Show More
| @@ -424,7 +424,8 b' def PullRequestForm(repo_id):' | |||
|
|
424 | 424 | def GistForm(lifetime_options): |
|
|
425 | 425 | class _GistForm(formencode.Schema): |
|
|
426 | 426 | |
|
|
427 | filename = v.UnicodeString(strip=True, required=False) | |
|
|
427 | filename = All(v.BasePath()(), | |
|
|
428 | v.UnicodeString(strip=True, required=False)) | |
|
|
428 | 429 | description = v.UnicodeString(required=False, if_missing='') |
|
|
429 | 430 | lifetime = v.OneOf(lifetime_options) |
|
|
430 | 431 | content = v.UnicodeString(required=True, not_empty=True) |
| @@ -120,6 +120,9 b' class GistModel(BaseModel):' | |||
|
|
120 | 120 | |
|
|
121 | 121 | processed_mapping = {} |
|
|
122 | 122 | for filename in gist_mapping: |
|
|
123 | if filename != os.path.basename(filename): | |
|
|
124 | raise Exception('Filename cannot be inside a directory') | |
|
|
125 | ||
|
|
123 | 126 | content = gist_mapping[filename]['content'] |
|
|
124 | 127 | #TODO: expand support for setting explicit lexers |
|
|
125 | 128 | # if lexer is None: |
| @@ -768,7 +768,8 b' def ValidIp():' | |||
|
|
768 | 768 | messages = dict( |
|
|
769 | 769 | badFormat=_('Please enter a valid IPv4 or IpV6 address'), |
|
|
770 | 770 | illegalBits=_('The network size (bits) must be within the range' |
|
|
771 |
' of 0-32 (not %(bits)r)') |
|
|
|
771 | ' of 0-32 (not %(bits)r)') | |
|
|
772 | ) | |
|
|
772 | 773 | |
|
|
773 | 774 | def to_python(self, value, state): |
|
|
774 | 775 | v = super(_validator, self).to_python(value, state) |
| @@ -800,10 +801,27 b' def FieldKey():' | |||
|
|
800 | 801 | class _validator(formencode.validators.FancyValidator): |
|
|
801 | 802 | messages = dict( |
|
|
802 | 803 | badFormat=_('Key name can only consist of letters, ' |
|
|
803 |
'underscore, dash or numbers') |
|
|
|
804 | 'underscore, dash or numbers') | |
|
|
805 | ) | |
|
|
804 | 806 | |
|
|
805 | 807 | def validate_python(self, value, state): |
|
|
806 | 808 | if not re.match('[a-zA-Z0-9_-]+$', value): |
|
|
807 | 809 | raise formencode.Invalid(self.message('badFormat', state), |
|
|
808 | 810 | value, state) |
|
|
809 | 811 | return _validator |
|
|
812 | ||
|
|
813 | ||
|
|
814 | def BasePath(): | |
|
|
815 | class _validator(formencode.validators.FancyValidator): | |
|
|
816 | messages = dict( | |
|
|
817 | badPath=_('Filename cannot be inside a directory') | |
|
|
818 | ) | |
|
|
819 | ||
|
|
820 | def _to_python(self, value, state): | |
|
|
821 | return value | |
|
|
822 | ||
|
|
823 | def validate_python(self, value, state): | |
|
|
824 | if value != os.path.basename(value): | |
|
|
825 | raise formencode.Invalid(self.message('badPath', state), | |
|
|
826 | value, state) | |
|
|
827 | return _validator | |
| @@ -75,6 +75,16 b' class TestGistsController(TestController' | |||
|
|
75 | 75 | response.mustcontain('gist test') |
|
|
76 | 76 | response.mustcontain('<div class="ui-btn green badge">Public gist</div>') |
|
|
77 | 77 | |
|
|
78 | def test_create_with_path_with_dirs(self): | |
|
|
79 | self.log_user() | |
|
|
80 | response = self.app.post(url('gists'), | |
|
|
81 | params={'lifetime': -1, | |
|
|
82 | 'content': 'gist test', | |
|
|
83 | 'filename': '/home/foo', | |
|
|
84 | 'public': 'public'}, | |
|
|
85 | status=200) | |
|
|
86 | response.mustcontain('Filename cannot be inside a directory') | |
|
|
87 | ||
|
|
78 | 88 | def test_access_expired_gist(self): |
|
|
79 | 89 | self.log_user() |
|
|
80 | 90 | gist = _create_gist('never-see-me') |
General Comments 0
You need to be logged in to leave comments.
Login now