Re: [Django] #26644: [Regression?] SuspiciousFileOperation when creating a File from a NamedTemporaryFile

2016-05-27 Thread Django 
#26644: [Regression?] SuspiciousFileOperation when creating a File from a
NamedTemporaryFile
-+-
 Reporter:  hobarrera|Owner:  nobody
 Type:  Bug  |   Status:  new
Component:  File |  Version:  1.10
  uploads/storage|
 Severity:  Release blocker  |   Resolution:
 Keywords:  File,| Triage Stage:  Accepted
  SuspiciousFileOperation,   |
  NamedTemporaryFile, regression |
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-

Comment (by hobarrera):

 I've created PR 6658.

 I'm not sure if the fix is okay (it does not break anything, but you may
 have some reason to prefer a different behavior), but at least the test
 makes the problem more obvious.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.47e2ff9ec28236f1a9c898bba93eff67%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #26644: [Regression?] SuspiciousFileOperation when creating a File from a NamedTemporaryFile

2016-05-26 Thread Django 
#26644: [Regression?] SuspiciousFileOperation when creating a File from a
NamedTemporaryFile
-+-
 Reporter:  hobarrera|Owner:  nobody
 Type:  Bug  |   Status:  new
Component:  File |  Version:  1.10
  uploads/storage|
 Severity:  Release blocker  |   Resolution:
 Keywords:  File,| Triage Stage:  Accepted
  SuspiciousFileOperation,   |
  NamedTemporaryFile, regression |
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-
Changes (by timgraham):

 * stage:  Unreviewed => Accepted


Comment:

 Sure, at least seeing the regression test in your PR will help me
 understand the problem a bit more.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.f4a9fc063d7800182cebf1d4c2255e8c%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #26644: [Regression?] SuspiciousFileOperation when creating a File from a NamedTemporaryFile

2016-05-22 Thread Django 
#26644: [Regression?] SuspiciousFileOperation when creating a File from a
NamedTemporaryFile
-+-
 Reporter:  hobarrera|Owner:  nobody
 Type:  Bug  |   Status:  new
Component:  File |  Version:  1.10
  uploads/storage|
 Severity:  Release blocker  |   Resolution:
 Keywords:  File,| Triage Stage:
  SuspiciousFileOperation,   |  Unreviewed
  NamedTemporaryFile, regression |
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-

Comment (by hobarrera):

 A possible fix is to trim the original file's path and keep only the
 basename component if the path is an absolute path inside `File` when
 saving; I believe this should fix the regression for any storage.

 I can try to create a PR if that solution sounds okay. I can't really
 think of an alternative.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.03e3f101820cc97034a7356ea02788ca%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #26644: [Regression?] SuspiciousFileOperation when creating a File from a NamedTemporaryFile

2016-05-22 Thread Django 
#26644: [Regression?] SuspiciousFileOperation when creating a File from a
NamedTemporaryFile
-+-
 Reporter:  hobarrera|Owner:  nobody
 Type:  Bug  |   Status:  new
Component:  File |  Version:  1.10
  uploads/storage|
 Severity:  Release blocker  |   Resolution:
 Keywords:  File,| Triage Stage:
  SuspiciousFileOperation,   |  Unreviewed
  NamedTemporaryFile, regression |
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-

Comment (by hobarrera):

 For some reason I'd started blindly looking at commits instead of
 bisecting. Dunno what came over me.

 Anyway, I wrote a quick test script and here goes:

 {{{
 $ git bisect bad
 914c72be2abb1c6dd860cb9279beaa66409ae1b2 is the first bad commit
 commit 914c72be2abb1c6dd860cb9279beaa66409ae1b2
 Author: Cristiano 
 Date:   Sun Mar 20 22:51:17 2016 -0300

 Fixed #26058 -- Delegated os.path bits of FileField's filename
 generation to the Storage.

