Fix broken avatars since #15301 (#15731)

There was a missing * from the avatars routes in #15301.

Fix #15727

Signed-off-by: Andrew Thornton <art27@cantab.net>

diff --git a/integrations/user_avatar_test.go b/integrations/user_avatar_test.go
new file mode 100644 (file)
index 0000000..1a3a851
--- /dev/null
+++ b/integrations/user_avatar_test.go
@@ -0,0 +1,87 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+       "bytes"
+       "image/png"
+       "io"
+       "mime/multipart"
+       "net/http"
+       "net/url"
+       "strings"
+       "testing"
+
+       "code.gitea.io/gitea/models"
+       "code.gitea.io/gitea/modules/avatar"
+       "github.com/stretchr/testify/assert"
+)
+
+func TestUserAvatar(t *testing.T) {
+       onGiteaRun(t, func(t *testing.T, u *url.URL) {
+               user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) // owner of the repo3, is an org
+
+               seed := user2.Email
+               if len(seed) == 0 {
+                       seed = user2.Name
+               }
+
+               img, err := avatar.RandomImage([]byte(seed))
+               if err != nil {
+                       assert.NoError(t, err)
+                       return
+               }
+
+               session := loginUser(t, "user2")
+               csrf := GetCSRF(t, session, "/user/settings")
+
+               imgData := &bytes.Buffer{}
+
+               body := &bytes.Buffer{}
+
+               //Setup multi-part
+               writer := multipart.NewWriter(body)
+               writer.WriteField("source", "local")
+               part, err := writer.CreateFormFile("avatar", "avatar-for-testuseravatar.png")
+               if err != nil {
+                       assert.NoError(t, err)
+                       return
+               }
+
+               if err := png.Encode(imgData, img); err != nil {
+                       assert.NoError(t, err)
+                       return
+               }
+
+               if _, err := io.Copy(part, imgData); err != nil {
+                       assert.NoError(t, err)
+                       return
+               }
+
+               if err := writer.Close(); err != nil {
+                       assert.NoError(t, err)
+                       return
+               }
+
+               req := NewRequestWithBody(t, "POST", "/user/settings/avatar", body)
+               req.Header.Add("X-Csrf-Token", csrf)
+               req.Header.Add("Content-Type", writer.FormDataContentType())
+
+               session.MakeRequest(t, req, http.StatusFound)
+
+               user2 = models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) // owner of the repo3, is an org
+
+               req = NewRequest(t, "GET", user2.AvatarLink())
+               resp := session.MakeRequest(t, req, http.StatusFound)
+               location := resp.Header().Get("Location")
+               if !strings.HasPrefix(location, "/avatars") {
+                       assert.Fail(t, "Avatar location is not local: %s", location)
+               }
+               req = NewRequest(t, "GET", location)
+               session.MakeRequest(t, req, http.StatusOK)
+
+               // Can't test if the response matches because the image is regened on upload but checking that this at least doesn't give a 404 should be enough.
+       })
+}

diff --git a/routers/routes/web.go b/routers/routes/web.go
index e5ddff0b00e35f84d6259090cdc8b02bbd2d7039..eb2a9025d03182cc79fdd9fb43f662c6a223f760 100644 (file)
--- a/routers/routes/web.go
+++ b/routers/routes/web.go
@@ -163,8 +163,8 @@ func WebRoutes() *web.Route {
        ))
 
        // We use r.Route here over r.Use because this prevents requests that are not for avatars having to go through this additional handler
-       routes.Route("/avatars", "GET, HEAD", storageHandler(setting.Avatar.Storage, "avatars", storage.Avatars))
-       routes.Route("/repo-avatars", "GET, HEAD", storageHandler(setting.RepoAvatar.Storage, "repo-avatars", storage.RepoAvatars))
+       routes.Route("/avatars/*", "GET, HEAD", storageHandler(setting.Avatar.Storage, "avatars", storage.Avatars))
+       routes.Route("/repo-avatars/*", "GET, HEAD", storageHandler(setting.RepoAvatar.Storage, "repo-avatars", storage.RepoAvatars))
 
        // for health check - doeesn't need to be passed through gzip handler
        routes.Head("/", func(w http.ResponseWriter, req *http.Request) {