feat: Support Rename and Edit Staitc Files (#573) #819
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
JohnNiang
requested changes
May 4, 2020
src/main/java/run/halo/app/controller/admin/api/StaticStorageController.java
Outdated
Show resolved
Hide resolved
src/main/java/run/halo/app/controller/admin/api/StaticStorageController.java
Outdated
Show resolved
Hide resolved
| Path path = Paths.get(staticDir.toString(), basePath); | ||
|
|
||
| try { | ||
| Files.write(path, content.getBytes(StandardCharsets.UTF_8)); |
| public void save(String basePath, String content) { | ||
| Assert.notNull(basePath, "Base path must not be null"); | ||
|
|
||
| Path path = Paths.get(staticDir.toString(), basePath); |
There was a problem hiding this comment.
这里是否存在 Directory traversal 风险呢?
| Assert.notNull(newName, "New name must not be null"); | ||
|
|
||
| Path newPath = pathToRename.resolveSibling(newName); | ||
| log.info("Rename [{}] to [{}]", pathToRename.toString(), newPath.toString()); |
There was a problem hiding this comment.
可以省略 toString() 方法,这样还可能会造成 NPE。
ruibaby
requested changes
May 4, 2020
src/main/java/run/halo/app/controller/admin/api/StaticStorageController.java
Outdated
Show resolved
Hide resolved
|
@JohnNiang @ruibaby 改好啦,就是不知道为啥我自己写一个 |
JohnNiang
requested changes
May 5, 2020
| @@ -108,4 +109,90 @@ public void dbFileReadTest() throws IOException { | |||
| log.debug("Buffer String: [{}]", bufString); | |||
| } | |||
| } | |||
|
|
|||
There was a problem hiding this comment.
也许应该再增加一个关于 directory traversal 的测试。
There was a problem hiding this comment.
Impl的测试单元要怎么写?上次我提交了一个测试,结果导致隔壁的测试挂了,估计是注解写的不对。可以给个ImplTest的样例代码吗?
JohnNiang
added
the
kind/feature
|
感谢你的贡献! |
|
谢谢! |
ruibaby
pushed a commit
to ruibaby/halo
that referenced
this pull request
Jun 11, 2021
* Add rename API
* Add save API
* Add unit test for rename API
* Fix an indentation
* Add a space before '{'
* Add a Param and some invalid checks
* Change comments
* Change test annotation
* Delete impl test unit
* Add directory traversal check for static file operations
Co-authored-by: Rokita <[email protected]>
JohnNiang
pushed a commit
to JohnNiang/halo
that referenced
this pull request
Mar 2, 2023
#### What type of PR is this? /kind improvement #### What this PR does / why we need it: 升级 Vite 到 Vite 4,请看: - https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md#400-2022-12-09 - https://cn.vitejs.dev/guide/migration.html 无破坏更新。 #### Which issue(s) this PR fixes: Fixes halo-dev#3134 #### Special notes for your reviewer: 测试方式: 1. 测试开发环境和生产环境是否加载正常即可。 2. 测试包含 Console 的插件是否正常加载。 #### Does this PR introduce a user-facing change? ```release-note 升级 Console 项目的 Vite 版本到 Vite 4 ```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
加入静态文件的重命名和编辑的API,以及测试单元 #573
前端支持重命名文件,能够编辑CodeMirror支持文件格式,不同的格式有相应的语法高亮 halo-admin #152