discourse/spec/requests/static_controller_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

398 lines
11 KiB
Ruby
Raw Normal View History

# frozen_string_literal: true
require 'rails_helper'
2013-02-05 14:16:51 -05:00
describe StaticController do
fab!(:upload) { Fabricate(:upload) }
2013-02-05 14:16:51 -05:00
2017-11-26 22:50:57 -05:00
context '#favicon' do
let(:filename) { 'smallest.png' }
let(:file) { file_from_fixtures(filename) }
2017-11-26 22:50:57 -05:00
let(:upload) do
UploadCreator.new(file, filename).create_for(Discourse.system_user.id)
end
2017-11-26 22:50:57 -05:00
before_all do
DistributedMemoizer.flush!
end
2018-11-14 02:03:02 -05:00
after do
DistributedMemoizer.flush!
2018-11-14 02:03:02 -05:00
end
2017-11-26 22:50:57 -05:00
describe 'local store' do
it 'returns the default favicon if favicon has not been configured' do
get '/favicon/proxied'
expect(response.status).to eq(200)
expect(response.media_type).to eq('image/png')
FEATURE: Automatically generate optimized site metadata icons (#7372) This change automatically resizes icons for various purposes. Admins can now upload `logo` and `logo_small`, and everything else will be auto-generated. Specific icons can still be uploaded separately if required. ## Core - Adds an SiteIconManager module which manages automatic resizing and fallback - Icons are looked up in the OptimizedImage table at runtime, and then cached in Redis. If the resized version is missing for some reason, then most icons will fall back to the original files. Some icons (e.g. PWA Manifest) will return `nil` (because an incorrectly sized icon is worse than a missing icon). - `SiteSetting.site_large_icon_url` will return the optimized version, including any fallback. `SiteSetting.large_icon` continues to return the upload object. This means that (almost) no changes are required in core/plugins to support this new system. - Icons are resized whenever a relevant site setting is changed, and during post-deploy migrations ## Wizard - Allows `requiresRefresh` wizard steps to reload data via AJAX instead of a full page reload - Add placeholders to the **icons** step of the wizard, which automatically update from the "Square Logo" - Various copy updates to support the changes - Remove the "upload-time" resizing for `large_icon`. This is no longer required. ## Site Settings UX - Move logo/icon settings under a new "Branding" tab - Various copy changes to support the changes - Adds placeholder support to the `image-uploader` component - Automatically reloads site settings after saving. This allows setting placeholders to change based on changes to other settings - Upload site settings will be assigned a placeholder if SiteIconManager `responds_to?` an icon of the same name ## Dashboard Warnings - Remove PWA icon and PWA title warnings. Both are now handled automatically. ## Bonus - Updated the sketch logos to use @awesomerobot's new high-res designs
2019-05-01 09:44:45 -04:00
expect(response.body.bytesize).to eq(SiteIconManager.favicon.filesize)
end
2017-11-26 22:50:57 -05:00
it 'returns the configured favicon' do
SiteSetting.favicon = upload
2017-11-26 22:50:57 -05:00
get '/favicon/proxied'
2017-11-26 22:50:57 -05:00
expect(response.status).to eq(200)
expect(response.media_type).to eq('image/png')
expect(response.body.bytesize).to eq(upload.filesize)
end
2017-11-26 22:50:57 -05:00
end
describe 'external store' do
let(:upload) do
Upload.create!(
url: '//s3-upload-bucket.s3-us-east-1.amazonaws.com/somewhere/a.png',
original_filename: filename,
filesize: file.size,
user_id: Discourse.system_user.id
)
end
before do
setup_s3
end
it 'can proxy a favicon correctly' do
SiteSetting.favicon = upload
stub_request(:get, "https:/#{upload.url}")
.to_return(status: 200, body: file)
2017-11-26 22:50:57 -05:00
get '/favicon/proxied'
2017-11-26 22:50:57 -05:00
expect(response.status).to eq(200)
expect(response.media_type).to eq('image/png')
expect(response.body.bytesize).to eq(upload.filesize)
end
2017-11-26 22:50:57 -05:00
end
end
context '#brotli_asset' do
it 'returns a non brotli encoded 404 if asset is missing' do
get "/brotli_asset/missing.js"
expect(response.status).to eq(404)
expect(response.headers['Content-Encoding']).not_to eq('br')
2017-11-26 22:50:57 -05:00
expect(response.headers['Cache-Control']).to match(/max-age=1/)
end
it 'can handle fallback brotli assets' do
begin
assets_path = Rails.root.join("tmp/backup_assets")
GlobalSetting.stubs(:fallback_assets_path).returns(assets_path.to_s)
FileUtils.mkdir_p(assets_path)
file_path = assets_path.join("test.js.br")