 :04 04 58b8cffd061048624df2ec4824b13d48afb62ec5
 a95fac52046826060aa64515993cc041dfc3c838 M  django
 :04 04 87bed8c670d6f452c8f210c1c92b9279ac9b268b
 ba415dad2ee1ec6ba4bd202720241df262ef695c M  docs
 :04 04 16c679a9e8de544fc17e7229460a0a5452aee0ac
 b17aaf89f7853bdf2a3c7a933633557cd8691793 M  tests
 }}}

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.9bbbac21d408271cc754f876fb4c5a73%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Django] #26644: [Regression?] SuspiciousFileOperation when creating a File from a NamedTemporaryFile

2016-05-21 Thread Django 
#26644: [Regression?] SuspiciousFileOperation when creating a File from a
NamedTemporaryFile
-+-
 Reporter:  hobarrera|Owner:  nobody
 Type:  Bug  |   Status:  new
Component:  File |  Version:  1.10
  uploads/storage|
 Severity:  Release blocker  |   Resolution:
 Keywords:  File,| Triage Stage:
  SuspiciousFileOperation,   |  Unreviewed
  NamedTemporaryFile, regression |
Has patch:  0|  Needs documentation:  0
  Needs tests:  0|  Patch needs improvement:  0
Easy pickings:  0|UI/UX:  0
-+-
Changes (by timgraham):

 * needs_better_patch:   => 0
 * needs_tests:   => 0
 * needs_docs:   => 0


Comment:

 Could you [https://docs.djangoproject.com/en/dev/internals/contributing
 /triaging-tickets/#bisecting-a-regression bisect] to find the commit where
 the behavior changed?

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/067.d8a534b77c8b3067943cb1f2b7802a98%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

[Django] #26644: [Regression?] SuspiciousFileOperation when creating a File from a NamedTemporaryFile

2016-05-21 Thread Django 
#26644: [Regression?] SuspiciousFileOperation when creating a File from a
NamedTemporaryFile
-+-
 Reporter:  hobarrera|  Owner:  nobody
 Type:  Bug  | Status:  new
Component:  File |Version:  1.10
  uploads/storage|   Keywords:  File,
 Severity:  Release blocker  |  SuspiciousFileOperation,
 |  NamedTemporaryFile, regression
 Triage Stage:  Unreviewed   |  Has patch:  0
Easy pickings:  0|  UI/UX:  0
-+-
 This code snippet worked fine on django 1.9. It should still work on
 django 1.10.

 {{{
 from tempfile import NamedTemporaryFile
 from django.core.files.base import File
 from . import pdf


 with NamedTemporaryFile(suffix='.pdf') as file_:
 pdf.generate_receipt_pdf(self.receipt_id, file_)
 self.pdf_file = File(file_)
 self.save()
 }}}

 However, the following exception is raised on django1.10:

 {{{
 Traceback (most recent call last):
   File "/home/hugo/workspace/Hugo/django-
 afip/testapp/testapp/testmain/tests.py", line 305, in test_pdf_generation
 pdf.save_pdf()
   File "/home/hugo/workspace/Hugo/django-
 afip/testapp/django_afip/models.py", line 863, in save_pdf
 self.save()
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/db/models/base.py", line 796, in save
 force_update=force_update, update_fields=update_fields)
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/db/models/base.py", line 824, in save_base
 updated = self._save_table(raw, cls, force_insert, force_update,
 using, update_fields)
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/db/models/base.py", line 886, in _save_table
 for f in non_pks]
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/db/models/base.py", line 886, in 
 for f in non_pks]
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/db/models/fields/files.py", line 287, in pre_save
 file.save(file.name, file, save=False)
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/db/models/fields/files.py", line 90, in save
 self.name = self.storage.save(name, content,
 max_length=self.field.max_length)
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/core/files/storage.py", line 53, in save
 name = self.get_available_name(name, max_length=max_length)
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/core/files/storage.py", line 77, in get_available_name
 while self.exists(name) or (max_length and len(name) > max_length):
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/core/files/storage.py", line 394, in exists
 return os.path.exists(self.path(name))
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-
 packages/django/core/files/storage.py", line 407, in path
 return safe_join(self.location, name)
   File "/home/hugo/workspace/Hugo/django-
 afip/.tox/py35-django/lib/python3.5/site-packages/django/utils/_os.py",
 line 78, in safe_join
 'component ({})'.format(final_path, base_path))
 django.core.exceptions.SuspiciousFileOperation: The joined path
 (/tmp/tmpbwfln73d.pdf) is located outside of the base path component
 (/home/hugo/workspace/Hugo/django-afip/testapp/media)
 }}}

 I believe that there's something wrong with how `File` is now determining
 the resulting file's name: in previous versions of django, this file  *did
 not* end up in `/tmp`, but rather inside `media/`.

--
Ticket URL: 
Django 
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/052.cf132dc78137b349645f6232e171eaa5%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.