Prevent unexpected file overwrites for collections, drafts and pages (#582)

For collections, drafts and pages, return HTTP 404 if a resource being created or renamed into will overwrite an existing item.

Additionally, log a warning in the terminal as to why the front-end dispatched an error-notification.

Co-authored-by: Ashwin Maroli <ashmaroli@users.noreply.github.com>

Author: alzeih

lib/jekyll-admin/file_helper.rb

@@ -52,6 +52,10 @@ def ensure_written_file
       ensure_file(written_file)
     end
 
+    def ensure_not_overwriting_existing_file
+      ensure_not_file(written_file)
+    end
+
     def find_by_path(path)
       files = case namespace
               when "collections"
@@ -72,6 +76,14 @@ def ensure_file(file)
       render_404 if file.nil?
     end
 
+    def ensure_not_file(file)
+      return if file.nil?
+
+      Jekyll.logger.warn "Jekyll Admin:", "Could not create file."
+      Jekyll.logger.warn "", "Path #{file.relative_path.inspect} already exists!"
+      render_404
+    end
+
     def ensure_directory
       render_404 unless Dir.exist?(directory_path)
     end

lib/jekyll-admin/path_helper.rb

@@ -51,6 +51,11 @@ def renamed?
       ensure_leading_slash(request_payload["path"]) != relative_path
     end
 
+    # Is this request creating a new file?
+    def new?
+      !request_payload["path"]
+    end
+
     private
 
     # Returns the path to the requested file's containing directory

lib/jekyll-admin/server/collections.rb

@@ -25,8 +25,11 @@ class Server < Sinatra::Base
       put "/:collection_id/*?/?:path.:ext" do
         ensure_collection
 
-        if renamed?
+        if new?
+          ensure_not_overwriting_existing_file
+        elsif renamed?
           ensure_requested_file
+          ensure_not_overwriting_existing_file
           delete_file_without_process path
         end
 

lib/jekyll-admin/server/drafts.rb

@@ -16,8 +16,11 @@ class Server < Sinatra::Base
       put "/*?/?:path.:ext" do
         ensure_html_content
 
-        if renamed?
+        if new?
+          ensure_not_overwriting_existing_file
+        elsif renamed?
           ensure_requested_file
+          ensure_not_overwriting_existing_file
           delete_file_without_process path
         end
 

lib/jekyll-admin/server/pages.rb

@@ -16,13 +16,15 @@ class Server < Sinatra::Base
       put "/*?/?:path.:ext" do
         ensure_html_content
 
-        if renamed?
+        if new?
+          ensure_not_overwriting_existing_file
+        elsif renamed?
           ensure_requested_file
+          ensure_not_overwriting_existing_file
           delete_file_without_process path
         end
 
         write_file write_path, page_body
-
         json written_file.to_api(:include_content => true)
       end
 

spec/jekyll-admin/server/collection_spec.rb

@@ -267,6 +267,7 @@ def app
     write_file "_posts/2016-01-01-test2.md"
 
     request = {
+      :path         => "_posts/2016-01-01-test2.md",
       :front_matter => { :foo => "bar2" },
       :raw_content  => "test",
     }
@@ -283,6 +284,7 @@ def app
     write_file "_posts/more posts/2016-01-01-test2.md"
 
     request = {
+      :path         => "_posts/more posts/2016-01-01-test2.md",
       :front_matter => { :foo => "bar2" },
       :raw_content  => "test",
     }