deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Better handling of permissions for re-uploading a file that already exists (ticket:163)

Browse source
This commit is contained in:
Alexey Verkhovsky 2005-06-09 20:05:16 +00:00
parent 04a8f80273
commit ebe0af1dfc
3 changed files with 14 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGELOG
View file

@ -5,6 +5,8 @@
some other layout) some other layout)
<nowiki> tag can span several lines (before it was applied when both opening and closing <nowiki> tag can span several lines (before it was applied when both opening and closing
tags were on the same line only) tags were on the same line only)
Resolved the "endless redirection loop" condition and otherwise improved handling of
errors in the rendering engines
* 0.10.1: * 0.10.1:
Upgraded Rails to 0.12.0 Upgraded Rails to 0.12.0

14
app/models/file_yard.rb
View file

@ -6,10 +6,9 @@ class FileYard
attr_reader :files_path attr_reader :files_path
def initialize(files_path, max_upload_size) def initialize(files_path, max_upload_size)
@files_path = files_path @files_path, @max_upload_size = files_path, max_upload_size
@max_upload_size = max_upload_size FileUtils.mkdir_p(@files_path) unless File.exist?(@files_path)
FileUtils.mkdir_p(files_path) unless File.exist?(files_path) @files = Dir["#{@files_path}/*"].collect{|path| File.basename(path) if File.file?(path) }.compact
@files = Dir["#{files_path}/*"].collect{|path| File.basename(path) if File.file?(path) }.compact
end end
def upload_file(name, io) def upload_file(name, io)
@ -17,6 +16,7 @@ class FileYard
if io.kind_of?(Tempfile) if io.kind_of?(Tempfile)
io.close io.close
check_upload_size(io.size) check_upload_size(io.size)
File.chmod(600, file_path(name)) if File.exists? file_path(name)
FileUtils.mv(io.path, file_path(name)) FileUtils.mv(io.path, file_path(name))
else else
content = io.read content = io.read
@ -39,12 +39,12 @@ class FileYard
"#{files_path}/#{name}" "#{files_path}/#{name}"
end end
SANE_FILE_NAME = /[-_\.A-Za-z0-9]{1,255}/ SANE_FILE_NAME = /[a-zA-Z0-9\-_\. ]{1,255}/
def sanitize_file_name(name) def sanitize_file_name(name)
unless name =~ SANE_FILE_NAME unless name =~ SANE_FILE_NAME or name == '.' or name == '..'
raise Instiki::ValidationError.new("Invalid file name: '#{name}'.\n" + raise Instiki::ValidationError.new("Invalid file name: '#{name}'.\n" +
"Only latin characters, digits, dots, underscores and dashes are accepted.") "Only latin characters, digits, dots, underscores, dashes and spaces are accepted.")
end end
end end

10
test/unit/file_yard_test.rb
View file

@ -35,28 +35,28 @@ class FileYardTest < Test::Unit::TestCase
def test_size_limit def test_size_limit
@yard = FileYard.new(file_path, 1) @yard = FileYard.new(file_path, 1)
one_kylobyte_string = "a" * 1024 one_kilobyte_string = "a" * 1.kilobyte
# as StringIO # as StringIO
assert_nothing_raised { assert_nothing_raised {
@yard.upload_file('acceptable_file', StringIO.new(one_kylobyte_string)) @yard.upload_file('acceptable_file', StringIO.new(one_kilobyte_string))
} }
assert_raises(Instiki::ValidationError) { assert_raises(Instiki::ValidationError) {
@yard.upload_file('one_byte_too_long', StringIO.new(one_kylobyte_string + 'a')) @yard.upload_file('one_byte_too_long', StringIO.new(one_kilobyte_string + 'a'))
} }
# as Tempfile # as Tempfile
require 'tempfile' require 'tempfile'
Tempfile.open('acceptable_file') do |f| Tempfile.open('acceptable_file') do |f|
f.write(one_kylobyte_string) f.write(one_kilobyte_string)
assert_nothing_raised { assert_nothing_raised {
@yard.upload_file('acceptable_file', f) @yard.upload_file('acceptable_file', f)
} }
end end
Tempfile.open('one_byte_too_long') do |f| Tempfile.open('one_byte_too_long') do |f|
f.write(one_kylobyte_string + 'a') f.write(one_kilobyte_string + 'a')
assert_nothing_raised { assert_nothing_raised {
@yard.upload_file('one_byte_too_long_2', f) @yard.upload_file('one_byte_too_long_2', f)
} }