Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Prevent slugs with trailing slashes for non-container resources

Browse Source 
* fix: slugs ending on slash with link header cannot create containers

* refactor(DataAccessorBasedStore): removing duplicate code and errors

* test(ServerFetch): fix integration tests that create a container

* fix: Reinstate original checks in setResource to let tests succeed

* test: change to container paths to end in / on POST only

* refactor: incorporate review changes

* fix: Error check was too strict

Co-authored-by: Joachim Van Herwegen <joachimvh@gmail.com>

* test: make testcase to test allowed slash behaviour

* test: removed unnecessary code from tests

* test: remove metadata line and duplicate tests

Co-authored-by: Joachim Van Herwegen <joachimvh@gmail.com>
This commit is contained in:
Thomas Dupont
2022-02-23 14:35:02 +01:00
committed by GitHub
parent bf1afdd6ec
commit 5965268ebf
4 changed files with 50 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
test/unit/storage/DataAccessorBasedStore.test.ts
View File

@@ -299,6 +299,31 @@ describe('A DataAccessorBasedStore', (): void => {
});
});
it('errors on a slug ending on / without Link rel:type Container header.', async(): Promise<void> => {
const resourceID = { path: root };
representation.metadata.removeAll(RDF.type);
representation.metadata.add(SOLID_HTTP.slug, 'noContainer/');
representation.data = guardedStreamFrom([ `` ]);
const result = store.addResource(resourceID, representation);
await expect(result).rejects.toThrow(BadRequestHttpError);
await expect(result).rejects
.toThrow('Only slugs used to create containers can end with a `/`.');
});
it('creates a URI when the incoming slug does not end with /, ' +
'but has a Link rel:type Container header.', async(): Promise<void> => {
const resourceID = { path: root };
representation.metadata.removeAll(RDF.type);
representation.metadata.add(RDF.type, LDP.terms.Container);
representation.metadata.add(SOLID_HTTP.slug, 'newContainer');
representation.data = guardedStreamFrom([ `` ]);
const result = await store.addResource(resourceID, representation);
expect(result).toEqual({
path: `${root}newContainer/`,
});
});
it('generates a new URI if adding the slug would create an existing URI.', async(): Promise<void> => {
const resourceID = { path: root };
representation.metadata.add(SOLID_HTTP.slug, 'newName');
@@ -389,7 +414,7 @@ describe('A DataAccessorBasedStore', (): void => {
mock.mockRestore();
});
it('will error if the ending slash does not match its resource type.', async(): Promise<void> => {
it('will error if path does not end in slash and does not match its resource type.', async(): Promise<void> => {
const resourceID = { path: `${root}resource` };
representation.metadata.add(RDF.type, LDP.terms.Container);
await expect(store.setRepresentation(resourceID, representation)).rejects.toThrow(