-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Unit test OC_Files::setUploadLimit()
There was also a bug with checking the upper limit on the passed upload size. PHP does funny things with integer vs float comparisons, so our check didn't work. Now the check is much simpler, and ensures the value is sane.
- Loading branch information
Robin McCorkell
committed
Jul 20, 2015
1 parent
d3bcafe
commit aac84f7
Showing
4 changed files
with
213 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
# Version: 8.2.0 | ||
<IfModule mod_headers.c> | ||
<IfModule mod_fcgid.c> | ||
<IfModule mod_setenvif.c> | ||
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 | ||
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION | ||
</IfModule> | ||
</IfModule> | ||
|
||
<IfModule mod_env.c> | ||
# Add security and privacy related headers | ||
Header set X-Content-Type-Options "nosniff" | ||
Header set X-XSS-Protection "1; mode=block" | ||
Header set X-Robots-Tag "none" | ||
Header set X-Frame-Options "SAMEORIGIN" | ||
SetEnv modHeadersAvailable true | ||
</IfModule> | ||
|
||
# Add cache control for CSS and JS files | ||
<FilesMatch "\.(css|js)$"> | ||
Header set Cache-Control "max-age=7200, public" | ||
</FilesMatch> | ||
</IfModule> | ||
<IfModule mod_php5.c> | ||
php_value upload_max_filesize 513M | ||
php_value post_max_size 513M | ||
php_value memory_limit 512M | ||
php_value mbstring.func_overload 0 | ||
php_value always_populate_raw_post_data -1 | ||
php_value default_charset 'UTF-8' | ||
php_value output_buffering off | ||
<IfModule mod_env.c> | ||
SetEnv htaccessWorking true | ||
</IfModule> | ||
</IfModule> | ||
<IfModule mod_rewrite.c> | ||
RewriteEngine on | ||
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}] | ||
RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L] | ||
RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L] | ||
RewriteRule ^\.well-known/carddav /remote.php/carddav/ [R=301,L] | ||
RewriteRule ^\.well-known/caldav /remote.php/caldav/ [R=301,L] | ||
RewriteRule ^apps/calendar/caldav\.php remote.php/caldav/ [QSA,L] | ||
RewriteRule ^apps/contacts/carddav\.php remote.php/carddav/ [QSA,L] | ||
RewriteRule ^remote/(.*) remote.php [QSA,L] | ||
RewriteRule ^(build|tests|config|lib|3rdparty|templates)/.* - [R=404,L] | ||
RewriteRule ^(\.|autotest|occ|issue|indie|db_|console).* - [R=404,L] | ||
</IfModule> | ||
<IfModule mod_mime.c> | ||
AddType image/svg+xml svg svgz | ||
AddEncoding gzip svgz | ||
</IfModule> | ||
<IfModule mod_dir.c> | ||
DirectoryIndex index.php index.html | ||
</IfModule> | ||
AddDefaultCharset utf-8 | ||
Options -Indexes | ||
<IfModule pagespeed_module> | ||
ModPagespeed Off | ||
</IfModule> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
upload_max_filesize=513M | ||
post_max_size=513M | ||
memory_limit=512M | ||
mbstring.func_overload=0 | ||
always_populate_raw_post_data=-1 | ||
default_charset='UTF-8' | ||
output_buffering=off |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,135 @@ | ||
<?php | ||
/** | ||
* @author Robin McCorkell <[email protected]> | ||
* | ||
* @copyright Copyright (c) 2015, ownCloud, Inc. | ||
* @license AGPL-3.0 | ||
* | ||
* This library is free software; you can redistribute it and/or | ||
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE | ||
* License as published by the Free Software Foundation; either | ||
* version 3 of the License, or any later version. | ||
* | ||
* This library is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU AFFERO GENERAL PUBLIC LICENSE for more details. | ||
* | ||
* You should have received a copy of the GNU Affero General Public | ||
* License along with this library. If not, see <http://www.gnu.org/licenses/>. | ||
* | ||
*/ | ||
|
||
namespace Test; | ||
|
||
