From 2de5489398aeaeddf51509f35fb2bf49cc93094b Mon Sep 17 00:00:00 2001 From: Peter Giacomo Lombardo Date: Mon, 23 Sep 2024 16:21:16 +0200 Subject: [PATCH] Fix Push Expiration bug with Public Gateway (#2546) * Fix Push Expiration bug with Public Gateway * Test: Fix request path --- app/controllers/file_pushes_controller.rb | 2 +- app/controllers/passwords_controller.rb | 2 +- app/controllers/urls_controller.rb | 2 +- .../password/password_deletion_test.rb | 51 +++++++++++++++++-- 4 files changed, 51 insertions(+), 6 deletions(-) diff --git a/app/controllers/file_pushes_controller.rb b/app/controllers/file_pushes_controller.rb index 1ee428938ae..d352371610d 100644 --- a/app/controllers/file_pushes_controller.rb +++ b/app/controllers/file_pushes_controller.rb @@ -279,7 +279,7 @@ def destroy if @push.expired respond_to do |format| - format.html { redirect_to :root, notice: _("That push is already expired.") } + format.html { redirect_to @push } format.json { render json: {error: _("That push is already expired.")}, status: :unprocessable_entity } end return diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb index 0ef065093b8..6d9bf6b0e16 100644 --- a/app/controllers/passwords_controller.rb +++ b/app/controllers/passwords_controller.rb @@ -290,7 +290,7 @@ def destroy if @push.expired respond_to do |format| - format.html { redirect_to :root, notice: _("That push is already expired.") } + format.html { redirect_to @push } format.json { render json: {error: _("That push is already expired.")}, status: :unprocessable_entity } end return diff --git a/app/controllers/urls_controller.rb b/app/controllers/urls_controller.rb index 24d831f7a7d..644db00bcf9 100644 --- a/app/controllers/urls_controller.rb +++ b/app/controllers/urls_controller.rb @@ -289,7 +289,7 @@ def destroy if @push.expired respond_to do |format| - format.html { redirect_to :root, notice: _("That push is already expired.") } + format.html { redirect_to @push } format.json { render json: {error: _("That push is already expired.")}, status: :unprocessable_entity } end return diff --git a/test/integration/password/password_deletion_test.rb b/test/integration/password/password_deletion_test.rb index 71ccf0b0c05..631f3299bff 100644 --- a/test/integration/password/password_deletion_test.rb +++ b/test/integration/password/password_deletion_test.rb @@ -14,7 +14,7 @@ def test_anonymous_password_deletion assert_response :success assert_select "h2", "Your push has been created." - # view the password + # view the push get request.url.sub("/preview", "") assert_response :success @@ -23,11 +23,56 @@ def test_anonymous_password_deletion assert(pre) assert(pre.first.content.include?("testpw")) - # Delete the passworda + # Expire the push delete request.url assert_response :redirect - # Get redirected to the password that is now expired + # Get redirected to the push that is now expired + follow_redirect! + assert_response :success + assert response.body.include?("We apologize but this secret link has expired.") + + # Retrieve the preliminary page. It should show expired too. + get preliminary_password_path(Password.last) + assert_response :success + assert response.body.include?("We apologize but this secret link has expired.") + end + + def test_delete_already_expired_goes_to_expired_path + assert Settings.pw.enable_deletable_pushes == true + # create + post passwords_path, params: {password: {payload: "testpw", deletable_by_viewer: "on", expire_after_views: 1}} + assert_response :redirect + + # preview + follow_redirect! + assert_response :success + assert_select "h2", "Your push has been created." + + push_url = request.url.sub("/preview", "") + + # view the push + get push_url + assert_response :success + + # Assert that the right password is in the page + pre = css_select "pre" + assert(pre) + assert(pre.first.content.include?("testpw")) + + # view the push again should give expired page + get push_url + assert_response :success + + expired_p = css_select "p.text-center" + assert(expired_p) + assert(expired_p.first.content.include?("We apologize but this secret link has expired.")) + + # Delete the already expired push + delete push_url + assert_response :redirect + + # Get redirected to the push that is now expired follow_redirect! assert_response :success assert response.body.include?("We apologize but this secret link has expired.")