# HG changeset patch
# User Goffi <goffi@goffi.org>
# Date 1458902757 -3600
# Node ID 55a7328fafb6f0ab13da691c1c089dddf01d8409
# Parent  53b51866747f9eaa459fe041f07855c7795d479c
jp (blog/edit): do not remove files if they are not in the temporary dir hierarchy

diff -r 53b51866747f -r 55a7328fafb6 frontends/src/jp/cmd_blog.py
--- a/frontends/src/jp/cmd_blog.py	Thu Mar 24 18:38:04 2016 +0100
+++ b/frontends/src/jp/cmd_blog.py	Fri Mar 25 11:45:57 2016 +0100
@@ -116,6 +116,9 @@
         """
         if not os.path.isfile(path):
             raise OSError(u"path must link to a regular file")
+        if not path.startswith(self.getTmpDir(sat_conf)):
+            self.disp(u"File {} is not in blog temporary hierarchy, we do not remove it".format(path.decode('utf-8')), 2)
+            return
         backup_dir = self.getTmpDir(sat_conf, SECURE_UNLINK_DIR)
         if not os.path.exists(backup_dir):
             os.makedirs(backup_dir)
@@ -311,6 +314,9 @@
 
             if len(content) == 0:
                 self.disp(u"Content is empty, cancelling the blog edition")
+                if not content_file_path.startswith(self.getTmpDir(sat_conf)):
+                    self.disp(u"File are not in blog temporary hierarchy, we do not remove it", 2)
+                    self.host.quit()
                 self.disp(u"Deletion of {}".format(content_file_path.decode('utf-8')), 2)
                 os.unlink(content_file_path)
                 self.disp(u"Deletion of {}".format(meta_file_path.decode('utf-8')), 2)