lingo: validate service_options in forms (#41439)
This commit is contained in:
parent
ead8de9bcc
commit
90a7560e98
|
@ -35,7 +35,7 @@ from django.utils.translation import ugettext_lazy as _
|
|||
from django.utils import timezone, dateparse, six
|
||||
from django.core.mail import EmailMultiAlternatives
|
||||
from django.urls import reverse
|
||||
from django.core.exceptions import ObjectDoesNotExist, PermissionDenied
|
||||
from django.core.exceptions import ObjectDoesNotExist, PermissionDenied, ValidationError
|
||||
from django.utils.encoding import python_2_unicode_compatible
|
||||
from django.utils.formats import localize
|
||||
from django.utils.http import urlencode
|
||||
|
@ -89,6 +89,11 @@ def build_remote_item(data, regie):
|
|||
no_online_payment_reason=data.get('no_online_payment_reason'))
|
||||
|
||||
|
||||
def validate_dict(value):
|
||||
if not isinstance(value, dict):
|
||||
raise ValidationError(_('Value must be a JSON object'))
|
||||
|
||||
|
||||
@python_2_unicode_compatible
|
||||
class PaymentBackend(models.Model):
|
||||
label = models.CharField(verbose_name=_('Label'), max_length=64)
|
||||
|
@ -97,7 +102,10 @@ class PaymentBackend(models.Model):
|
|||
help_text=_('The identifier is used in webservice calls.'))
|
||||
service = models.CharField(
|
||||
verbose_name=_('Payment Service'), max_length=64, choices=SERVICES)
|
||||
service_options = JSONField(blank=True, verbose_name=_('Payment Service Options'))
|
||||
service_options = JSONField(
|
||||
blank=True,
|
||||
verbose_name=_('Payment Service Options'),
|
||||
validators=[validate_dict])
|
||||
|
||||
def __str__(self):
|
||||
return self.label
|
||||
|
|
|
@ -618,6 +618,47 @@ def test_add_payment_backend(app, admin_user):
|
|||
assert resp.location.endswith('/manage/lingo/paymentbackends/')
|
||||
|
||||
|
||||
def test_add_payment_backend_validate_options(app, admin_user):
|
||||
app = login(app)
|
||||
resp = app.get('/manage/lingo/paymentbackends/add/', status=200)
|
||||
assert '/manage/lingo/paymentbackends/' in resp.text
|
||||
|
||||
resp.forms[0]['label'] = 'Test'
|
||||
resp.forms[0]['slug'] = 'test-add'
|
||||
resp.forms[0]['service'] = 'dummy'
|
||||
resp.forms[0]['service_options'] = 'xx'
|
||||
resp2 = resp.forms[0].submit()
|
||||
assert not PaymentBackend.objects.count()
|
||||
|
||||
resp.forms[0]['service_options'] = '"xx"'
|
||||
resp2 = resp.forms[0].submit()
|
||||
assert not PaymentBackend.objects.count()
|
||||
|
||||
resp.forms[0]['service_options'] = '[1]'
|
||||
resp2 = resp.forms[0].submit()
|
||||
assert not PaymentBackend.objects.count()
|
||||
|
||||
resp.forms[0]['service_options'] = '{"a": 1}'
|
||||
resp2 = resp.forms[0].submit()
|
||||
assert PaymentBackend.objects.count()
|
||||
assert PaymentBackend.objects.get().service_options == {'a': 1}
|
||||
|
||||
|
||||
@pytest.mark.xfail
|
||||
def test_jsonfield_null_bug(app, admin_user):
|
||||
app = login(app)
|
||||
resp = app.get('/manage/lingo/paymentbackends/add/', status=200)
|
||||
assert '/manage/lingo/paymentbackends/' in resp.text
|
||||
|
||||
resp.forms[0]['label'] = 'Test'
|
||||
resp.forms[0]['slug'] = 'test-add'
|
||||
resp.forms[0]['service'] = 'dummy'
|
||||
resp.forms[0]['service_options'] = 'null'
|
||||
resp2 = resp.forms[0].submit()
|
||||
assert PaymentBackend.objects.count()
|
||||
assert PaymentBackend.objects.get().service_options == {'a': 1}
|
||||
|
||||
|
||||
def test_edit_payment_backend(app, admin_user):
|
||||
payment_backend = PaymentBackend.objects.create(label='label1', slug='slug1')
|
||||
app = login(app)
|
||||
|
@ -633,3 +674,9 @@ def test_edit_payment_backend(app, admin_user):
|
|||
assert resp.location.endswith('/manage/lingo/paymentbackends/')
|
||||
payment_backend = PaymentBackend.objects.get(slug='slug1')
|
||||
assert payment_backend.label == 'label1-modified'
|
||||
|
||||
|
||||
def test_use_old_service_options_safely(app, admin_user):
|
||||
PaymentBackend(service='dummy', service_options='xx').get_payment()
|
||||
PaymentBackend(service='dummy', service_options='"xx"').get_payment()
|
||||
PaymentBackend(service='dummy', service_options=None).get_payment()
|
||||
|
|
Loading…
Reference in New Issue