Projet

Général

Profil

0001-general-give-a-custom-error-message-on-invalid-actio.patch

Frédéric Péters, 04 septembre 2018 13:59

Télécharger (2,9 ko)

Voir les différences: 

Subject: [PATCH] general: give a custom error message on invalid action link
 (#25722)


 tests/test_form_pages.py | 21 +++++++++++++++++++--
 wcs/forms/actions.py     | 10 ++++++++--
 2 files changed, 27 insertions(+), 4 deletions(-)
tests/test_form_pages.py
4963 4963 
    formdata = formdef.data_class().select()[0]
4964 4964 
    assert formdata.status == 'wf-accepted'
4965 4965 

  		




  4966
  
  
    
    # no longer on a correct status, action url will now return a 404

  		




  4967
  
  
    
    app.get(action_url, status=404)

  		




  
  4966
  
    
    # action token has been used, it will now return a custom 404

  		




  
  4967
  
    
    resp = app.get(action_url, status=404)

  		




  
  4968
  
    
    assert 'This action link has already been used or has expired.' in resp.body

  		




  
  4969
  
    

  		




  
  4970
  
    
    # check against independently changed status, it should also return a

  		




  
  4971
  
    
    # custom 404.

  		




  
  4972
  
    
    emails.empty()

  		




  
  4973
  
    
    formdef.data_class().wipe()

  		




  
  4974
  
    
    app = login(get_app(pub), username='foo', password='foo')

  		




  
  4975
  
    
    resp = app.get(formdef.get_url())

  		




  
  4976
  
    
    resp = resp.form.submit('submit')

  		




  
  4977
  
    
    resp = resp.form.submit('submit')

  		




  
  4978
  
    
    email_data = emails.get('New form2 (test email action)')

  		




  
  4979
  
    
    action_url = re.findall(r'http.* ', email_data['payload'])[0].strip()

  		




  
  4980
  
    
    formdata = formdef.data_class().select()[0]

  		




  
  4981
  
    
    formdata.jump_status('rejected')

  		




  
  4982
  
    
    app = get_app(pub)

  		




  
  4983
  
    
    resp = app.get(action_url, status=404)

  		




  
  4984
  
    
    assert 'This action link has already been used or has expired.' in resp.body

  		




  4968
  4985
  
    

  		




  4969
  4986
  
    
def test_manager_public_access(pub):

  		




  4970
  4987
  
    
    user, manager = create_user_and_admin(pub)

  		












  

    
      wcs/forms/actions.py
    
  





  28
  28
  
    
from wcs.wf.jump import jump_and_perform

  		




  29
  29
  
    

  		




  30
  30
  
    

  		




  
  31
  
    
class MissingOrExpiredToken(errors.PublishError):

  		




  
  32
  
    
    status_code = 404

  		




  
  33
  
    
    title = N_('Error')

  		




  
  34
  
    
    description = N_('This action link has already been used or has expired.')

  		




  
  35
  
    

  		




  
  36
  
    

  		




  31
  37
  
    
class ActionsDirectory(Directory):

  		




  32
  38
  
    
    def _q_lookup(self, component):

  		




  33
  39
  
    
        try:

  		




  34
  40
  
    
            token = tokens.Token.get(component)

  		




  35
  41
  
    
        except KeyError:

  		




  36
  
  
    
            raise errors.TraversalError()

  		




  
  42
  
    
            raise MissingOrExpiredToken()

  		




  37
  43
  
    
        if token.type != 'action':

  		




  38
  44
  
    
            raise errors.TraversalError()

  		




  39
  45
  
    
        return ActionDirectory(token)

  		




  ......




  54
  60
  
    
                self.action = item

  		




  55
  61
  
    
                break

  		




  56
  62
  
    
        else:

  		




  57
  
  
    
            raise errors.TraversalError()

  		




  
  63
  
    
            raise MissingOrExpiredToken()

  		




  58
  64
  
    

  		




  59
  65
  
    
    def _q_index(self):

  		




  60
  66
  
    
        template.html_top(title=self.formdef.name)

  		




  61
  
  
    
-