Ticket #5689 (closed defect: fixed)

Opened 4 years ago

Last modified 10 months ago

empty path input corrupts svnauthz => trac aborts

Reported by: A.Visser@fz-juelich.de Assigned to: kisg
Priority: normal Component: SvnAuthzAdminPlugin
Severity: normal Keywords:
Cc: rjollos Trac Release: 0.11

Description

If "Add a new Subversion path." is invoked without entering a path, an empty path is appended to svnauthz which causes trac to abort. So the project administrator can't undo the mistake, the empty path has to be removed manually by the system administrator.

Attachments

Change History

08/20/09 12:19:40 changed by rjollos

  • cc set to rjollos.

09/08/10 08:55:32 changed by rjollos

#6265 was closed as a duplicate.

04/21/11 16:06:59 changed by laurent.foynard@gmail.com

I made a Q&D solution to solve this problem : edit the "admin_ui.py" file and in the method "_add_path" just before the "try" add the following lines : 

if not path :
    return {}

Finally the method looks like this : 

    def _add_path(self, req):
        path = req.args.get('path')
        repository = None
        tmppath = req.args.get('path') 
 	if ":" in tmppath: 
 	    repository, path = tmppath.split(":") 
 	    repository = repository.strip() 
 	    path = path.strip() 
 	else: 
 	    repository = self.authz_module 
 	    path = tmppath.strip() 
        if not path :
            return {}
        try:
            self.authz.add_path(Path(path, [], repository))
	    return {}
        except Exception, e:
            return {'addpath_error' :  e}

08/01/12 06:34:26 changed by rjollos

  • status changed from new to closed.
  • resolution set to fixed.

(In [11873]) Fixes #5689:

  • Added checks for non-empty group and path before attempting to add them. A warning is added if either are empty.
  • Extracted code to a method _get_authz.
  • Corrected tabs and indentation.

Add/Change #5689 (empty path input corrupts svnauthz => trac aborts)




Change Properties
Action