Fix bug where an empty image title would corrupt a Sone’s albums’ state

diff --git a/src/main/java/net/pterodactylus/sone/web/UploadImagePage.java b/src/main/java/net/pterodactylus/sone/web/UploadImagePage.java
index 7621a6d..f65c62e 100644 (file)
--- a/src/main/java/net/pterodactylus/sone/web/UploadImagePage.java
+++ b/src/main/java/net/pterodactylus/sone/web/UploadImagePage.java
@@ -91,7 +91,10 @@ public class UploadImagePage extends SoneTemplatePage {
                        if (!currentSone.equals(parent.getSone())) {
                                throw new RedirectException("noPermission.html");
                        }
-                       String name = request.getHttpRequest().getPartAsStringFailsafe("title", 200);
+                       String name = request.getHttpRequest().getPartAsStringFailsafe("title", 200).trim();
+                       if (name.length() == 0) {
+                               throw new RedirectException("emptyImageTitle.html");
+                       }
                        String description = request.getHttpRequest().getPartAsStringFailsafe("description", 4000);
                        HTTPUploadedFile uploadedFile = request.getHttpRequest().getUploadedFile("image");
                        Bucket fileBucket = uploadedFile.getData();

diff --git a/src/test/java/net/pterodactylus/sone/web/UploadImagePageTest.java b/src/test/java/net/pterodactylus/sone/web/UploadImagePageTest.java
new file mode 100644 (file)
index 0000000..4b31b90
--- /dev/null
+++ b/src/test/java/net/pterodactylus/sone/web/UploadImagePageTest.java
@@ -0,0 +1,94 @@
+package net.pterodactylus.sone.web;
+
+import static org.mockito.Matchers.any;
+import static org.mockito.Matchers.anyInt;
+import static org.mockito.Matchers.eq;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import java.net.URI;
+
+import net.pterodactylus.sone.core.Core;
+import net.pterodactylus.sone.core.UpdateChecker;
+import net.pterodactylus.sone.data.Album;
+import net.pterodactylus.sone.data.Sone;
+import net.pterodactylus.sone.web.page.FreenetRequest;
+import net.pterodactylus.sone.web.page.FreenetTemplatePage.RedirectException;
+import net.pterodactylus.util.template.Template;
+import net.pterodactylus.util.template.TemplateContext;
+import net.pterodactylus.util.web.Method;
+
+import freenet.clients.http.ToadletContext;
+import freenet.support.api.HTTPRequest;
+
+import org.hamcrest.Description;
+import org.hamcrest.Matcher;
+import org.hamcrest.TypeSafeDiagnosingMatcher;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.ExpectedException;
+
+/**
+ * Unit test for {@link UploadImagePageTest}.
+ *
+ * @author <a href="mailto:bombe@pterodactylus.net">David ‘Bombe’ Roden</a>
+ */
+public class UploadImagePageTest {
+
+       @Rule
+       public final ExpectedException expectedException = ExpectedException.none();
+
+       private final Template template = new Template();
+       private final WebInterface webInterface = mock(WebInterface.class);
+       private final UploadImagePage uploadImagePage = new UploadImagePage(template, webInterface);
+
+       private final TemplateContext templateContext = new TemplateContext();
+       private final HTTPRequest httpRequest = mock(HTTPRequest.class);
+       private final ToadletContext toadletContext = mock(ToadletContext.class);
+       private final Core core = mock(Core.class);
+       private final Sone currentSone = mock(Sone.class);
+       private final Album parentAlbum = mock(Album.class);
+
+       @Before
+       public void setupWebInterface() {
+               UpdateChecker updateChecker = mock(UpdateChecker.class);
+               when(core.getUpdateChecker()).thenReturn(updateChecker);
+               when(webInterface.getCore()).thenReturn(core);
+               when(webInterface.getCurrentSone(any(ToadletContext.class))).thenReturn(currentSone);
+       }
+
+       @Before
+       public void setupParentAlbum() {
+               when(core.getAlbum("parent-id")).thenReturn(parentAlbum);
+               when(parentAlbum.getSone()).thenReturn(currentSone);
+       }
+
+       @Test
+       public void uploadingAnImageWithoutTitleRedirectsToEmptyImageTitlePage() throws Exception {
+               FreenetRequest request = new FreenetRequest(new URI(""), Method.POST, httpRequest, toadletContext);
+               when(httpRequest.getPartAsStringFailsafe(eq("parent"), anyInt())).thenReturn("parent-id");
+               when(httpRequest.getPartAsStringFailsafe(eq("title"), anyInt())).thenReturn("  ");
+               expectedException.expect(redirectsTo("emptyImageTitle.html"));
+               uploadImagePage.processTemplate(request, templateContext);
+       }
+
+       private Matcher<RedirectException> redirectsTo(final String page) {
+               return new TypeSafeDiagnosingMatcher<RedirectException>() {
+                       @Override
+                       protected boolean matchesSafely(RedirectException exception, Description mismatchDescription) {
+                               if (!exception.getTarget().equals(page)) {
+                                       mismatchDescription.appendText("target is ").appendValue(exception.getTarget());
+                                       return false;
+                               }
+                               return true;
+                       }
+
+                       @Override
+                       public void describeTo(Description description) {
+                               description.appendText("target is ").appendValue(page);
+                       }
+               };
+       }
+
+}