From a19d89364f64ca2222a7930c1b3cbbd58150bac7 Mon Sep 17 00:00:00 2001 From: Penar Musaraj Date: Thu, 18 Apr 2019 12:58:39 -0400 Subject: [PATCH] DEV: fix and skip upload_controller test This test of `prevent_anons_from_downloading_files` was testing an image instead of an attachment and it was testing the wrong upload URL. I fixed the test, but with `config.public_file_server.enabled = true` on the test environment, this will always fail, as preventing anonymous file downloads depends on nginx. So, I marked the test as skipped, for now. --- spec/requests/uploads_controller_spec.rb | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/spec/requests/uploads_controller_spec.rb b/spec/requests/uploads_controller_spec.rb index 0e2ff0fd45b..9106ea11ed0 100644 --- a/spec/requests/uploads_controller_spec.rb +++ b/spec/requests/uploads_controller_spec.rb @@ -198,8 +198,8 @@ describe UploadsController do let(:sha) { Digest::SHA1.hexdigest("discourse") } let(:user) { Fabricate(:user) } - def upload_file(file) - fake_logo = Rack::Test::UploadedFile.new(file_from_fixtures(file)) + def upload_file(file, folder = "images") + fake_logo = Rack::Test::UploadedFile.new(file_from_fixtures(file, folder)) SiteSetting.authorized_extensions = "*" sign_in(user) @@ -261,11 +261,12 @@ describe UploadsController do context "prevent anons from downloading files" do it "returns 404 when an anonymous user tries to download a file" do - upload = upload_file("logo.png") + skip("this only works when nginx/apache is asset server") if Discourse::Application.config.public_file_server.enabled + upload = upload_file("small.pdf", "pdf") delete "/session/#{user.username}.json" # upload a file, then sign out SiteSetting.prevent_anons_from_downloading_files = true - get "/uploads/#{site}/#{upload.sha1}.#{upload.extension}" + get upload.url expect(response.status).to eq(404) end end