def test_upload_validator_using_wrong_extension(rf: RequestFactory):
widget = AjaxUploadWidget(
ajax_target_path="/ajax",
upload_validators=[
ExtensionValidator(allowed_extensions=(".allowed-extension",))
],
)
widget.timeout = timedelta(seconds=1)
content = load_test_data()
upload_id = generate_new_upload_id(
test_upload_validator_using_wrong_extension, content
)
request = create_upload_file_request(
rf, content=b"should error", filename="test.wrong_extension"
)
response = widget.handle_ajax(request)
assert response.status_code == 403
request = create_upload_file_request(
rf, content=b"should error", filename="test.allowed-extension"
)
response = widget.handle_ajax(request)
assert response.status_code == 200
def test_inconsistent_chunks_rfc7233(rf: RequestFactory):
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
content = load_test_data()
# Overlapping chunks
upload_id = generate_new_upload_id(
test_inconsistent_chunks_rfc7233, content
)
part_1 = create_partial_upload_file_request(rf, upload_id, content, 0, 10)
part_2 = create_partial_upload_file_request(rf, upload_id, content, 5, 15)
widget.handle_ajax(part_1)
assert isinstance(widget.handle_ajax(part_2), HttpResponseBadRequest)
# Inconsistent filenames
upload_id += "x"
part_1 = create_partial_upload_file_request(
rf, upload_id, content, 0, 10, filename="a"
)
part_2 = create_partial_upload_file_request(
rf, upload_id, content, 10, 20, filename="b"
)
widget.handle_ajax(part_1)
assert isinstance(widget.handle_ajax(part_2), HttpResponseBadRequest)
# Inconsistent total size
upload_id += "x"
part_1 = create_partial_upload_file_request(
rf, upload_id, content[:20], 0, 10
)
part_2 = create_partial_upload_file_request(
rf, upload_id, content[:20], 10, 20
)
part_1.META["HTTP_CONTENT_RANGE"] = f"bytes 0-9/20"
part_2.META["HTTP_CONTENT_RANGE"] = f"bytes 10-19/30"
widget.handle_ajax(part_1)
assert isinstance(widget.handle_ajax(part_2), HttpResponseBadRequest)
def test_inconsistent_chunks_rfc7233(rf: RequestFactory):
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
content = load_test_data()
# Overlapping chunks
upload_id = generate_new_upload_id(
test_inconsistent_chunks_rfc7233, content
)
part_1 = create_partial_upload_file_request(rf, upload_id, content, 0, 10)
part_2 = create_partial_upload_file_request(rf, upload_id, content, 5, 15)
widget.handle_ajax(part_1)
assert isinstance(widget.handle_ajax(part_2), HttpResponseBadRequest)
# Inconsistent filenames
upload_id += "x"
part_1 = create_partial_upload_file_request(
rf, upload_id, content, 0, 10, filename="a"
)
part_2 = create_partial_upload_file_request(
rf, upload_id, content, 10, 20, filename="b"
)
widget.handle_ajax(part_1)
assert isinstance(widget.handle_ajax(part_2), HttpResponseBadRequest)
# Inconsistent total size
upload_id += "x"
part_1 = create_partial_upload_file_request(
rf, upload_id, content[:20], 0, 10
)
part_2 = create_partial_upload_file_request(
rf, upload_id, content[:20], 10, 20
)
part_1.META["HTTP_CONTENT_RANGE"] = f"bytes 0-9/20"
part_2.META["HTTP_CONTENT_RANGE"] = f"bytes 10-19/30"
widget.handle_ajax(part_1)
assert isinstance(widget.handle_ajax(part_2), HttpResponseBadRequest)
def test_wrong_upload_headers(rf: RequestFactory):
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
post_request = create_upload_file_request(rf)
post_request.META["CSRF_COOKIE"] = None
assert isinstance(widget.handle_ajax(post_request), HttpResponseForbidden)
post_request = create_upload_file_request(rf)
post_request.method = "PUT"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
def test_wrong_upload_headers(rf: RequestFactory):
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
post_request = create_upload_file_request(rf)
post_request.META["CSRF_COOKIE"] = None
assert isinstance(widget.handle_ajax(post_request), HttpResponseForbidden)
post_request = create_upload_file_request(rf)
post_request.method = "PUT"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
def test_wrong_upload_headers_rfc7233(rf: RequestFactory):
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
content = load_test_data()
upload_id = generate_new_upload_id(
test_wrong_upload_headers_rfc7233, content
)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
assert isinstance(widget.handle_ajax(post_request), JsonResponse)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["X-Upload-ID"] = None
post_request = force_post_update(post_request, "X-Upload-ID", None)
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META[
"HTTP_CONTENT_RANGE"
] = "corrupted data: 54343-3223/21323"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["HTTP_CONTENT_RANGE"] = "bytes 54343-3223/21323"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["HTTP_CONTENT_RANGE"] = "bytes 54343-3223/*"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["HTTP_CONTENT_RANGE"] = "bytes 1000-3000/2000"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["HTTP_CONTENT_RANGE"] = "bytes 1000-2000/*"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["X-Upload-ID"] = "a" * 1000
post_request = force_post_update(post_request, "X-Upload-ID", "a" * 1000)
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