class Files extends \Test\TestCase { | ||
|
||
const UPLOAD_LIMIT_DEFAULT_STR = '513M'; | ||
const UPLOAD_LIMIT_SETTING_STR = '2M'; | ||
const UPLOAD_LIMIT_SETTING_BYTES = 2097152; | ||
|
||
/** @var array $tmpDirs */ | ||
private $tmpDirs = []; | ||
|
||
/** | ||
* @return array | ||
*/ | ||
private function getUploadLimitTestFiles() { | ||
$dir = \OC::$server->getTempManager()->getTemporaryFolder(); | ||
$this->tmpDirs[] = $dir; | ||
$result = [ | ||
'.htaccess' => $dir . '/htaccess', | ||
'.user.ini' => $dir . '/user.ini' | ||
]; | ||
copy(\OC::$SERVERROOT . '/tests/data/setUploadLimit/htaccess', $result['.htaccess']); | ||
copy(\OC::$SERVERROOT . '/tests/data/setUploadLimit/user.ini', $result['.user.ini']); | ||
return $result; | ||
} | ||
|
||
protected function tearDown() { | ||
foreach ($this->tmpDirs as $dir) { | ||
\OC_Helper::rmdirr($dir); | ||
} | ||
parent::tearDown(); | ||
} | ||
|
||
public function testSetUploadLimitSizeSanity() { | ||
$this->assertFalse(\OC_Files::setUploadLimit(PHP_INT_MAX + 10)); | ||
$this->assertFalse(\OC_Files::setUploadLimit(\OC_Files::UPLOAD_MIN_LIMIT_BYTES - 10)); | ||
$this->assertFalse(\OC_Files::setUploadLimit('foobar')); | ||
} | ||
|
||
public function setUploadLimitWriteProvider() { | ||
return [ | ||
[ | ||
// both files writable | ||
true, true, | ||
self::UPLOAD_LIMIT_SETTING_BYTES, self::UPLOAD_LIMIT_SETTING_BYTES, | ||
self::UPLOAD_LIMIT_SETTING_STR, self::UPLOAD_LIMIT_SETTING_STR | ||
], | ||
[ | ||
// neither file writable | ||
false, false, | ||
self::UPLOAD_LIMIT_SETTING_BYTES, false, | ||
self::UPLOAD_LIMIT_DEFAULT_STR, self::UPLOAD_LIMIT_DEFAULT_STR | ||
], | ||
[ | ||
// only .htaccess writable | ||
true, false, | ||
self::UPLOAD_LIMIT_SETTING_BYTES, false, | ||
self::UPLOAD_LIMIT_SETTING_STR, self::UPLOAD_LIMIT_DEFAULT_STR | ||
], | ||
[ | ||
// only .user.ini writable | ||
false, true, | ||
self::UPLOAD_LIMIT_SETTING_BYTES, false, | ||
self::UPLOAD_LIMIT_DEFAULT_STR, self::UPLOAD_LIMIT_SETTING_STR | ||
], | ||
[ | ||
// test rounding of values | ||
true, true, | ||
self::UPLOAD_LIMIT_SETTING_BYTES + 20, self::UPLOAD_LIMIT_SETTING_BYTES, | ||
self::UPLOAD_LIMIT_SETTING_STR, self::UPLOAD_LIMIT_SETTING_STR | ||
] | ||
]; | ||
} | ||
|
||
/** | ||
* @dataProvider setUploadLimitWriteProvider | ||
*/ | ||
public function testSetUploadLimitWrite( | ||
$htaccessWritable, $userIniWritable, | ||
$setSize, $expectedSize, | ||
$htaccessStr, $userIniStr | ||
) { | ||
$files = $this->getUploadLimitTestFiles(); | ||
chmod($files['.htaccess'], ($htaccessWritable ? 0644 : 0444)); | ||
chmod($files['.user.ini'], ($userIniWritable ? 0644 : 0444)); | ||
|
||
$htaccessSize = filesize($files['.htaccess']); | ||
$userIniSize = filesize($files['.user.ini']); | ||
$htaccessSizeMod = 2*(strlen($htaccessStr) - strlen(self::UPLOAD_LIMIT_DEFAULT_STR)); | ||
$userIniSizeMod = 2*(strlen($userIniStr) - strlen(self::UPLOAD_LIMIT_DEFAULT_STR)); | ||
|
||
$this->assertEquals($expectedSize, \OC_Files::setUploadLimit($setSize, $files)); | ||
|
||
// check file contents | ||
$htaccess = file_get_contents($files['.htaccess']); | ||
$this->assertEquals(1, | ||
preg_match('/php_value upload_max_filesize '.$htaccessStr.'/', $htaccess) | ||
); | ||
$this->assertEquals(1, | ||
preg_match('/php_value post_max_size '.$htaccessStr.'/', $htaccess) | ||
); | ||
$this->assertEquals($htaccessSize + $htaccessSizeMod, filesize($files['.htaccess'])); | ||
|
||
$userIni = file_get_contents($files['.user.ini']); | ||
$this->assertEquals(1, | ||
preg_match('/upload_max_filesize='.$userIniStr.'/', $userIni) | ||
); | ||
$this->assertEquals(1, | ||
preg_match('/post_max_size='.$userIniStr.'/', $userIni) | ||
); | ||
$this->assertEquals($userIniSize + $userIniSizeMod, filesize($files['.user.ini'])); | ||
} | ||
} |