a ˆ#½eã@s4ddlmZddlmZddlZdd„Zdd„ZdS)é)ÚSuspiciousFileOperation)Ú _find_unsafeNcCs>tj |¡}tj |¡}tj ||g¡|kr:td |¡ƒ‚|S)Nz{} is not safe)ÚosÚpathÚabspathÚ commonprefixrÚformat)Z unsafe_pathZknown_safe_path©r ú/webodm/app/security.pyÚpath_traversal_checks   r cCs,|sdSt|ƒdur|Sd| dd¡dS)z1Return a shell-escaped version of the string *s*.z""Nú"z\")rÚreplace)Úsr r r Ú double_quotes  r)Údjango.core.exceptionsrÚshlexrrr rr r r r Ús