trap and verify warnings in path tests

1 files changed, 40 insertions, 11 deletions

diff --git a/test/paths_test.rb b/test/paths_test.rb
index 98580f37..558fefce 100644
--- a/test/paths_test.rb
+++ b/test/paths_test.rb
@@ -109,9 +109,23 @@ context 'Path Resolver' do
     end
 
     test 'prevents access to paths outside of jail' do
-      assert_equal "#{JAIL}/css", @resolver.system_path('../../../../../css', "#{JAIL}/assets/stylesheets", JAIL)
-      assert_equal "#{JAIL}/css", @resolver.system_path('/../../../../../css', "#{JAIL}/assets/stylesheets", JAIL)
-      assert_equal "#{JAIL}/css", @resolver.system_path('../../../css', '../../..', JAIL)
+      result, warnings = redirect_streams do |_, err|
+        [(@resolver.system_path '../../../../../css', %(#{JAIL}/assets/stylesheets), JAIL), err.string]
+      end
+      assert_equal %(#{JAIL}/css), result
+      assert_includes warnings, 'path has illegal reference to ancestor of jail'
+
+      result, warnings = redirect_streams do |_, err|
+        [(@resolver.system_path '/../../../../../css', %(#{JAIL}/assets/stylesheets), JAIL), err.string]
+      end
+      assert_equal %(#{JAIL}/css), result
+      assert_includes warnings, 'path has illegal reference to ancestor of jail'
+
+      result, warnings = redirect_streams do |_, err|
+        [(@resolver.system_path '../../../css', '../../..', JAIL), err.string]
+      end
+      assert_equal %(#{JAIL}/css), result
+      assert_includes warnings, 'path has illegal reference to ancestor of jail'
     end
 
     test 'throws exception for illegal path access if recover is false' do
@@ -195,11 +209,15 @@ context 'Path Resolver' do
     end
 
     test 'resolves and normalizes start with target is empty' do
-      pwd = File.expand_path(Dir.pwd)
-      assert_equal '/home/doctor/docs', @resolver.system_path('', '/home/doctor/docs')
-      assert_equal '/home/doctor/docs', @resolver.system_path(nil, '/home/doctor/docs')
-      assert_equal "#{pwd}/assets/images", @resolver.system_path(nil, 'assets/images')
-      assert_equal "#{JAIL}/assets/images", @resolver.system_path('', '../assets/images', JAIL)
+      pwd = File.expand_path Dir.pwd
+      assert_equal '/home/doctor/docs', (@resolver.system_path '', '/home/doctor/docs')
+      assert_equal '/home/doctor/docs', (@resolver.system_path nil, '/home/doctor/docs')
+      assert_equal %(#{pwd}/assets/images), (@resolver.system_path nil, 'assets/images')
+      result, warnings = redirect_streams do |_, err|
+        [(@resolver.system_path '', '../assets/images', JAIL), err.string]
+      end
+      assert_equal %(#{JAIL}/assets/images), result 
+      assert_includes warnings, 'path has illegal reference to ancestor of jail'
     end
 
     test 'posixifies windows paths' do
@@ -208,9 +226,20 @@ context 'Path Resolver' do
 
     test 'resolves windows paths when file separator is backlash' do
       @resolver.file_separator = '\\'
-      assert_equal 'C:/data/docs', @resolver.system_path('..', "C:\\data\\docs\\assets", 'C:\\data\\docs')
-      assert_equal 'C:/data/docs', @resolver.system_path('..\\..', "C:\\data\\docs\\assets", 'C:\\data\\docs')
-      assert_equal 'C:/data/docs/css', @resolver.system_path('..\\..\\css', "C:\\data\\docs\\assets", 'C:\\data\\docs')
+
+      assert_equal 'C:/data/docs', (@resolver.system_path '..', 'C:\\data\\docs\\assets', 'C:\\data\\docs')
+
+      result, warnings = redirect_streams do |_, err|
+        [(@resolver.system_path '..\\..', 'C:\\data\\docs\\assets', 'C:\\data\\docs'), err.string]
+      end
+      assert_equal 'C:/data/docs', result
+      assert_includes warnings, 'path has illegal reference to ancestor of jail'
+
+      result, warnings = redirect_streams do |_, err|
+        [(@resolver.system_path '..\\..\\css', 'C:\\data\\docs\\assets', 'C:\\data\\docs'), err.string]
+      end
+      assert_equal 'C:/data/docs/css', result
+      assert_includes warnings, 'path has illegal reference to ancestor of jail'
     end
 
     test 'should calculate relative path' do