kallithea Changeset - 2576a20d94ca

Changeset - 2576a20d94ca

Parent rev.

Child rev.

[Not reviewed]

beta

0 4 0

Marcin Kuzminski - 13 years ago 2013-05-12 00:41:38
marcin@python-works.com

Gist: don't allow files inside directories when creating gists

4 files changed with 35 insertions and 3 deletions:

rhodecode/model/forms.py

rhodecode/model/gist.py

rhodecode/model/validators.py

rhodecode/tests/functional/test_admin_gists.py

0 comments (0 inline, 0 general)

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -424,7 +424,8 @@ def PullRequestForm(repo_id): @@
 def GistForm(lifetime_options):
     class _GistForm(formencode.Schema):
         filename = v.UnicodeString(strip=True, required=False)
         filename = All(v.BasePath()(),
                        v.UnicodeString(strip=True, required=False))
         description = v.UnicodeString(required=False, if_missing='')
         lifetime = v.OneOf(lifetime_options)
         content = v.UnicodeString(required=True, not_empty=True)

rhodecode/model/gist.py

➞

Show inline comments

@@ @@ -120,6 +120,9 @@ class GistModel(BaseModel): @@
         processed_mapping = {}
         for filename in gist_mapping:
             if filename != os.path.basename(filename):
                 raise Exception('Filename cannot be inside a directory')
             content = gist_mapping[filename]['content']
             #TODO: expand support for setting explicit lexers
 #             if lexer is None:

rhodecode/model/validators.py

➞

Show inline comments

@@ @@ -768,7 +768,8 @@ def ValidIp(): @@
         messages = dict(
             badFormat=_('Please enter a valid IPv4 or IpV6 address'),
             illegalBits=_('The network size (bits) must be within the range'
                 ' of 0-32 (not %(bits)r)'))
                 ' of 0-32 (not %(bits)r)')
+        )
         def to_python(self, value, state):
             v = super(_validator, self).to_python(value, state)
@@ @@ -800,10 +801,27 @@ def FieldKey(): @@
     class _validator(formencode.validators.FancyValidator):
         messages = dict(
             badFormat=_('Key name can only consist of letters, '
                         'underscore, dash or numbers'),)
                         'underscore, dash or numbers')
+        )
         def validate_python(self, value, state):
             if not re.match('[a-zA-Z0-9_-]+$', value):
                 raise formencode.Invalid(self.message('badFormat', state),
                                          value, state)
     return _validator
 def BasePath():
     class _validator(formencode.validators.FancyValidator):
         messages = dict(
             badPath=_('Filename cannot be inside a directory')
+        )
         def _to_python(self, value, state):
             return value
         def validate_python(self, value, state):
             if value != os.path.basename(value):
                 raise formencode.Invalid(self.message('badPath', state),
                                          value, state)
     return _validator

rhodecode/tests/functional/test_admin_gists.py

➞

Show inline comments

@@ @@ -75,6 +75,16 @@ class TestGistsController(TestController @@
         response.mustcontain('gist test')
         response.mustcontain('<div class="ui-btn green badge">Public gist</div>')
     def test_create_with_path_with_dirs(self):
         self.log_user()
         response = self.app.post(url('gists'),
                                  params={'lifetime': -1,
                                          'content': 'gist test',
                                          'filename': '/home/foo',
                                          'public': 'public'},
                                  status=200)
         response.mustcontain('Filename cannot be inside a directory')
     def test_access_expired_gist(self):
         self.log_user()
         gist = _create_gist('never-see-me')

0 comments (0 inline, 0 general)