From 4d1802f5059c3aa2c6decc272e834c3da9818ada Mon Sep 17 00:00:00 2001 From: Artem Date: Fri, 19 Jul 2013 01:54:13 +0400 Subject: [PATCH] Empty string avatar is forbidden --- app/models/user.rb | 67 ++++++++++++++++++++++------------------ spec/models/user_spec.rb | 7 +++++ 2 files changed, 44 insertions(+), 30 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index 9bded765..817ab6f1 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -81,43 +81,50 @@ def suspend! # Check if avatar size does not exceed setting paramater :external_avatar_max_size # and if image extension is allowed def check_external_avatar - if self.avatar_url and self.avatar_url.length > 0 - uri = URI(avatar_url) - - # Check for file extension - extension = File.extname(uri.path) - unless Kandan::Config.options[:external_avatar_formats].include? extension.downcase - errors.add(:avatar_url, "extension is invalid") - return - end + # avatar url is not required + if self.avatar_url.nil? + return + end - # Check protocol - unless ['http', 'https'].include?(uri.scheme) - errors.add(:avatar_url, "protocol is invalid") - return - end + if self.avatar_url.empty? + errors.add(:avatar_url, "cannot be empty") + return + end - # Check for file size - Net::HTTP.start(uri.host, uri.port, - :use_ssl => uri.scheme == 'https') do |http| - begin - response = http.request_head(uri.to_s) - file_size = response['content-length'] + uri = URI(avatar_url) - if file_size.nil? - file_size = 0 - end + # Check for file extension + extension = File.extname(uri.path) + unless Kandan::Config.options[:external_avatar_formats].include? extension.downcase + errors.add(:avatar_url, "extension is invalid") + return + end - size_in_bounds = Integer(file_size).between?(1, Kandan::Config.options[:external_avatar_max_size]) - unless size_in_bounds - errors.add(:avatar_url, "image size is out of bounds (maximum %{max_size} bytes)" % {:max_size => Kandan::Config.options[:external_avatar_max_size]}) - end + # Check protocol + unless ['http', 'https'].include?(uri.scheme) + errors.add(:avatar_url, "protocol is invalid") + return + end - rescue - errors.add(:avatar_url, "is invalid") + # Check for file size + Net::HTTP.start(uri.host, uri.port, + :use_ssl => uri.scheme == 'https') do |http| + begin + response = http.request_head(uri.to_s) + file_size = response['content-length'] + + if file_size.nil? + file_size = 0 end - end + size_in_bounds = Integer(file_size).between?(1, Kandan::Config.options[:external_avatar_max_size]) + unless size_in_bounds + errors.add(:avatar_url, "image size is out of bounds (maximum %{max_size} bytes)" % {:max_size => Kandan::Config.options[:external_avatar_max_size]}) + end + + rescue + errors.add(:avatar_url, "is invalid") + end end end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index b0abc5dd..c4496d29 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -105,6 +105,13 @@ expect(subject).to_not be_valid expect(subject.errors).to have_key(:avatar_url) end + + it "should not validate empty url as avatar" do + subject.avatar_url = "" + expect(subject.save).to be_false + expect(subject).to_not be_valid + expect(subject.errors).to have_key(:avatar_url) + end end end end