Snupkgs without symbols will be rejected. (#6968)

cristinamanum · web-flow · commit 7fa9bd976934 · 2019-03-07T14:35:18.000-08:00
Validate that the snupkg contains symbols. Reject if they do not.
diff --git a/src/NuGetGallery/Services/SymbolPackageService.cs b/src/NuGetGallery/Services/SymbolPackageService.cs
@@ -153,6 +153,11 @@ private static void ValidateSymbolPackage(PackageArchiveReader symbolPackage, Pa
             {
                 throw new InvalidDataException(string.Format(Strings.SymbolsPackage_InvalidFiles, PDBExtension));
             }
+
+            if (!CheckForPDBFiles(symbolPackage))
+            {
+                throw new InvalidDataException(string.Format(Strings.SymbolsPackage_NoSymbols));
+            }
         }
 
         private static bool CheckForAllowedFiles(PackageArchiveReader symbolPackage)
@@ -171,6 +176,17 @@ private static bool CheckForAllowedFiles(PackageArchiveReader symbolPackage)
             return true;
         }
 
+        /// <summary>
+        /// If there are not any pdb files in the snupkg the publish action will be rejected.
+        /// </summary>
+        /// <param name="symbolPackage"></param>
+        /// <returns></returns>
+        private static bool CheckForPDBFiles(PackageArchiveReader symbolPackage)
+        {
+            return symbolPackage.GetFiles()
+                .Any(filePath => !string.IsNullOrEmpty(Path.GetFileName(filePath)) && Path.GetExtension(filePath) == PDBExtension);
+        }
+
         private static bool IsPortable(string pdbFile)
         {
             byte[] currentPDBStamp = new byte[4];
diff --git a/src/NuGetGallery/Strings.Designer.cs b/src/NuGetGallery/Strings.Designer.cs
diff --git a/src/NuGetGallery/Strings.resx b/src/NuGetGallery/Strings.resx
@@ -1138,4 +1138,7 @@ The {1} Team</value>
     <value>https://cwe.mitre.org/data/definitions/{0}.html</value>
     <comment>{0} is the CWE's ID number (e.g. CWE-999 has an ID number of 999)</comment>
   </data>
+  <data name="SymbolsPackage_NoSymbols" xml:space="preserve">
+    <value>The package does not contain any symbol (.pdb) files.</value>
+  </data>
 </root>
diff --git a/tests/NuGetGallery.Facts/Services/SymbolPackageServiceFacts.cs b/tests/NuGetGallery.Facts/Services/SymbolPackageServiceFacts.cs
@@ -5,6 +5,7 @@
 using System.Collections.Generic;
 using System.IO;
 using System.IO.Compression;
+using System.Linq;
 using System.Threading.Tasks;
 using Moq;
 using NuGet.Services.Entities;
@@ -47,13 +48,12 @@ private static List<ClientPackageType> CreateSymbolPackageTypesObject()
                 };
         }
 
-        private static Action<ZipArchive> CreatePopulatePackageAction(string extension)
+        private static Action<ZipArchive> CreatePopulatePackageAction(params string[] extensions)
         {
             return archive =>
             {
-                var entryList = new List<ZipArchiveEntry>() {
-                            archive.CreateEntry("file1" + extension)
-                        };
+                int fileIndex = 0;
+                var entryList = extensions.Select(extension => archive.CreateEntry($"file{fileIndex++}{extension}"));
 
                 foreach (var entry in entryList)
                 {
@@ -162,13 +162,25 @@ public async Task WillThrowForInvalidFilesInSnupkg(string extension)
             public async Task WillNotThrowForValidSnupkgFile(string extension)
             {
                 var service = CreateService();
-                var action = CreatePopulatePackageAction(extension);
+                var action = CreatePopulatePackageAction(new string[] { extension, ".pdb" });
 
                 var validSymbolPackageStream = TestPackage.CreateTestSymbolPackageStream("theId", "1.0.42", populatePackage: action);
                 var packageArchiveReader = PackageServiceUtility.CreateArchiveReader(validSymbolPackageStream);
 
                 await service.EnsureValidAsync(packageArchiveReader);
             }
+
+            [Fact]
+            public async Task WillThrowForSnupkgFileWithoutSymbols()
+            {
+                var service = CreateService();
+                var action = CreatePopulatePackageAction(".p7s");
+
+                var validSymbolPackageStream = TestPackage.CreateTestSymbolPackageStream("theId", "1.0.42", populatePackage: action);
+                var packageArchiveReader = PackageServiceUtility.CreateArchiveReader(validSymbolPackageStream);
+
+                await Assert.ThrowsAsync<InvalidDataException>(async () => await service.EnsureValidAsync(packageArchiveReader));
+            }
         }
 
         public class TheCreateSymbolPackageMethod

Original file line number	Diff line number	Diff line change
`@@ -153,6 +153,11 @@ private static void ValidateSymbolPackage(PackageArchiveReader symbolPackage, Pa`
`153`	`153`	`{`
`154`	`154`	`throw new InvalidDataException(string.Format(Strings.SymbolsPackage_InvalidFiles, PDBExtension));`
`155`	`155`	`}`
	`156`	`+`
	`157`	`+ if (!CheckForPDBFiles(symbolPackage))`
	`158`	`+ {`
	`159`	`+ throw new InvalidDataException(string.Format(Strings.SymbolsPackage_NoSymbols));`
	`160`	`+ }`
`156`	`161`	`}`
`157`	`162`
`158`	`163`	`private static bool CheckForAllowedFiles(PackageArchiveReader symbolPackage)`
`@@ -171,6 +176,17 @@ private static bool CheckForAllowedFiles(PackageArchiveReader symbolPackage)`
`171`	`176`	`return true;`
`172`	`177`	`}`
`173`	`178`
	`179`	`+ /// <summary>`
	`180`	`+ /// If there are not any pdb files in the snupkg the publish action will be rejected.`
	`181`	`+ /// </summary>`
	`182`	`+ /// <param name="symbolPackage"></param>`
	`183`	`+ /// <returns></returns>`
	`184`	`+ private static bool CheckForPDBFiles(PackageArchiveReader symbolPackage)`
	`185`	`+ {`
	`186`	`+ return symbolPackage.GetFiles()`
	`187`	`+ .Any(filePath => !string.IsNullOrEmpty(Path.GetFileName(filePath)) && Path.GetExtension(filePath) == PDBExtension);`
	`188`	`+ }`
	`189`	`+`
`174`	`190`	`private static bool IsPortable(string pdbFile)`
`175`	`191`	`{`
`176`	`192`	`byte[] currentPDBStamp = new byte[4];`