Check session data is complete before attempting to download a file (#…

…301)

I think this is a regression introduced in #209 or something like that.

site/app/Test/Training/TrainingFilesNullStorage.php

@@ -0,0 +1,32 @@
+<?php
+declare(strict_types = 1);
+
+namespace MichalSpacekCz\Test\Training;
+
+use DateTimeInterface;
+use MichalSpacekCz\ShouldNotHappenException;
+use MichalSpacekCz\Training\Files\TrainingFilesStorage;
+use Override;
+
+class TrainingFilesNullStorage extends TrainingFilesStorage
+{
+
+	private string $filesDir = '';
+
+
+	public function setFilesDir(string $filesDir): void
+	{
+		if (!str_ends_with($filesDir, '/')) {
+			throw new ShouldNotHappenException("The directory {$filesDir} does not end with /");
+		}
+		$this->filesDir = $filesDir;
+	}
+
+
+	#[Override]
+	public function getFilesDir(DateTimeInterface $date): string
+	{
+		return $this->filesDir;
+	}
+
+}

site/app/Training/Files/TrainingFilesDownload.php

@@ -62,11 +62,11 @@ public function start(string $trainingAction, ?string $token): TrainingApplicati
 	public function getFileResponse(string $filename): FileResponse
 	{
 		$session = $this->getSessionSection();
-		$applicationId = $session->getApplicationId();
-		if (!$applicationId) {
+		if (!$session->isComplete()) {
 			throw new BadRequestException('Unknown application id, missing or invalid token');
 		}
 
+		$applicationId = $session->getApplicationId();
 		$file = $this->trainingFiles->getFile($applicationId, $session->getToken(), $filename);
 		if (!$file) {
 			throw new BadRequestException(sprintf('No file %s for application id %s', $filename, $applicationId));

site/config/services.neon

@@ -140,7 +140,7 @@ services:
 	- MichalSpacekCz\Training\Files\TrainingFileFactory
 	- MichalSpacekCz\Training\Files\TrainingFiles
 	- MichalSpacekCz\Training\Files\TrainingFilesDownload
-	- MichalSpacekCz\Training\Files\TrainingFilesStorage
+	trainingFilesStorage: MichalSpacekCz\Training\Files\TrainingFilesStorage
 	- MichalSpacekCz\Training\FreeSeats
 	- MichalSpacekCz\Training\Mails\TrainingMailMessageFactory
 	- MichalSpacekCz\Training\Mails\TrainingMails(emailFrom: 'Michal Špaček <mail@michalspacek.cz>', phoneNumber: %contact.phoneNumber%)

site/config/tests.neon

@@ -50,6 +50,7 @@ services:
 	translation.translator: MichalSpacekCz\Test\NoOpTranslator(availableLocales: [cs_CZ, en_US], defaultLocale: cs_CZ)
 	tracy.logger: MichalSpacekCz\Test\NullLogger
 	- MichalSpacekCz\Test\TestCaseRunner
+	trainingFilesStorage: MichalSpacekCz\Test\Training\TrainingFilesNullStorage
 	cache.storage: Nette\Caching\Storages\DevNullStorage
 	netteHttpResponse:  # Needed for User\Manager because https://github.com/nette/http/issues/200
 		create: Nette\Http\Response

site/tests/Training/Files/TrainingFilesDownloadTest.phpt

@@ -11,6 +11,7 @@ use MichalSpacekCz\Test\Database\Database;
 use MichalSpacekCz\Test\Http\NullSession;
 use MichalSpacekCz\Test\PrivateProperty;
 use MichalSpacekCz\Test\TestCaseRunner;
+use MichalSpacekCz\Test\Training\TrainingFilesNullStorage;
 use Nette\Application\Application;
 use Nette\Application\BadRequestException;
 use Nette\Application\Responses\RedirectResponse;
@@ -35,6 +36,7 @@ class TrainingFilesDownloadTest extends TestCase
 		private readonly ApplicationPresenter $applicationPresenter,
 		private readonly Database $database,
 		private readonly NullSession $session,
+		private readonly TrainingFilesNullStorage $storage,
 		Application $application,
 	) {
 		$this->presenter = new UiPresenterMock();
@@ -87,6 +89,46 @@ class TrainingFilesDownloadTest extends TestCase
 	}
 
 
+	public function testGetFileResponseNoSessionData(): void
+	{
+		Assert::exception(function (): void {
+			$this->trainingFilesDownload->getFileResponse('foo');
+		}, BadRequestException::class, 'Unknown application id, missing or invalid token');
+	}
+
+
+	public function testGetFileResponseNoFile(): void
+	{
+		$sessionSection = $this->session->getSection('training');
+		$sessionSection->set('applicationId', self::APPLICATION_ID);
+		$sessionSection->set('token', self::TOKEN);
+		Assert::exception(function (): void {
+			$this->trainingFilesDownload->getFileResponse('foo');
+		}, BadRequestException::class, 'No file foo for application id ' . self::APPLICATION_ID);
+	}
+
+
+	public function testGetFileResponse(): void
+	{
+		$sessionSection = $this->session->getSection('training');
+		$sessionSection->set('applicationId', self::APPLICATION_ID);
+		$sessionSection->set('token', self::TOKEN);
+		$filename = basename(__FILE__);
+		$filesDir = __DIR__ . '/';
+		$this->database->setFetchResult([
+			'added' => new DateTime(),
+			'fileId' => 1337,
+			'fileName' => $filename,
+			'start' => new DateTime('2020-10-20 20:30:40'),
+		]);
+		$this->storage->setFilesDir($filesDir);
+		$response = $this->trainingFilesDownload->getFileResponse('foo');
+		Assert::same($filesDir . $filename, $response->getFile());
+		Assert::same($filename, $response->getName());
+		Assert::same('text/x-php', $response->getContentType());
+	}
+
+
 	private function setApplicationFetchResult(): void
 	{
 		$this->database->setFetchResult([

site/tests/Training/Files/TrainingFilesStorageTest.phpt

@@ -15,9 +15,12 @@ require __DIR__ . '/../../bootstrap.php';
 class TrainingFilesStorageTest extends TestCase
 {
 
-	public function __construct(
-		private readonly TrainingFilesStorage $trainingFilesStorage,
-	) {
+	private readonly TrainingFilesStorage $trainingFilesStorage;
+
+
+	public function __construct()
+	{
+		$this->trainingFilesStorage = new TrainingFilesStorage();
 	}
 
 

site/tests/php-unix.ini

@@ -1,6 +1,7 @@
 [PHP]
 extension=ctype.so
 extension=dom.so
+extension=fileinfo.so
 extension=iconv.so
 extension=intl.so
 extension=mbstring.so