|
| 1 | +/*! |
| 2 | + * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors |
| 3 | + * SPDX-License-Identifier: AGPL-3.0-or-later |
| 4 | + */ |
| 5 | + |
| 6 | +import { describe, expect, it, vi } from 'vitest' |
| 7 | +import { getFilenameValidity } from './filenameValidity.ts' |
| 8 | + |
| 9 | +vi.mock('@nextcloud/capabilities', () => ({ |
| 10 | + getCapabilities: () => ({ |
| 11 | + files: { |
| 12 | + forbidden_filename_characters: ['/', '\\', '>'], |
| 13 | + forbidden_filenames: ['.htaccess'], |
| 14 | + forbidden_filename_basenames: ['con'], |
| 15 | + forbidden_filename_extensions: ['.exe', '.~'], |
| 16 | + }, |
| 17 | + }), |
| 18 | +})) |
| 19 | + |
| 20 | +describe('getFilenameValidity', () => { |
| 21 | + it('returns no error for a valid filename', () => { |
| 22 | + expect(getFilenameValidity('valid-name.txt')).toBe('') |
| 23 | + }) |
| 24 | + |
| 25 | + describe('empty name', () => { |
| 26 | + it('reports empty filename', () => { |
| 27 | + expect(getFilenameValidity('')).toBe('Filename must not be empty.') |
| 28 | + }) |
| 29 | + |
| 30 | + it('reports empty filename for whitespace only', () => { |
| 31 | + expect(getFilenameValidity(' ')).toBe('Filename must not be empty.') |
| 32 | + }) |
| 33 | + |
| 34 | + it('reports empty folder name when isFolder is set', () => { |
| 35 | + expect(getFilenameValidity('', false, true)).toBe('Folder name must not be empty.') |
| 36 | + }) |
| 37 | + }) |
| 38 | + |
| 39 | + describe('forbidden character', () => { |
| 40 | + it('reports forbidden character for a filename', () => { |
| 41 | + expect(getFilenameValidity('inva/lid')).toBe('"/" is not allowed inside a filename.') |
| 42 | + }) |
| 43 | + |
| 44 | + it('reports forbidden character for a folder name', () => { |
| 45 | + expect(getFilenameValidity('inva/lid', false, true)).toBe('"/" is not allowed inside a folder name.') |
| 46 | + }) |
| 47 | + }) |
| 48 | + |
| 49 | + describe('reserved name', () => { |
| 50 | + it('reports a reserved filename', () => { |
| 51 | + expect(getFilenameValidity('.htaccess')).toBe('".htaccess" is a reserved name and not allowed for filenames.') |
| 52 | + }) |
| 53 | + |
| 54 | + it('reports a reserved folder name', () => { |
| 55 | + expect(getFilenameValidity('.htaccess', false, true)).toBe('".htaccess" is a reserved name and not allowed for folder names.') |
| 56 | + }) |
| 57 | + |
| 58 | + it('reports a reserved basename', () => { |
| 59 | + expect(getFilenameValidity('con.txt')).toBe('"con" is a reserved name and not allowed for filenames.') |
| 60 | + }) |
| 61 | + }) |
| 62 | + |
| 63 | + describe('forbidden extension', () => { |
| 64 | + it('reports a disallowed filetype when the extension looks like a real type', () => { |
| 65 | + expect(getFilenameValidity('virus.exe')).toBe('".exe" is not an allowed filetype.') |
| 66 | + }) |
| 67 | + |
| 68 | + it('reports the extension as not allowed at the end of a filename when it is not a recognisable filetype', () => { |
| 69 | + // '.~' does not match /\.[a-z]/i, so the generic "must not end with" message is used. |
| 70 | + expect(getFilenameValidity('document.~')).toBe('Filenames must not end with ".~".') |
| 71 | + }) |
| 72 | + |
| 73 | + it('reports the extension as not allowed for a folder name', () => { |
| 74 | + expect(getFilenameValidity('folder.exe', false, true)).toBe('Folder names must not end with ".exe".') |
| 75 | + }) |
| 76 | + }) |
| 77 | + |
| 78 | + describe('escape option', () => { |
| 79 | + it('does not affect the returned string for safe characters', () => { |
| 80 | + expect(getFilenameValidity('inva/lid', true)).toBe('"/" is not allowed inside a filename.') |
| 81 | + }) |
| 82 | + |
| 83 | + it('escapes the matched character when requested', () => { |
| 84 | + expect(getFilenameValidity('inva>lid', true)).toBe('">" is not allowed inside a filename.') |
| 85 | + }) |
| 86 | + |
| 87 | + it('does not escape the matched character by default', () => { |
| 88 | + expect(getFilenameValidity('inva>lid')).toBe('">" is not allowed inside a filename.') |
| 89 | + }) |
| 90 | + }) |
| 91 | + |
| 92 | + it('rethrows errors that are not InvalidFilenameError', async () => { |
| 93 | + const files = await import('@nextcloud/files') |
| 94 | + const spy = vi.spyOn(files, 'validateFilename').mockImplementation(() => { |
| 95 | + throw new Error('unexpected') |
| 96 | + }) |
| 97 | + expect(() => getFilenameValidity('anything')).toThrow('unexpected') |
| 98 | + spy.mockRestore() |
| 99 | + }) |
| 100 | +}) |
0 commit comments