echo/middleware/static_1_16_test.go

// +build go1.16

package middleware

import (
	"io/fs"
	"net/http"
	"net/http/httptest"
	"os"
	"testing"
	"testing/fstest"

	"github.com/labstack/echo/v4"
	"github.com/stretchr/testify/assert"
)

func TestStatic_CustomFS(t *testing.T) {
	var testCases = []struct {
		name           string
		filesystem     fs.FS
		root           string
		whenURL        string
		expectContains string
		expectCode     int
	}{
		{
			name:           "ok, serve index with Echo message",
			whenURL:        "/",
			filesystem:     os.DirFS("../_fixture"),
			expectCode:     http.StatusOK,
			expectContains: "<title>Echo</title>",
		},

		{
			name:           "ok, serve index with Echo message",
			whenURL:        "/_fixture/",
			filesystem:     os.DirFS(".."),
			expectCode:     http.StatusOK,
			expectContains: "<title>Echo</title>",
		},
		{
			name:    "ok, serve file from map fs",
			whenURL: "/file.txt",
			filesystem: fstest.MapFS{
				"file.txt": &fstest.MapFile{Data: []byte("file.txt is ok")},
			},
			expectCode:     http.StatusOK,
			expectContains: "file.txt is ok",
		},
		{
			name:       "nok, missing file in map fs",
			whenURL:    "/file.txt",
			expectCode: http.StatusNotFound,
			filesystem: fstest.MapFS{
				"file2.txt": &fstest.MapFile{Data: []byte("file2.txt is ok")},
			},
		},
		{
			name:    "nok, file is not a subpath of root",
			whenURL: `/../../secret.txt`,
			root:    "/nested/folder",
			filesystem: fstest.MapFS{
				"secret.txt": &fstest.MapFile{Data: []byte("this is a secret")},
			},
			expectCode: http.StatusNotFound,
		},
		{
			name:       "nok, backslash is forbidden",
			whenURL:    `/..\..\secret.txt`,
			expectCode: http.StatusNotFound,
			root:       "/nested/folder",
			filesystem: fstest.MapFS{
				"secret.txt": &fstest.MapFile{Data: []byte("this is a secret")},
			},
		},
	}

	for _, tc := range testCases {
		t.Run(tc.name, func(t *testing.T) {
			e := echo.New()

			config := StaticConfig{
				Root:       ".",
				Filesystem: tc.filesystem,
			}

			if tc.root != "" {
				config.Root = tc.root
			}

			middlewareFunc, err := config.ToMiddleware()
			assert.NoError(t, err)

			e.Use(middlewareFunc)

			req := httptest.NewRequest(http.MethodGet, tc.whenURL, nil)
			rec := httptest.NewRecorder()

			e.ServeHTTP(rec, req)

			assert.Equal(t, tc.expectCode, rec.Code)
			if tc.expectContains != "" {
				responseBody := rec.Body.String()
				assert.Contains(t, responseBody, tc.expectContains)
			}
		})
	}
}
Fix #1787: Add support for optional filesystem to the static middleware (#1797) * Add optional filesystem to static middleware. 2021-05-08 21:33:17 +02:00			`// +build go1.16`

			`package middleware`

			`import (`
			`"io/fs"`
			`"net/http"`
			`"net/http/httptest"`
			`"os"`
			`"testing"`
			`"testing/fstest"`

			`"github.com/labstack/echo/v4"`
			`"github.com/stretchr/testify/assert"`
			`)`

			`func TestStatic_CustomFS(t *testing.T) {`
			`var testCases = []struct {`
			`name string`
			`filesystem fs.FS`
			`root string`
			`whenURL string`
			`expectContains string`
			`expectCode int`
			`}{`
			`{`
			`name: "ok, serve index with Echo message",`
			`whenURL: "/",`
			`filesystem: os.DirFS("../_fixture"),`
			`expectCode: http.StatusOK,`
			`expectContains: "<title>Echo</title>",`
			`},`

			`{`
			`name: "ok, serve index with Echo message",`
			`whenURL: "/_fixture/",`
			`filesystem: os.DirFS(".."),`
			`expectCode: http.StatusOK,`
			`expectContains: "<title>Echo</title>",`
			`},`
			`{`
			`name: "ok, serve file from map fs",`
			`whenURL: "/file.txt",`
			`filesystem: fstest.MapFS{`
			`"file.txt": &fstest.MapFile{Data: []byte("file.txt is ok")},`
			`},`
			`expectCode: http.StatusOK,`
			`expectContains: "file.txt is ok",`
			`},`
			`{`
			`name: "nok, missing file in map fs",`
			`whenURL: "/file.txt",`
			`expectCode: http.StatusNotFound,`
			`filesystem: fstest.MapFS{`
			`"file2.txt": &fstest.MapFile{Data: []byte("file2.txt is ok")},`
			`},`
			`},`
			`{`
			`name: "nok, file is not a subpath of root",`
			whenURL: `/../../secret.txt`,
			`root: "/nested/folder",`
			`filesystem: fstest.MapFS{`
			`"secret.txt": &fstest.MapFile{Data: []byte("this is a secret")},`
			`},`
			`expectCode: http.StatusNotFound,`
			`},`
			`{`
			`name: "nok, backslash is forbidden",`
			whenURL: `/..\..\secret.txt`,
			`expectCode: http.StatusNotFound,`
			`root: "/nested/folder",`
			`filesystem: fstest.MapFS{`
			`"secret.txt": &fstest.MapFile{Data: []byte("this is a secret")},`
			`},`
			`},`
			`}`

