diff --git a/qgis-app/plugins/tests/test_validator.py b/qgis-app/plugins/tests/test_validator.py
index a4261d88..87c5a884 100644
--- a/qgis-app/plugins/tests/test_validator.py
+++ b/qgis-app/plugins/tests/test_validator.py
@@ -154,7 +154,10 @@ def test_zipfile_with_MACOSX(self, mock_namelist):
mock_namelist.return_value = ["__MACOSX/"]
with self.assertRaisesMessage(
Exception,
- ("For security reasons, zip file cannot contain " "'__MACOSX' directory"),
+ (
+ "For security reasons, zip file cannot contain '__MACOSX' directory. "
+ "However, there is one present at the root of the archive."
+ ),
):
validator(self.package)
@@ -164,8 +167,20 @@ def test_zipfile_with_pycache(self, mock_namelist):
with self.assertRaisesMessage(
Exception,
(
- "For security reasons, zip file cannot contain "
- "'__pycache__' directory"
+ "For security reasons, zip file cannot contain '__pycache__' directory. "
+ "However, there is one present at the root of the archive."
+ ),
+ ):
+ validator(self.package)
+
+ @mock.patch("zipfile.ZipFile.namelist")
+ def test_zipfile_with_pycache_in_children(self, mock_namelist):
+ mock_namelist.return_value = ["path/to/__pycache__/"]
+ with self.assertRaisesMessage(
+ Exception,
+ (
+ "For security reasons, zip file cannot contain '__pycache__' directory. "
+ "However, it has been found at 'path/to/__pycache__/' ."
),
):
validator(self.package)
@@ -175,7 +190,10 @@ def test_zipfile_with_git(self, mock_namelist):
mock_namelist.return_value = [".git"]
with self.assertRaisesMessage(
Exception,
- ("For security reasons, zip file cannot contain " "'.git' directory"),
+ (
+ "For security reasons, zip file cannot contain '.git' directory. "
+ "However, there is one present at the root of the archive."
+ ),
):
validator(self.package)
@@ -188,7 +206,8 @@ def test_zipfile_with_gitignore(self, mock_namelist):
exception = cm.exception
self.assertNotEqual(
exception.message,
- "For security reasons, zip file cannot contain '.git' directory",
+ "For security reasons, zip file cannot contain '.git' directory. ",
+ "However, there is one present at the root of the archive."
)
diff --git a/qgis-app/plugins/validator.py b/qgis-app/plugins/validator.py
index a31c5e72..1f075f2e 100644
--- a/qgis-app/plugins/validator.py
+++ b/qgis-app/plugins/validator.py
@@ -192,11 +192,19 @@ def validator(package):
_("For security reasons, zip file cannot contain .pyc file")
)
for forbidden_dir in ["__MACOSX", ".git", "__pycache__"]:
- if forbidden_dir in zname.split("/"):
+ dir_name_list = zname.split("/")
+ if forbidden_dir in dir_name_list:
+ if forbidden_dir == dir_name_list[0]:
+ raise ValidationError(
+ _(
+ "For security reasons, zip file "
+ "cannot contain '%s' directory. However, there is one present at the root of the archive." % (forbidden_dir,)
+ )
+ )
raise ValidationError(
_(
"For security reasons, zip file "
- "cannot contain '%s' directory" % (forbidden_dir,)
+ "cannot contain '%s' directory. However, it has been found at '%s' ." % (forbidden_dir, zname)
)
)
bad_file = zip.testzip()