Merge pull request #948 from gustavodemari/update-multer-profile-upload

Update profile upload with a new version of multer
Fixes #947
This commit is contained in:
Ilan Biala
2015-10-25 22:03:23 -04:00
7 changed files with 89 additions and 13 deletions

10
config/env/default.js vendored
View File

@@ -28,5 +28,13 @@ module.exports = {
sessionKey: 'sessionId',
sessionCollection: 'sessions',
logo: 'modules/core/client/img/brand/logo.png',
favicon: 'modules/core/client/img/brand/favicon.ico'
favicon: 'modules/core/client/img/brand/favicon.ico',
uploads: {
profileUpload: {
dest: './modules/users/client/img/profile/uploads/', // Profile upload destination path
limits: {
fileSize: 1*1024*1024 // Max file size in bytes (1 MB)
}
}
}
};

View File

@@ -10,7 +10,6 @@ var config = require('../config'),
bodyParser = require('body-parser'),
session = require('express-session'),
MongoStore = require('connect-mongo')(session),
multer = require('multer'),
favicon = require('serve-favicon'),
compress = require('compression'),
methodOverride = require('method-override'),
@@ -89,12 +88,6 @@ module.exports.initMiddleware = function (app) {
// Add the cookie parser and flash middleware
app.use(cookieParser());
app.use(flash());
// Add multipart handling middleware
app.use(multer({
dest: './uploads/',
inMemory: true
}));
};
/**

8
config/lib/multer.js Normal file
View File

@@ -0,0 +1,8 @@
'use strict';
module.exports.profileUploadFileFilter = function (req, file, cb) {
if (file.mimetype !== 'image/png' && file.mimetype !== 'image/jpg' && file.mimetype !== 'image/jpeg' && file.mimetype !== 'image/gif') {
return cb(new Error('Only image files are allowed!'), false);
}
cb(null, true);
};

View File

@@ -7,7 +7,8 @@ angular.module('users').controller('ChangeProfilePictureController', ['$scope',
// Create file uploader instance
$scope.uploader = new FileUploader({
url: 'api/users/picture'
url: 'api/users/picture',
alias: 'newProfilePicture'
});
// Set file uploader image filter

View File

@@ -8,6 +8,8 @@ var _ = require('lodash'),
path = require('path'),
errorHandler = require(path.resolve('./modules/core/server/controllers/errors.server.controller')),
mongoose = require('mongoose'),
multer = require('multer'),
config = require(path.resolve('./config/config')),
User = mongoose.model('User');
/**
@@ -54,15 +56,20 @@ exports.update = function (req, res) {
exports.changeProfilePicture = function (req, res) {
var user = req.user;
var message = null;
var upload = multer(config.uploads.profileUpload).single('newProfilePicture');
var profileUploadFileFilter = require(path.resolve('./config/lib/multer')).profileUploadFileFilter;
// Filtering to upload only images
upload.fileFilter = profileUploadFileFilter;
if (user) {
fs.writeFile('./modules/users/client/img/profile/uploads/' + req.files.file.name, req.files.file.buffer, function (uploadError) {
if (uploadError) {
upload(req, res, function (uploadError) {
if(uploadError) {
return res.status(400).send({
message: 'Error occurred while uploading profile picture'
});
} else {
user.profileImageURL = 'modules/users/client/img/profile/uploads/' + req.files.file.name;
user.profileImageURL = config.uploads.profileUpload.dest + req.file.filename;
user.save(function (saveError) {
if (saveError) {

View File

@@ -847,6 +847,65 @@ describe('User CRUD tests', function () {
});
});
it('should be able to change profile picture if signed in', function (done) {
agent.post('/api/auth/signin')
.send(credentials)
.expect(200)
.end(function (signinErr, signinRes) {
// Handle signin error
if (signinErr) {
return done(signinErr);
}
agent.post('/api/users/picture')
.attach('newProfilePicture', './modules/users/client/img/profile/default.png')
.send(credentials)
.expect(200)
.end(function (userInfoErr, userInfoRes) {
// Handle change profile picture error
if (userInfoErr) {
return done(userInfoErr);
}
userInfoRes.body.should.be.instanceof(Object);
userInfoRes.body.profileImageURL.should.be.a.String();
userInfoRes.body._id.should.be.equal(String(user._id));
return done();
});
});
});
it('should not be able to change profile picture if not signed in', function (done) {
agent.post('/api/users/picture')
.attach('newProfilePicture', './modules/users/client/img/profile/default.png')
.send(credentials)
.expect(400)
.end(function (userInfoErr, userInfoRes) {
done(userInfoErr);
});
});
it('should not be able to change profile picture if attach a picture with a different field name', function (done) {
agent.post('/api/auth/signin')
.send(credentials)
.expect(200)
.end(function (signinErr, signinRes) {
// Handle signin error
if (signinErr) {
return done(signinErr);
}
agent.post('/api/users/picture')
.attach('fieldThatDoesntWork', './modules/users/client/img/profile/default.png')
.send(credentials)
.expect(400)
.end(function (userInfoErr, userInfoRes) {
done(userInfoErr);
});
});
});
afterEach(function (done) {
User.remove().exec(done);
});

View File

@@ -47,7 +47,7 @@
"mocha": "~1.20.0",
"mongoose": "4.1.11",
"morgan": "^1.6.1",
"multer": "0.1.8",
"multer": "~1.0.5",
"nodemailer": "^1.4.0",
"owasp-password-strength-test": "^1.3.0",
"passport": "~0.2.2",