			`for _, tc := range testCases {`
			`t.Run(tc.name, func(t *testing.T) {`
			`e := echo.New()`

			`config := StaticConfig{`
			`Root: ".",`
WIP: logger examples WIP: make default logger implemented custom writer for jsonlike logs WIP: improve examples WIP: defaultErrorHandler use errors.As to unwrap errors. Update readme WIP: default logger logs json, restore e.Start method WIP: clean router.Match a bit WIP: func types/fields have echo.Context has first element WIP: remove yaml tags as functions etc can not be serialized anyway WIP: change BindPathParams,BindQueryParams,BindHeaders from methods to functions and reverse arguments to be like DefaultBinder.Bind is WIP: improved comments, logger now extracts status from error WIP: go mod tidy WIP: rebase with 4.5.0 WIP: * removed todos. * removed StartAutoTLS and StartH2CServer methods from `StartConfig` * KeyAuth middleware errorhandler can swallow the error and resume next middleware WIP: add RouterConfig.UseEscapedPathForMatching to use escaped path for matching request against routes WIP: FIXMEs WIP: upgrade golang-jwt/jwt to `v4` WIP: refactor http methods to return RouteInfo WIP: refactor static not creating multiple routes WIP: refactor route and middleware adding functions not to return error directly WIP: Use 401 for problematic/missing headers for key auth and JWT middleware (#1552, #1402). > In summary, a 401 Unauthorized response should be used for missing or bad authentication WIP: replace `HTTPError.SetInternal` with `HTTPError.WithInternal` so we could not mutate global error variables WIP: add RouteInfo and RouteMatchType into Context what we could know from in middleware what route was matched and/or type of that match (200/404/405) WIP: make notFoundHandler and methodNotAllowedHandler private. encourage that all errors be handled in Echo.HTTPErrorHandler WIP: server cleanup ideas WIP: routable.ForGroup WIP: note about logger middleware WIP: bind should not default values on second try. use crypto rand for better randomness WIP: router add route as interface and returns info as interface WIP: improve flaky test (remains still flaky) WIP: add notes about bind default values WIP: every route can have their own path params names WIP: routerCreator and different tests WIP: different things WIP: remove route implementation WIP: support custom method types WIP: extractor tests WIP: v5.0.x proposal over v4.4.0 2021-07-15 23:34:01 +03:00			`Filesystem: tc.filesystem,`
Fix #1787: Add support for optional filesystem to the static middleware (#1797) * Add optional filesystem to static middleware. 2021-05-08 21:33:17 +02:00			`}`

			`if tc.root != "" {`
			`config.Root = tc.root`
			`}`

WIP: logger examples WIP: make default logger implemented custom writer for jsonlike logs WIP: improve examples WIP: defaultErrorHandler use errors.As to unwrap errors. Update readme WIP: default logger logs json, restore e.Start method WIP: clean router.Match a bit WIP: func types/fields have echo.Context has first element WIP: remove yaml tags as functions etc can not be serialized anyway WIP: change BindPathParams,BindQueryParams,BindHeaders from methods to functions and reverse arguments to be like DefaultBinder.Bind is WIP: improved comments, logger now extracts status from error WIP: go mod tidy WIP: rebase with 4.5.0 WIP: * removed todos. * removed StartAutoTLS and StartH2CServer methods from `StartConfig` * KeyAuth middleware errorhandler can swallow the error and resume next middleware WIP: add RouterConfig.UseEscapedPathForMatching to use escaped path for matching request against routes WIP: FIXMEs WIP: upgrade golang-jwt/jwt to `v4` WIP: refactor http methods to return RouteInfo WIP: refactor static not creating multiple routes WIP: refactor route and middleware adding functions not to return error directly WIP: Use 401 for problematic/missing headers for key auth and JWT middleware (#1552, #1402). > In summary, a 401 Unauthorized response should be used for missing or bad authentication WIP: replace `HTTPError.SetInternal` with `HTTPError.WithInternal` so we could not mutate global error variables WIP: add RouteInfo and RouteMatchType into Context what we could know from in middleware what route was matched and/or type of that match (200/404/405) WIP: make notFoundHandler and methodNotAllowedHandler private. encourage that all errors be handled in Echo.HTTPErrorHandler WIP: server cleanup ideas WIP: routable.ForGroup WIP: note about logger middleware WIP: bind should not default values on second try. use crypto rand for better randomness WIP: router add route as interface and returns info as interface WIP: improve flaky test (remains still flaky) WIP: add notes about bind default values WIP: every route can have their own path params names WIP: routerCreator and different tests WIP: different things WIP: remove route implementation WIP: support custom method types WIP: extractor tests WIP: v5.0.x proposal over v4.4.0 2021-07-15 23:34:01 +03:00			`middlewareFunc, err := config.ToMiddleware()`
			`assert.NoError(t, err)`

Fix #1787: Add support for optional filesystem to the static middleware (#1797) * Add optional filesystem to static middleware. 2021-05-08 21:33:17 +02:00			`e.Use(middlewareFunc)`

			`req := httptest.NewRequest(http.MethodGet, tc.whenURL, nil)`
			`rec := httptest.NewRecorder()`

			`e.ServeHTTP(rec, req)`

			`assert.Equal(t, tc.expectCode, rec.Code)`
			`if tc.expectContains != "" {`
			`responseBody := rec.Body.String()`
			`assert.Contains(t, responseBody, tc.expectContains)`
			`}`
			`})`
			`}`
			`}`