mirror of
https://github.com/yuukiwww/taiko-web.git
synced 2024-10-22 08:05:44 +02:00
全曲削除されるバグを修正
This commit is contained in:
parent
686bb7209f
commit
2877a1812d
6
app.py
6
app.py
@ -835,7 +835,11 @@ def delete():
|
|||||||
id = flask.request.get_json().get('id')
|
id = flask.request.get_json().get('id')
|
||||||
client["taiko"]["songs"].delete_one({ "id": id })
|
client["taiko"]["songs"].delete_one({ "id": id })
|
||||||
|
|
||||||
target_dir = pathlib.Path(os.getenv("TAIKO_WEB_SONGS_DIR", "public/songs")) / id
|
parent_dir = pathlib.Path(os.getenv("TAIKO_WEB_SONGS_DIR", "public/songs"))
|
||||||
|
target_dir = parent_dir / id
|
||||||
|
if target_dir.resolve().relative_to(parent_dir.resolve()) == pathlib.Path("."):
|
||||||
|
return flask.jsonify({ "success": False, "reason": "PARENT IS NOT ALLOWED" })
|
||||||
|
|
||||||
shutil.rmtree(target_dir)
|
shutil.rmtree(target_dir)
|
||||||
|
|
||||||
return flask.jsonify({'success': True})
|
return flask.jsonify({'success': True})
|
||||||
|
Loading…
Reference in New Issue
Block a user