bostame/workdock-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

snapshot: preserve upload hardening phase

Browse Source
This commit is contained in:
Md Bayazid Bostame
2026-03-27 12:44:53 +01:00
parent b9441f2503
commit eb0fb811e4
3 changed files with 302 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

143
backend/workflows/tests/test_upload_validation.py Normal file
View File

@@ -0,0 +1,143 @@
from django.core.files.uploadedfile import SimpleUploadedFile
from django.test import TestCase
from io import BytesIO
from PIL import Image
from workflows.forms import AccountAvatarForm, OnboardingRequestForm, PortalBrandingForm
class UploadValidationTests(TestCase):
def test_avatar_rejects_mismatched_extension_and_signature(self):
form = AccountAvatarForm(
data={},
files={
'avatar_image': SimpleUploadedFile(
'avatar.png',
b'not-a-real-png',
content_type='image/png',
)
},
)
self.assertFalse(form.is_valid())
self.assertIn('avatar_image', form.errors)
def test_logo_accepts_valid_svg(self):
form = PortalBrandingForm(
data={
'portal_title': 'Workdock',
'company_name': 'Workdock',
'company_domain': 'workdock.de',
'support_email': 'info@workdock.de',
'sender_display_name': 'Workdock',
'login_subtitle': 'Login',
'footer_text': 'Footer',
'footer_text_en': 'Footer',
'legal_notice': '',
'legal_notice_en': '',
'default_language': 'de',
'primary_color': '#000078',
'secondary_color': '#c0002b',
},
files={
'logo_image': SimpleUploadedFile(
'logo.svg',
b'<svg xmlns=\"http://www.w3.org/2000/svg\" viewBox=\"0 0 10 10\"></svg>',
content_type='image/svg+xml',
)
},
)
self.assertTrue(form.is_valid(), form.errors)
def test_favicon_rejects_wrong_signature(self):
form = PortalBrandingForm(
data={
'portal_title': 'Workdock',
'company_name': 'Workdock',
'company_domain': 'workdock.de',
'support_email': 'info@workdock.de',
'sender_display_name': 'Workdock',
'login_subtitle': 'Login',
'footer_text': 'Footer',
'footer_text_en': 'Footer',
'legal_notice': '',
'legal_notice_en': '',
'default_language': 'de',
'primary_color': '#000078',
'secondary_color': '#c0002b',
},
files={
'favicon_image': SimpleUploadedFile(
'favicon.ico',
b'not-an-ico',
content_type='image/x-icon',
)
},
)
self.assertFalse(form.is_valid())
self.assertIn('favicon_image', form.errors)
def test_pdf_letterhead_rejects_non_pdf_content(self):
form = PortalBrandingForm(
data={
'portal_title': 'Workdock',
'company_name': 'Workdock',
'company_domain': 'workdock.de',
'support_email': 'info@workdock.de',
'sender_display_name': 'Workdock',
'login_subtitle': 'Login',
'footer_text': 'Footer',
'footer_text_en': 'Footer',
'legal_notice': '',
'legal_notice_en': '',
'default_language': 'de',
'primary_color': '#000078',
'secondary_color': '#c0002b',
},
files={
'pdf_letterhead': SimpleUploadedFile(
'letterhead.pdf',
b'not-a-pdf',
content_type='application/pdf',
)
},
)
self.assertFalse(form.is_valid())
self.assertIn('pdf_letterhead', form.errors)
def test_signature_accepts_valid_png(self):
buffer = BytesIO()
Image.new('RGBA', (2, 2), (0, 0, 0, 255)).save(buffer, format='PNG')
png_bytes = buffer.getvalue()
form = OnboardingRequestForm(
data={
'first_name': 'Max',
'last_name': 'Mustermann',
'gender': 'herr',
'job_title': 'Consultant',
'department': 'IT-Service',
'work_email': 'max.mustermann@workdock.de',
'contract_start': '2026-11-01',
'employment_type': 'unbefristet',
'group_mailboxes_required_choice': 'nein',
'additional_hardware_needed_choice': 'nein',
'additional_software_needed_choice': 'nein',
'additional_access_needed_choice': 'nein',
'successor_required_choice': 'nein',
'inherit_phone_number_choice': 'nein',
'agreement_confirm': 'on',
},
files={
'signature_image': SimpleUploadedFile(
'signature.png',
png_bytes,
content_type='image/png',
)
},
requester_email='requester@workdock.de',
)
self.assertTrue(form.is_valid(), form.errors)