Empty string avatar is forbidden

kandanapp · Jul 18, 2013 · 4d1802f · 4d1802f
1 parent 6641773
commit 4d1802f
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 30 deletions.
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -81,43 +81,50 @@ def suspend!
   # Check if avatar size does not exceed setting paramater :external_avatar_max_size
   # and if image extension is allowed
   def check_external_avatar
-    if self.avatar_url and self.avatar_url.length > 0
-      uri = URI(avatar_url)
-
-      # Check for file extension
-      extension = File.extname(uri.path)
-      unless Kandan::Config.options[:external_avatar_formats].include? extension.downcase
-        errors.add(:avatar_url, "extension is invalid")
-        return
-      end
+    # avatar url is not required
+    if self.avatar_url.nil?
+      return
+    end
 
-      # Check protocol
-      unless ['http', 'https'].include?(uri.scheme)
-        errors.add(:avatar_url, "protocol is invalid")
-        return
-      end
+    if self.avatar_url.empty?
+      errors.add(:avatar_url, "cannot be empty")
+      return
+    end
 
-      # Check for file size
-      Net::HTTP.start(uri.host, uri.port, 
-                      :use_ssl => uri.scheme == 'https') do |http|
-        begin
-          response = http.request_head(uri.to_s)
-          file_size = response['content-length']
+    uri = URI(avatar_url)
 
-          if file_size.nil?
-            file_size = 0
-          end
+    # Check for file extension
+    extension = File.extname(uri.path)
+    unless Kandan::Config.options[:external_avatar_formats].include? extension.downcase
+      errors.add(:avatar_url, "extension is invalid")
+      return
+    end
 
-          size_in_bounds = Integer(file_size).between?(1, Kandan::Config.options[:external_avatar_max_size])
-          unless size_in_bounds
-            errors.add(:avatar_url, "image size is out of bounds (maximum %{max_size} bytes)" % {:max_size => Kandan::Config.options[:external_avatar_max_size]})
-          end
+    # Check protocol
+    unless ['http', 'https'].include?(uri.scheme)
+      errors.add(:avatar_url, "protocol is invalid")
+      return
+    end
 
-        rescue
-          errors.add(:avatar_url, "is invalid")
+    # Check for file size
+    Net::HTTP.start(uri.host, uri.port, 
+                    :use_ssl => uri.scheme == 'https') do |http|
+      begin
+        response = http.request_head(uri.to_s)
+        file_size = response['content-length']
+
+        if file_size.nil?
+          file_size = 0
         end
-      end
 
+        size_in_bounds = Integer(file_size).between?(1, Kandan::Config.options[:external_avatar_max_size])
+        unless size_in_bounds
+          errors.add(:avatar_url, "image size is out of bounds (maximum %{max_size} bytes)" % {:max_size => Kandan::Config.options[:external_avatar_max_size]})
+        end
+
+      rescue
+        errors.add(:avatar_url, "is invalid")
+      end
     end
   end
 

diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
@@ -105,6 +105,13 @@
         expect(subject).to_not be_valid
         expect(subject.errors).to have_key(:avatar_url)      
       end
+
+      it "should not validate empty url as avatar" do
+        subject.avatar_url = ""
+        expect(subject.save).to be_false
+        expect(subject).to_not be_valid
+        expect(subject.errors).to have_key(:avatar_url)
+      end        
     end
   end 
 end