Refactor playwright tests, change button text for better usability and validate mimetype in API layer

2025-11-22 02:41:35 +01:00 · 2024-10-25 19:23:38 +02:00
parent 4e98df5790
commit f79cbffa5a
38 changed files with 1396 additions and 1167 deletions
--- a/rest-api/db/migrations/20240810115846_image_upload_function.sql
+++ b/rest-api/db/migrations/20240810115846_image_upload_function.sql
@@ -6,13 +6,31 @@ AS $$
 DECLARE
  _headers JSON := CURRENT_SETTING('request.headers', TRUE)::JSON;
  _website_id UUID := (_headers ->> 'x-website-id')::UUID;
-  _mimetype TEXT := _headers ->> 'x-mimetype';
  _original_filename TEXT := _headers ->> 'x-original-filename';
  _allowed_mimetypes TEXT[] := ARRAY['image/png', 'image/jpeg', 'image/webp', 'image/avif', 'image/gif', 'image/svg+xml'];
  _max_file_size BIGINT := 5 * 1024 * 1024;
  _has_access BOOLEAN;
+  _mimetype TEXT;
 BEGIN
  _has_access = internal.user_has_website_access (_website_id, 20);
+  _mimetype := CASE WHEN SUBSTRING($1 FROM 1 FOR 8) = '\x89504E470D0A1A0A'::BYTEA THEN
+    'image/png'
+  WHEN SUBSTRING($1 FROM 1 FOR 3) = '\xFFD8FF'::BYTEA THEN
+    'image/jpeg'
+  WHEN SUBSTRING($1 FROM 1 FOR 4) = '\x52494646'::BYTEA
+    AND SUBSTRING($1 FROM 9 FOR 4) = '\x57454250'::BYTEA THEN
+    'image/webp'
+  WHEN SUBSTRING($1 FROM 5 FOR 7) = '\x66747970617669'::BYTEA THEN
+    'image/avif'
+  WHEN SUBSTRING($1 FROM 1 FOR 6) = '\x474946383761'::BYTEA
+    OR SUBSTRING($1 FROM 1 FOR 6) = '\x474946383961'::BYTEA THEN
+    'image/gif'
+  WHEN SUBSTRING($1 FROM 1 FOR 5) = '\x3C3F786D6C'::BYTEA
+    OR SUBSTRING($1 FROM 1 FOR 4) = '\x3C737667'::BYTEA THEN
+    'image/svg+xml'
+  ELSE
+    NULL
+  END;
  IF OCTET_LENGTH($1) = 0 THEN
    RAISE invalid_parameter_value
    USING message = 'No file data was provided';
--- a/rest-api/db/migrations/20240911070907_change_log.sql
+++ b/rest-api/db/migrations/20240911070907_change_log.sql
@@ -36,6 +36,7 @@ CREATE FUNCTION internal.track_changes ()
 DECLARE
  _website_id UUID;
  _user_id UUID := (CURRENT_SETTING('request.jwt.claims', TRUE)::JSON ->> 'user_id')::UUID;
+  _new_value HSTORE;
 BEGIN
  IF (NOT EXISTS (
    SELECT
@@ -43,7 +44,7 @@ BEGIN
    FROM
      internal.user AS u
    WHERE
-      u.id = _user_id) OR (to_jsonb (OLD.*) - 'last_modified_at' - 'last_modified_by') = (to_jsonb (NEW.*) - 'last_modified_at' - 'last_modified_by')) THEN
+      u.id = _user_id) OR REGEXP_REPLACE((to_jsonb (OLD.*) - 'last_modified_at' - 'last_modified_by')::TEXT, '\r\n|\r', '\n', 'g') = REGEXP_REPLACE((to_jsonb (NEW.*) - 'last_modified_at' - 'last_modified_by')::TEXT, '\r\n|\r', '\n', 'g')) THEN
    RETURN NULL;
  END IF;
  IF TG_TABLE_NAME = 'website' THEN
@@ -52,8 +53,13 @@ BEGIN
    _website_id := COALESCE(NEW.website_id, OLD.website_id);
  END IF;
  IF TG_OP = 'INSERT' THEN
+    _new_value := CASE WHEN TG_TABLE_NAME = 'media' THEN
+      HSTORE (NEW) - 'blob'::TEXT
+    ELSE
+      HSTORE (NEW)
+    END;
    INSERT INTO internal.change_log (website_id, table_name, operation, new_value)
-      VALUES (_website_id, TG_TABLE_NAME, TG_OP, HSTORE (NEW));
+      VALUES (_website_id, TG_TABLE_NAME, TG_OP, _new_value);
  ELSIF (TG_OP = 'UPDATE'
      AND EXISTS (
        SELECT
@@ -86,6 +92,11 @@ CREATE TRIGGER track_changes_website
  FOR EACH ROW
  EXECUTE FUNCTION internal.track_changes ();

