utils and event logging

utils/path_utils.py

@@ -0,0 +1,59 @@
+import os
+from typing import Optional
+from werkzeug.utils import secure_filename
+
+def clean_path(path: str, base_dir: Optional[str] = None) -> str:
+    """
+    Clean and secure a file path, ensuring it's safe and within allowed directories.
+    
+    Args:
+        path: The path to clean
+        base_dir: Optional base directory to ensure path stays within
+    
+    Returns:
+        str: Cleaned and secured path
+    """
+    # Remove any leading/trailing slashes and normalize path separators
+    path = path.strip('/\\')
+    path = os.path.normpath(path)
+    
+    # If base_dir is provided, ensure path stays within it
+    if base_dir:
+        base_dir = os.path.normpath(base_dir)
+        # Get absolute paths
+        abs_path = os.path.abspath(path)
+        abs_base = os.path.abspath(base_dir)
+        
+        # Check if path is within base directory
+        if not abs_path.startswith(abs_base):
+            raise ValueError("Path is outside of allowed directory")
+        
+        # Return path relative to base directory
+        return os.path.relpath(abs_path, abs_base)
+    
+    # If no base_dir, just return the cleaned path
+    return path
+
+def secure_file_path(filename: str) -> str:
+    """
+    Secure a filename using Werkzeug's secure_filename and add a timestamp.
+    
+    Args:
+        filename: The original filename
+    
+    Returns:
+        str: Secured filename with timestamp
+    """
+    from datetime import datetime
+    
+    # Get file extension
+    _, ext = os.path.splitext(filename)
+    
+    # Secure the base filename
+    secure_name = secure_filename(filename)
+    
+    # Add timestamp to prevent filename collisions
+    timestamp = datetime.utcnow().strftime('%Y%m%d_%H%M%S')
+    
+    # Combine parts
+    return f"{os.path.splitext(secure_name)[0]}_{timestamp}{ext}"