上传头像大小和图片类型在后台加入限制,且通过测试
This commit is contained in:
parent
d2a7d41963
commit
49d836d331
|
@ -1,6 +1,6 @@
|
|||
class AvatarController < ApplicationController
|
||||
|
||||
|
||||
include ActionView::Helpers::NumberHelper
|
||||
#before_filter :set_cache_buster
|
||||
include AvatarHelper
|
||||
|
||||
|
@ -29,6 +29,10 @@ class AvatarController < ApplicationController
|
|||
end
|
||||
|
||||
if @temp_file && (@temp_file.size > 0)
|
||||
if @temp_file.size > Setting.upload_avatar_max_size.to_i
|
||||
@status = 1
|
||||
@msg = l(:error_upload_avatar_to_large, :max_size => number_to_human_size(Setting.upload_avatar_max_size.to_i))
|
||||
elsif Trustie::Utils::Image.new(@temp_file.tempfile.path).image?
|
||||
diskfile=disk_filename(@source_type,@source_id)
|
||||
@urlfile='/' << File.join("images","avatars",avatar_directory(@source_type),avatar_filename(@source_id,@image_file))
|
||||
|
||||
|
@ -56,16 +60,20 @@ class AvatarController < ApplicationController
|
|||
md5.update(@temp_file)
|
||||
end
|
||||
end
|
||||
# self.digest = md5.hexdigest
|
||||
|
||||
Trustie::Utils::Image.new(diskfile,true).compress(300)
|
||||
@status = 0
|
||||
@msg = ''
|
||||
else
|
||||
@status = 2
|
||||
@msg = l(:not_valid_image_file)
|
||||
end
|
||||
end
|
||||
@temp_file = nil
|
||||
|
||||
image = Trustie::Utils::Image.new(diskfile,true)
|
||||
image.compress(300)
|
||||
|
||||
respond_to do |format|
|
||||
format.json{
|
||||
render :inline => "#{@urlfile.to_s}?#{Time.now.to_i}",:content_type => 'text/html'
|
||||
render :inline => {status: @status, message:@msg, url:"#{@urlfile.to_s}?#{Time.now.to_i}"}.to_json,:content_type => 'text/html'
|
||||
return
|
||||
}
|
||||
format.js
|
||||
|
|
|
@ -1521,4 +1521,5 @@ en:
|
|||
label_commit_failed: commit failed
|
||||
#api end
|
||||
error_upload_avatar_to_large: "too big (%{max_size})"
|
||||
not_valid_image_file: not a valid image file
|
||||
|
||||
|
|
|
@ -1984,3 +1984,4 @@ zh:
|
|||
label_code: 代码
|
||||
|
||||
error_upload_avatar_to_large: "超过大小限制 (%{max_size})"
|
||||
not_valid_image_file: 不是有效的图片文件
|
||||
|
|
|
@ -3,11 +3,37 @@
|
|||
module Trustie
|
||||
module Utils
|
||||
class Image
|
||||
def initialize(file, bak)
|
||||
def initialize(file, bak=false)
|
||||
@file = file
|
||||
@bak = bak
|
||||
end
|
||||
|
||||
def bitmap?(data)
|
||||
data[0,2]==77.chr + 66.chr
|
||||
end
|
||||
|
||||
def gif?(data)
|
||||
data[0,4]==71.chr + 73.chr + 70.chr + 56.chr
|
||||
end
|
||||
|
||||
def jpeg?(data)
|
||||
data[0,4]== 0xff.chr + 0xd8.chr + 0xff.chr + 0xe0.chr
|
||||
end
|
||||
def png?(data)
|
||||
data[0,2]==0x89.chr + 80.chr
|
||||
end
|
||||
|
||||
def image?