+CREATE TRIGGER track_changes_media
+  AFTER INSERT ON internal.media
+  FOR EACH ROW
+  EXECUTE FUNCTION internal.track_changes ();
+
 CREATE TRIGGER track_changes_settings
  AFTER UPDATE ON internal.settings
  FOR EACH ROW
@@ -129,6 +140,8 @@ CREATE TRIGGER track_changes_collab
 -- migrate:down
 DROP TRIGGER track_changes_website ON internal.website;

+DROP TRIGGER track_changes_media ON internal.media;
+
 DROP TRIGGER track_changes_settings ON internal.settings;

 DROP TRIGGER track_changes_header ON internal.header;
--- a/rest-api/db/migrations/20241011092744_filesystem_triggers.sql
+++ b/rest-api/db/migrations/20241011092744_filesystem_triggers.sql
@@ -5,27 +5,29 @@ CREATE FUNCTION internal.cleanup_filesystem ()
 DECLARE
  _website_id UUID;
  _domain_prefix VARCHAR(16);
+  _base_path CONSTANT TEXT := '/var/www/archtika-websites/';
+  _preview_path TEXT;
+  _prod_path TEXT;
 BEGIN
  IF TG_TABLE_NAME = 'website' THEN
    _website_id := OLD.id;
-    SELECT
-      d.prefix INTO _domain_prefix
-    FROM
-      internal.domain_prefix AS d
-    WHERE
-      d.website_id = _website_id;
-    EXECUTE FORMAT('COPY (SELECT '''') TO PROGRAM ''rm -rf /var/www/archtika-websites/previews/%s''', _website_id);
-    EXECUTE FORMAT('COPY (SELECT '''') TO PROGRAM ''rm -rf /var/www/archtika-websites/%s''', COALESCE(_domain_prefix, _website_id::VARCHAR));
  ELSE
    _website_id := OLD.website_id;
-    SELECT
-      d.prefix INTO _domain_prefix
-    FROM
-      internal.domain_prefix AS d
-    WHERE
-      d.website_id = _website_id;
-    EXECUTE FORMAT('COPY (SELECT '''') TO PROGRAM ''rm -rf /var/www/archtika-websites/previews/%s/legal-information.html''', _website_id);
-    EXECUTE FORMAT('COPY (SELECT '''') TO PROGRAM ''rm -rf /var/www/archtika-websites/%s/legal-information.html''', COALESCE(_domain_prefix, _website_id::VARCHAR));
+  END IF;
+  SELECT
+    d.prefix INTO _domain_prefix
+  FROM
+    internal.domain_prefix d
+  WHERE
+    d.website_id = _website_id;
+  _preview_path := _base_path || 'previews/' || _website_id;
+  _prod_path := _base_path || COALESCE(_domain_prefix, _website_id::TEXT);
+  IF TG_TABLE_NAME = 'website' THEN
+    EXECUTE FORMAT('COPY (SELECT '''') TO PROGRAM ''rm -rf %s''', _preview_path);
+    EXECUTE FORMAT('COPY (SELECT '''') TO PROGRAM ''rm -rf %s''', _prod_path);
+  ELSE
+    EXECUTE FORMAT('COPY (SELECT '''') TO PROGRAM ''rm -f %s/legal-information.html''', _preview_path);
+    EXECUTE FORMAT('COPY (SELECT '''') TO PROGRAM ''rm -f %s/legal-information.html''', _prod_path);
  END IF;
  RETURN OLD;
 END;