From 7458e396eeaf17211459a0abb1e0b8965cdc2419 Mon Sep 17 00:00:00 2001
From: Bart Kamphorst <bart@kamphorst.com>
Date: Sat, 5 Oct 2019 18:07:54 +0200
Subject: [PATCH] Add tests to ensure protection of redirects file.

---
 test/test_allow_editing.rb | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/test/test_allow_editing.rb b/test/test_allow_editing.rb
index 0ef0be6d..63835371 100644
--- a/test/test_allow_editing.rb
+++ b/test/test_allow_editing.rb
@@ -25,6 +25,17 @@ context "Precious::Views::Editing" do
     assert page.nil?
   end
 
+  test ".redirects.gollum file should not be accessible" do
+    Precious::App.set(:wiki_options, { allow_editing: true, allow_uploads: true })
+    get '/.redirects.gollum'
+    assert_match /Accessing this resource is not allowed/, last_response.body
+  end
+  
+  test ".redirects.gollum file should not be editable" do
+    Precious::App.set(:wiki_options, { allow_editing: true, allow_uploads: true })
+    get '/gollum/edit/.redirects.gollum'
+    assert_match /Changing this resource is not allowed/, last_response.body
+  end
 
   test "frontend links for editing are not blocked" do
     Precious::App.set(:wiki_options, { allow_editing: true, allow_uploads: true })