carloea2 commented on code in PR #4136:
URL: https://github.com/apache/texera/pull/4136#discussion_r2656975390
##########
file-service/src/main/scala/org/apache/texera/service/resource/DatasetResource.scala:
##########
@@ -1372,4 +1405,378 @@ class DatasetResource {
Right(response)
}
}
+
+ // === Multipart helpers ===
+
+ private def getDatasetBy(ownerEmail: String, datasetName: String) = {
+ val dataset = context
+ .select(DATASET.fields: _*)
+ .from(DATASET)
+ .leftJoin(USER)
+ .on(USER.UID.eq(DATASET.OWNER_UID))
+ .where(USER.EMAIL.eq(ownerEmail))
+ .and(DATASET.NAME.eq(datasetName))
+ .fetchOneInto(classOf[Dataset])
+ if (dataset == null) {
+ throw new BadRequestException("Dataset not found")
+ }
+ dataset
+ }
+
+ private def validateFilePathOrThrow(filePath: String): String = {
+ val p = Option(filePath).getOrElse("")
+ val s = p.replace("\\", "/")
+ if (
+ p.isEmpty ||
+ s.startsWith("/") ||
+ s.split("/").exists(seg => seg == "." || seg == "..") ||
+ s.exists(ch => ch == 0.toChar || ch < 0x20.toChar || ch == 0x7f.toChar)
+ ) throw new BadRequestException("Invalid filePath")
+ p
Review Comment:
Yes, the functionality is just to validate, not to normalize it, if it is
valid, the same path is returned on purpose. The only actual temporal change is
the replacement of \ to /.
which option do you prefer?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
