MCPcopy Index your code
hub / github.com/bugy/script-server / validate_absolute_path

Method validate_absolute_path

src/web/server.py:503–515  ·  view source on GitHub ↗
(self, root, absolute_path)

Source from the content-addressed store, hash-verified

501
502 @check_authorization_sync
503 def validate_absolute_path(self, root, absolute_path):
504 if not self.application.auth.is_enabled() and (absolute_path.endswith("/login.html")):
505 raise tornado.web.HTTPError(404)
506
507 relative_path = file_utils.relative_path(absolute_path, root)
508 if self.is_admin_file(relative_path):
509 if not has_admin_rights(self):
510 user_id = identify_user(self)
511 LOGGER.warning('User %s (%s) tried to access admin static file %s',
512 user_id, get_audit_name_from_request(self), relative_path)
513 raise tornado.web.HTTPError(403)
514
515 return super(AuthorizedStaticFileHandler, self).validate_absolute_path(root, absolute_path)
516
517 @classmethod
518 def get_absolute_path(cls, root, path):

Callers

nothing calls this directly

Calls 6

is_admin_fileMethod · 0.95
identify_userFunction · 0.90
has_admin_rightsFunction · 0.85
is_enabledMethod · 0.80

Tested by

no test coverage detected