fix: task 7 — production hardening quick fixes

- Replace 4 bare `except:` with `except Exception:` (load_settings, get_txt, get_icon_idx_for_file, process_file cleanup block) so SystemExit and KeyboardInterrupt are no longer swallowed - Replace 2 print() calls with logger.error() (__init__ MSAL init, ensure_valid_token) so errors appear in the configurable log output - Sanitize item['name'] with os.path.basename() in on_download_clicked and _download_folder_recursive_sync to prevent path traversal from server-controlled filenames - Add 8 new unit tests covering all Task 7 changes Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-12 10:22:54 +02:00
parent e8e1d8b60d
commit df55660291
2 changed files with 67 additions and 8 deletions
--- a/sharepoint_browser.py
+++ b/sharepoint_browser.py
@@ -67,7 +67,7 @@ def load_settings():
    with open(SETTINGS_FILE, 'r', encoding='utf-8') as f:
        try:
            return json.load(f)
-        except:
+        except Exception:
            return default_settings

 def save_settings(new_settings):
@@ -708,7 +708,7 @@ class SharePointApp(wx.Frame):
            try:
                self.msal_app = msal.PublicClientApplication(CLIENT_ID, authority=AUTHORITY)
            except Exception as e:
-                print(f"MSAL Init Error: {e}")
+                logger.error(f"MSAL Init Error: {e}")
        
        self.InitUI()
        self.Centre()
@@ -737,7 +737,7 @@ class SharePointApp(wx.Frame):
        if kwargs:
            try:
                return text.format(**kwargs)
-            except:
+            except Exception:
                pass
        return text

@@ -1303,7 +1303,7 @@ class SharePointApp(wx.Frame):
            with wx.DirDialog(self, self.get_txt("msg_select_folder"), style=wx.DD_DEFAULT_STYLE | wx.DD_DIR_MUST_EXIST) as dd:
                if dd.ShowModal() == wx.ID_OK:
                    parent_path = dd.GetPath()
-                    dest_path = os.path.join(parent_path, item['name'])
+                    dest_path = os.path.join(parent_path, os.path.basename(item['name']))
                    threading.Thread(target=self._download_folder_bg_task, args=(item, dest_path), daemon=True).start()

    def _download_file_bg_task(self, item, dest_path):
@@ -1343,7 +1343,7 @@ class SharePointApp(wx.Frame):
                res_data = res.json()
                items = res_data.get('value', [])
                for item in items:
-                    item_path = os.path.join(local_dir, item['name'])
+                    item_path = os.path.join(local_dir, os.path.basename(item['name']))
                    if 'folder' in item:
                        self._download_folder_recursive_sync(drive_id, item['id'], item_path)
                    else:
@@ -1666,7 +1666,7 @@ class SharePointApp(wx.Frame):
                self.headers = {'Authorization': f'Bearer {self.access_token}'}
                return True
        except Exception as e:
-            print(f"Token refresh error: {e}")
+            logger.error(f"Token refresh error: {e}")
            
        self.set_status(self.get_txt("status_login_needed"))
        return False
@@ -2073,7 +2073,7 @@ class SharePointApp(wx.Frame):
                            idx = self.image_list.Add(bmp)
                            self.ext_icons[ext] = idx
                            return idx
-        except:
+        except Exception:
            pass

        self.ext_icons[ext] = self.idx_file
@@ -2410,7 +2410,7 @@ class SharePointApp(wx.Frame):
            try:
                os.remove(local_path)
                os.rmdir(working_dir)
-            except:
+            except Exception:
                pass
                
            self.set_status(self.get_txt("msg_update_success", name=file_name))