manager: validate template syntax in json prototype cell (#34738)
This commit is contained in:
parent
74f3fd09e8
commit
4167cf082a
|
|
@ -47,7 +47,7 @@ from django.utils.six.moves.urllib import parse as urlparse
|
|||
from django.utils.text import slugify
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.forms.widgets import MediaDefiningClass
|
||||
from django.template import Context, engines, TemplateDoesNotExist
|
||||
from django.template import Context, engines, TemplateDoesNotExist, TemplateSyntaxError
|
||||
from django.test.client import RequestFactory
|
||||
|
||||
from .fields import RichTextField, TemplatableURLField
|
||||
|
|
@ -1275,11 +1275,19 @@ class JsonCellBase(CellBase):
|
|||
return super(JsonCellBase, self).render(context)
|
||||
|
||||
|
||||
def django_template_validator(value):
|
||||
try:
|
||||
tmpl = engines['django'].from_string(value)
|
||||
except TemplateSyntaxError as e:
|
||||
raise ValidationError(_('syntax error: %s') % e)
|
||||
|
||||
|
||||
@register_cell_class
|
||||
class JsonCell(JsonCellBase):
|
||||
title = models.CharField(_('Title'), max_length=150, blank=True)
|
||||
url = models.CharField(_('URL'), blank=True, max_length=200)
|
||||
template_string = models.TextField(_('Display Template'), blank=True, null=True)
|
||||
template_string = models.TextField(_('Display Template'), blank=True, null=True,
|
||||
validators=[django_template_validator])
|
||||
cache_duration = models.PositiveIntegerField(
|
||||
_('Cache duration'), default=60)
|
||||
force_async = models.BooleanField(_('Force asynchronous mode'),
|
||||
|
|
|
|||
|
|
@ -1142,3 +1142,26 @@ def test_django_admin(app, admin_user):
|
|||
resp = resp.click(href='/admin/logout/')
|
||||
resp = resp.follow() # -> /logout/
|
||||
assert urlparse.urlparse(resp.location).path == '/'
|
||||
|
||||
def test_json_cell_syntax_validation(app, admin_user):
|
||||
Page.objects.all().delete()
|
||||
page = Page(title='One', slug='one')
|
||||
page.save()
|
||||
app = login(app)
|
||||
# syntax error
|
||||
resp = app.get('/manage/pages/%s/add-cell-to-content/data_jsoncell/default/' % page.id)
|
||||
resp = resp.follow()
|
||||
resp.forms[0]['cdata_jsoncell-1-template_string'].value = '{% syntax|error %}'
|
||||
resp.forms[0]['cdata_jsoncell-1-url'].value = 'http://example.com'
|
||||
resp = resp.forms[0].submit()
|
||||
assert 'syntax error: Invalid block tag' in resp.body
|
||||
assert JsonCell.objects.count() == 1
|
||||
assert JsonCell.objects.first().template_string is None
|
||||
# valid syntax
|
||||
resp = app.get('/manage/pages/%s/' % page.id)
|
||||
resp.forms[0]['cdata_jsoncell-1-template_string'].value = '{{ ok }}'
|
||||
resp.forms[0]['cdata_jsoncell-1-url'].value = 'http://example.com'
|
||||
resp = resp.forms[0].submit().follow()
|
||||
assert 'syntax error' not in resp.body
|
||||
assert JsonCell.objects.count() == 1
|
||||
assert JsonCell.objects.first().template_string == '{{ ok }}'
|
||||
|
|
|
|||
Loading…
Reference in New Issue