feat: add PDF encryption feature (#1217)

* Adding PDF encryption option

* LibreOffice
* QPDF
* PDFtk
* pdfcpu

* Update pkg/modules/pdfengines/pdfengines.go

Co-authored-by: Julien Neuhart <neuhart.julien@gmail.com>

* npx prettier

* go fmt

* PR comments

* Update test/integration/scenario/scenario.go

Co-authored-by: Julien Neuhart <neuhart.julien@gmail.com>

* renamed ProtectWithPassword to encrypt

* more clean up

* Use the same input path as requested

* This commit completes the encryption implementation

* Clean up. Added webhook, disable route and download from tests

---------

Co-authored-by: Julien Neuhart <neuhart.julien@gmail.com>
This commit is contained in:
Stevenson Michel
2025-05-27 08:49:24 -04:00
committed by Julien Neuhart
parent 638c4e6b23
commit 99307befdd
23 changed files with 1168 additions and 6 deletions
@@ -920,3 +920,75 @@ Feature: /forms/chromium/convert/html
| files | testdata/page-1-html/index.html | file |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Scenario: POST /forms/chromium/convert/html with encryption (user password only)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/html" endpoint with the following form data and header(s):
| files | testdata/page-1-html/index.html | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/chromium/convert/html with encryption (user and owner passwords)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/html" endpoint with the following form data and header(s):
| files | testdata/page-1-html/index.html | file |
| userPassword | user123 | field |
| ownerPassword | owner456 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/chromium/convert/html with encryption and PDF/A conversion
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/html" endpoint with the following form data and header(s):
| files | testdata/page-1-html/index.html | file |
| userPassword | test123 | field |
| pdfa | PDF/A-1a | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/chromium/convert/html with encryption and page splitting
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/html" endpoint with the following form data and header(s):
| files | testdata/pages-12-html/index.html | file |
| userPassword | test123 | field |
| splitMode | intervals | field |
| splitSpan | 5 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be the following file(s) in the response:
| encrypted.zip |
Then the "encrypted.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/chromium/convert/html without encryption (empty password)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/html" endpoint with the following form data and header(s):
| files | testdata/page-1-html/index.html | file |
| userPassword | | field |
| Gotenberg-Output-Filename | unencrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| unencrypted.pdf |
Then the "unencrypted.pdf" PDF should NOT be encrypted
Then the "unencrypted.pdf" PDF should have 1 page(s)
@@ -1051,3 +1051,81 @@ Feature: /forms/chromium/convert/markdown
| files | testdata/page-1-markdown/page_1.md | file |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Scenario: POST /forms/chromium/convert/markdown with encryption (user password only)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/markdown" endpoint with the following form data and header(s):
| files | testdata/page-1-markdown/index.html | file |
| files | testdata/page-1-markdown/page_1.md | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/chromium/convert/markdown with encryption (user and owner passwords)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/markdown" endpoint with the following form data and header(s):
| files | testdata/page-1-markdown/index.html | file |
| files | testdata/page-1-markdown/page_1.md | file |
| userPassword | user123 | field |
| ownerPassword | owner456 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/chromium/convert/markdown with encryption and PDF/A conversion
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/markdown" endpoint with the following form data and header(s):
| files | testdata/page-1-markdown/index.html | file |
| files | testdata/page-1-markdown/page_1.md | file |
| userPassword | test123 | field |
| pdfa | PDF/A-1a | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/chromium/convert/markdown with encryption and page splitting
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/markdown" endpoint with the following form data and header(s):
| files | testdata/pages-12-markdown/index.html | file |
| files | testdata/pages-12-markdown/page_1.md | file |
| files | testdata/pages-12-markdown/page_2.md | file |
| userPassword | test123 | field |
| splitMode | intervals | field |
| splitSpan | 5 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be the following file(s) in the response:
| encrypted.zip |
Then the "encrypted.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/chromium/convert/markdown without encryption (empty password)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/markdown" endpoint with the following form data and header(s):
| files | testdata/page-1-markdown/index.html | file |
| files | testdata/page-1-markdown/page_1.md | file |
| userPassword | | field |
| Gotenberg-Output-Filename | unencrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| unencrypted.pdf |
Then the "unencrypted.pdf" PDF should NOT be encrypted
