summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHarsh Shandilya <me@msfjarvis.dev>2021-01-27 11:12:23 +0530
committerGitHub <noreply@github.com>2021-01-27 11:12:23 +0530
commit1f8db46ade8a7c25deb568b8a5988ee7b340b9c1 (patch)
treea698d0a5f384d61bb6a2acaded93ed3032a319d4
parent94420210f99a846ff489482298a6d54145598945 (diff)
Disallow overwriting passwords when editing (#1286)
Co-authored-by: Aditya Wasan <adityawasan55@gmail.com>
-rw-r--r--CHANGELOG.md1
-rw-r--r--app/src/main/java/dev/msfjarvis/aps/ui/crypto/PasswordCreationActivity.kt5
2 files changed, 5 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2f0d1ca1..f060d143 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -21,6 +21,7 @@ All notable changes to this project will be documented in this file.
- Connection attempts now use a reasonable 10 second timeout as opposed to the default of 30 seconds
- A change to the remote host key for a server would prevent the user from being able to connect to it
- Pressing the back button in the navigation bar and the one in the toolbar behaved differently
+- Editing a password allowed accidentally overwriting an existing one
### Changed
diff --git a/app/src/main/java/dev/msfjarvis/aps/ui/crypto/PasswordCreationActivity.kt b/app/src/main/java/dev/msfjarvis/aps/ui/crypto/PasswordCreationActivity.kt
index f4e6ac87..43e9b70b 100644
--- a/app/src/main/java/dev/msfjarvis/aps/ui/crypto/PasswordCreationActivity.kt
+++ b/app/src/main/java/dev/msfjarvis/aps/ui/crypto/PasswordCreationActivity.kt
@@ -398,7 +398,10 @@ class PasswordCreationActivity : BasePgpActivity(), OpenPgpServiceConnection.OnB
runCatching {
val file = File(path)
// If we're not editing, this file should not already exist!
- if (!editing && file.exists()) {
+ // Additionally, if we were editing and the incoming and outgoing
+ // filenames differ, it means we renamed. Ensure that the target
+ // doesn't already exist to prevent an accidental overwrite.
+ if ((!editing || (editing && suggestedName != file.nameWithoutExtension)) && file.exists()) {
snackbar(message = getString(R.string.password_creation_duplicate_error))
return@executeApiAsync
}