.err project_id:project_id, name:name, "bad name when trying to upload file"
|
||||
return res.send success: false
|
||||
FileSystemImportManager.addEntity project_id, folder_id, name, path, true, (error, entity) ->
|
||||
fs.unlink path, ->
|
||||
timer.done()
|
||||
|
|
|
@ -55,9 +55,12 @@ define [
|
|||
, 200
|
||||
|
||||
$scope.create = () ->
|
||||
name = $scope.inputs.name
|
||||
if !name? or name.length == 0
|
||||
return
|
||||
$scope.state.inflight = true
|
||||
ide.fileTreeManager
|
||||
.createDoc($scope.inputs.name, parent_folder)
|
||||
.createDoc(name, parent_folder)
|
||||
.success () ->
|
||||
$scope.state.inflight = false
|
||||
$modalInstance.close()
|
||||
|
@ -80,9 +83,13 @@ define [
|
|||
, 200
|
||||
|
||||
$scope.create = () ->
|
||||
name = $scope.inputs.name
|
||||
if !name? or name.length == 0
|
||||
return
|
||||
$scope.state.inflight = true
|
||||
$scope.state.inflight = true
|
||||
ide.fileTreeManager
|
||||
.createFolder($scope.inputs.name, parent_folder)
|
||||
.createFolder(name, parent_folder)
|
||||
.success () ->
|
||||
$scope.state.inflight = false
|
||||
$modalInstance.close()
|
||||
|
|
|
@ -13,8 +13,11 @@ define [
|
|||
$scope.entity.renaming = true
|
||||
|
||||
$scope.finishRenaming = () ->
|
||||
name = $scope.inputs.name
|
||||
if !name? or name.length == 0
|
||||
return
|
||||
delete $scope.entity.renaming
|
||||
ide.fileTreeManager.renameEntity($scope.entity, $scope.inputs.name)
|
||||
ide.fileTreeManager.renameEntity($scope.entity, name)
|
||||
|
||||
$scope.$on "rename:selected", () ->
|
||||
$scope.startRenaming() if $scope.entity.selected
|
||||
|
|
|
@ -169,17 +169,28 @@ describe "EditorHttpController", ->
|
|||
name: @name = "doc-name"
|
||||
parent_folder_id: @parent_folder_id
|
||||
@EditorController.addDoc = sinon.stub().callsArgWith(5, null, @doc)
|
||||
@EditorHttpController.addDoc @req, @res
|
||||
|
||||
it "should call EditorController.addDoc", ->
|
||||
@EditorController.addDoc
|
||||
.calledWith(@project_id, @parent_folder_id, @name, [], "editor")
|
||||
.should.equal true
|
||||
describe "successfully", ->
|
||||
beforeEach ->
|
||||
@EditorHttpController.addDoc @req, @res
|
||||
|
||||
it "should send the doc back as JSON", ->
|
||||
@res.json
|
||||
.calledWith(@doc)
|
||||
.should.equal true
|
||||
it "should call EditorController.addDoc", ->
|
||||
@EditorController.addDoc
|
||||
.calledWith(@project_id, @parent_folder_id, @name, [], "editor")
|
||||
.should.equal true
|
||||
|
||||
it "should send the doc back as JSON", ->
|
||||
@res.json
|
||||
.calledWith(@doc)
|
||||
.should.equal true
|
||||
|
||||
describe "unsuccesfully", ->
|
||||
beforeEach ->
|
||||
@req.body.name = ""
|
||||
@EditorHttpController.addDoc @req, @res
|
||||
|
||||
it "should send back a bad request status code", ->
|
||||
@res.send.calledWith(400).should.equal true
|
||||
|
||||
describe "addFolder", ->
|
||||
beforeEach ->
|
||||
|
@ -190,17 +201,30 @@ describe "EditorHttpController", ->
|
|||
name: @name = "folder-name"
|
||||
parent_folder_id: @parent_folder_id
|
||||
@EditorController.addFolder = sinon.stub().callsArgWith(4, null, @folder)
|
||||
@EditorHttpController.addFolder @req, @res
|
||||
|
||||
it "should call EditorController.addFolder", ->
|
||||
@EditorController.addFolder
|
||||
.calledWith(@project_id, @parent_folder_id, @name, "editor")
|
||||
.should.equal true
|
||||
describe "successfully", ->
|
||||
beforeEach ->
|
||||
@EditorHttpController.addFolder @req, @res
|
||||
|
||||
it "should call EditorController.addFolder", ->
|
||||
@EditorController.addFolder
|
||||
.calledWith(@project_id, @parent_folder_id, @name, "editor")
|
||||
.should.equal true
|
||||
|
||||
it "should send the folder back as JSON", ->
|
||||
@res.json
|
||||
.calledWith(@folder)
|
||||
.should.equal true
|
||||
|
||||
describe "unsuccesfully", ->
|
||||
|
||||
beforeEach ->
|
||||
@req.body.name = ""
|
||||
@EditorHttpController.addFolder @req, @res
|
||||
|
||||
it "should send back a bad request status code", ->
|
||||
@res.send.calledWith(400).should.equal true
|
||||
|
||||
it "should send the folder back as JSON", ->
|
||||
@res.json
|
||||
.calledWith(@folder)
|
||||
.should.equal true
|
||||
|
||||
describe "renameEntity", ->
|
||||
beforeEach ->
|
||||
|
@ -235,6 +259,22 @@ describe "EditorHttpController", ->
|
|||
it "should send back a bad request status code", ->
|
||||
@res.send.calledWith(400).should.equal true
|
||||
|
||||
describe "rename entity with 0 length name", ->
|
||||
|
||||
beforeEach ->
|
||||
@req.params =
|
||||
Project_id: @project_id
|
||||
entity_id: @entity_id = "entity-id-123"
|
||||
entity_type: @entity_type = "entity-type"
|
||||
@req.body =
|
||||
name: @name = ""
|
||||
@EditorController.renameEntity = sinon.stub().callsArg(4)
|
||||
@EditorHttpController.renameEntity @req, @res
|
||||
|
||||
it "should send back a bad request status code", ->
|
||||
@res.send.calledWith(400).should.equal true
|
||||
|
||||
|
||||
describe "moveEntity", ->
|
||||
beforeEach ->
|
||||
@req.params =
|
||||
|
|
|
@ -18,7 +18,7 @@ describe "ProjectUploadController", ->
|
|||
@ProjectUploadController = SandboxedModule.require modulePath, requires:
|
||||
"./ProjectUploadManager" : @ProjectUploadManager = {}
|
||||
"./FileSystemImportManager" : @FileSystemImportManager = {}
|
||||
"logger-sharelatex" : @logger = {log: sinon.stub(), error: sinon.stub()}
|
||||
"logger-sharelatex" : @logger = {log: sinon.stub(), error: sinon.stub(), err:->}
|
||||
"../../infrastructure/Metrics": @metrics
|
||||
"fs" : @fs = {}
|
||||
|
||||
|
@ -170,3 +170,12 @@ describe "ProjectUploadController", ->
|
|||
.calledWith(sinon.match.any, "error uploading file")
|
||||
.should.equal true
|
||||
|
||||
describe "with a bad request", ->
|
||||
|
||||
beforeEach ->
|
||||
@req.files.qqfile.name = ""
|
||||
@ProjectUploadController.uploadFile @req, @res
|
||||
|
||||
it "should return a a non success response", ->
|
||||
expect(@res.body).to.deep.equal
|
||||
success: false
|
||||
|
|
Loading…
Reference in a new issue