kumi/Android-Password-Store
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

Properly guard against invalid renaming (#929)

Browse source
This commit is contained in:
Harsh Shandilya 2020-07-14 11:56:47 +05:30 committed by GitHub
parent 7f3aceaf11
commit 4250cd499c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 31 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -9,6 +9,7 @@ All notable changes to this project will be documented in this file.
- A brand new icon to go with our biggest update ever! - A brand new icon to go with our biggest update ever!
- Light theme is now a consistent white across the board with ample contrast - Light theme is now a consistent white across the board with ample contrast
- XkPassword generator is now easier to use with less configuration options - XkPassword generator is now easier to use with less configuration options
- Edit screen now has better protection and guidance for invalid names
### Fixed ### Fixed

15
app/src/main/java/com/zeapo/pwdstore/crypto/PasswordCreationActivity.kt
View file

@ -89,7 +89,7 @@ class PasswordCreationActivity : BasePgpActivity(), OpenPgpServiceConnection.OnB
) )
} }
category.apply { directoryInputLayout.apply {
if (suggestedName != null || suggestedPass != null || shouldGeneratePassword) { if (suggestedName != null || suggestedPass != null || shouldGeneratePassword) {
isEnabled = true isEnabled = true
} else { } else {
@ -100,7 +100,7 @@ class PasswordCreationActivity : BasePgpActivity(), OpenPgpServiceConnection.OnB
if (path.isEmpty() && !isEnabled) if (path.isEmpty() && !isEnabled)
visibility = View.GONE visibility = View.GONE
else { else {
setText(path) directory.setText(path)
oldCategory = path oldCategory = path
} }
} }
@ -213,6 +213,9 @@ class PasswordCreationActivity : BasePgpActivity(), OpenPgpServiceConnection.OnB
if (editName.isEmpty()) { if (editName.isEmpty()) {
snackbar(message = resources.getString(R.string.file_toast_text)) snackbar(message = resources.getString(R.string.file_toast_text))
return@with return@with
} else if (editName.contains('/')) {
snackbar(message = resources.getString(R.string.invalid_filename_text))
return@with
} }
if (editPass.isEmpty() && editExtra.isEmpty()) { if (editPass.isEmpty() && editExtra.isEmpty()) {
@ -239,8 +242,8 @@ class PasswordCreationActivity : BasePgpActivity(), OpenPgpServiceConnection.OnB
val path = when { val path = when {
// If we allowed the user to edit the relative path, we have to consider it here instead // If we allowed the user to edit the relative path, we have to consider it here instead
// of fullPath. // of fullPath.
category.isEnabled -> { directoryInputLayout.isEnabled -> {
val editRelativePath = category.text.toString().trim() val editRelativePath = directory.text.toString().trim()
if (editRelativePath.isEmpty()) { if (editRelativePath.isEmpty()) {
snackbar(message = resources.getString(R.string.path_toast_text)) snackbar(message = resources.getString(R.string.path_toast_text))
return return
@ -272,6 +275,7 @@ class PasswordCreationActivity : BasePgpActivity(), OpenPgpServiceConnection.OnB
snackbar(message = getString(R.string.message_error_destination_outside_repo)) snackbar(message = getString(R.string.message_error_destination_outside_repo))
return@executeApiAsync return@executeApiAsync
} }
try { try {
file.outputStream().use { file.outputStream().use {
it.write(outputStream.toByteArray()) it.write(outputStream.toByteArray())
@ -287,6 +291,7 @@ class PasswordCreationActivity : BasePgpActivity(), OpenPgpServiceConnection.OnB
finish() finish()
} }
.show() .show()
return@executeApiAsync
} }
val returnIntent = Intent() val returnIntent = Intent()
@ -317,7 +322,7 @@ class PasswordCreationActivity : BasePgpActivity(), OpenPgpServiceConnection.OnB
} }
} }
if (category.isVisible && category.isEnabled && oldFileName != null) { if (directoryInputLayout.isVisible && directoryInputLayout.isEnabled && oldFileName != null) {
val oldFile = File("$repoPath/${oldCategory?.trim('/')}/$oldFileName.gpg") val oldFile = File("$repoPath/${oldCategory?.trim('/')}/$oldFileName.gpg")
if (oldFile.path != file.path && !oldFile.delete()) { if (oldFile.path != file.path && !oldFile.delete()) {
setResult(RESULT_CANCELED) setResult(RESULT_CANCELED)

27
app/src/main/res/layout/password_creation_activity.xml
View file

@ -12,17 +12,26 @@
android:padding="@dimen/activity_horizontal_margin" android:padding="@dimen/activity_horizontal_margin"
tools:context="com.zeapo.pwdstore.crypto.PasswordCreationActivity"> tools:context="com.zeapo.pwdstore.crypto.PasswordCreationActivity">
<androidx.appcompat.widget.AppCompatEditText <com.google.android.material.textfield.TextInputLayout
android:id="@+id/category" android:id="@+id/directory_input_layout"
android:layout_width="wrap_content" android:layout_width="match_parent"
android:layout_height="wrap_content" android:layout_height="wrap_content"
android:layout_marginStart="@dimen/activity_horizontal_margin" android:layout_gravity="center_vertical"
android:layout_margin="8dp"
android:enabled="false" android:enabled="false"
android:textColor="?android:attr/textColor" android:hint="@string/directory_hint"
android:textSize="18sp"
app:layout_constraintStart_toStartOf="parent" app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toTopOf="parent" app:layout_constraintTop_toTopOf="parent">
tools:text="CATEGORY HERE" />
<com.google.android.material.textfield.TextInputEditText
android:id="@+id/directory"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:imeOptions="actionNext"
android:inputType="textNoSuggestions"
android:nextFocusForward="@id/password"
tools:text="CATEGORY HERE" />
</com.google.android.material.textfield.TextInputLayout>
<com.google.android.material.textfield.TextInputLayout <com.google.android.material.textfield.TextInputLayout
android:id="@+id/name_input_layout" android:id="@+id/name_input_layout"
@ -32,7 +41,7 @@
android:layout_margin="8dp" android:layout_margin="8dp"
android:hint="@string/crypto_name_hint" android:hint="@string/crypto_name_hint"
app:layout_constraintStart_toStartOf="parent" app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toBottomOf="@id/category"> app:layout_constraintTop_toBottomOf="@id/directory_input_layout">
<com.google.android.material.textfield.TextInputEditText <com.google.android.material.textfield.TextInputEditText
android:id="@+id/filename" android:id="@+id/filename"

2
app/src/main/res/values/strings.xml
View file

@ -401,4 +401,6 @@
<string name="oreo_autofill_chrome_compat_fix_preference_title">Improve reliability in Chrome</string> <string name="oreo_autofill_chrome_compat_fix_preference_title">Improve reliability in Chrome</string>
<string name="oreo_autofill_chrome_compat_fix_preference_summary">Requires activating an accessibility service and may affect overall Chrome performance</string> <string name="oreo_autofill_chrome_compat_fix_preference_summary">Requires activating an accessibility service and may affect overall Chrome performance</string>
<string name="exporting_passwords">Exporting passwords…</string> <string name="exporting_passwords">Exporting passwords…</string>
<string name="invalid_filename_text">File name must not contain \'/\', set directory above</string>
<string name="directory_hint">Directory</string>
</resources> </resources>