From 00686817547e6cc36f27e74b457a24351b5af17a Mon Sep 17 00:00:00 2001
From: Pascal Vizeli <pascal.vizeli@syshack.ch>
Date: Mon, 3 Jul 2017 06:34:51 +0200
Subject: [PATCH 1/2] Fix pathlib resolve

---
 homeassistant/core.py | 2 +-
 tests/test_core.py    | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/homeassistant/core.py b/homeassistant/core.py
index 4fcd938335c24..c65566b42faab 100644
--- a/homeassistant/core.py
+++ b/homeassistant/core.py
@@ -1079,7 +1079,7 @@ def is_allowed_path(self, path: str) -> bool:
         """Check if the path is valid for access from outside."""
         parent = pathlib.Path(path).parent
         try:
-            parent.resolve()  # pylint: disable=no-member
+            parent = parent.resolve()  # pylint: disable=no-member
         except (FileNotFoundError, RuntimeError, PermissionError):
             return False
 
diff --git a/tests/test_core.py b/tests/test_core.py
index f173ad65c41ef..4e5246cca6f73 100644
--- a/tests/test_core.py
+++ b/tests/test_core.py
@@ -821,13 +821,13 @@ def test_is_allowed_path(self):
             for path in valid:
                 assert self.config.is_allowed_path(path)
 
-            self.config.whitelist_external_dirs = set(('/home',))
+            self.config.whitelist_external_dirs = set(('/home', '/tmp'))
 
             unvalid = [
                 "/hass/config/secure",
                 "/etc/passwd",
                 "/root/secure_file",
-                "/hass/config/test/../../../etc/passwd",
+                "/tmp/../etc/passwd",
                 test_file,
             ]
             for path in unvalid:

From a2b1fb0c209c1b83ccf55cf74f89996368b9223a Mon Sep 17 00:00:00 2001
From: Pascal Vizeli <pascal.vizeli@syshack.ch>
Date: Mon, 3 Jul 2017 07:02:18 +0200
Subject: [PATCH 2/2] fix test

---
 tests/test_core.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tests/test_core.py b/tests/test_core.py
index 4e5246cca6f73..1d22d17f9961f 100644
--- a/tests/test_core.py
+++ b/tests/test_core.py
@@ -821,13 +821,13 @@ def test_is_allowed_path(self):
             for path in valid:
                 assert self.config.is_allowed_path(path)
 
-            self.config.whitelist_external_dirs = set(('/home', '/tmp'))
+            self.config.whitelist_external_dirs = set(('/home', '/var'))
 
             unvalid = [
                 "/hass/config/secure",
                 "/etc/passwd",
                 "/root/secure_file",
-                "/tmp/../etc/passwd",
+                "/var/../etc/passwd",
                 test_file,
             ]
             for path in unvalid: