0002-prevent-non-utf-8-strings-from-breaking-inspect-1044.patch
| tests/test_backoffice_pages.py | ||
|---|---|---|
| 1 |
# -*- coding: utf-8 -*- |
|
| 1 | 2 |
import datetime |
| 2 | 3 |
import json |
| 3 | 4 |
import os |
| ... | ... | |
| 93 | 94 |
fields.ItemField(id='2', label='2nd field', type='item', |
| 94 | 95 |
items=['foo', 'bar', 'baz']), |
| 95 | 96 |
fields.ItemField(id='3', label='3rd field', type='item', |
| 96 |
data_source=datasource, in_listing=False), |
|
| 97 |
data_source=datasource, in_listing=False, varname='foo'),
|
|
| 97 | 98 |
] |
| 98 | 99 | |
| 99 | 100 |
formdef.store() |
| ... | ... | |
| 1991 | 1992 |
resp = app.get(formdata.get_url(backoffice=True)) |
| 1992 | 1993 |
assert 'Criticality Level: red' in resp.body |
| 1993 | 1994 | |
| 1995 | ||
| 1996 |
class IHateUnicode(object): |
|
| 1997 |
def __unicode__(self): |
|
| 1998 |
raise Exception('HATE!!')
|
|
| 1999 | ||
| 2000 |
def __repr__(self): |
|
| 2001 |
return 'ok' |
|
| 2002 | ||
| 2003 | ||
| 1994 | 2004 |
def test_inspect_page(pub): |
| 1995 |
user = create_user(pub)
|
|
| 2005 |
create_user(pub) |
|
| 1996 | 2006 |
create_environment(pub) |
| 1997 | 2007 | |
| 1998 | 2008 |
formdef = FormDef.get_by_urlname('form-title')
|
| 1999 | 2009 |
formdata = [x for x in formdef.data_class().select() if x.status == 'wf-new'][0] |
| 2010 |
# temper with field 3 structured values |
|
| 2011 | ||
| 2012 |
formdata.data['3_structured'] = {
|
|
| 2013 |
'unicode': u'uné', |
|
| 2014 |
'str_but_non_utf8': '\xed\xa0\x00', |
|
| 2015 |
'non_unicode_convertible': IHateUnicode(), |
|
| 2016 |
} |
|
| 2017 |
formdata.store() |
|
| 2000 | 2018 | |
| 2001 | 2019 |
resp = login(get_app(pub)).get('%sinspect' % formdata.get_url(backoffice=True), status=403)
|
| 2002 | 2020 | |
| 2003 |
user = create_user(pub, is_admin=True)
|
|
| 2021 |
create_user(pub, is_admin=True) |
|
| 2004 | 2022 |
resp = login(get_app(pub)).get('%sinspect' % formdata.get_url(backoffice=True), status=200)
|
| 2023 |
pq = resp.pyquery.remove_namespaces() |
|
| 2024 |
assert (pq('[title="form_var_foo_unicode"]')
|
|
| 2025 |
.parents('li').children('div.value span')
|
|
| 2026 |
.text() == u'uné') |
|
| 2027 |
assert (pq('[title="form_var_foo_non_unicode_convertible"]')
|
|
| 2028 |
.parents('li').children('div.value span')
|
|
| 2029 |
.text().startswith('ok '))
|
|
| 2030 |
assert (pq('[title="form_var_foo_str_but_non_utf8"]')
|
|
| 2031 |
.parents('li').children('div.value span')
|
|
| 2032 |
.text() == '\'\\xed\\xa0\\x00\'') |
|
| wcs/backoffice/management.py | ||
|---|---|---|
| 1805 | 1805 |
if not (get_publisher().get_backoffice_root().is_accessible('forms') or
|
| 1806 | 1806 |
get_publisher().get_backoffice_root().is_accessible('workflows')):
|
| 1807 | 1807 |
raise errors.AccessForbiddenError() |
| 1808 |
charset = get_publisher().site_charset |
|
| 1808 | 1809 |
get_response().breadcrumb.append(('inspect', _('Form Inspector')))
|
| 1809 | 1810 |
self.html_top(self.formdef.name) |
| 1810 | 1811 |
r = TemplateIO(html=True) |
| ... | ... | |
| 1814 | 1815 |
r += htmltext(' <li><h3>%s</h3></li>') % _('Substitution variables')
|
| 1815 | 1816 |
substvars = self.filled.get_substitution_variables() |
| 1816 | 1817 |
substvars.update(self.filled.formdef.get_substitution_variables()) |
| 1818 | ||
| 1819 |
def safe(v): |
|
| 1820 |
if isinstance(v, str): |
|
| 1821 |
try: |
|
| 1822 |
unicode(v, charset) |
|
| 1823 |
except UnicodeDecodeError: |
|
| 1824 |
v = repr(v) |
|
| 1825 |
else: |
|
| 1826 |
try: |
|
| 1827 |
v = unicode(v).encode(charset) |
|
| 1828 |
except: |
|
| 1829 |
v = repr(v) |
|
| 1830 |
return v |
|
| 1817 | 1831 |
for k, v in sorted(substvars.items()): |
| 1832 |
k = safe(k) |
|
| 1818 | 1833 |
r += htmltext('<li><code title="%s">%s</code>') % (k, k)
|
| 1819 |
r += htmltext(' <div class="value"><span>%s</span>') % v
|
|
| 1834 |
r += htmltext(' <div class="value"><span>%s</span>') % safe(v)
|
|
| 1820 | 1835 |
if not isinstance(v, basestring): |
| 1821 |
r += htmltext(' <span class="type">(%s)</span>') % type(v)
|
|
| 1836 |
r += htmltext(' <span class="type">(%r)</span>') % type(v)
|
|
| 1822 | 1837 |
r += htmltext('</div>')
|
| 1823 | 1838 |
r += htmltext('</ul>')
|
| 1824 | 1839 |
return r.getvalue() |
| 1825 |
- |
|