Skip to content
Snippets Groups Projects
Commit 2747ae68 authored by Agate's avatar Agate :speech_balloon:
Browse files

Fix #12: sanitization error

parent 8a20a6c0
No related branches found
No related tags found
No related merge requests found
Pipeline #12017 passed
...@@ -81,6 +81,8 @@ def sanitize_recursive(value): ...@@ -81,6 +81,8 @@ def sanitize_recursive(value):
elif isinstance(value, list): elif isinstance(value, list):
return [sanitize_recursive(v) for v in value] return [sanitize_recursive(v) for v in value]
else: else:
if value and str(value).startswith("/"):
value = str(value)[1:]
return pathvalidate.sanitize_filepath(str(value)) return pathvalidate.sanitize_filepath(str(value))
......
...@@ -211,11 +211,20 @@ def test_uploads_create_channel(cli_ctx, session, responses, get_requests, tmpdi ...@@ -211,11 +211,20 @@ def test_uploads_create_channel(cli_ctx, session, responses, get_requests, tmpdi
command = cli.uploads.uploads_create command = cli.uploads.uploads_create
upload_data = { upload_data = {
"uuid": upload_id, "uuid": upload_id,
"import_metadata": {"title": "test.mp3", "album": 12, "license": "cc-by-sa-4.0"} "import_metadata": {
"title": "test.mp3",
"album": 12,
"license": "cc-by-sa-4.0",
},
} }
responses.post("https://test.funkwhale/api/v1/uploads/", payload=upload_data) responses.post("https://test.funkwhale/api/v1/uploads/", payload=upload_data)
responses.get("https://test.funkwhale/api/v1/channels/{}/".format(channel_id)) responses.get("https://test.funkwhale/api/v1/channels/{}/".format(channel_id))
responses.get("https://test.funkwhale/api/v1/uploads/{}/audio-file-metadata/".format(upload_id), payload={"title": 'test title'}) responses.get(
"https://test.funkwhale/api/v1/uploads/{}/audio-file-metadata/".format(
upload_id
),
payload={"title": "test title"},
)
responses.patch("https://test.funkwhale/api/v1/uploads/{}/".format(upload_id)) responses.patch("https://test.funkwhale/api/v1/uploads/{}/".format(upload_id))
command.callback( command.callback(
...@@ -234,7 +243,9 @@ def test_uploads_create_channel(cli_ctx, session, responses, get_requests, tmpdi ...@@ -234,7 +243,9 @@ def test_uploads_create_channel(cli_ctx, session, responses, get_requests, tmpdi
"import_reference": "test-import", "import_reference": "test-import",
"source": "upload://test.mp3", "source": "upload://test.mp3",
"import_status": "draft", "import_status": "draft",
"import_metadata": json.dumps({"title": "test.mp3", "album": 12, "license": "cc-by-sa-4.0"}), "import_metadata": json.dumps(
{"title": "test.mp3", "album": 12, "license": "cc-by-sa-4.0"}
),
} }
upload_requests = get_requests("post", "https://test.funkwhale/api/v1/uploads/") upload_requests = get_requests("post", "https://test.funkwhale/api/v1/uploads/")
assert len(upload_requests) == 1 assert len(upload_requests) == 1
...@@ -246,12 +257,18 @@ def test_uploads_create_channel(cli_ctx, session, responses, get_requests, tmpdi ...@@ -246,12 +257,18 @@ def test_uploads_create_channel(cli_ctx, session, responses, get_requests, tmpdi
"get", "https://test.funkwhale/api/v1/channels/{}/".format(channel_id) "get", "https://test.funkwhale/api/v1/channels/{}/".format(channel_id)
) )
assert len(channels_requests) == 1 assert len(channels_requests) == 1
publish_requests = get_requests("patch", "https://test.funkwhale/api/v1/uploads/{}/".format(upload_id)) publish_requests = get_requests(
"patch", "https://test.funkwhale/api/v1/uploads/{}/".format(upload_id)
)
assert len(publish_requests) == 1 assert len(publish_requests) == 1
data = publish_requests[0].kwargs["json"] data = publish_requests[0].kwargs["json"]
expected_data = { expected_data = {
"import_status": "pending", "import_status": "pending",
"import_metadata": {"title": "test title", "album": 12, "license": "cc-by-sa-4.0"}, "import_metadata": {
"title": "test title",
"album": 12,
"license": "cc-by-sa-4.0",
},
} }
assert data == expected_data assert data == expected_data
...@@ -538,11 +555,11 @@ def test_channel_create_music(cli_ctx, session, responses, get_requests): ...@@ -538,11 +555,11 @@ def test_channel_create_music(cli_ctx, session, responses, get_requests):
username="hello", username="hello",
content_category="music", content_category="music",
description="description text", description="description text",
tags='punk,rock, ska', tags="punk,rock, ska",
language=None, language=None,
itunes_category=None, itunes_category=None,
raw=False, raw=False,
_async_reraise=True _async_reraise=True,
) )
requests = get_requests("post", url) requests = get_requests("post", url)
...@@ -568,11 +585,11 @@ def test_channel_create_podcast(cli_ctx, session, responses, get_requests): ...@@ -568,11 +585,11 @@ def test_channel_create_podcast(cli_ctx, session, responses, get_requests):
username="hello", username="hello",
content_category="podcast", content_category="podcast",
description="description text", description="description text",
tags='punk,rock, ska', tags="punk,rock, ska",
language="en", language="en",
itunes_category="Leisure", itunes_category="Leisure",
raw=False, raw=False,
_async_reraise=True _async_reraise=True,
) )
requests = get_requests("post", url) requests = get_requests("post", url)
...@@ -584,10 +601,7 @@ def test_channel_create_podcast(cli_ctx, session, responses, get_requests): ...@@ -584,10 +601,7 @@ def test_channel_create_podcast(cli_ctx, session, responses, get_requests):
"content_category": "podcast", "content_category": "podcast",
"description": {"text": "description text", "content_type": "text/markdown"}, "description": {"text": "description text", "content_type": "text/markdown"},
"tags": ["punk", "rock", "ska"], "tags": ["punk", "rock", "ska"],
"metadata": { "metadata": {"itunes_category": "Leisure", "language": "en",},
"itunes_category": "Leisure",
"language": "en",
}
} }
...@@ -623,7 +637,9 @@ def test_channels_rm(cli_ctx, session, responses, get_requests): ...@@ -623,7 +637,9 @@ def test_channels_rm(cli_ctx, session, responses, get_requests):
responses.delete(url + "uuid1/") responses.delete(url + "uuid1/")
responses.delete(url + "uuid2/") responses.delete(url + "uuid2/")
command.callback(id=["uuid1", "uuid2"], raw=False, no_input=True, _async_reraise=True) command.callback(
id=["uuid1", "uuid2"], raw=False, no_input=True, _async_reraise=True
)
assert len(get_requests("delete", url + "uuid1/")) == 1 assert len(get_requests("delete", url + "uuid1/")) == 1
assert len(get_requests("delete", url + "uuid2/")) == 1 assert len(get_requests("delete", url + "uuid2/")) == 1
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment