sabisan/internal/app/uploads_test.go

package app

import (
	"bytes"
	"mime/multipart"
	"net/http"
	"net/http/httptest"
	"strings"
	"testing"
)

func TestAdminRejectsSVGUpload(t *testing.T) {
	srv := newTestServer(t)
	handler := srv.Routes()
	cookie := loginCookie(t, handler)
	var body bytes.Buffer
	writer := multipart.NewWriter(&body)
	fields := map[string]string{
		"title":       "Upload Test",
		"location":    "London",
		"year":        "2026",
		"category":    "Residential",
		"description": "A project",
	}
	for key, value := range fields {
		if err := writer.WriteField(key, value); err != nil {
			t.Fatal(err)
		}
	}
	file, err := writer.CreateFormFile("cover_image", "bad.svg")
	if err != nil {
		t.Fatal(err)
	}
	if _, err := file.Write([]byte(`<svg xmlns="http://www.w3.org/2000/svg"></svg>`)); err != nil {
		t.Fatal(err)
	}
	if err := writer.Close(); err != nil {
		t.Fatal(err)
	}
	req := httptest.NewRequest(http.MethodPost, "/admin/projects", &body)
	req.Header.Set("Content-Type", writer.FormDataContentType())
	req.AddCookie(cookie)
	rec := httptest.NewRecorder()

	handler.ServeHTTP(rec, req)

	if rec.Code != http.StatusSeeOther {
		t.Fatalf("expected redirect, got %d", rec.Code)
	}
	if location := rec.Header().Get("Location"); !strings.Contains(location, "/admin/projects?err=") || !strings.Contains(location, "unsupported+image+type") {
		t.Fatalf("expected unsupported image redirect, got %q", location)
	}
}
Refactor app and store layout 2026-05-16 23:03:50 +00:00			`package app`

			`import (`
			`"bytes"`
			`"mime/multipart"`
			`"net/http"`
			`"net/http/httptest"`
			`"strings"`
			`"testing"`
			`)`

			`func TestAdminRejectsSVGUpload(t *testing.T) {`
			`srv := newTestServer(t)`
			`handler := srv.Routes()`
			`cookie := loginCookie(t, handler)`
			`var body bytes.Buffer`
			`writer := multipart.NewWriter(&body)`
			`fields := map[string]string{`
			`"title": "Upload Test",`
			`"location": "London",`
			`"year": "2026",`
			`"category": "Residential",`
			`"description": "A project",`
			`}`
			`for key, value := range fields {`
			`if err := writer.WriteField(key, value); err != nil {`
			`t.Fatal(err)`
			`}`
			`}`
			`file, err := writer.CreateFormFile("cover_image", "bad.svg")`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
			if _, err := file.Write([]byte(`<svg xmlns="http://www.w3.org/2000/svg"></svg>`)); err != nil {
			`t.Fatal(err)`
			`}`
			`if err := writer.Close(); err != nil {`
			`t.Fatal(err)`
			`}`
			`req := httptest.NewRequest(http.MethodPost, "/admin/projects", &body)`
			`req.Header.Set("Content-Type", writer.FormDataContentType())`
			`req.AddCookie(cookie)`
			`rec := httptest.NewRecorder()`

			`handler.ServeHTTP(rec, req)`

			`if rec.Code != http.StatusSeeOther {`
			`t.Fatalf("expected redirect, got %d", rec.Code)`
			`}`
			`if location := rec.Header().Get("Location"); !strings.Contains(location, "/admin/projects?err=") \|\| !strings.Contains(location, "unsupported+image+type") {`
			`t.Fatalf("expected unsupported image redirect, got %q", location)`
			`}`
			`}`