|
||||
begin
|
||||
f = File.open(@file,'rb') # rb means to read using binary
|
||||
return false if f.size < 9
|
||||
data = f.read(9) # magic numbers are up to 9 bytes
|
||||
return bitmap?(data) || gif?(data) || jpeg?(data) || png?(data)
|
||||
ensure
|
||||
f.close
|
||||
end
|
||||
end
|
||||
|
||||
def compress(size=300)
|
||||
backup if @bak
|
||||
begin
|
||||
|
|
|
@ -44,9 +44,18 @@ $(function() {
|
|||
},
|
||||
done: function(e, data) {
|
||||
var imgSpan = jQuery('#avatar_image');
|
||||
var result = data.result.text ? data.result.text() : data.result;
|
||||
if(result){
|
||||
var o = JSON.parse(result);
|
||||
if(o.status == 0){
|
||||
imgSpan.attr({
|
||||
"src": data.result.text ? data.result.text() : data.result
|
||||
"src": o.url
|
||||
});
|
||||
} else {
|
||||
alert(o.message);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
});
|
||||
});
|
||||
|
|
|
@ -35,13 +35,53 @@ RSpec.describe "课程", :type => :request do
|
|||
context "修改课程图片" do
|
||||
include Rack::Test::Methods
|
||||
let(:avatar) {Rack::Test::UploadedFile.new("#{Rails.root}/spec/fixtures/test.jpg",'image/jpg')}
|
||||
|
||||
context "正常图片上传成功" do
|
||||
subject(:resp) {post upload_avatar_path(source_type: 'Course', source_id: course.id, format: :json),"avatar"=>{image: avatar}}
|
||||
it{ expect(subject).to be_ok }
|
||||
it{ expect(subject.body).not_to be_empty }
|
||||
it "状态要为0" do
|
||||
o = ActiveSupport::JSON.decode(subject.body)
|
||||
expect(o["status"]).to eq(0)
|
||||
end
|
||||
it "要回传图片地址" do
|
||||
o = ActiveSupport::JSON.decode(subject.body)
|
||||
expect(o["url"]).not_to be_empty
|
||||
end
|
||||
end
|
||||
|
||||
context "不是图片,上传失败" do
|
||||
let(:invalid_avatar) {Rack::Test::UploadedFile.new("#{Rails.root}/spec/fixtures/hah.txt",'text/plain')}
|
||||
before do
|
||||
resp = post upload_avatar_path(source_type: 'Course', source_id: course.id, format: :json),"avatar"=>{image: invalid_avatar}
|
||||
@o = ActiveSupport::JSON.decode(resp.body)
|
||||
end
|
||||
it "状态要为0" do
|
||||
expect(@o["status"]).not_to eq(0)
|
||||
end
|
||||
it "要回传错误信息" do
|
||||
expect(@o["message"]).to be_include("图片")
|
||||
end
|
||||
end
|
||||
|
||||
context "文件过大,上传失败" do
|
||||
before do
|
||||
big_file = Rack::Test::UploadedFile.new("#{Rails.root}/spec/fixtures/test.jpg",'image/jpg')
|
||||
allow(ActionDispatch::Http::UploadedFile).to receive(:new).and_return(double('BigFile',size: 10*1024*1024, original_filename: 'rais.jpg', tempfile: nil))
|
||||
# trace = TracePoint.new(:call) do |tp|
|
||||
# p [tp.lineno, tp.defined_class, tp.method_id, tp.event] if tp.method_id == :post
|
||||
# end
|
||||
resp = post upload_avatar_path(source_type: 'Course', source_id: course.id, format: :json),'avatar[image]'=> big_file
|
||||
@o = ActiveSupport::JSON.decode(resp.body)
|
||||
end
|
||||
it "状态要为0" do
|
||||
expect(@o["status"]).not_to eq(0)
|
||||
end
|
||||
it "要回传错误信息" do
|
||||
expect(@o["message"]).to be_include("大")
|
||||
end
|
||||
end
|
||||
|
||||
it "不是图片,上传失败"
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue