Raised SuspiciousFileOperation in safe_join.

Added a test for the condition safe_join is designed to prevent. Previously, a generic ValueError was raised. It was impossible to tell an intentional exception raised to implement safe_join's contract from an unintentional exception caused by incorrect inputs or unexpected conditions. That resulted in bizarre exception catching patterns, which this patch removes. Since safe_join is a private API and since the change is unlikely to create security issues for users who use it anyway -- at worst, an uncaught SuspiciousFileOperation exception will bubble up -- it isn't documented.
author: Aymeric Augustin <aymeric.augustin@m4x.org> 2014-11-11 18:59:49 +0100
committer: Aymeric Augustin <aymeric.augustin@m4x.org> 2014-11-11 19:05:14 +0100
commit: b8ba73cd0cb6a3dbdaeb3df65936970956829de3 (patch)
tree: 6a21c861d3461a6af30358c7b0437c662c33cc5c /tests/utils_tests
parent: 40ba6f21bb5a728987da9a7055c74fa3c65da4db (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/tests/utils_tests/test_os_utils.py b/tests/utils_tests/test_os_utils.py
index da54e93ac0..7e6c74b3da 100644
--- a/tests/utils_tests/test_os_utils.py
+++ b/tests/utils_tests/test_os_utils.py
@@ -1,6 +1,7 @@
 import os
 import unittest
 
+from django.core.exceptions import SuspiciousFileOperation
 from django.utils._os import safe_join
 
 
@@ -24,3 +25,7 @@ class SafeJoinTests(unittest.TestCase):
             path,
             os.path.sep,
         )
+
+    def test_parent_path(self):
+        with self.assertRaises(SuspiciousFileOperation):
+            safe_join("/abc/", "../def")
author	Aymeric Augustin <aymeric.augustin@m4x.org>	2014-11-11 18:59:49 +0100
committer	Aymeric Augustin <aymeric.augustin@m4x.org>	2014-11-11 19:05:14 +0100
commit	b8ba73cd0cb6a3dbdaeb3df65936970956829de3 (patch)
tree	6a21c861d3461a6af30358c7b0437c662c33cc5c /tests/utils_tests
parent	40ba6f21bb5a728987da9a7055c74fa3c65da4db (diff)