From ebe0af1dfc6432977b5ca5ca6b79fac4c64d10ac Mon Sep 17 00:00:00 2001 From: Alexey Verkhovsky Date: Thu, 9 Jun 2005 20:05:16 +0000 Subject: [PATCH] Better handling of permissions for re-uploading a file that already exists (ticket:163) --- CHANGELOG | 2 ++ app/models/file_yard.rb | 14 +++++++------- test/unit/file_yard_test.rb | 10 +++++----- 3 files changed, 14 insertions(+), 12 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index d4e7db4b..155e42a1 100755 --- a/CHANGELOG +++ b/CHANGELOG @@ -5,6 +5,8 @@ some other layout) tag can span several lines (before it was applied when both opening and closing tags were on the same line only) + Resolved the "endless redirection loop" condition and otherwise improved handling of + errors in the rendering engines * 0.10.1: Upgraded Rails to 0.12.0 diff --git a/app/models/file_yard.rb b/app/models/file_yard.rb index 79e8f04d..b35dda2e 100644 --- a/app/models/file_yard.rb +++ b/app/models/file_yard.rb @@ -6,10 +6,9 @@ class FileYard attr_reader :files_path def initialize(files_path, max_upload_size) - @files_path = files_path - @max_upload_size = max_upload_size - FileUtils.mkdir_p(files_path) unless File.exist?(files_path) - @files = Dir["#{files_path}/*"].collect{|path| File.basename(path) if File.file?(path) }.compact + @files_path, @max_upload_size = files_path, max_upload_size + FileUtils.mkdir_p(@files_path) unless File.exist?(@files_path) + @files = Dir["#{@files_path}/*"].collect{|path| File.basename(path) if File.file?(path) }.compact end def upload_file(name, io) @@ -17,6 +16,7 @@ class FileYard if io.kind_of?(Tempfile) io.close check_upload_size(io.size) + File.chmod(600, file_path(name)) if File.exists? file_path(name) FileUtils.mv(io.path, file_path(name)) else content = io.read @@ -39,12 +39,12 @@ class FileYard "#{files_path}/#{name}" end - SANE_FILE_NAME = /[-_\.A-Za-z0-9]{1,255}/ + SANE_FILE_NAME = /[a-zA-Z0-9\-_\. ]{1,255}/ def sanitize_file_name(name) - unless name =~ SANE_FILE_NAME + unless name =~ SANE_FILE_NAME or name == '.' or name == '..' raise Instiki::ValidationError.new("Invalid file name: '#{name}'.\n" + - "Only latin characters, digits, dots, underscores and dashes are accepted.") + "Only latin characters, digits, dots, underscores, dashes and spaces are accepted.") end end diff --git a/test/unit/file_yard_test.rb b/test/unit/file_yard_test.rb index 43794050..f40c0588 100755 --- a/test/unit/file_yard_test.rb +++ b/test/unit/file_yard_test.rb @@ -35,28 +35,28 @@ class FileYardTest < Test::Unit::TestCase def test_size_limit @yard = FileYard.new(file_path, 1) - one_kylobyte_string = "a" * 1024 + one_kilobyte_string = "a" * 1.kilobyte # as StringIO assert_nothing_raised { - @yard.upload_file('acceptable_file', StringIO.new(one_kylobyte_string)) + @yard.upload_file('acceptable_file', StringIO.new(one_kilobyte_string)) } assert_raises(Instiki::ValidationError) { - @yard.upload_file('one_byte_too_long', StringIO.new(one_kylobyte_string + 'a')) + @yard.upload_file('one_byte_too_long', StringIO.new(one_kilobyte_string + 'a')) } # as Tempfile require 'tempfile' Tempfile.open('acceptable_file') do |f| - f.write(one_kylobyte_string) + f.write(one_kilobyte_string) assert_nothing_raised { @yard.upload_file('acceptable_file', f) } end Tempfile.open('one_byte_too_long') do |f| - f.write(one_kylobyte_string + 'a') + f.write(one_kilobyte_string + 'a') assert_nothing_raised { @yard.upload_file('one_byte_too_long_2', f) }