Then the "unencrypted.pdf" PDF should have 1 page(s)
@@ -999,3 +999,80 @@ Feature: /forms/chromium/convert/url
| url | http://host.docker.internal:%d/html/testdata/page-1-html/index.html | field |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Scenario: POST /forms/chromium/convert/url with encryption (user password only)
Given I have a default Gotenberg container
Given I have a static server
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/url" endpoint with the following form data and header(s):
| url | http://host.docker.internal:%d/html/testdata/page-1-html/index.html | field |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/chromium/convert/url with encryption (user and owner passwords)
Given I have a default Gotenberg container
Given I have a static server
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/url" endpoint with the following form data and header(s):
| url | http://host.docker.internal:%d/html/testdata/page-1-html/index.html | field |
| userPassword | user123 | field |
| ownerPassword | owner456 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/chromium/convert/url with encryption and PDF/A conversion
Given I have a default Gotenberg container
Given I have a static server
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/url" endpoint with the following form data and header(s):
| url | http://host.docker.internal:%d/html/testdata/page-1-html/index.html | field |
| userPassword | test123 | field |
| pdfa | PDF/A-1a | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/chromium/convert/url with encryption and page splitting
Given I have a default Gotenberg container
Given I have a static server
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/url" endpoint with the following form data and header(s):
| url | http://host.docker.internal:%d/html/testdata/pages-12-html/index.html | field |
| userPassword | test123 | field |
| splitMode | intervals | field |
| splitSpan | 5 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be the following file(s) in the response:
| encrypted.zip |
Then the "encrypted.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/chromium/convert/url without encryption (empty password)
Given I have a default Gotenberg container
Given I have a static server
When I make a "POST" request to Gotenberg at the "/forms/chromium/convert/url" endpoint with the following form data and header(s):
| url | http://host.docker.internal:%d/html/testdata/page-1-html/index.html | field |
| userPassword | | field |
| Gotenberg-Output-Filename | unencrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| unencrypted.pdf |
Then the "unencrypted.pdf" PDF should NOT be encrypted
Then the "unencrypted.pdf" PDF should have 1 page(s)
@@ -631,3 +631,90 @@ Feature: /forms/libreoffice/convert
| files | testdata/page_1.docx | file |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Scenario: POST /forms/libreoffice/convert with encryption (user password only)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/libreoffice/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.docx | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/libreoffice/convert with encryption (user and owner passwords)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/libreoffice/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.docx | file |
| userPassword | user123 | field |
| ownerPassword | owner456 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/libreoffice/convert with encryption and PDF/A conversion
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/libreoffice/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.docx | file |
| userPassword | test123 | field |
| pdfa | PDF/A-1a | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/libreoffice/convert with encryption (multiple files)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/libreoffice/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.docx | file |
| files | testdata/page_2.docx | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be the following file(s) in the response:
| encrypted.zip |
Then the response PDF(s) should be encrypted
Then the "encrypted.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/libreoffice/convert with encryption and flattening
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/libreoffice/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.docx | file |
| userPassword | test123 | field |
| flatten | true | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 1 page(s)
Scenario: POST /forms/libreoffice/convert without encryption (empty password)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/libreoffice/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.docx | file |
| userPassword | | field |
| Gotenberg-Output-Filename | unencrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| unencrypted.pdf |
Then the "unencrypted.pdf" PDF should NOT be encrypted
Then the "unencrypted.pdf" PDF should have 1 page(s)
@@ -183,3 +183,78 @@ Feature: /forms/pdfengines/convert
| pdfa | PDF/A-1b | field |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Scenario: POST /forms/pdfengines/convert with encryption (user password only)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| pdfa | PDF/A-1b | field |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should be valid "PDF/A-1b" with a tolerance of 1 failed rule(s)
