From 75d217c6cb877aa8209a754ca841afac0ab9a50a Mon Sep 17 00:00:00 2001
From: Geremia Taglialatela <tagliala.dev@gmail.com>
Date: Sun, 21 Jun 2020 12:41:44 +0200
Subject: [PATCH] Prevent upload of empty files

---
 lib/app.rb                   |  1 +
 lib/errors.rb                |  3 +++
 spec/fixtures/empty_file.txt |  0
 spec/lib/app_spec.rb         | 15 +++++++++++++++
 4 files changed, 19 insertions(+)
 create mode 100644 spec/fixtures/empty_file.txt

diff --git a/lib/app.rb b/lib/app.rb
index 1124f7f..97669a4 100644
--- a/lib/app.rb
+++ b/lib/app.rb
@@ -62,6 +62,7 @@ class App < Sinatra::Base
         doc_key = DocKey.new app,doc_id
         doc = Document.load( @storage_dir, doc_key )
         raise InvalidParameter.new :file unless params[:file]
+        raise EmptyFile if params[:file][:tempfile].size == 0
         version = doc.new_version do |version|
           doc.add_file version, filename, params[:file][:tempfile], params[:author]
           doc.set_current version
diff --git a/lib/errors.rb b/lib/errors.rb
index 87143f6..ecdc4cc 100644
--- a/lib/errors.rb
+++ b/lib/errors.rb
@@ -9,6 +9,9 @@ def initialize http_code, message
   class InvalidParameter < Error
     def initialize param=nil; super 400, "Invalid parameter #{param}"; end
   end
+  class EmptyFile < Error
+    def initialize; super 400, 'Uploaded file is empty'; end
+  end
   class DocumentExists < Error
     def initialize; super 409, 'A document with this doc_id already exists'; end
   end
diff --git a/spec/fixtures/empty_file.txt b/spec/fixtures/empty_file.txt
new file mode 100644
index 0000000..e69de29
diff --git a/spec/lib/app_spec.rb b/spec/lib/app_spec.rb
index 2314a59..b6b4427 100644
--- a/spec/lib/app_spec.rb
+++ b/spec/lib/app_spec.rb
@@ -62,6 +62,21 @@ def show_backtrace response
       expect(JSON.parse(last_response.body)).to be_a Hash
       expect(Colore::Sidekiq::ConversionWorker).to_not have_received(:perform_async)
     end
+
+    context 'when uploaded file is empty' do
+      it 'does not create the document' do
+        put "/document/#{appname}/#{new_doc_id}/#{filename}", {
+          title: 'A title',
+          file: Rack::Test::UploadedFile.new(fixture('empty_file.txt'), 'text/plain'),
+          backtrace: true
+        }
+        show_backtrace last_response
+        expect(last_response.status).to eq 400
+        expect(JSON.parse(last_response.body)).to match(
+          {"status"=>400, "description"=>"Uploaded file is empty"}
+        )
+      end
+    end
   end
 
   context 'POST update document' do