ticket_article_dos_test.rb 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103
  1. require 'test_helper'
  2. class TicketArticleDos < ActiveSupport::TestCase
  3. test 'check body size' do
  4. org_community = Organization.create_if_not_exists(
  5. name: 'Zammad Foundation',
  6. )
  7. user_community = User.create_or_update(
  8. login: 'article.dos@example.org',
  9. firstname: 'Article',
  10. lastname: 'Dos',
  11. email: 'article.dos@example.org',
  12. password: '',
  13. active: true,
  14. roles: [ Role.find_by(name: 'Customer') ],
  15. organization_id: org_community.id,
  16. updated_by_id: 1,
  17. created_by_id: 1,
  18. )
  19. UserInfo.current_user_id = user_community.id
  20. ApplicationHandleInfo.current = 'test.postmaster'
  21. ticket1 = Ticket.create!(
  22. group_id: Group.first.id,
  23. customer_id: user_community.id,
  24. title: 'DoS 1!',
  25. updated_by_id: 1,
  26. created_by_id: 1,
  27. )
  28. article1 = Ticket::Article.create!(
  29. ticket_id: ticket1.id,
  30. type_id: Ticket::Article::Type.find_by(name: 'phone').id,
  31. sender_id: Ticket::Article::Sender.find_by(name: 'Customer').id,
  32. from: 'Zammad Feedback <feedback@example.org>',
  33. body: Array.new(2_000_000) { [*'0'..'9', *'a'..'z', ' ', ' ', ' ', '. '].sample }.join,
  34. internal: false,
  35. updated_by_id: 1,
  36. created_by_id: 1,
  37. )
  38. assert_equal(1_500_000, article1.body.length)
  39. ticket2 = Ticket.create!(
  40. group_id: Group.first.id,
  41. customer_id: user_community.id,
  42. title: 'DoS 2!',
  43. updated_by_id: 1,
  44. created_by_id: 1,
  45. )
  46. article2 = Ticket::Article.create!(
  47. ticket_id: ticket2.id,
  48. type_id: Ticket::Article::Type.find_by(name: 'phone').id,
  49. sender_id: Ticket::Article::Sender.find_by(name: 'Customer').id,
  50. from: 'Zammad Feedback <feedback@example.org>',
  51. body: "\u0000#{Array.new(2_000_000) { [*'0'..'9', *'a'..'z', ' ', ' ', ' ', '. '].sample }.join}",
  52. internal: false,
  53. updated_by_id: 1,
  54. created_by_id: 1,
  55. )
  56. assert_equal(1_500_000, article2.body.length)
  57. ApplicationHandleInfo.current = 'web'
  58. ticket3 = Ticket.create!(
  59. group_id: Group.first.id,
  60. customer_id: user_community.id,
  61. title: 'DoS 3!',
  62. updated_by_id: 1,
  63. created_by_id: 1,
  64. )
  65. assert_raises(Exceptions::UnprocessableEntity) do
  66. article3 = Ticket::Article.create!(
  67. ticket_id: ticket3.id,
  68. type_id: Ticket::Article::Type.find_by(name: 'phone').id,
  69. sender_id: Ticket::Article::Sender.find_by(name: 'Customer').id,
  70. from: 'Zammad Feedback <feedback@example.org>',
  71. body: "\u0000#{Array.new(2_000_000) { [*'0'..'9', *'a'..'z', ' ', ' ', ' ', '. '].sample }.join}",
  72. internal: false,
  73. updated_by_id: 1,
  74. created_by_id: 1,
  75. )
  76. end
  77. end
  78. test 'check body size / cut if email' do
  79. email_raw_string = "From: me@example.com
  80. To: customer@example.com
  81. Subject: some new subject
  82. Some Text" + Array.new(2_000_000) { [*'0'..'9', *'a'..'z', ' ', ' ', ' ', '. '].sample }.join
  83. ticket_p, article_p, user_p, mail = Channel::EmailParser.new.process({}, email_raw_string)
  84. assert_equal(1_500_000, article_p.body.length)
  85. end
  86. end