Added drawing endpoint tests

Also refactored ImageTests away from BrowserKit
Also added image upload type validation.

app/Http/Controllers/ImageController.php

@@ -120,7 +120,10 @@ class ImageController extends Controller
         $this->validate($request, [
             'file' => 'is_image'
         ]);
-        // TODO - Restrict & validate types
+
+        if (!$this->imageRepo->isValidType($type)) {
+            return $this->jsonError(trans('errors.image_upload_type_error'));
+        }
 
         $imageUpload = $request->file('file');
 

app/Repos/ImageRepo.php

@@ -1,12 +1,9 @@
 <?php namespace BookStack\Repos;
 
-
 use BookStack\Image;
 use BookStack\Page;
 use BookStack\Services\ImageService;
 use BookStack\Services\PermissionService;
-use Illuminate\Contracts\Filesystem\FileNotFoundException;
-use Setting;
 use Symfony\Component\HttpFoundation\File\UploadedFile;
 
 class ImageRepo
@@ -247,5 +244,15 @@ class ImageRepo
         }
     }
 
+    /**
+     * Check if the provided image type is valid.
+     * @param $type
+     * @return bool
+     */
+    public function isValidType($type)
+    {
+        $validTypes = ['drawing', 'gallery', 'cover', 'system', 'user'];
+        return in_array($type, $validTypes);
+    }
 
 }