Commit 1bc9459a authored by catch's avatar catch

Issue #2797639 by jzavrl, slashrsm, yobottehg, tassilogroeper, Yogesh Pawar,...

Issue #2797639 by jzavrl, slashrsm, yobottehg, tassilogroeper, Yogesh Pawar, Berdir: For multi language private files FileDownloadController is used for the ImageStyle instead of ImageStyleDownloadController
parent 4352db07
......@@ -48,7 +48,7 @@ public function getDirectoryPath() {
*/
public function getExternalUrl() {
$path = str_replace('\\', '/', $this->getTarget());
return $this->url('system.private_file_download', ['filepath' => $path], ['absolute' => TRUE]);
return $this->url('system.private_file_download', ['filepath' => $path], ['absolute' => TRUE, 'path_processing' => FALSE]);
}
/**
......
......@@ -48,8 +48,11 @@ public function processInbound($path, Request $request) {
if (strpos($path, '/' . $directory_path . '/styles/') === 0) {
$path_prefix = '/' . $directory_path . '/styles/';
}
elseif (strpos($path, '/system/files/styles/') === 0) {
// Check if the string '/system/files/styles/' exists inside the path,
// that means we have a case of private file's image style.
elseif (strpos($path, '/system/files/styles/') !== FALSE) {
$path_prefix = '/system/files/styles/';
$path = substr($path, strpos($path, $path_prefix), strlen($path));
}
else {
return $path;
......
......@@ -3,6 +3,7 @@
namespace Drupal\image\Tests;
use Drupal\image\Entity\ImageStyle;
use Drupal\language\Entity\ConfigurableLanguage;
use Drupal\simpletest\WebTestBase;
/**
......@@ -17,18 +18,29 @@ class ImageStylesPathAndUrlTest extends WebTestBase {
*
* @var array
*/
public static $modules = ['image', 'image_module_test'];
public static $modules = ['image', 'image_module_test', 'language'];
/**
* The image style.
*
* @var \Drupal\image\ImageStyleInterface
*/
protected $style;
/**
* {@inheritdoc}
*/
protected function setUp() {
parent::setUp();
$this->style = ImageStyle::create(['name' => 'style_foo', 'label' => $this->randomString()]);
$this->style = ImageStyle::create([
'name' => 'style_foo',
'label' => $this->randomString(),
]);
$this->style->save();
// Create a new language.
ConfigurableLanguage::createFromLangcode('fr')->save();
}
/**
......@@ -73,6 +85,20 @@ public function testImageStyleUrlAndPathPrivateUnclean() {
$this->doImageStyleUrlAndPathTests('private', FALSE);
}
/**
* Tests an image style URL with the "public://" schema and language prefix.
*/
public function testImageStyleUrlAndPathPublicLanguage() {
$this->doImageStyleUrlAndPathTests('public', TRUE, TRUE, 'fr');
}
/**
* Tests an image style URL with the "private://" schema and language prefix.
*/
public function testImageStyleUrlAndPathPrivateLanguage() {
$this->doImageStyleUrlAndPathTests('private', TRUE, TRUE, 'fr');
}
/**
* Tests an image style URL with a file URL that has an extra slash in it.
*/
......@@ -93,7 +119,7 @@ public function testImageStyleUrlForMissingSourceImage() {
/**
* Tests building an image style URL.
*/
public function doImageStyleUrlAndPathTests($scheme, $clean_url = TRUE, $extra_slash = FALSE) {
public function doImageStyleUrlAndPathTests($scheme, $clean_url = TRUE, $extra_slash = FALSE, $langcode = FALSE) {
$this->prepareRequestForGenerator($clean_url);
// Make the default scheme neither "public" nor "private" to verify the
......@@ -105,6 +131,13 @@ public function doImageStyleUrlAndPathTests($scheme, $clean_url = TRUE, $extra_s
$status = file_prepare_directory($directory, FILE_CREATE_DIRECTORY);
$this->assertNotIdentical(FALSE, $status, 'Created the directory for the generated images for the test style.');
// Override the language to build the URL for the correct language.
if ($langcode) {
$language_manager = \Drupal::service('language_manager');
$language = $language_manager->getLanguage($langcode);
$language_manager->setConfigOverrideLanguage($language);
}
// Create a working copy of the file.
