0001-backoffice-redirect-on-missing-user-custom-view-4216.patch
tests/test_backoffice_pages.py | ||
---|---|---|
6733 | 6733 |
[('custom-test-view', 'owner'), ('shared-view', 'any'), ('shared-view-2', 'any')]) |
6734 | 6734 | |
6735 | 6735 | |
6736 |
def test_backoffice_missing_custom_view(pub): |
|
6737 |
create_superuser(pub) |
|
6738 |
create_environment(pub, set_receiver=False) |
|
6739 |
app = login(get_app(pub)) |
|
6740 |
resp = app.get('/backoffice/management/form-title/user-plop/') |
|
6741 |
assert resp.location == 'http://example.net/backoffice/management/form-title/' |
|
6742 |
resp = resp.follow() |
|
6743 |
assert 'A missing or invalid custom view was referenced' in resp |
|
6744 | ||
6745 |
resp = app.get('/backoffice/management/form-title/user-plop/1/') |
|
6746 |
assert resp.location == 'http://example.net/backoffice/management/form-title/1/' |
|
6747 | ||
6748 |
resp = app.get('/backoffice/management/form-title/user-plop/1/?plop') |
|
6749 |
assert resp.location == 'http://example.net/backoffice/management/form-title/1/?plop' |
|
6750 | ||
6751 | ||
6736 | 6752 |
def test_carddata_custom_view(pub, studio): |
6737 | 6753 |
CardDef.wipe() |
6738 | 6754 |
user = create_user(pub) |
wcs/backoffice/management.py | ||
---|---|---|
2487 | 2487 |
for view in self.get_custom_views(): |
2488 | 2488 |
if view.get_url_slug() == component: |
2489 | 2489 |
return self.__class__(formdef=self.formdef, view=view) |
2490 |
if component.startswith('user-'): |
|
2491 |
get_session().message = ('warning', |
|
2492 |
_('A missing or invalid custom view was referenced; ' |
|
2493 |
'you have been automatically redirected.')) |
|
2494 |
# remove custom view reference from path |
|
2495 |
# (ignore the fact that some form/card could itself be named |
|
2496 |
# user-whatever) |
|
2497 |
url = get_request().get_path_query().replace('/%s/' % component, '/') |
|
2498 |
return misc.QLookupRedirect(url) |
|
2490 | 2499 | |
2491 | 2500 |
try: |
2492 | 2501 |
filled = self.formdef.data_class().get(component) |
... | ... | |
2905 | 2914 |
r += htmltext('</span>') |
2906 | 2915 |
r += htmltext('</div>') |
2907 | 2916 | |
2917 |
r += get_session().display_message() |
|
2918 | ||
2908 | 2919 |
r += htmltext('<div id="inspect-test-tools" class="section">') |
2909 | 2920 |
r += htmltext('<h2>%s</h2>') % _('Test tools') |
2910 | 2921 |
r += htmltext('<div>') |
wcs/forms/common.py | ||
---|---|---|
534 | 534 |
get_response().add_javascript(['jquery.js', 'qommon.forms.js']) |
535 | 535 |
self.html_top('%s - %s' % (self.formdef.name, self.filled.id)) |
536 | 536 |
r = TemplateIO(html=True) |
537 | ||
537 |
r += get_session().display_message() |
|
538 | 538 |
r += htmltext(self.workflow_messages()) |
539 | 539 |
r += self.receipt(always_include_user=True, mine=False) |
540 | 540 |
r += self.backoffice_fields_section() |
wcs/qommon/misc.py | ||
---|---|---|
44 | 44 |
from django.utils.six.moves.urllib.parse import quote, urlencode |
45 | 45 |
from django.utils.six.moves.urllib import parse as urlparse |
46 | 46 | |
47 |
from quixote import get_publisher, get_response, get_request |
|
47 |
from quixote import get_publisher, get_response, get_request, redirect
|
|
48 | 48 |
from quixote.html import htmltext |
49 | 49 | |
50 | 50 |
from . import _, force_str |
... | ... | |
815 | 815 |
if not re.match(r'-?[a-z0-9_-]+$', value): |
816 | 816 |
raise RequestError() |
817 | 817 |
return value |
818 | ||
819 | ||
820 |
class QLookupRedirect: |
|
821 |
''' |
|
822 |
Class to use to interrupt a _q_lookup method and redirect. |
|
823 |
''' |
|
824 |
def __init__(self, url): |
|
825 |
self.url = url |
|
826 | ||
827 |
def _q_traverse(self, path): |
|
828 |
return redirect(self.url) |
|
818 |
- |