File.write(file_path, 'fake brotli file')
get "/brotli_asset/test.js"
expect(response.status).to eq(200)
expect(response.headers["Cache-Control"]).to match(/public/)
ensure
File.delete(file_path)
end
end
it 'has correct headers for brotli assets' do
2016-12-05 00:37:33 -05:00
begin
assets_path = Rails.root.join("public/assets")
2016-12-05 00:37:33 -05:00
FileUtils.mkdir_p(assets_path)
2016-12-05 00:37:33 -05:00
file_path = assets_path.join("test.js.br")
File.write(file_path, 'fake brotli file')
get "/brotli_asset/test.js"
2016-12-05 00:37:33 -05:00
expect(response.status).to eq(200)
expect(response.headers["Cache-Control"]).to match(/public/)
ensure
File.delete(file_path)
end
end
it 'has correct cors headers for brotli assets' do
begin
assets_path = Rails.root.join("public/assets")
FileUtils.mkdir_p(assets_path)
file_path = assets_path.join("test.js.br")
File.write(file_path, 'fake brotli file')
GlobalSetting.stubs(:cdn_url).returns("https://www.example.com/")
get "/brotli_asset/test.js"
expect(response.status).to eq(200)
expect(response.headers["Access-Control-Allow-Origin"]).to match("*")
ensure
File.delete(file_path)
end
end
end
context '#cdn_asset' do
let (:site) { RailsMultisite::ConnectionManagement.current_db }
it 'can serve assets' do
begin
assets_path = Rails.root.join("public/assets")
FileUtils.mkdir_p(assets_path)
file_path = assets_path.join("test.js.br")
File.write(file_path, 'fake brotli file')
get "/cdn_asset/#{site}/test.js.br"
expect(response.status).to eq(200)
expect(response.headers["Cache-Control"]).to match(/public/)
ensure
File.delete(file_path)
end
end
end
context '#show' do
before do
post = create_post
SiteSetting.tos_topic_id = post.topic.id
SiteSetting.guidelines_topic_id = post.topic.id
SiteSetting.privacy_topic_id = post.topic.id
end
context "with a static file that's present" do
it "should return the right response for /faq" do
get "/faq"
2013-02-05 14:16:51 -05:00
expect(response.status).to eq(200)
expect(response.body).to include(I18n.t('js.faq'))
2018-11-27 21:36:14 -05:00
expect(response.body).to include("<title>FAQ - Discourse</title>")
2013-07-23 14:42:52 -04:00
end
2013-02-05 14:16:51 -05:00
end
[
2019-05-22 09:29:15 -04:00
['tos', :tos_url, I18n.t('js.tos')],
['privacy', :privacy_policy_url, I18n.t('js.privacy')]
].each do |id, setting_name, text|
context "#{id}" do
context "when #{setting_name} site setting is NOT set" do
it "renders the #{id} page" do
get "/#{id}"
expect(response.status).to eq(200)
expect(response.body).to include(text)
2013-07-23 14:42:52 -04:00
end
end
context "when #{setting_name} site setting is set" do
before do
SiteSetting.set(setting_name, 'http://example.com/page')
end
it "redirects to the #{setting_name}" do
get "/#{id}"
expect(response).to redirect_to('http://example.com/page')
end
end
end
end
context "with a missing file" do
it "should respond 404" do
get "/static/does-not-exist"
expect(response.status).to eq(404)
end
context "modal pages" do
it "should return the right response for /signup" do
get "/signup"
expect(response.status).to eq(200)
end
it "should return the right response for /password-reset" do
get "/password-reset"
expect(response.status).to eq(200)
end
end
end
it 'should redirect to / when logged in and path is /login' do
sign_in(Fabricate(:user))
get "/login"
expect(response).to redirect_to('/')
2013-02-05 14:16:51 -05:00
end
it "should display the login template when login is required" do
SiteSetting.login_required = true
get "/login"
expect(response.status).to eq(200)
expect(response.body).to include(PrettyText.cook(I18n.t(
'login_required.welcome_message', title: SiteSetting.title
)))
end
context "when login_required is enabled" do
before do
SiteSetting.login_required = true
end
['faq', 'guidelines', 'rules', 'conduct'].each do |page_name|
it "#{page_name} page redirects to login page for anon" do
get "/#{page_name}"
expect(response).to redirect_to '/login'
end
it "#{page_name} page redirects to login page for anon" do
get "/#{page_name}"
expect(response).to redirect_to '/login'
end
it "#{page_name} page loads for logged in user" do
sign_in(Fabricate(:user))
get "/#{page_name}"
expect(response.status).to eq(200)
2019-05-22 09:29:15 -04:00
expect(response.body).to include(I18n.t('js.guidelines'))
end
end
end
2018-11-27 21:36:14 -05:00
context "crawler view" do
it "should include correct title" do
get '/faq', headers: { 'HTTP_USER_AGENT' => 'Googlebot' }
expect(response.status).to eq(200)
expect(response.body).to include("<title>FAQ - Discourse</title>")
end
end
context "plugin api extensions" do
after do
Rails.application.reload_routes!
