Commit 734b8f93 authored by Douwe Maan's avatar Douwe Maan

Merge branch 'fj-51194-fix-wiki-attachments-with-whitespaces' into 'master'

Replace whitespaces in wiki page attachments file names

Closes #51194

See merge request gitlab-org/gitlab-ce!21569
parents 7f2b287f f67211f9
......@@ -11,7 +11,7 @@ module Wikis
def initialize(*args)
super
@file_name = truncate_file_name(params[:file_name])
@file_name = clean_file_name(params[:file_name])
@file_path = File.join(ATTACHMENT_PATH, SecureRandom.hex, @file_name) if @file_name
@commit_message ||= "Upload attachment #{@file_name}"
@branch_name ||= wiki.default_branch
......@@ -23,8 +23,16 @@ module Wikis
private
def truncate_file_name(file_name)
def clean_file_name(file_name)
return unless file_name.present?
file_name = truncate_file_name(file_name)
# CommonMark does not allow Urls with whitespaces, so we have to replace them
# Using the same regex Carrierwave use to replace invalid characters
file_name.gsub(CarrierWave::SanitizedFile.sanitize_regexp, '_')
end
def truncate_file_name(file_name)
return file_name if file_name.length <= MAX_FILENAME_LENGTH
extension = File.extname(file_name)
......
---
title: Replace white spaces in wiki attachments file names
merge_request: 21569
author:
type: fixed
......@@ -88,8 +88,30 @@ describe Wikis::CreateAttachmentService do
end
end
describe 'validations' do
describe '#parse_file_name' do
context 'when file_name' do
context 'has white spaces' do
let(:file_name) { 'file with spaces' }
it "replaces all of them with '_'" do
result = service.execute
expect(result[:status]).to eq :success
expect(result[:result][:file_name]).to eq 'file_with_spaces'
end
end
context 'has other invalid characters' do
let(:file_name) { "file\twith\tinvalid chars" }
it "replaces all of them with '_'" do
result = service.execute
expect(result[:status]).to eq :success
expect(result[:result][:file_name]).to eq 'file_with_invalid_chars'
end
end
context 'is not present' do
let(:file_name) { nil }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment