assert sanitized and stripped paths

2018-08-28 16:19:50 +02:00
parent c08754cf92
commit 5429f5c1a9
19 changed files with 108 additions and 72 deletions
--- a/radicale/tests/custom/rights.py
+++ b/radicale/tests/custom/rights.py
@@ -19,11 +19,12 @@ Custom rights management.

 """

-from radicale import rights
+from radicale import pathutils, rights


 class Rights(rights.BaseRights):
    def authorized(self, user, path, permissions):
-        if path.strip("/") not in ("tmp", "other"):
+        sane_path = pathutils.strip_path(path)
+        if sane_path not in ("tmp", "other"):
            return ""
        return rights.intersect_permissions(permissions)