This is an automated email from the ASF dual-hosted git repository.
brondsem pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/allura.git
The following commit(s) were added to refs/heads/master by this push:
new 7051eaf94 avoid unhandled error on bad input to /nf/markdown_to_html
7051eaf94 is described below
commit 7051eaf94d9d9e9d46c9d9c497a7d2fe02a9f212
Author: Dave Brondsema <[email protected]>
AuthorDate: Fri Jun 9 10:50:06 2023 -0400
avoid unhandled error on bad input to /nf/markdown_to_html
---
Allura/allura/controllers/newforge.py | 6 +++-
Allura/allura/tests/functional/test_newforge.py | 3 ++
rebuild-all.bash | 37 ++++++++++++++-----------
3 files changed, 29 insertions(+), 17 deletions(-)
diff --git a/Allura/allura/controllers/newforge.py
b/Allura/allura/controllers/newforge.py
index 70aea56e8..bd0f389ce 100644
--- a/Allura/allura/controllers/newforge.py
+++ b/Allura/allura/controllers/newforge.py
@@ -25,6 +25,7 @@ from webob import exc
from tg import app_globals as g
from allura.lib import helpers as h
from allura.lib import utils
+from allura.lib.exceptions import ForgeError
class NewForgeController:
@@ -38,7 +39,10 @@ class NewForgeController:
"""Convert markdown to html."""
if neighborhood is None or project is None:
raise exc.HTTPBadRequest()
- h.set_context(project, app, neighborhood=neighborhood)
+ try:
+ h.set_context(project, app, neighborhood=neighborhood)
+ except ForgeError:
+ raise exc.HTTPBadRequest()
if app == 'wiki':
html = g.markdown_wiki.convert(markdown)
diff --git a/Allura/allura/tests/functional/test_newforge.py
b/Allura/allura/tests/functional/test_newforge.py
index 9dfabe614..9b8fbc01a 100644
--- a/Allura/allura/tests/functional/test_newforge.py
+++ b/Allura/allura/tests/functional/test_newforge.py
@@ -39,6 +39,9 @@ class TestNewForgeController(TestController):
r.mustcontain('The markdown supplied could not be parsed correctly.')
r.mustcontain('<pre><foo {bar}></pre>')
+ r =
self.app.get('/nf/markdown_to_html?markdown=*aaa*bb[wiki:Home]&project=test&app=bugs&neighborhood=bogus',
+ status=400)
+
def test_markdown_syntax(self):
r = self.app.get('/nf/markdown_syntax')
r.mustcontain('Markdown Syntax')
diff --git a/rebuild-all.bash b/rebuild-all.bash
index c7d1cee2f..33c9a70e0 100755
--- a/rebuild-all.bash
+++ b/rebuild-all.bash
@@ -17,21 +17,26 @@
# specific language governing permissions and limitations
# under the License.
-APPS=(Allura* *Forge*)
+PKGDIR=$(python -c 'from distutils import sysconfig;
print(sysconfig.get_python_lib())')
-# the "${...-e}" magic is inspired by this stack exchange and turns a list
into a oneline
-# https://unix.stackexchange.com/a/445522
-APPS_WITH_DASH_E="${APPS[@]/#/-e ./}"
+function rebuild() {
+ local DIR=$1
+ echo "# setting up $DIR"
+ pushd $DIR > /dev/null
+ if [ -d *.egg-info ] && [[ $(find *.egg-info ! -newer setup.py | grep -v
zip-safe) == "" ]]; then
+ # as long as there's .egg-info directory around, and all are newer
than setup.py
+ # we can do a quick and dirty replacement of `pip install -e`
+ # its so much faster, but misses the `python setup.py egg_info` part
(entry points and other distribution info)
+ echo -e -n "$(pwd -P)\n." > $PKGDIR/$(basename $(pwd -P)).egg-link
+ grep -q $(pwd -P) $PKGDIR/easy-install.pth || pwd -P >>
$PKGDIR/easy-install.pth # if path is not in this file, append
+ else
+ # full proper installation
+ pip install -e .
+ fi
+ popd > /dev/null
+}
-# don't install ForgeSVN in a main command, since it often is not installable,
and its optional
-APPS_DASHE_NO_SVN="${APPS_WITH_DASH_E//-e .\/ForgeSVN/}" # string replacement
-pip install $APPS_DASHE_NO_SVN
-main_ret=$?
-
-pip install -e ./ForgeSVN
-if [ "$?" -gt 0 ]; then
- echo -e "\nIt is okay that ForgeSVN failed. It needs pysvn which can be
difficult to install."
- echo "You can ignore this error. If you do want SVN support, see
install_each_step.rst notes about SVN."
-fi
-
-exit $main_ret
+for APP in Allura* *Forge*
+do
+ rebuild $APP
+done
