Docker/mealie
Docker/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-07-22 22:59:41 +02:00
Code Issues Releases Activity
mealie/tests/integration_tests/admin_tests/test_admin_backup.py

25 lines
697 B
Python
Raw Permalink Blame History

from fastapi.testclient import TestClient
from mealie.core.config import get_app_dirs
from tests import data
from tests.utils.fixture_schemas import TestUser
def test_recipe_asset_exploit(api_client: TestClient, admin_user: TestUser):
dirs = get_app_dirs()
file_payload = {
"archive": ("../test.txt", data.images_test_image_1.read_bytes()),
}
response = api_client.post(
"/api/admin/backups/upload",
files=file_payload,
headers=admin_user.token,
)
assert response.status_code == 400
# Ensure File was not created
assert not (dirs.BACKUP_DIR / "test.txt").exists()
assert not (dirs.BACKUP_DIR.parent / "test.txt").exists()
View git blame Copy permalink