class ViewComponentsSystemTestController

:nodoc:

def self.temp_dir

def self.temp_dir
  @_tmpdir ||= FileUtils.mkdir_p("./tmp/view_components/").first
end

def system_test_entrypoint

def system_test_entrypoint
  render file: @path
end

def validate_file_path

the expected directory (e.g. via a path traversal or symlink attack)
Ensure that the file path is valid and doesn't target files outside

def validate_file_path
  base_path = ::File.realpath(self.class.temp_dir)
  @path = ::File.realpath(params.permit(:file)[:file], base_path)
  unless @path.start_with?(base_path)
    raise ViewComponent::SystemTestControllerNefariousPathError
  end
end

def validate_test_env

def validate_test_env
  raise ViewComponent::SystemTestControllerOnlyAllowedInTestError unless Rails.env.test?
end

Modules

Classes

class ViewComponentsSystemTestController

def self.temp_dir

def system_test_entrypoint

def validate_file_path

def validate_test_env

Parent class

Class Methods

Instance Methods

Defined in