clients can not rename docs/files/folders to blank name.

Client and server side checks added
This commit is contained in:
Henry Oswald 2015-03-02 12:46:02 +00:00
parent 8d092fc84d
commit fe3b9bf07a
6 changed files with 92 additions and 23 deletions

View file

@ -59,11 +59,16 @@ module.exports = EditorHttpController =
doc_id: doc._id
}
_nameIsAcceptableLength: (name)->
return name? and name.length < 150 and name.length != 0
addDoc: (req, res, next) ->
project_id = req.params.Project_id
name = req.body.name
parent_folder_id = req.body.parent_folder_id
if !EditorHttpController._nameIsAcceptableLength(name)
return res.send 400
EditorController.addDoc project_id, parent_folder_id, name, [], "editor", (error, doc) ->
return next(error) if error?
res.json doc
@ -72,6 +77,8 @@ module.exports = EditorHttpController =
project_id = req.params.Project_id
name = req.body.name
parent_folder_id = req.body.parent_folder_id
if !EditorHttpController._nameIsAcceptableLength(name)
return res.send 400
EditorController.addFolder project_id, parent_folder_id, name, "editor", (error, doc) ->
return next(error) if error?
res.json doc
@ -81,7 +88,7 @@ module.exports = EditorHttpController =
entity_id = req.params.entity_id
entity_type = req.params.entity_type
name = req.body.name
if name.length > 150
if !EditorHttpController._nameIsAcceptableLength(name)
return res.send 400
EditorController.renameEntity project_id, entity_id, entity_type, name, (error) ->
return next(error) if error?

View file

@ -30,6 +30,9 @@ module.exports = ProjectUploadController =
{name, path} = req.files.qqfile
project_id = req.params.Project_id
folder_id = req.query.folder_id
if !name? or name.length == 0 or name.length > 150
logger.err project_id:project_id, name:name, "bad name when trying to upload file"
return res.send success: false
FileSystemImportManager.addEntity project_id, folder_id, name, path, true, (error, entity) ->
fs.unlink path, ->
timer.done()

View file

@ -55,9 +55,12 @@ define [
, 200
$scope.create = () ->
name = $scope.inputs.name
if !name? or name.length == 0
return
$scope.state.inflight = true
ide.fileTreeManager
.createDoc($scope.inputs.name, parent_folder)
.createDoc(name, parent_folder)
.success () ->
$scope.state.inflight = false
$modalInstance.close()
@ -80,9 +83,13 @@ define [
, 200
$scope.create = () ->
name = $scope.inputs.name
if !name? or name.length == 0
return
$scope.state.inflight = true
$scope.state.inflight = true
ide.fileTreeManager
.createFolder($scope.inputs.name, parent_folder)
.createFolder(name, parent_folder)
.success () ->
$scope.state.inflight = false
$modalInstance.close()

View file

@ -13,8 +13,11 @@ define [
$scope.entity.renaming = true
$scope.finishRenaming = () ->
name = $scope.inputs.name
if !name? or name.length == 0
return
delete $scope.entity.renaming
ide.fileTreeManager.renameEntity($scope.entity, $scope.inputs.name)
ide.fileTreeManager.renameEntity($scope.entity, name)
$scope.$on "rename:selected", () ->
$scope.startRenaming() if $scope.entity.selected

View file

@ -169,6 +169,9 @@ describe "EditorHttpController", ->
name: @name = "doc-name"
parent_folder_id: @parent_folder_id
@EditorController.addDoc = sinon.stub().callsArgWith(5, null, @doc)
describe "successfully", ->
beforeEach ->
@EditorHttpController.addDoc @req, @res
it "should call EditorController.addDoc", ->
@ -181,6 +184,14 @@ describe "EditorHttpController", ->
.calledWith(@doc)
.should.equal true
describe "unsuccesfully", ->
beforeEach ->
@req.body.name = ""
@EditorHttpController.addDoc @req, @res
it "should send back a bad request status code", ->
@res.send.calledWith(400).should.equal true
describe "addFolder", ->
beforeEach ->
@folder = { "mock": "folder" }
@ -190,6 +201,9 @@ describe "EditorHttpController", ->
name: @name = "folder-name"
parent_folder_id: @parent_folder_id
@EditorController.addFolder = sinon.stub().callsArgWith(4, null, @folder)
describe "successfully", ->
beforeEach ->
@EditorHttpController.addFolder @req, @res
it "should call EditorController.addFolder", ->
@ -202,6 +216,16 @@ describe "EditorHttpController", ->
.calledWith(@folder)
.should.equal true
describe "unsuccesfully", ->
beforeEach ->
@req.body.name = ""
@EditorHttpController.addFolder @req, @res
it "should send back a bad request status code", ->
@res.send.calledWith(400).should.equal true
describe "renameEntity", ->
beforeEach ->
@req.params =
@ -235,6 +259,22 @@ describe "EditorHttpController", ->
it "should send back a bad request status code", ->
@res.send.calledWith(400).should.equal true
describe "rename entity with 0 length name", ->
beforeEach ->
@req.params =
Project_id: @project_id
entity_id: @entity_id = "entity-id-123"
entity_type: @entity_type = "entity-type"
@req.body =
name: @name = ""
@EditorController.renameEntity = sinon.stub().callsArg(4)
@EditorHttpController.renameEntity @req, @res
it "should send back a bad request status code", ->
@res.send.calledWith(400).should.equal true
describe "moveEntity", ->
beforeEach ->
@req.params =

View file

@ -18,7 +18,7 @@ describe "ProjectUploadController", ->
@ProjectUploadController = SandboxedModule.require modulePath, requires:
"./ProjectUploadManager" : @ProjectUploadManager = {}
"./FileSystemImportManager" : @FileSystemImportManager = {}
"logger-sharelatex" : @logger = {log: sinon.stub(), error: sinon.stub()}
"logger-sharelatex" : @logger = {log: sinon.stub(), error: sinon.stub(), err:->}
"../../infrastructure/Metrics": @metrics
"fs" : @fs = {}
@ -170,3 +170,12 @@ describe "ProjectUploadController", ->
.calledWith(sinon.match.any, "error uploading file")
.should.equal true
describe "with a bad request", ->
beforeEach ->
@req.files.qqfile.name = ""
@ProjectUploadController.uploadFile @req, @res
it "should return a a non success response", ->
expect(@res.body).to.deep.equal
success: false