Skip to content
Snippets Groups Projects

Security fixes

Merged
Otto Visserrequested to merge
securityFixes into development
All threads resolved!
7 files
+ 300
298
Compare changes
  • Side-by-side
  • Inline

Files

@@ -32,6 +32,7 @@ import nl.tudelft.ewi.queue.repository.FirstYearMentorGroupRepository;
import nl.tudelft.ewi.queue.repository.RoomRepository;
import nl.tudelft.ewi.queue.service.AdminService;
import org.apache.commons.io.FilenameUtils;
import org.modelmapper.ModelMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
@@ -205,7 +206,8 @@ public class AdminController {
if (map != null && !map.getOriginalFilename().isEmpty()) {
adminService.uploadFile(map);
room.setMapFilePath(Paths.get(MAPS_DIR, map.getOriginalFilename()).toString());
room.setMapFilePath(
Paths.get(MAPS_DIR, FilenameUtils.getName(map.getOriginalFilename())).toString());
}
redirectAttributes.addFlashAttribute("message", "Room has been saved.");
Loading