0001-manager-add-validation-of-redirect-url-template-synt.patch
| combo/manager/forms.py | ||
|---|---|---|
| 20 | 20 |
from django.conf import settings |
| 21 | 21 |
from django.contrib.auth.models import Group |
| 22 | 22 |
from django.core.exceptions import ValidationError |
| 23 |
from django.template import Template, TemplateSyntaxError |
|
| 23 | 24 |
from django.template.loader import TemplateDoesNotExist, get_template |
| 24 | 25 |
from django.utils.translation import ugettext_lazy as _ |
| 25 | 26 | |
| ... | ... | |
| 175 | 176 |
model = Page |
| 176 | 177 |
fields = ('redirect_url',)
|
| 177 | 178 | |
| 179 |
def clean_redirect_url(self): |
|
| 180 |
value = self.cleaned_data.get('redirect_url')
|
|
| 181 |
if value: |
|
| 182 |
try: |
|
| 183 |
Template(value) |
|
| 184 |
except TemplateSyntaxError as e: |
|
| 185 |
raise ValidationError(_('syntax error: %s') % e)
|
|
| 186 |
return value |
|
| 187 | ||
| 178 | 188 |
def save(self, *args, **kwargs): |
| 179 | 189 |
page = super(PageEditRedirectionForm, self).save(*args, **kwargs) |
| 180 | 190 |
page.redirect_url = page.redirect_url.strip() |
| tests/test_manager.py | ||
|---|---|---|
| 278 | 278 |
resp = resp.follow() |
| 279 | 279 |
assert 'http://www.example.net' in resp.text |
| 280 | 280 |
assert Page.objects.all()[0].redirect_url == 'http://www.example.net' |
| 281 |
# redirection (error handling) |
|
| 282 |
resp = resp.click(href='.*/redirection') |
|
| 283 |
resp.form['redirect_url'].value = '{{ foo bar }}'
|
|
| 284 |
resp = resp.form.submit() |
|
| 285 |
assert 'syntax error:' in resp.text |
|
| 286 |
resp = resp.click('Cancel')
|
|
| 281 | 287 |
# exclude from nav |
| 282 | 288 |
resp = resp.click(href='.*/include-in-navigation') |
| 283 | 289 |
resp.form['include_in_navigation'].checked = False |
| 284 |
- |
|