1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
<?php
/**
* Copyright (c) 2013 Christopher Schäpers <christopher@schaepers.it>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
use OC\Avatar;
/**
* Class Test_Avatar
*
* @group DB
*/
class Test_Avatar extends \Test\TestCase {
private static $trashBinStatus;
/** @var @var string */
private $user;
protected function setUp() {
parent::setUp();
$this->user = $this->getUniqueID();
$storage = new \OC\Files\Storage\Temporary(array());
\OC\Files\Filesystem::mount($storage, array(), '/' . $this->user . '/');
}
public static function setUpBeforeClass() {
self::$trashBinStatus = \OC_App::isEnabled('files_trashbin');
\OC_App::disable('files_trashbin');
}
public static function tearDownAfterClass() {
if (self::$trashBinStatus) {
\OC_App::enable('files_trashbin');
}
}
/**
* @return array
*/
public function traversalProvider() {
return [
['Pot\..\entiallyDangerousUsername'],
['Pot/..\entiallyDangerousUsername'],
['PotentiallyDangerousUsername/..'],
['PotentiallyDangerousUsername\../'],
['/../PotentiallyDangerousUsername'],
];
}
/**
* @dataProvider traversalProvider
* @expectedException \Exception
* @expectedExceptionMessage Username may not contain slashes
* @param string $dangerousUsername
*/
public function testAvatarTraversal($dangerousUsername) {
new Avatar($dangerousUsername);
}
public function testAvatar() {
$avatar = new Avatar($this->user);
$this->assertEquals(false, $avatar->get());
$expected = new OC_Image(\OC::$SERVERROOT . '/tests/data/testavatar.png');
$expected->resize(64);
$avatar->set($expected->data());
$this->assertEquals($expected->data(), $avatar->get()->data());
$avatar->remove();
$this->assertEquals(false, $avatar->get());
}
public function testAvatarApi() {
$avatarManager = \OC::$server->getAvatarManager();
$avatar = $avatarManager->getAvatar($this->user);
$this->assertEquals(false, $avatar->get());
$expected = new OC_Image(\OC::$SERVERROOT . '/tests/data/testavatar.png');
$expected->resize(64);
$avatar->set($expected->data());
$this->assertEquals($expected->data(), $avatar->get()->data());
$avatar->remove();
$this->assertEquals(false, $avatar->get());
}
}
|