kallithea Changeset - 2576a20d94ca

Changeset - 2576a20d94ca

Parent rev.

Child rev.

[Not reviewed]

beta

0 4 0

Marcin Kuzminski - 13 years ago 2013-05-12 00:41:38
marcin@python-works.com

Gist: don't allow files inside directories when creating gists

4 files changed with 35 insertions and 3 deletions:

rhodecode/model/forms.py

rhodecode/model/gist.py

rhodecode/model/validators.py

rhodecode/tests/functional/test_admin_gists.py

0 comments (0 inline, 0 general)

rhodecode/model/forms.py

➞

Show inline comments

@@ @@ -421,13 +421,14 @@ def PullRequestForm(repo_id): @@
     return _PullRequestForm
 def GistForm(lifetime_options):
     class _GistForm(formencode.Schema):
         filename = v.UnicodeString(strip=True, required=False)
         filename = All(v.BasePath()(),
                        v.UnicodeString(strip=True, required=False))
         description = v.UnicodeString(required=False, if_missing='')
         lifetime = v.OneOf(lifetime_options)
         content = v.UnicodeString(required=True, not_empty=True)
         public = v.UnicodeString(required=False, if_missing='')
         private = v.UnicodeString(required=False, if_missing='')

rhodecode/model/gist.py

➞

Show inline comments

@@ @@ -117,12 +117,15 @@ class GistModel(BaseModel): @@
         log.debug('Creating new %s GIST repo in %s' % (gist_type, gist_repo_path))
         repo = RepoModel()._create_repo(repo_name=gist_repo_path, alias='hg',
                                         parent=None)
         processed_mapping = {}
         for filename in gist_mapping:
             if filename != os.path.basename(filename):
                 raise Exception('Filename cannot be inside a directory')
             content = gist_mapping[filename]['content']
             #TODO: expand support for setting explicit lexers
 #             if lexer is None:
 #                 try:
 #                     lexer = pygments.lexers.guess_lexer_for_filename(filename,content)
 #                 except pygments.util.ClassNotFound:

rhodecode/model/validators.py

➞

Show inline comments

@@ @@ -765,13 +765,14 @@ def NotReviewedRevisions(repo_id): @@
 def ValidIp():
     class _validator(CIDR):
         messages = dict(
             badFormat=_('Please enter a valid IPv4 or IpV6 address'),
             illegalBits=_('The network size (bits) must be within the range'
                 ' of 0-32 (not %(bits)r)'))
                 ' of 0-32 (not %(bits)r)')
+        )
         def to_python(self, value, state):
             v = super(_validator, self).to_python(value, state)
             v = v.strip()
             net = ipaddr.IPNetwork(address=v)
             if isinstance(net, ipaddr.IPv4Network):
@@ @@ -797,13 +798,30 @@ def ValidIp(): @@
 def FieldKey():
     class _validator(formencode.validators.FancyValidator):
         messages = dict(
             badFormat=_('Key name can only consist of letters, '
                         'underscore, dash or numbers'),)
                         'underscore, dash or numbers')
+        )
         def validate_python(self, value, state):
             if not re.match('[a-zA-Z0-9_-]+$', value):
                 raise formencode.Invalid(self.message('badFormat', state),
                                          value, state)
     return _validator
 def BasePath():
     class _validator(formencode.validators.FancyValidator):
         messages = dict(
             badPath=_('Filename cannot be inside a directory')
+        )
         def _to_python(self, value, state):
             return value
         def validate_python(self, value, state):
             if value != os.path.basename(value):
                 raise formencode.Invalid(self.message('badPath', state),
                                          value, state)
     return _validator

rhodecode/tests/functional/test_admin_gists.py

➞

Show inline comments

@@ @@ -72,12 +72,22 @@ class TestGistsController(TestController @@
                                  status=302)
         response = response.follow()
         response.mustcontain('added file: foo')
         response.mustcontain('gist test')
         response.mustcontain('<div class="ui-btn green badge">Public gist</div>')
     def test_create_with_path_with_dirs(self):
         self.log_user()
         response = self.app.post(url('gists'),
                                  params={'lifetime': -1,
                                          'content': 'gist test',
                                          'filename': '/home/foo',
                                          'public': 'public'},
                                  status=200)
         response.mustcontain('Filename cannot be inside a directory')
     def test_access_expired_gist(self):
         self.log_user()
         gist = _create_gist('never-see-me')
         gist.gist_expires = 0  # 1970
         Session().add(gist)
         Session().commit()

0 comments (0 inline, 0 general)