$files = $this->drupalGetTestFiles('image');
$file = array_shift($files);
......@@ -119,6 +152,11 @@ public function doImageStyleUrlAndPathTests($scheme, $clean_url = TRUE, $extra_s
$this->assertFalse(file_exists($generated_uri), 'Generated file does not exist.');
$generate_url = $this->style->buildUrl($original_uri, $clean_url);
// Make sure that language prefix is never added to the image style URL.
if ($langcode) {
$this->assertTrue(strpos($generate_url, "/$langcode/") === FALSE, 'Langcode was not found in the image style URL.');
}
// Ensure that the tests still pass when the file is generated by accessing
// a poorly constructed (but still valid) file URL that has an extra slash
// in it.
......@@ -157,7 +195,8 @@ public function doImageStyleUrlAndPathTests($scheme, $clean_url = TRUE, $extra_s
$this->assertEqual($this->drupalGetHeader('Content-Length'), $image->getFileSize(), 'Expected Content-Length was reported.');
// Check that we did not download the original file.
$original_image = $this->container->get('image.factory')->get($original_uri);
$original_image = $this->container->get('image.factory')
->get($original_uri);
$this->assertNotEqual($this->drupalGetHeader('Content-Length'), $original_image->getFileSize());
if ($scheme == 'private') {
......@@ -192,13 +231,15 @@ public function doImageStyleUrlAndPathTests($scheme, $clean_url = TRUE, $extra_s
$this->drupalGet($generate_url_noaccess);
$this->assertResponse(403, 'Confirmed that access is denied for the private image style.');
// Verify that images are not appended to the response. Currently this test only uses PNG images.
// Verify that images are not appended to the response.
// Currently this test only uses PNG images.
if (strpos($generate_url, '.png') === FALSE) {
$this->fail('Confirming that private image styles are not appended require PNG file.');
}
else {
// Check for PNG-Signature (cf. http://www.libpng.org/pub/png/book/chapter08.html#png.ch08.div.2) in the
// response body.
// Check for PNG-Signature
// (cf. http://www.libpng.org/pub/png/book/chapter08.html#png.ch08.div.2)
// in the response body.
$this->assertNoRaw(chr(137) . chr(80) . chr(78) . chr(71) . chr(13) . chr(10) . chr(26) . chr(10), 'No PNG signature found in the response body.');
}
}
......@@ -215,7 +256,9 @@ public function doImageStyleUrlAndPathTests($scheme, $clean_url = TRUE, $extra_s
// Allow insecure image derivatives to be created for the remainder of this
// test.
$this->config('image.settings')->set('allow_insecure_derivatives', TRUE)->save();
$this->config('image.settings')
->set('allow_insecure_derivatives', TRUE)
->save();
// Create another working copy of the file.
$files = $this->drupalGetTestFiles('image');
......@@ -239,7 +282,8 @@ public function doImageStyleUrlAndPathTests($scheme, $clean_url = TRUE, $extra_s
// Stop supressing the security token in the URL.
$this->config('image.settings')->set('suppress_itok_output', FALSE)->save();
// Ensure allow_insecure_derivatives is enabled.
$this->assertEqual($this->config('image.settings')->get('allow_insecure_derivatives'), TRUE);
$this->assertEqual($this->config('image.settings')
->get('allow_insecure_derivatives'), TRUE);
// Check that a security token is still required when generating a second
// image derivative using the first one as a source.
$nested_url = $this->style->buildUrl($generated_uri, $clean_url);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment