0002-prevent-non-utf-8-strings-from-breaking-inspect-1044.patch
tests/test_backoffice_pages.py | ||
---|---|---|
1 |
# -*- coding: utf-8 -*- |
|
1 | 2 |
import datetime |
2 | 3 |
import json |
3 | 4 |
import os |
... | ... | |
93 | 94 |
fields.ItemField(id='2', label='2nd field', type='item', |
94 | 95 |
items=['foo', 'bar', 'baz']), |
95 | 96 |
fields.ItemField(id='3', label='3rd field', type='item', |
96 |
data_source=datasource, in_listing=False), |
|
97 |
data_source=datasource, in_listing=False, varname='foo'),
|
|
97 | 98 |
] |
98 | 99 | |
99 | 100 |
formdef.store() |
... | ... | |
1991 | 1992 |
resp = app.get(formdata.get_url(backoffice=True)) |
1992 | 1993 |
assert 'Criticality Level: red' in resp.body |
1993 | 1994 | |
1995 | ||
1996 |
class IHateUnicode(object): |
|
1997 |
def __unicode__(self): |
|
1998 |
raise Exception('HATE!!') |
|
1999 | ||
2000 |
def __repr__(self): |
|
2001 |
return 'ok' |
|
2002 | ||
2003 | ||
1994 | 2004 |
def test_inspect_page(pub): |
1995 |
user = create_user(pub)
|
|
2005 |
create_user(pub) |
|
1996 | 2006 |
create_environment(pub) |
1997 | 2007 | |
1998 | 2008 |
formdef = FormDef.get_by_urlname('form-title') |
1999 | 2009 |
formdata = [x for x in formdef.data_class().select() if x.status == 'wf-new'][0] |
2010 |
# temper with field 3 structured values |
|
2011 | ||
2012 |
formdata.data['3_structured'] = { |
|
2013 |
'unicode': u'uné', |
|
2014 |
'str_but_non_utf8': '\xed\xa0\x00', |
|
2015 |
'non_unicode_convertible': IHateUnicode(), |
|
2016 |
} |
|
2017 |
formdata.store() |
|
2000 | 2018 | |
2001 | 2019 |
resp = login(get_app(pub)).get('%sinspect' % formdata.get_url(backoffice=True), status=403) |
2002 | 2020 | |
2003 |
user = create_user(pub, is_admin=True)
|
|
2021 |
create_user(pub, is_admin=True) |
|
2004 | 2022 |
resp = login(get_app(pub)).get('%sinspect' % formdata.get_url(backoffice=True), status=200) |
2023 |
pq = resp.pyquery.remove_namespaces() |
|
2024 |
assert (pq('[title="form_var_foo_unicode"]') |
|
2025 |
.parents('li').children('div.value span') |
|
2026 |
.text() == u'uné') |
|
2027 |
assert (pq('[title="form_var_foo_non_unicode_convertible"]') |
|
2028 |
.parents('li').children('div.value span') |
|
2029 |
.text().startswith('ok ')) |
|
2030 |
assert (pq('[title="form_var_foo_str_but_non_utf8"]') |
|
2031 |
.parents('li').children('div.value span') |
|
2032 |
.text() == '\'\\xed\\xa0\\x00\'') |
wcs/backoffice/management.py | ||
---|---|---|
1805 | 1805 |
if not (get_publisher().get_backoffice_root().is_accessible('forms') or |
1806 | 1806 |
get_publisher().get_backoffice_root().is_accessible('workflows')): |
1807 | 1807 |
raise errors.AccessForbiddenError() |
1808 |
charset = get_publisher().site_charset |
|
1808 | 1809 |
get_response().breadcrumb.append(('inspect', _('Form Inspector'))) |
1809 | 1810 |
self.html_top(self.formdef.name) |
1810 | 1811 |
r = TemplateIO(html=True) |
... | ... | |
1814 | 1815 |
r += htmltext(' <li><h3>%s</h3></li>') % _('Substitution variables') |
1815 | 1816 |
substvars = self.filled.get_substitution_variables() |
1816 | 1817 |
substvars.update(self.filled.formdef.get_substitution_variables()) |
1818 | ||
1819 |
def safe(v): |
|
1820 |
if isinstance(v, str): |
|
1821 |
try: |
|
1822 |
unicode(v, charset) |
|
1823 |
except UnicodeDecodeError: |
|
1824 |
v = repr(v) |
|
1825 |
else: |
|
1826 |
try: |
|
1827 |
v = unicode(v).encode(charset) |
|
1828 |
except: |
|
1829 |
v = repr(v) |
|
1830 |
return v |
|
1817 | 1831 |
for k, v in sorted(substvars.items()): |
1832 |
k = safe(k) |
|
1818 | 1833 |
r += htmltext('<li><code title="%s">%s</code>') % (k, k) |
1819 |
r += htmltext(' <div class="value"><span>%s</span>') % v
|
|
1834 |
r += htmltext(' <div class="value"><span>%s</span>') % safe(v)
|
|
1820 | 1835 |
if not isinstance(v, basestring): |
1821 | 1836 |
r += htmltext(' <span class="type">(%s)</span>') % type(v) |
1822 | 1837 |
r += htmltext('</div>') |
1823 |
- |