vincent/aptly
1
0
Fork 0
mirror of https://github.com/aptly-dev/aptly.git synced 2026-01-12 03:21:33 +00:00
Code Issues Projects Releases Wiki Activity

prevent removal of a PublishedStorage's root dir

Browse Source 
presently there is no use case where we need this. on the other hand,
passing empty paths into any of the remove methods is indicative of a bug.
this is particularly dangerous as this can temporarily smash the publish
root but later restore it again when actually publishing. this makes
for super nasty and hard to track down problems.

to guard against this simply disallow root dir removal using empty
strings. should we find a use case for this in the future we can always
revisit this (FTR: I think very explicitly API should be used so everyone
knows what is going on and you can't accidentally run it)
This commit is contained in:
Harald Sitter
2018-02-26 11:09:03 +01:00
parent 02ac416561
commit b893c0a7ca
2 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
files/public.go
View File

@@ -97,12 +97,18 @@ func (storage *PublishedStorage) PutFile(path string, sourceFilename string) err
// Remove removes single file under public path
func (storage *PublishedStorage) Remove(path string) error {
if len(path) <= 0 {
panic("trying to remove empty path")
}
filepath := filepath.Join(storage.rootPath, path)
return os.Remove(filepath)
}
// RemoveDirs removes directory structure under public path
func (storage *PublishedStorage) RemoveDirs(path string, progress aptly.Progress) error {
if len(path) <= 0 {
panic("trying to remove the root directory")
}
filepath := filepath.Join(storage.rootPath, path)
if progress != nil {
progress.Printf("Removing %s...\n", filepath)

16
files/public_test.go
View File

@@ -320,3 +320,19 @@ func (s *PublishedStorageSuite) TestLinkFromPool(c *C) {
err = s.storageCopySize.LinkFromPool(filepath.Join("", "pool", "main", "m/mars-invaders"), "mars-invaders_1.03.deb", pool, srcPoolPath, sourceChecksum, false)
c.Check(err, IsNil)
}
func (s *PublishedStorageSuite) TestRootRemove(c *C) {
// Prevent deletion of the root directory by passing empty subpaths.
pwd := c.MkDir()
// Symlink
linkedDir := filepath.Join(pwd, "linkedDir")
os.Symlink(s.root, linkedDir)
linkStorage := NewPublishedStorage(linkedDir, "", "")
c.Assert(func() { linkStorage.Remove("") }, PanicMatches, "trying to remove empty path")
// Actual dir
dirStorage := NewPublishedStorage(pwd, "", "")
c.Assert(func() { dirStorage.RemoveDirs("", nil) }, PanicMatches, "trying to remove the root directory")
}