Add Controller to get asyncUpload signatures

Added new files for handling asynchronous file uploads in ChillDocStoreBundle. The new files include a controller for generating temporary URLs (AsyncUploadController.php), a security authorization file (AsyncUploadVoter.php), and a corresponding test file (AsyncUploadControllerTest.php). These implementations permit asynchronous uploads via POST, GET, and HEAD methods while maintaining security protocols.
2025-08-22 15:43:51 +00:00 · 2023-12-11 13:45:27 +01:00
parent 264fff5c36
commit d688022825
3 changed files with 251 additions and 0 deletions
--- a/src/Bundle/ChillDocStoreBundle/Tests/Controller/AsyncUploadControllerTest.php
+++ b/src/Bundle/ChillDocStoreBundle/Tests/Controller/AsyncUploadControllerTest.php
@@ -0,0 +1,110 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * Chill is a software for social workers
+ *
+ * For the full copyright and license information, please view
+ * the LICENSE file that was distributed with this source code.
+ */
+
+namespace Chill\DocStoreBundle\Tests\Controller;
+
+use Chill\DocStoreBundle\AsyncUpload\SignedUrl;
+use Chill\DocStoreBundle\AsyncUpload\SignedUrlPost;
+use Chill\DocStoreBundle\AsyncUpload\TempUrlGeneratorInterface;
+use Chill\DocStoreBundle\Controller\AsyncUploadController;
+use Chill\DocStoreBundle\Security\Authorization\AsyncUploadVoter;
+use PHPUnit\Framework\TestCase;
+use Prophecy\Argument;
+use Prophecy\PhpUnit\ProphecyTrait;
+use Psr\Log\NullLogger;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
+use Symfony\Component\Security\Core\Security;
+use Symfony\Component\Serializer\SerializerInterface;
+
+/**
+ * @internal
+ *
+ * @coversNothing
+ */
+class AsyncUploadControllerTest extends TestCase
+{
+    use ProphecyTrait;
+
+    public function testGenerateWhenUserIsNotGranted(): void
+    {
+        $this->expectException(AccessDeniedHttpException::class);
+        $controller = $this->buildAsyncUploadController(false);
+
+        $controller->getSignedUrl('POST', new Request());
+    }
+
+    public function testGeneratePost(): void
+    {
+        $controller = $this->buildAsyncUploadController(true);
+
+        $actual = $controller->getSignedUrl('POST', new Request());
+        $decodedActual = json_decode($actual->getContent(), true, JSON_THROW_ON_ERROR, JSON_THROW_ON_ERROR);
+
+        self::assertArrayHasKey('method', $decodedActual);
+        self::assertEquals('POST', $decodedActual['method']);
+    }
+
+    public function testGenerateGet(): void
+    {
+        $controller = $this->buildAsyncUploadController(true);
+
+        $actual = $controller->getSignedUrl('GET', new Request(['object_name' => 'abc']));
+        $decodedActual = json_decode($actual->getContent(), true, JSON_THROW_ON_ERROR, JSON_THROW_ON_ERROR);
+
+        self::assertArrayHasKey('method', $decodedActual);
+        self::assertEquals('GET', $decodedActual['method']);
+    }
+
+    private function buildAsyncUploadController(
+        bool $isGranted,
+    ): AsyncUploadController {
+        $tempUrlGenerator = new class () implements TempUrlGeneratorInterface {
+            public function generatePost(int $expire_delay = null, int $submit_delay = null, int $max_file_count = 1): SignedUrlPost
+            {
+                return new SignedUrlPost(
+                    'https://object.store.example',
+                    new \DateTimeImmutable('1 hour'),
+                    150,
+                    1,
+                    1800,
+                    '',
+                    'abc',
+                    'abc'
+                );
+            }
+
+            public function generate(string $method, string $object_name, int $expire_delay = null): SignedUrl
+            {
+                return new SignedUrl(
+                    $method,
+                    'https://object.store.example',
+                    new \DateTimeImmutable('1 hour')
+                );
+            }
+        };
+
+        $serializer = $this->prophesize(SerializerInterface::class);
+        $serializer->serialize(Argument::type(SignedUrl::class), 'json', Argument::type('array'))
+            ->will(fn (array $args): string => json_encode(['method' => $args[0]->method], JSON_THROW_ON_ERROR, 3));
+
+        $security = $this->prophesize(Security::class);
+        $security->isGranted(AsyncUploadVoter::GENERATE_SIGNATURE, Argument::type(SignedUrl::class))
+            ->willReturn($isGranted);
+
+        return new AsyncUploadController(
+            $tempUrlGenerator,
+            $serializer->reveal(),
+            $security->reveal(),
+            new NullLogger()
+        );
+    }
+}