0001-fields-add-validation-on-comment-field-30618.patch

Nicolas Roche, 05 septembre 2019 18:06

Voir les différences: en ligne côte à côte

Subject: [PATCH] fields: add validation on comment field (#30618)

 tests/test_admin_pages.py | 15 +++++++++++++++
 wcs/fields.py             |  2 ++
 wcs/qommon/form.py        | 11 ++++++++---
 3 files changed, 25 insertions(+), 3 deletions(-)

         resp = app.get('/backoffice/forms/1/fields/1/')
         assert 'WysiwygTextWidget' not in resp.body
         # bad {% %} usage
         resp.form.fields['label'][0].value = '{% if cond %}no endif provided'
         resp = resp.form.submit('submit')
         assert 'syntax error in Django template: Unclosed tag on line 1' in resp.body
         # bad {{ }} usage
         resp.form.fields['label'][0].value = '{{0+0}}'
         resp = resp.form.submit('submit')
         assert 'syntax error in Django template: Could not parse' in resp.body
         # bad EZT syntax
         resp.form.fields['label'][0].value = '[end]'
         resp = resp.form.submit('submit')
         assert 'syntax error in ezt template: unmatched [end]' in resp.body
     def test_form_edit_map_field(pub):
         create_superuser(pub)
         create_role()

         def fill_admin_form(self, form):
             if self.label and (self.label[0] != '<' and '[end]' in self.label):
                 form.add(TextWidget, 'label', title=_('Label'), value=self.label,
                         validation_function=ComputedExpressionWidget.validate_template,
                         required=True, cols=70, rows=3, render_br=False)
             else:
                 form.add(WysiwygTextWidget, 'label', title=_('Label'),
                         validation_function=ComputedExpressionWidget.validate_template,
                         value=self.get_html_content(), required=True)
             form.add(StringWidget, 'extra_css_class', title = _('Extra classes for CSS styling'),
                     value=self.extra_css_class, size=30, advanced=(not self.extra_css_class))

             self.validation_function = kwargs.pop('validation_function', None)
             super(TextWidget, self).__init__(name, *args, **kwargs)
         def _parse(self, request):
         def _parse(self, request, use_validation_function=True):
             quixote.form.TextWidget._parse(self, request)
             if self.value is not None:
                 try:
-...
                     uvalue = self.value.decode(get_publisher().site_charset)
                     if len(uvalue) > maxlength:
                         self.error = _('too many characters (limit is %d)') % maxlength
                 if self.validation_function:
                 if use_validation_function and self.validation_function:
                     try:
                         self.validation_function(self.value)
                     except ValueError as e:
-...
             return r.getvalue()
     class WysiwygTextWidget(TextWidget):
         def _parse(self, request):
         def _parse(self, request, use_validation_function=False):
             TextWidget._parse(self, request)
             if self.value:
                 if _sanitizeHTML:
-...
                 def unquote_django(matchobj):
                     return parser.unescape(unicode(matchobj.group(0), charset)).encode(charset)
                 self.value = re.sub('{[{%](.*?)[%}]}', unquote_django, self.value)
                 if self.validation_function:
                     try:
                         self.validation_function(self.value)
                     except ValueError as e:
                         self.error = str(e)
         def add_media(self):
             get_response().add_javascript(['qommon.wysiwyg.js'])
+    -

Projet

Général

Profil

Produits Entr'ouvert » w.c.s.

0001-fields-add-validation-on-comment-field-30618.patch