github/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-02-23 18:37:23 -08:00
Code Issues Packages Projects Releases Wiki Activity
mealie/tests/integration_tests/admin_tests/test_admin_backup.py

26 lines
697 B
Python
Raw Permalink Blame History

from fastapi.testclient import TestClient
from mealie.core.config import get_app_dirs
from tests import data
from tests.utils.fixture_schemas import TestUser
def test_recipe_asset_exploit(api_client: TestClient, admin_user: TestUser):
dirs = get_app_dirs()
file_payload = {
"archive": ("../test.txt", data.images_test_image_1.read_bytes()),
}
response = api_client.post(
"/api/admin/backups/upload",
files=file_payload,
headers=admin_user.token,
)
assert response.status_code == 400
# Ensure File was not created
assert not (dirs.BACKUP_DIR / "test.txt").exists()
assert not (dirs.BACKUP_DIR.parent / "test.txt").exists()
Reference in New Issue View Git Blame Copy Permalink