StaticController::CUSTOM_PAGES.clear
end
it "adds new topic-backed pages" do
routes = Proc.new do
get "contact" => "static#show", id: "contact"
end
Discourse::Application.routes.send(:eval_block, routes)
topic_id = Fabricate(:post, cooked: "contact info").topic_id
SiteSetting.setting(:test_contact_topic_id, topic_id)
Plugin::Instance.new.add_topic_static_page("contact", topic_id: "test_contact_topic_id")
get "/contact"
expect(response.status).to eq(200)
expect(response.body).to include("contact info")
end
it "replaces existing topic-backed pages" do
topic_id = Fabricate(:post, cooked: "Regular FAQ").topic_id
SiteSetting.setting(:test_faq_topic_id, topic_id)
polish_topic_id = Fabricate(:post, cooked: "Polish FAQ").topic_id
SiteSetting.setting(:test_polish_faq_topic_id, polish_topic_id)
Plugin::Instance.new.add_topic_static_page("faq") do
current_user&.locale == "pl" ? "test_polish_faq_topic_id" : "test_faq_topic_id"
end
get "/faq"
expect(response.status).to eq(200)
expect(response.body).to include("Regular FAQ")
sign_in(Fabricate(:user, locale: "pl"))
get "/faq"
expect(response.status).to eq(200)
expect(response.body).to include("Polish FAQ")
end
end
end
describe '#enter' do
context 'without a redirect path' do
it 'redirects to the root url' do
post "/login.json"
expect(response).to redirect_to('/')
end
end
context 'with a redirect path' do
it 'redirects to the redirect path' do
post "/login.json", params: { redirect: '/foo' }
expect(response).to redirect_to('/foo')
end
end
context 'with a full url' do
it 'redirects to the correct path' do
post "/login.json", params: { redirect: "#{Discourse.base_url}/foo" }
expect(response).to redirect_to('/foo')
end
end
context 'with a redirect path with query params' do
it 'redirects to the redirect path and preserves query params' do
post "/login.json", params: { redirect: '/foo?bar=1' }
expect(response).to redirect_to('/foo?bar=1')
end
end
context 'with a period to force a new host' do
it 'redirects to the root path' do
post "/login.json", params: { redirect: ".org/foo" }
expect(response).to redirect_to('/')
end
end
context 'with a full url to someone else' do
it 'redirects to the root path' do
post "/login.json", params: { redirect: "http://eviltrout.com/foo" }
expect(response).to redirect_to('/')
end
end
context 'with an invalid URL' do
it "redirects to the root" do
post "/login.json", params: { redirect: "javascript:alert('trout')" }
expect(response).to redirect_to('/')
end
end
2019-06-11 07:40:16 -04:00
context 'with an array' do
it "redirects to the root" do
post "/login.json", params: { redirect: ["/foo"] }
expect(response.status).to eq(400)
json = response.parsed_body
expect(json["errors"]).to be_present
expect(json["errors"]).to include(
I18n.t("invalid_params", message: "redirect")
)
2019-06-11 07:40:16 -04:00
end
end
context 'when the redirect path is the login page' do
it 'redirects to the root url' do
post "/login.json", params: { redirect: login_path }
expect(response).to redirect_to('/')
end
end
end
2013-02-05 14:16:51 -05:00
end