Scenario: POST /forms/pdfengines/convert with encryption (user and owner passwords)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| pdfa | PDF/A-1b | field |
| userPassword | user123 | field |
| ownerPassword | owner456 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should be valid "PDF/A-1b" with a tolerance of 1 failed rule(s)
Scenario: POST /forms/pdfengines/convert with encryption (multiple files)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| files | testdata/page_2.pdf | file |
| pdfa | PDF/A-1b | field |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be the following file(s) in the response:
| encrypted.zip |
Then the response PDF(s) should be encrypted
Then the "encrypted.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/pdfengines/convert with encryption and PDF/UA
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| pdfua | true | field |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Scenario: POST /forms/pdfengines/convert without encryption (empty password)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/convert" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| pdfa | PDF/A-1b | field |
| userPassword | | field |
| Gotenberg-Output-Filename | unencrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| unencrypted.pdf |
Then the "unencrypted.pdf" PDF should NOT be encrypted
Then the "unencrypted.pdf" PDF should be valid "PDF/A-1b" with a tolerance of 1 failed rule(s)
@@ -0,0 +1,129 @@
Feature: /forms/pdfengines/encrypt
Scenario: POST /forms/pdfengines/encrypt (default - QPDF)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | protected | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| protected.pdf |
Then the "protected.pdf" PDF should be encrypted
Scenario: POST /forms/pdfengines/encrypt with user and owner passwords (QPDF)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| userPassword | user123 | field |
| ownerPassword | owner456 | field |
| Gotenberg-Output-Filename | protected | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| protected.pdf |
Then the "protected.pdf" PDF should be encrypted
Scenario: POST /forms/pdfengines/encrypt (PDFtk)
Given I have a Gotenberg container with the following environment variable(s):
| PDFENGINES_PASSWORD_ENGINES | pdftk |
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | protected | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| protected.pdf |
Then the "protected.pdf" PDF should be encrypted
Scenario: POST /forms/pdfengines/encrypt (pdfcpu)
Given I have a Gotenberg container with the following environment variable(s):
| PDFENGINES_PASSWORD_ENGINES | pdfcpu |
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | protected | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| protected.pdf |
Then the "protected.pdf" PDF should be encrypted
Scenario: POST /forms/pdfengines/encrypt with multiple files
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| files | testdata/page_2.pdf | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | protected | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be the following file(s) in the response:
| protected.zip |
Then the "protected.zip" archive should contain 2 file(s)
Then the "protected.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/pdfengines/encrypt without required userPassword field
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| Gotenberg-Output-Filename | protected | header |
Then the response status code should be 400
Then the response body should contain "userPassword"
Scenario: POST /forms/pdfengines/encrypt with password engines that don't support password protection
Given I have a Gotenberg container with the following environment variable(s):
| PDFENGINES_PASSWORD_ENGINES | exiftool |
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | protected | header |
Then the response status code should be 500
Then the response body should contain "password protection not supported"
Scenario: POST /forms/pdfengines/encrypt (Download From)
Given I have a default Gotenberg container
Given I have a static server
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| downloadFrom | [{"url":"http://host.docker.internal:%d/static/testdata/page_1.pdf","extraHttpHeaders":{"X-Foo":"bar"}}] | field |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | protected | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| protected.pdf |
Then the "protected.pdf" PDF should be encrypted
Scenario: POST /forms/pdfengines/encrypt (Webhook)
Given I have a default Gotenberg container
Given I have a webhook server
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| Gotenberg-Output-Filename | foo | header |
| Gotenberg-Webhook-Url | http://host.docker.internal:%d/webhook | header |
| Gotenberg-Webhook-Error-Url | http://host.docker.internal:%d/webhook/error | header |
Then the response status code should be 204
When I wait for the asynchronous request to the webhook
Then the webhook request header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the webhook request
Then there should be the following file(s) in the webhook request:
| foo.pdf |
Then the "foo.pdf" PDF should have 1 page(s)
Then the "foo.pdf" PDF should have the following content at page 1:
"""
Page 1
"""
Scenario: POST /forms/pdfengines/encrypt (Routes Disabled)
Given I have a Gotenberg container with the following environment variable(s):
| PDFENGINES_DISABLE_ROUTES | true |
