Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

prevent removal of a PublishedStorage's root dir #705

Merged
merged 1 commit into from
Feb 27, 2018
Merged

prevent removal of a PublishedStorage's root dir #705

merged 1 commit into from
Feb 27, 2018

Conversation

hsitter
Copy link
Contributor

@hsitter hsitter commented Feb 19, 2018

Requirements

All new code should be covered with tests, documentation should be updated. CI should pass.

Description of the Change

presently there is no use case where we need this. on the other hand,
passing empty paths into any of the remove methods is indicative of a bug.
this is particularly dangerous as this can temporarily smash the publish
root but later restore it again when actually publishing. this makes
for super nasty and hard to track down problems.

to guard against this simply disallow root dir removal using empty
strings. should we find a use case for this in the future we can always
revisit this (FTR: I think very explicitly API should be used so everyone
knows what is going on and you can't accidentally run it)

Checklist

  • unit-test added (if change is algorithm)

@hsitter hsitter mentioned this pull request Feb 19, 2018
Merged
2 tasks
smira
smira reviewed Feb 22, 2018
View reviewed changes
files/public_test.go Outdated

// Actual dir
dirStorage := NewPublishedStorage(pwd, "", "")
c.Assert(func() { dirStorage.RemoveDirs("", nil) }, PanicMatches, "trying to remove empty path")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

panic message doesn't match the code (trying to remove the root directory)

@smira smira added the 1.3.0 label Feb 22, 2018
@hsitter
prevent removal of a PublishedStorage's root dir
b893c0a 
presently there is no use case where we need this. on the other hand,
passing empty paths into any of the remove methods is indicative of a bug.
this is particularly dangerous as this can temporarily smash the publish
root but later restore it again when actually publishing. this makes
for super nasty and hard to track down problems.

to guard against this simply disallow root dir removal using empty
strings. should we find a use case for this in the future we can always
revisit this (FTR: I think very explicitly API should be used so everyone
knows what is going on and you can't accidentally run it)
@hsitter
Copy link
Contributor Author

hsitter commented Feb 26, 2018

Ah yes indeed.

Rebased and fixed.

smira
smira approved these changes Feb 27, 2018
View reviewed changes
Copy link
Contributor

@smira smira left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you!

@smira smira merged commit caa5433 into aptly-dev:master Feb 27, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smira smira smira approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hsitter @smira