@@ -432,6 +432,49 @@ describe('ZIP routes tests', () => {
432432 }
433433 } , 1000 ) ;
434434 } ) ;
435+ it ( 'Import and sanitize graasp documents' , async ( ) => {
436+ const {
437+ actor,
438+ items : [ parentItem ] ,
439+ } = await seedFromJson ( { items : [ { memberships : [ { account : 'actor' } ] } ] } ) ;
440+ assertIsDefined ( actor ) ;
441+ mockAuthenticate ( actor ) ;
442+
443+ const form = createFormData ( 'documents.zip' ) ;
444+ const response = await app . inject ( {
445+ method : HttpMethod . Post ,
446+ url : '/api/items/zip-import' ,
447+ payload : form ,
448+ headers : form . getHeaders ( ) ,
449+ query : { parentId : parentItem . id } ,
450+ } ) ;
451+
452+ expect ( response . statusCode ) . toBe ( StatusCodes . ACCEPTED ) ;
453+
454+ await waitForExpect ( async ( ) => {
455+ const documents = await db . query . itemsRawTable . findMany ( {
456+ where : and (
457+ isDescendantOrSelf ( itemsRawTable . path , parentItem . path ) ,
458+ ne ( itemsRawTable . id , parentItem . id ) ,
459+ eq ( itemsRawTable . type , ItemType . DOCUMENT ) ,
460+ ) ,
461+ } ) ;
462+ expect ( documents ) . toHaveLength ( 2 ) ;
463+
464+ for ( const item of documents ) {
465+ const content = item . extra [ ItemType . DOCUMENT ] . content ;
466+
467+ // the script with a console should not appear in the text
468+ expect ( content ) . not . toContain ( 'script' ) ;
469+ expect ( content ) . not . toContain ( 'console' ) ;
470+ expect ( content ) . not . toContain ( 'style' ) ;
471+
472+ // content
473+ expect ( content ) . toContain ( '<h1>My First Heading</h1>' ) ;
474+ expect ( content ) . toContain ( `<p>My first paragraph.</p>` ) ;
475+ }
476+ } , 1000 ) ;
477+ } ) ;
435478 it ( 'Throws if signed out' , async ( ) => {
436479 const form = createFormData ( 'archive.zip' ) ;
437480
@@ -536,7 +579,7 @@ describe('ZIP routes tests', () => {
536579 } ) ;
537580 } ) ;
538581
539- describe ( 'POST /api/download-file' , ( ) => {
582+ describe ( 'GET /api/download-file' , ( ) => {
540583 it ( 'Export successfully if has access' , async ( ) => {
541584 const {
542585 actor,
@@ -555,7 +598,7 @@ describe('ZIP routes tests', () => {
555598 mockAuthenticate ( actor ) ;
556599
557600 const response = await app . inject ( {
558- method : HttpMethod . Post ,
601+ method : HttpMethod . Get ,
559602 url : `/api/items/${ item . id } ,
560603 } ) ;
561604
@@ -580,7 +623,7 @@ describe('ZIP routes tests', () => {
580623 mockAuthenticate ( guest ) ;
581624
582625 const response = await app . inject ( {
583- method : HttpMethod . Post ,
626+ method : HttpMethod . Get ,
584627 url : `/api/items/${ item . id } ,
585628 } ) ;
586629
@@ -603,7 +646,7 @@ describe('ZIP routes tests', () => {
603646 } ) ;
604647
605648 const response = await app . inject ( {
606- method : HttpMethod . Post ,
649+ method : HttpMethod . Get ,
607650 url : `/api/items/${ item . id } ,
608651 } ) ;
609652
@@ -641,7 +684,7 @@ describe('ZIP routes tests', () => {
641684 const { id : h5pId , name : h5pName } = h5pUploadResponse . json ( ) ;
642685
643686 const response = await app . inject ( {
644- method : HttpMethod . Post ,
687+ method : HttpMethod . Get ,
645688 url : `/api/items/${ h5pId } ,
646689 } ) ;
647690
@@ -651,6 +694,65 @@ describe('ZIP routes tests', () => {
651694 expect ( response . headers [ 'content-disposition' ] ) . toContain ( '.h5p' ) ;
652695 expect ( response . headers [ 'content-disposition' ] ) . not . toContain ( '.zip' ) ;
653696 } ) ;
697+
698+ it ( 'Export successfully document item' , async ( ) => {
699+ const {
700+ actor,
701+ items : [ doc ] ,
702+ } = await seedFromJson ( {
703+ items : [
704+ {
705+ name : 'doc' ,
706+ type : ItemType . DOCUMENT ,
707+ extra : { document : { content : 'my content in the document' , isRaw : true } } ,
708+ memberships : [ { account : 'actor' } ] ,
709+ } ,
710+ ] ,
711+ } ) ;
712+ assertIsDefined ( actor ) ;
713+ mockAuthenticate ( actor ) ;
714+
715+ const response = await app . inject ( {
716+ method : HttpMethod . Get ,
717+ url : `/api/items/${ doc . id } ,
718+ } ) ;
719+
720+ expect ( response . statusCode ) . toBe ( StatusCodes . OK ) ;
721+ expect ( response . payload . length ) . toBeGreaterThan ( 10 ) ;
722+ expect ( response . headers [ 'content-disposition' ] ) . toContain ( doc . name ) ;
723+ expect ( response . headers [ 'content-disposition' ] ) . toContain ( '.html' ) ;
724+ expect ( response . headers [ 'content-type' ] ) . toContain ( 'text/html' ) ;
725+ } ) ;
726+
727+ it ( 'Export successfully html document item' , async ( ) => {
728+ const {
729+ actor,
730+ items : [ doc ] ,
731+ } = await seedFromJson ( {
732+ items : [
733+ {
734+ name : 'doc' ,
735+ type : ItemType . DOCUMENT ,
736+ extra : { document : { content : 'my html in the document' , isRaw : false } } ,
737+ memberships : [ { account : 'actor' } ] ,
738+ } ,
739+ ] ,
740+ } ) ;
741+ assertIsDefined ( actor ) ;
742+ mockAuthenticate ( actor ) ;
743+
744+ const response = await app . inject ( {
745+ method : HttpMethod . Get ,
746+ url : `/api/items/${ doc . id } ,
747+ } ) ;
748+
749+ expect ( response . statusCode ) . toBe ( StatusCodes . OK ) ;
750+ expect ( response . payload . length ) . toBeGreaterThan ( 10 ) ;
751+ expect ( response . headers [ 'content-disposition' ] ) . toContain ( doc . name ) ;
752+ expect ( response . headers [ 'content-disposition' ] ) . toContain ( '.html' ) ;
753+ expect ( response . headers [ 'content-type' ] ) . toContain ( 'text/html' ) ;
754+ } ) ;
755+
654756 it ( 'Throw for folder' , async ( ) => {
655757 const {
656758 actor,
@@ -662,7 +764,7 @@ describe('ZIP routes tests', () => {
662764 mockAuthenticate ( actor ) ;
663765
664766 const response = await app . inject ( {
665- method : HttpMethod . Post ,
767+ method : HttpMethod . Get ,
666768 url : `/api/items/${ item . id } ,
667769 } ) ;
668770 expect ( response . statusCode ) . toBe ( StatusCodes . BAD_REQUEST ) ;
0 commit comments