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/encrypt" endpoint with the following form data and header(s):
| files | testdata/pages_3.pdf | file |
Then the response status code should be 404
@@ -322,3 +322,81 @@ Feature: /forms/pdfengines/merge
| files | testdata/page_2.pdf | file |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Scenario: POST /forms/pdfengines/merge with encryption (user password only)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/merge" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| files | testdata/page_2.pdf | file |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 2 page(s)
Scenario: POST /forms/pdfengines/merge with encryption (user and owner passwords)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/merge" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| files | testdata/page_2.pdf | file |
| userPassword | user123 | field |
| ownerPassword | owner456 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 2 page(s)
Scenario: POST /forms/pdfengines/merge with encryption and PDF/A conversion
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/merge" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| files | testdata/page_2.pdf | file |
| userPassword | test123 | field |
| pdfa | PDF/A-1a | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 2 page(s)
Scenario: POST /forms/pdfengines/merge with encryption and flattening
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/merge" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| files | testdata/page_2.pdf | file |
| userPassword | test123 | field |
| flatten | true | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Then the "encrypted.pdf" PDF should have 2 page(s)
Scenario: POST /forms/pdfengines/merge without encryption (empty password)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/merge" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| files | testdata/page_2.pdf | file |
| userPassword | | field |
| Gotenberg-Output-Filename | unencrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| unencrypted.pdf |
Then the "unencrypted.pdf" PDF should NOT be encrypted
Then the "unencrypted.pdf" PDF should have 2 page(s)
@@ -284,3 +284,61 @@ Feature: /forms/pdfengines/{write|read}
| files | teststore/foo.pdf | file |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/json"
Scenario: POST /forms/pdfengines/metadata/write with encryption (user password only)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/metadata/write" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| metadata | {"Title":"Encrypted Sample","Author":"Test Author","Subject":"Test Subject"} | field |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Scenario: POST /forms/pdfengines/metadata/write with encryption (user and owner passwords)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/metadata/write" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| metadata | {"Title":"Encrypted Sample","Author":"Test Author","Subject":"Test Subject"} | field |
| userPassword | user123 | field |
| ownerPassword | owner456 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.pdf |
Then the "encrypted.pdf" PDF should be encrypted
Scenario: POST /forms/pdfengines/metadata/write with encryption (multiple files)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/metadata/write" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| files | testdata/page_2.pdf | file |
| metadata | {"Title":"Encrypted Sample","Author":"Test Author","Subject":"Test Subject"} | field |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be the following file(s) in the response:
| encrypted.zip |
Then the response PDF(s) should be encrypted
Then the "encrypted.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/pdfengines/metadata/write without encryption (empty password)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/metadata/write" endpoint with the following form data and header(s):
| files | testdata/page_1.pdf | file |
| metadata | {"Title":"Unencrypted Sample","Author":"Test Author","Subject":"Test Subject"} | field |
| userPassword | | field |
| Gotenberg-Output-Filename | unencrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/pdf"
Then there should be 1 PDF(s) in the response
Then there should be the following file(s) in the response:
| unencrypted.pdf |
Then the "unencrypted.pdf" PDF should NOT be encrypted
@@ -549,3 +549,69 @@ Feature: /forms/pdfengines/split
| splitSpan | 2 | field |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Scenario: POST /forms/pdfengines/split with encryption (intervals)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/split" endpoint with the following form data and header(s):
| files | testdata/pages_3.pdf | file |
| splitMode | intervals | field |
| splitSpan | 2 | field |
| userPassword | test123 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be 2 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.zip |
Then the response PDF(s) should be encrypted
Then the "encrypted.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/pdfengines/split with encryption (pages)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/split" endpoint with the following form data and header(s):
| files | testdata/pages_3.pdf | file |
| splitMode | pages | field |
| splitSpan | 2- | field |
| userPassword | user123 | field |
