utils: authorize unaryop in expressions (#86266)
gitea/authentic/pipeline/head This commit looks good
Details
gitea/authentic/pipeline/head This commit looks good
Details
unary ops are : - not x - ~x - -x - +x
This commit is contained in:
parent
1e4833cded
commit
9a46b01220
|
@ -253,6 +253,7 @@ class ConditionValidator(BaseExpressionValidator):
|
|||
ast.IfExp,
|
||||
ast.Subscript,
|
||||
ast.Index,
|
||||
ast.unaryop,
|
||||
ast.boolop,
|
||||
ast.cmpop,
|
||||
ast.Compare,
|
||||
|
|
|
@ -85,6 +85,7 @@ def test_condition_validator_klass():
|
|||
def test_evaluate_condition(rf):
|
||||
assert evaluate_condition('False') is False
|
||||
assert evaluate_condition('True') is True
|
||||
assert evaluate_condition('not True') is False
|
||||
assert evaluate_condition('True and False') is False
|
||||
assert evaluate_condition('True or False') is True
|
||||
assert evaluate_condition('a or b', ctx=dict(a=True, b=False)) is True
|
||||
|
@ -172,9 +173,5 @@ def test_evaluate_condition_template():
|
|||
|
||||
def test_condition_validator():
|
||||
with pytest.raises(ValidationError) as raised:
|
||||
condition_validator(
|
||||
"'backoffice' not in login_hint and not ('X-Entrouvert' in headers or remote_addr == '176.31.123.109' or remote_addr in dnsbl('ddns.entrouvert.org'))"
|
||||
)
|
||||
assert raised.value.messages == [
|
||||
'expression "not (\'X-Entrouvert\' in headers or remote_addr == \'176.31.123.109\' or remote_addr in dnsbl(\'ddns.entrouvert.org\'))" is forbidden'
|
||||
]
|
||||
condition_validator('2 ** 3')
|
||||
assert raised.value.messages == ['expression "2 ** 3" is forbidden']
|
||||
|
|
Loading…
Reference in New Issue