manager: check that sub_slug is a valid regex (#47099)
This commit is contained in:
parent
dfc2337947
commit
2c853fbe80
|
@ -97,7 +97,7 @@ def django_template_validator(value):
|
|||
raise ValidationError(_('syntax error: %s') % e)
|
||||
|
||||
|
||||
def extract_context_from_sub_slug(sub_slug, sub_url):
|
||||
def format_sub_slug(sub_slug):
|
||||
mapping = {}
|
||||
# search all named-groups in sub_slug
|
||||
for i, m in enumerate(re.finditer(r'P<[\w_-]+>', sub_slug)):
|
||||
|
@ -110,6 +110,18 @@ def extract_context_from_sub_slug(sub_slug, sub_url):
|
|||
# keep a mapping
|
||||
mapping[new_group] = original_group
|
||||
|
||||
return sub_slug, mapping
|
||||
|
||||
|
||||
def compile_sub_slug(sub_slug):
|
||||
sub_slug, mapping = format_sub_slug(sub_slug)
|
||||
# will raise re.error if wrong regexp
|
||||
re.compile(sub_slug)
|
||||
|
||||
|
||||
def extract_context_from_sub_slug(sub_slug, sub_url):
|
||||
sub_slug, mapping = format_sub_slug(sub_slug)
|
||||
|
||||
# match url
|
||||
match = re.match('^' + sub_slug + '$', sub_url)
|
||||
if match is None:
|
||||
|
|
|
@ -14,6 +14,8 @@
|
|||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
import re
|
||||
|
||||
from django import forms
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import Group
|
||||
|
@ -23,6 +25,7 @@ from django.utils.translation import ugettext_lazy as _
|
|||
|
||||
from combo.data.models import Page
|
||||
from combo.data.models import ParentContentCell
|
||||
from combo.data.models import compile_sub_slug
|
||||
|
||||
from .fields import ImageIncludingSvgField
|
||||
|
||||
|
@ -124,6 +127,16 @@ class PageEditSlugForm(forms.ModelForm):
|
|||
raise ValidationError(_('Slug must be unique'), code='unique')
|
||||
return value
|
||||
|
||||
def clean_sub_slug(self):
|
||||
value = self.cleaned_data.get('sub_slug')
|
||||
|
||||
try:
|
||||
compile_sub_slug(value)
|
||||
except re.error:
|
||||
raise ValidationError(_('Bad Regular expression.'), code='bad_regex')
|
||||
|
||||
return value
|
||||
|
||||
|
||||
class PageEditDescriptionForm(forms.ModelForm):
|
||||
class Meta:
|
||||
|
|
|
@ -209,12 +209,6 @@ def test_edit_page(app, admin_user):
|
|||
resp = resp.form.submit()
|
||||
resp = resp.follow()
|
||||
assert Page.objects.all()[0].title == 'Home 2'
|
||||
# slug
|
||||
resp = resp.click(href='.*/slug')
|
||||
resp.form['slug'].value = 'foobar'
|
||||
resp = resp.form.submit()
|
||||
resp = resp.follow()
|
||||
assert Page.objects.all()[0].slug == 'foobar'
|
||||
# description
|
||||
resp = resp.click(href='.*/description')
|
||||
resp.form['description'].value = 'second home page'
|
||||
|
@ -413,6 +407,28 @@ def test_page_edit_slug(app, admin_user):
|
|||
assert 'Slug must be unique' in resp.text
|
||||
assert Page.objects.get(id=page.id).slug == 'two2'
|
||||
|
||||
|
||||
def test_page_edit_sub_slug(app, admin_user):
|
||||
page = Page.objects.create(title='One', slug='one', template_name='two')
|
||||
|
||||
app = login(app)
|
||||
resp = app.get('/manage/pages/%s/' % page.pk)
|
||||
|
||||
resp = resp.click(href='.*/slug')
|
||||
resp.form['slug'].value = 'foobar'
|
||||
resp.form['sub_slug'].value = '(?P<card-foo_id>[0-9]+)'
|
||||
resp = resp.form.submit().follow()
|
||||
page.refresh_from_db()
|
||||
assert page.slug == 'foobar'
|
||||
assert page.sub_slug == '(?P<card-foo_id>[0-9]+)'
|
||||
|
||||
# bad regexp
|
||||
resp = resp.click(href='.*/slug')
|
||||
resp.form['sub_slug'].value = '(?P< bad group name with spaces >[0-9]+)'
|
||||
resp = resp.form.submit()
|
||||
assert resp.context['form'].errors['sub_slug'] == ['Bad Regular expression.']
|
||||
|
||||
|
||||
def test_page_edit_picture(app, admin_user):
|
||||
Page.objects.all().delete()
|
||||
page = Page(title='One', slug='one', template_name='standard')
|
||||
|
|
Loading…
Reference in New Issue