diff --git a/qgis-app/plugins/tests/test_validator.py b/qgis-app/plugins/tests/test_validator.py index a4261d88..87c5a884 100644 --- a/qgis-app/plugins/tests/test_validator.py +++ b/qgis-app/plugins/tests/test_validator.py @@ -154,7 +154,10 @@ def test_zipfile_with_MACOSX(self, mock_namelist): mock_namelist.return_value = ["__MACOSX/"] with self.assertRaisesMessage( Exception, - ("For security reasons, zip file cannot contain " "'__MACOSX' directory"), + ( + "For security reasons, zip file cannot contain '__MACOSX' directory. " + "However, there is one present at the root of the archive." + ), ): validator(self.package) @@ -164,8 +167,20 @@ def test_zipfile_with_pycache(self, mock_namelist): with self.assertRaisesMessage( Exception, ( - "For security reasons, zip file cannot contain " - "'__pycache__' directory" + "For security reasons, zip file cannot contain '__pycache__' directory. " + "However, there is one present at the root of the archive." + ), + ): + validator(self.package) + + @mock.patch("zipfile.ZipFile.namelist") + def test_zipfile_with_pycache_in_children(self, mock_namelist): + mock_namelist.return_value = ["path/to/__pycache__/"] + with self.assertRaisesMessage( + Exception, + ( + "For security reasons, zip file cannot contain '__pycache__' directory. " + "However, it has been found at 'path/to/__pycache__/' ." ), ): validator(self.package) @@ -175,7 +190,10 @@ def test_zipfile_with_git(self, mock_namelist): mock_namelist.return_value = [".git"] with self.assertRaisesMessage( Exception, - ("For security reasons, zip file cannot contain " "'.git' directory"), + ( + "For security reasons, zip file cannot contain '.git' directory. " + "However, there is one present at the root of the archive." + ), ): validator(self.package) @@ -188,7 +206,8 @@ def test_zipfile_with_gitignore(self, mock_namelist): exception = cm.exception self.assertNotEqual( exception.message, - "For security reasons, zip file cannot contain '.git' directory", + "For security reasons, zip file cannot contain '.git' directory. ", + "However, there is one present at the root of the archive." ) diff --git a/qgis-app/plugins/validator.py b/qgis-app/plugins/validator.py index a31c5e72..1f075f2e 100644 --- a/qgis-app/plugins/validator.py +++ b/qgis-app/plugins/validator.py @@ -192,11 +192,19 @@ def validator(package): _("For security reasons, zip file cannot contain .pyc file") ) for forbidden_dir in ["__MACOSX", ".git", "__pycache__"]: - if forbidden_dir in zname.split("/"): + dir_name_list = zname.split("/") + if forbidden_dir in dir_name_list: + if forbidden_dir == dir_name_list[0]: + raise ValidationError( + _( + "For security reasons, zip file " + "cannot contain '%s' directory. However, there is one present at the root of the archive." % (forbidden_dir,) + ) + ) raise ValidationError( _( "For security reasons, zip file " - "cannot contain '%s' directory" % (forbidden_dir,) + "cannot contain '%s' directory. However, it has been found at '%s' ." % (forbidden_dir, zname) ) ) bad_file = zip.testzip()