[whimsy] branch master updated: Ensure existing files can't be overwritten

Tue, 03 Jul 2018 16:01:37 -0700 

This is an automated email from the ASF dual-hosted git repository.

sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/whimsy.git


The following commit(s) were added to refs/heads/master by this push:
     new 63e1856  Ensure existing files can't be overwritten
63e1856 is described below

commit 63e1856e6f5b5260a62186b9e5d6fe4e2d865cec
Author: Sebb <[email protected]>
AuthorDate: Wed Jul 4 00:01:32 2018 +0100

    Ensure existing files can't be overwritten
---
 www/project/icla/views/actions/discuss.json.rb | 11 +++++++++--
 www/project/icla/views/actions/vote.json.rb    | 11 +++++++++--
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/www/project/icla/views/actions/discuss.json.rb 
b/www/project/icla/views/actions/discuss.json.rb
index bf0d57a..c2da67a 100644
--- a/www/project/icla/views/actions/discuss.json.rb
+++ b/www/project/icla/views/actions/discuss.json.rb
@@ -3,6 +3,7 @@ require 'net/http'
 require 'pathname'
 require 'json'
 require 'mail'
+require 'whimsy/lockfile'
 
 # find pmc and user information
 # all ppmcs are also pmcs but not all pmcs are ppmcs
@@ -43,9 +44,15 @@ discussion = {
 token = pmc.name + '-' + date + '-' + Digest::MD5.hexdigest(@iclaemail)[0..5]
 
 # save the discussion object to a file
-discussion_json = discussion.to_json
 file_name = '/srv/icla/' + token + '.json'
-File.open(file_name.untaint, 'w') {|f|f.write(discussion_json)}
+
+# important not to overwrite any existing files
+if LockFile.create_ex(file_name.untaint) do |f| 
+  f.write(JSON.pretty_generate(discussion))
+  end
+else
+  _error 'There is already a file for that person!'
+end
 
 # add user and pmc emails to the response
 _userEmail "#{user.public_name} <#{user.mail.first}>" if user
diff --git a/www/project/icla/views/actions/vote.json.rb 
b/www/project/icla/views/actions/vote.json.rb
index 7565e33..b80d50d 100644
--- a/www/project/icla/views/actions/vote.json.rb
+++ b/www/project/icla/views/actions/vote.json.rb
@@ -3,6 +3,7 @@ require 'net/http'
 require 'pathname'
 require 'json'
 require 'mail'
+require 'whimsy/lockfile'
 
 # find pmc and user information
 # all ppmcs are also pmcs but not all pmcs are ppmcs
@@ -42,9 +43,15 @@ discussion = {
 token = pmc.name + '-' + date + '-' + Digest::MD5.hexdigest(@iclaemail)[0..5]
 
 # save the discussion object to a file
-discussion_json = discussion.to_json
 file_name = '/srv/icla/' + token + '.json'
-File.open(file_name.untaint, 'w') {|f|f.write(discussion_json)}
+
+# important not to overwrite any existing files
+if LockFile.create_ex(file_name.untaint) do |f| 
+  f.write(JSON.pretty_generate(discussion))
+  end
+else
+  _error 'There is already a file for that person!'
+end
 
 
 # add user and pmc emails to the response

Reply via email to