77 lines
2.9 KiB
Swift
77 lines
2.9 KiB
Swift
|
|
import Testing
|
||
|
|
@testable import MacSyncShared
|
||
|
|
|
||
|
|
@Suite("Attachment Path Security")
|
||
|
|
struct AttachmentPathSecurityTests {
|
||
|
|
let homeDir = "/Users/testuser"
|
||
|
|
|
||
|
|
@Test func pathInsideAttachmentsDirAllowed() {
|
||
|
|
let path = "/Users/testuser/Library/Messages/Attachments/ab/123/photo.jpg"
|
||
|
|
#expect(ContentTypeMapping.isAllowedAttachmentPath(path, homeDirectory: homeDir) == true)
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func pathWithTildeInsideAttachmentsDirAllowed() {
|
||
|
|
let path = "~/Library/Messages/Attachments/ab/123/photo.jpg"
|
||
|
|
#expect(ContentTypeMapping.isAllowedAttachmentPath(path, homeDirectory: homeDir) == true)
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func pathOutsideAttachmentsDirBlocked() {
|
||
|
|
let path = "/Users/testuser/Documents/secret.txt"
|
||
|
|
#expect(ContentTypeMapping.isAllowedAttachmentPath(path, homeDirectory: homeDir) == false)
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func pathTraversalBlocked() {
|
||
|
|
let path = "/Users/testuser/Library/Messages/Attachments/../../etc/passwd"
|
||
|
|
#expect(ContentTypeMapping.isAllowedAttachmentPath(path, homeDirectory: homeDir) == false)
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func emptyPathBlocked() {
|
||
|
|
#expect(ContentTypeMapping.isAllowedAttachmentPath("", homeDirectory: homeDir) == false)
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
@Suite("Content Type Mapping")
|
||
|
|
struct ContentTypeMappingTests {
|
||
|
|
|
||
|
|
@Test func jpgMapsToImageJpeg() {
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "jpg") == "image/jpeg")
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "jpeg") == "image/jpeg")
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func pngMapsToImagePng() {
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "png") == "image/png")
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func gifMapsCorrectly() {
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "gif") == "image/gif")
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func heicMapsCorrectly() {
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "heic") == "image/heic")
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "heif") == "image/heic")
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func webpMapsCorrectly() {
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "webp") == "image/webp")
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func videoMapsCorrectly() {
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "mp4") == "video/mp4")
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "mov") == "video/quicktime")
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func audioMapsCorrectly() {
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "mp3") == "audio/mpeg")
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "m4a") == "audio/mp4")
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func pdfMapsCorrectly() {
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "pdf") == "application/pdf")
|
||
|
|
}
|
||
|
|
|
||
|
|
@Test func unknownExtensionReturnsOctetStream() {
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "xyz") == "application/octet-stream")
|
||
|
|
#expect(ContentTypeMapping.contentType(forExtension: "bak") == "application/octet-stream")
|
||
|
|
}
|
||
|
|
}
|