0001-misc-limit-api-menu-badges-parameters-to-digits-3638.patch
combo/public/views.py | ||
---|---|---|
527 | 527 | |
528 | 528 |
def menu_badges(request): |
529 | 529 |
context = {'request': request} |
530 |
page_ids = request.GET.getlist('page[]')
|
|
530 |
page_ids = [x for x in request.GET.getlist('page[]') if x.isdigit()]
|
|
531 | 531 |
cells = [] |
532 | 532 |
for klass in CellBase.get_cell_classes(lambda x: bool(x.get_badge)): |
533 | 533 |
cells.extend(klass.objects.filter(page_id__in=page_ids)) |
tests/test_notification.py | ||
---|---|---|
17 | 17 |
from combo.apps.notifications.models import Notification, NotificationsCell |
18 | 18 |
from combo.apps.lingo.models import Regie, ActiveItems, PaymentBackend |
19 | 19 | |
20 |
from .test_manager import login as login_app |
|
21 | ||
20 | 22 |
pytestmark = pytest.mark.django_db |
21 | 23 | |
22 | 24 |
client = Client() |
... | ... | |
83 | 85 |
assert notification.acked is True |
84 | 86 | |
85 | 87 | |
86 |
def test_notification_cell(john_doe, jane_doe): |
|
88 |
def test_notification_cell(app, john_doe, jane_doe):
|
|
87 | 89 |
page = Page(title='notif', slug='test_notification_cell', template_name='standard') |
88 | 90 |
page.save() |
89 | 91 |
cell = NotificationsCell(page=page, placeholder='content', order=0) |
92 |
cell.save() |
|
90 | 93 | |
91 | 94 |
context = {'request': RequestFactory().get('/')} |
92 | 95 |
context['synchronous'] = True # to get fresh content |
... | ... | |
141 | 144 |
assert 'notiother' in content |
142 | 145 |
assert cell.get_badge(context) == {'badge': '1'} |
143 | 146 | |
147 |
app = login_app(app, username='jane.doe', password='jane.doe') |
|
148 |
resp = app.get('/api/menu-badges/?page[]=%s' % page.id) |
|
149 |
assert resp.json == {'1': {'badge': '1'}} |
|
150 | ||
144 | 151 | |
145 | 152 |
def test_notification_ws(john_doe): |
146 | 153 | |
147 |
- |