def test_wrong_upload_headers_rfc7233(rf: RequestFactory):
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
content = load_test_data()
upload_id = generate_new_upload_id(
test_wrong_upload_headers_rfc7233, content
)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
assert isinstance(widget.handle_ajax(post_request), JsonResponse)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["X-Upload-ID"] = None
post_request = force_post_update(post_request, "X-Upload-ID", None)
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META[
"HTTP_CONTENT_RANGE"
] = "corrupted data: 54343-3223/21323"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["HTTP_CONTENT_RANGE"] = "bytes 54343-3223/21323"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["HTTP_CONTENT_RANGE"] = "bytes 54343-3223/*"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["HTTP_CONTENT_RANGE"] = "bytes 1000-3000/2000"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["HTTP_CONTENT_RANGE"] = "bytes 1000-2000/*"
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
post_request = create_partial_upload_file_request(
rf, upload_id, content, 0, 10
)
post_request.META["X-Upload-ID"] = "a" * 1000
post_request = force_post_update(post_request, "X-Upload-ID", "a" * 1000)
assert isinstance(widget.handle_ajax(post_request), HttpResponseBadRequest)
def test_single_chunk(rf: RequestFactory):
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
filename = "test.bin"
post_request = create_upload_file_request(rf, filename=filename)
response = widget.handle_ajax(post_request)
assert isinstance(response, JsonResponse)
parsed_json = json.loads(response.content)
assert len(parsed_json) == 1
assert parsed_json[0]["filename"] == filename
assert "uuid" in parsed_json[0]
assert "extra_attrs" in parsed_json[0]
staged_file = StagedAjaxFile(uuid.UUID(parsed_json[0]["uuid"]))
with staged_file.open() as f:
staged_content = f.read()
assert staged_content == load_test_data()
def test_single_chunk(rf: RequestFactory):
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
filename = 'test.bin'
post_request = create_upload_file_request(rf, filename=filename)
response = widget.handle_ajax(post_request)
assert isinstance(response, JsonResponse)
parsed_json = json.loads(response.content)
assert len(parsed_json) == 1
assert parsed_json[0]["filename"] == filename
assert "uuid" in parsed_json[0]
assert "extra_attrs" in parsed_json[0]
staged_file = StagedAjaxFile(uuid.UUID(parsed_json[0]["uuid"]))
with staged_file.open() as f:
staged_content = f.read()
assert staged_content == load_test_data()
def test_rfc7233_implementation(rf: RequestFactory):
content = load_test_data()
upload_id = generate_new_upload_id(test_rfc7233_implementation, content)
part_1 = create_partial_upload_file_request(rf, upload_id, content, 0, 10)
part_2 = create_partial_upload_file_request(rf, upload_id, content, 10,
len(content) // 2)
part_3 = create_partial_upload_file_request(rf, upload_id, content,
len(content) // 2,
len(content))
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
response = widget.handle_ajax(part_1)
assert isinstance(response, JsonResponse)
response = widget.handle_ajax(part_2)
assert isinstance(response, JsonResponse)
response = widget.handle_ajax(part_3)
assert isinstance(response, JsonResponse)
parsed_json = json.loads(response.content)
staged_file = StagedAjaxFile(uuid.UUID(parsed_json[0]["uuid"]))
with staged_file.open() as f:
staged_content = f.read()
assert staged_content == content
def test_rfc7233_implementation(rf: RequestFactory):
content = load_test_data()
upload_id = generate_new_upload_id(test_rfc7233_implementation, content)
part_1 = create_partial_upload_file_request(rf, upload_id, content, 0, 10)
part_2 = create_partial_upload_file_request(
rf, upload_id, content, 10, len(content) // 2
)
part_3 = create_partial_upload_file_request(
rf, upload_id, content, len(content) // 2, len(content)
)
widget = AjaxUploadWidget(ajax_target_path="/ajax")
widget.timeout = timedelta(seconds=1)
response = widget.handle_ajax(part_1)
assert isinstance(response, JsonResponse)
response = widget.handle_ajax(part_2)
assert isinstance(response, JsonResponse)
response = widget.handle_ajax(part_3)
assert isinstance(response, JsonResponse)
parsed_json = json.loads(response.content)
staged_file = StagedAjaxFile(uuid.UUID(parsed_json[0]["uuid"]))
with staged_file.open() as f:
staged_content = f.read()
assert staged_content == content
def test_upload_validator_using_wrong_extension(rf: RequestFactory):
widget = AjaxUploadWidget(
ajax_target_path="/ajax",
upload_validators=[
ExtensionValidator(allowed_extensions=('.allowed-extension', ))
],
)
widget.timeout = timedelta(seconds=1)
content = load_test_data()
upload_id = generate_new_upload_id(
test_upload_validator_using_wrong_extension, content)
request = create_upload_file_request(rf,
content=b"should error",
filename="test.wrong_extension")
response = widget.handle_ajax(request)
assert response.status_code == 403
request = create_upload_file_request(rf,
content=b"should error",
filename="test.allowed-extension")
response = widget.handle_ajax(request)
assert response.status_code == 200