YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Improve check url validity for permissions

Browse source
This commit is contained in:
Josué Tille 2020-04-01 22:02:45 +02:00
parent d95341840b
commit 2a0866b583
No known key found for this signature in database
GPG key ID: 716A6C99B04194EF
2 changed files with 8 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/yunohost/domain.py
View file

@ -428,7 +428,7 @@ def _check_and_normalize_permission_path(url):
return url
if url.startswith('/'):
return "/" + url.strip("/")
return url.rstrip("/")
# Uri with domain
domains = domain_list()['domains']
@ -455,7 +455,7 @@ def _check_and_normalize_permission_path(url):
raise YunohostError('domain_unknown')
if '/' in url:
path = '/' + url.split('/', 1)[1].strip('/')
path = url.split('/', 1)[1].rstrip('/')
return domain + path
else:
return domain

10
src/yunohost/permission.py
View file

@ -62,11 +62,13 @@ def user_permission_list(short=False, full=False, ignore_system_perms=False, ful
# Parse / organize information to be outputed
app_settings = {app['id']: app_setting(app['id'], 'domain') + app_setting(app['id'], 'path') for app in app_list()['apps']}
def complete_url(url, name):
def _complete_url(url, name):
if url is None:
return None
if url.startswith('/'):
return app_settings[name.split('.')[0]] + url
return app_settings[name.split('.')[0]] + url.rstrip("/")
if url.startswith('re:/'):
return 're:' + app_settings[name.split('.')[0]] + url.lstrip('re:/')
else:
return url
@ -88,8 +90,8 @@ def user_permission_list(short=False, full=False, ignore_system_perms=False, ful
permissions[name]["show_tile"] = False if infos.get("showTile", [False])[0] == "FALSE" else True
permissions[name]["protected"] = False if infos.get("isProtected", [False])[0] == "FALSE" else True
if full_path and name.split(".")[0] not in SYSTEM_PERMS:
permissions[name]["url"] = complete_url(infos.get("URL", [None])[0], name)
permissions[name]["additional_urls"] = [complete_url(url, name) for url in infos.get("additionalUrls", [None])]
permissions[name]["url"] = _complete_url(infos.get("URL", [None])[0], name)
permissions[name]["additional_urls"] = [_complete_url(url, name) for url in infos.get("additionalUrls", [None])]
else:
permissions[name]["url"] = infos.get("URL", [None])[0]
permissions[name]["additional_urls"] = infos.get("additionalUrls", [None])