def test_get_path_from_uid(aaa):
"""Find the path shared from a specific sharing UID"""
t.root_dir = "/tmp/test"
# aaa.current_user.username = '******'
aaa.user_is_anonymous = True
prep_folder(True)
r = t.get_path_from_uid("usertest", "XYZ22")
assert r == "/test/path"
try:
r = t.get_path_from_uid("../../../../../../../../etc", "passwd")
assert False
except:
pass
del_folder(True)
def list_shared(user, uid, path='.'):
"""If the path is a file: return it's content
if the path is a folder: return a list of files in the folder
if parameter 'format' is specified return the path in the
specified format (zip only for now)
"""
real_shared_path = get_path_from_uid(user, uid)
# print(real_shared_path)
permitted = join_path(root_dir, real_shared_path)
try:
real_path = get_real_path(permitted, path)
except IOError:
abort(403, PATH_ERROR)
# print("getting {}".format(real_path))
print(request.GET.keys())
if request.GET.get('format', 'raw').strip() == 'zip':
print('got zip')
archive = archive_path(real_path)
return list_dir(archive)
return list_dir(real_path)