diff options
Diffstat (limited to 'spec/lib/api/validations/validators/file_path_spec.rb')
-rw-r--r-- | spec/lib/api/validations/validators/file_path_spec.rb | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/spec/lib/api/validations/validators/file_path_spec.rb b/spec/lib/api/validations/validators/file_path_spec.rb new file mode 100644 index 00000000000..8679f102d23 --- /dev/null +++ b/spec/lib/api/validations/validators/file_path_spec.rb @@ -0,0 +1,36 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe API::Validations::Validators::FilePath do + include ApiValidatorsHelpers + + subject do + described_class.new(['test'], {}, false, scope.new) + end + + context 'valid file path' do + it 'does not raise a validation error' do + expect_no_validation_error('test' => './foo') + expect_no_validation_error('test' => './bar.rb') + expect_no_validation_error('test' => 'foo%2Fbar%2Fnew%2Ffile.rb') + expect_no_validation_error('test' => 'foo%2Fbar%2Fnew') + expect_no_validation_error('test' => 'foo%252Fbar%252Fnew%252Ffile.rb') + end + end + + context 'invalid file path' do + it 'raise a validation error' do + expect_validation_error('test' => '../foo') + expect_validation_error('test' => '../') + expect_validation_error('test' => 'foo/../../bar') + expect_validation_error('test' => 'foo/../') + expect_validation_error('test' => 'foo/..') + expect_validation_error('test' => '../') + expect_validation_error('test' => '..\\') + expect_validation_error('test' => '..\/') + expect_validation_error('test' => '%2e%2e%2f') + expect_validation_error('test' => '/etc/passwd') + end + end +end |