admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-18 10:31:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Forbid access to files outside source control work directory (#11152)

Browse Source
This commit is contained in:
Tomi Turtiainen
2024-10-08 15:53:53 +03:00
committed by GitHub
parent 87d041363c
commit 606eedbf1b
6 changed files with 132 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
packages/cli/src/environments/source-control/__tests__/source-control.service.test.ts Normal file
View File

@@ -0,0 +1,46 @@
import { mock } from 'jest-mock-extended';
import { InstanceSettings } from 'n8n-core';
import { SourceControlPreferencesService } from '@/environments/source-control/source-control-preferences.service.ee';
import { SourceControlService } from '@/environments/source-control/source-control.service.ee';
describe('SourceControlService', () => {
const preferencesService = new SourceControlPreferencesService(
new InstanceSettings(),
mock(),
mock(),
);
const sourceControlService = new SourceControlService(
mock(),
mock(),
preferencesService,
mock(),
mock(),
mock(),
mock(),
);
describe('pushWorkfolder', () => {
it('should throw an error if a file is given that is not in the workfolder', async () => {
jest.spyOn(sourceControlService, 'sanityCheck').mockResolvedValue(undefined);
await expect(
sourceControlService.pushWorkfolder({
fileNames: [
{
file: '/etc/passwd',
id: 'test',
name: 'secret-file',
type: 'file',
status: 'modified',
location: 'local',
conflict: false,
updatedAt: new Date().toISOString(),
pushed: false,
},
],
}),
).rejects.toThrow('File path /etc/passwd is invalid');
});
});
});