| 21 | |
| 22 | @register(Tags.caches, deploy=True) |
| 23 | def check_cache_location_not_exposed(app_configs, **kwargs): |
| 24 | errors = [] |
| 25 | for name in ("MEDIA_ROOT", "STATIC_ROOT", "STATICFILES_DIRS"): |
| 26 | setting = getattr(settings, name, None) |
| 27 | if not setting: |
| 28 | continue |
| 29 | if name == "STATICFILES_DIRS": |
| 30 | paths = set() |
| 31 | for staticfiles_dir in setting: |
| 32 | if isinstance(staticfiles_dir, (list, tuple)): |
| 33 | _, staticfiles_dir = staticfiles_dir |
| 34 | paths.add(pathlib.Path(staticfiles_dir).resolve()) |
| 35 | else: |
| 36 | paths = {pathlib.Path(setting).resolve()} |
| 37 | for alias in settings.CACHES: |
| 38 | cache = caches[alias] |
| 39 | if not isinstance(cache, FileBasedCache): |
| 40 | continue |
| 41 | cache_path = pathlib.Path(cache._dir).resolve() |
| 42 | if any(path == cache_path for path in paths): |
| 43 | relation = "matches" |
| 44 | elif any(path in cache_path.parents for path in paths): |
| 45 | relation = "is inside" |
| 46 | elif any(cache_path in path.parents for path in paths): |
| 47 | relation = "contains" |
| 48 | else: |
| 49 | continue |
| 50 | errors.append( |
| 51 | Warning( |
| 52 | f"Your '{alias}' cache configuration might expose your cache " |
| 53 | f"or lead to corruption of your data because its LOCATION " |
| 54 | f"{relation} {name}.", |
| 55 | id="caches.W002", |
| 56 | ) |
| 57 | ) |
| 58 | return errors |
| 59 | |
| 60 | |
| 61 | @register(Tags.caches) |