Better handling of permissions for re-uploading a file that already exists (ticket:163)
This commit is contained in:
parent
04a8f80273
commit
ebe0af1dfc
3 changed files with 14 additions and 12 deletions
|
@ -5,6 +5,8 @@
|
|||
some other layout)
|
||||
<nowiki> tag can span several lines (before it was applied when both opening and closing
|
||||
tags were on the same line only)
|
||||
Resolved the "endless redirection loop" condition and otherwise improved handling of
|
||||
errors in the rendering engines
|
||||
|
||||
* 0.10.1:
|
||||
Upgraded Rails to 0.12.0
|
||||
|
|
|
@ -6,10 +6,9 @@ class FileYard
|
|||
attr_reader :files_path
|
||||
|
||||
def initialize(files_path, max_upload_size)
|
||||
@files_path = files_path
|
||||
@max_upload_size = max_upload_size
|
||||
FileUtils.mkdir_p(files_path) unless File.exist?(files_path)
|
||||
@files = Dir["#{files_path}/*"].collect{|path| File.basename(path) if File.file?(path) }.compact
|
||||
@files_path, @max_upload_size = files_path, max_upload_size
|
||||
FileUtils.mkdir_p(@files_path) unless File.exist?(@files_path)
|
||||
@files = Dir["#{@files_path}/*"].collect{|path| File.basename(path) if File.file?(path) }.compact
|
||||
end
|
||||
|
||||
def upload_file(name, io)
|
||||
|
@ -17,6 +16,7 @@ class FileYard
|
|||
if io.kind_of?(Tempfile)
|
||||
io.close
|
||||
check_upload_size(io.size)
|
||||
File.chmod(600, file_path(name)) if File.exists? file_path(name)
|
||||
FileUtils.mv(io.path, file_path(name))
|
||||
else
|
||||
content = io.read
|
||||
|
@ -39,12 +39,12 @@ class FileYard
|
|||
"#{files_path}/#{name}"
|
||||
end
|
||||
|
||||
SANE_FILE_NAME = /[-_\.A-Za-z0-9]{1,255}/
|
||||
SANE_FILE_NAME = /[a-zA-Z0-9\-_\. ]{1,255}/
|
||||
|
||||
def sanitize_file_name(name)
|
||||
unless name =~ SANE_FILE_NAME
|
||||
unless name =~ SANE_FILE_NAME or name == '.' or name == '..'
|
||||
raise Instiki::ValidationError.new("Invalid file name: '#{name}'.\n" +
|
||||
"Only latin characters, digits, dots, underscores and dashes are accepted.")
|
||||
"Only latin characters, digits, dots, underscores, dashes and spaces are accepted.")
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -35,28 +35,28 @@ class FileYardTest < Test::Unit::TestCase
|
|||
|
||||
def test_size_limit
|
||||
@yard = FileYard.new(file_path, 1)
|
||||
one_kylobyte_string = "a" * 1024
|
||||
one_kilobyte_string = "a" * 1.kilobyte
|
||||
|
||||
# as StringIO
|
||||
assert_nothing_raised {
|
||||
@yard.upload_file('acceptable_file', StringIO.new(one_kylobyte_string))
|
||||
@yard.upload_file('acceptable_file', StringIO.new(one_kilobyte_string))
|
||||
}
|
||||
assert_raises(Instiki::ValidationError) {
|
||||
@yard.upload_file('one_byte_too_long', StringIO.new(one_kylobyte_string + 'a'))
|
||||
@yard.upload_file('one_byte_too_long', StringIO.new(one_kilobyte_string + 'a'))
|
||||
}
|
||||
|
||||
# as Tempfile
|
||||
require 'tempfile'
|
||||
|
||||
Tempfile.open('acceptable_file') do |f|
|
||||
f.write(one_kylobyte_string)
|
||||
f.write(one_kilobyte_string)
|
||||
assert_nothing_raised {
|
||||
@yard.upload_file('acceptable_file', f)
|
||||
}
|
||||
end
|
||||
|
||||
Tempfile.open('one_byte_too_long') do |f|
|
||||
f.write(one_kylobyte_string + 'a')
|
||||
f.write(one_kilobyte_string + 'a')
|
||||
assert_nothing_raised {
|
||||
@yard.upload_file('one_byte_too_long_2', f)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue