github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-30 05:58:19 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

DEV: Raise exception when execute_command will spawn a shell (#12716)

Browse Source
This commit is contained in:
David Taylor
2021-04-15 16:29:37 +01:00
committed by GitHub
parent eb99ecf1d2
commit 0ec5fd5262
2 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
spec/components/discourse_spec.rb
View File

@ -438,6 +438,21 @@ describe Discourse do
has_checked_chdir = true
thread.join
end
it "raises error for unsafe shell" do
expect(Discourse::Utils.execute_command("pwd").strip).to eq(Rails.root.to_s)
expect do
Discourse::Utils.execute_command("echo a b c")
end.to raise_error(RuntimeError)
expect do
Discourse::Utils.execute_command({ "ENV1" => "VAL" }, "echo a b c")
end.to raise_error(RuntimeError)
expect(Discourse::Utils.execute_command("echo", "a", "b", "c").strip).to eq("a b c")
expect(Discourse::Utils.execute_command("echo a b c", unsafe_shell: true).strip).to eq("a b c")
end
end
end