| ownerPassword | owner456 | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be 2 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.zip |
Then the response PDF(s) should be encrypted
Then the "encrypted.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/pdfengines/split with encryption and PDF/A conversion
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/split" endpoint with the following form data and header(s):
| files | testdata/pages_3.pdf | file |
| splitMode | intervals | field |
| splitSpan | 2 | field |
| userPassword | test123 | field |
| pdfa | PDF/A-1a | field |
| Gotenberg-Output-Filename | encrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be 2 PDF(s) in the response
Then there should be the following file(s) in the response:
| encrypted.zip |
Then the response PDF(s) should be encrypted
Then the "encrypted.zip" archive should contain encrypted PDF file(s)
Scenario: POST /forms/pdfengines/split without encryption (empty password)
Given I have a default Gotenberg container
When I make a "POST" request to Gotenberg at the "/forms/pdfengines/split" endpoint with the following form data and header(s):
| files | testdata/pages_3.pdf | file |
| splitMode | intervals | field |
| splitSpan | 2 | field |
| userPassword | | field |
| Gotenberg-Output-Filename | unencrypted | header |
Then the response status code should be 200
Then the response header "Content-Type" should be "application/zip"
Then there should be 2 PDF(s) in the response
Then there should be the following file(s) in the response:
| unencrypted.zip |
Then the "unencrypted.zip" archive should contain 2 file(s)
Then the "unencrypted.zip" archive should NOT contain encrypted PDF file(s)
+94
View File
@@ -839,6 +839,98 @@ func (s *scenario) thePdfsShouldBeFlatten(ctx context.Context, kind, should stri
return nil
}
// thePdfShouldBeEncrypted checks if a PDF file is encrypted or not encrypted based on condition.
func (s *scenario) thePdfShouldBeEncrypted(ctx context.Context, filename, should string) error {
filePath := fmt.Sprintf("%s/%s", s.workdir, filename)
cmd := []string{
"qpdf",
"--check",
filepath.Base(filePath),
}
output, err := execCommandInIntegrationToolsContainer(ctx, cmd, filePath)
invert := should == "should NOT"
isEncrypted := err != nil && (strings.Contains(output, "password") || strings.Contains(output, "encrypted"))
if invert && isEncrypted {
return fmt.Errorf("expected PDF %s to not be encrypted, but it is encrypted", filename)
}
if !invert && !isEncrypted {
return fmt.Errorf("expected PDF %s to be encrypted, but it is not", filename)
}
return nil
}
// theArchiveShouldContainEncryptedPdfFiles checks if a zip archive contains encrypted PDF files based on condition.
func (s *scenario) theArchiveShouldContainEncryptedPdfFiles(ctx context.Context, archiveFilename, should string) error {
archivePath := fmt.Sprintf("%s/%s", s.workdir, archiveFilename)
// First, extract the archive inside the container
extractCmd := []string{
"sh",
"-c",
fmt.Sprintf("mkdir -p /tmp/extract && unzip -o %s -d /tmp/extract", filepath.Base(archivePath)),
}
_, err := execCommandInIntegrationToolsContainer(ctx, extractCmd, archivePath)
if err != nil {
return fmt.Errorf("extract archive in container: %w", err)
}
// List PDF files in the extracted directory
listCmd := []string{
"sh",
"-c",
"find /tmp/extract -name '*.pdf' -type f",
}
output, err := execCommandInIntegrationToolsContainer(ctx, listCmd, archivePath)
if err != nil {
return fmt.Errorf("list PDFs in container: %w", err)
}
// No PDFs found
if output == "" {
return fmt.Errorf("no PDF files found in archive %s", archiveFilename)
}
// Check each PDF for password protection
pdfPaths := strings.Split(strings.TrimSpace(output), "\n")
foundProtectedPdf := false
for _, pdfPath := range pdfPaths {
checkCmd := []string{
"qpdf",
"--check",
pdfPath,
}
checkOutput, err := execCommandInIntegrationToolsContainer(ctx, checkCmd, archivePath)
// If we get a password error, we found a protected PDF
if err != nil && (strings.Contains(checkOutput, "password") || strings.Contains(checkOutput, "encrypted")) {
foundProtectedPdf = true
break
}
}
invert := should == "should NOT"
if invert && foundProtectedPdf {
return fmt.Errorf("found encrypted PDF files in archive %s, but expected none", archiveFilename)
}
if !invert && !foundProtectedPdf {
return fmt.Errorf("no encrypted PDF files found in archive %s", archiveFilename)
}
return nil
}
func InitializeScenario(ctx *godog.ScenarioContext) {
s := &scenario{}
ctx.Before(func(ctx context.Context, sc *godog.Scenario) (context.Context, error) {
@@ -874,6 +966,8 @@ func InitializeScenario(ctx *godog.ScenarioContext) {
ctx.Then(`^the "([^"]*)" PDF should have (\d+) page\(s\)$`, s.thePdfShouldHavePages)
ctx.Then(`^the "([^"]*)" PDF (should|should NOT) be set to landscape orientation$`, s.thePdfShouldBeSetToLandscapeOrientation)
ctx.Then(`^the "([^"]*)" PDF (should|should NOT) have the following content at page (\d+):$`, s.thePdfShouldHaveTheFollowingContentAtPage)
ctx.Then(`^the "([^"]*)" PDF (should|should NOT) be encrypted$`, s.thePdfShouldBeEncrypted)
ctx.Then(`^the "([^"]*)" archive (should|should NOT) contain encrypted PDF file\(s\)$`, s.theArchiveShouldContainEncryptedPdfFiles)
ctx.After(func(ctx context.Context, sc *godog.Scenario, err error) (context.Context, error) {
if s.gotenbergContainer != nil {
errTerminate := s.gotenbergContainer.Terminate(ctx, testcontainers.StopTimeout(0))