backoffice: redirect on missing user custom view (#42164)
This commit is contained in:
parent
583381bc9e
commit
4468feda27
|
@ -6735,6 +6735,22 @@ def test_backoffice_custom_view_visibility(pub):
|
|||
[('custom-test-view', 'owner'), ('shared-view', 'any'), ('shared-view-2', 'any')])
|
||||
|
||||
|
||||
def test_backoffice_missing_custom_view(pub):
|
||||
create_superuser(pub)
|
||||
create_environment(pub, set_receiver=False)
|
||||
app = login(get_app(pub))
|
||||
resp = app.get('/backoffice/management/form-title/user-plop/')
|
||||
assert resp.location == 'http://example.net/backoffice/management/form-title/'
|
||||
resp = resp.follow()
|
||||
assert 'A missing or invalid custom view was referenced' in resp
|
||||
|
||||
resp = app.get('/backoffice/management/form-title/user-plop/1/')
|
||||
assert resp.location == 'http://example.net/backoffice/management/form-title/1/'
|
||||
|
||||
resp = app.get('/backoffice/management/form-title/user-plop/1/?plop')
|
||||
assert resp.location == 'http://example.net/backoffice/management/form-title/1/?plop'
|
||||
|
||||
|
||||
def test_carddata_custom_view(pub, studio):
|
||||
CardDef.wipe()
|
||||
user = create_user(pub)
|
||||
|
|
|
@ -2487,6 +2487,15 @@ class FormPage(Directory):
|
|||
for view in self.get_custom_views():
|
||||
if view.get_url_slug() == component:
|
||||
return self.__class__(formdef=self.formdef, view=view)
|
||||
if component.startswith('user-'):
|
||||
get_session().message = ('warning',
|
||||
_('A missing or invalid custom view was referenced; '
|
||||
'you have been automatically redirected.'))
|
||||
# remove custom view reference from path
|
||||
# (ignore the fact that some form/card could itself be named
|
||||
# user-whatever)
|
||||
url = get_request().get_path_query().replace('/%s/' % component, '/')
|
||||
return misc.QLookupRedirect(url)
|
||||
|
||||
try:
|
||||
filled = self.formdef.data_class().get(component)
|
||||
|
@ -2906,6 +2915,8 @@ class FormBackOfficeStatusPage(FormStatusPage):
|
|||
r += htmltext('</span>')
|
||||
r += htmltext('</div>')
|
||||
|
||||
r += get_session().display_message()
|
||||
|
||||
r += htmltext('<div id="inspect-test-tools" class="section">')
|
||||
r += htmltext('<h2>%s</h2>') % _('Test tools')
|
||||
r += htmltext('<div>')
|
||||
|
|
|
@ -534,7 +534,7 @@ class FormStatusPage(Directory, FormTemplateMixin):
|
|||
get_response().add_javascript(['jquery.js', 'qommon.forms.js'])
|
||||
self.html_top('%s - %s' % (self.formdef.name, self.filled.id))
|
||||
r = TemplateIO(html=True)
|
||||
|
||||
r += get_session().display_message()
|
||||
r += htmltext(self.workflow_messages())
|
||||
r += self.receipt(always_include_user=True, mine=False)
|
||||
r += self.backoffice_fields_section()
|
||||
|
|
|
@ -44,7 +44,7 @@ from django.utils.six.moves.html_parser import HTMLParser
|
|||
from django.utils.six.moves.urllib.parse import quote, urlencode
|
||||
from django.utils.six.moves.urllib import parse as urlparse
|
||||
|
||||
from quixote import get_publisher, get_response, get_request
|
||||
from quixote import get_publisher, get_response, get_request, redirect
|
||||
from quixote.html import htmltext
|
||||
|
||||
from . import _, force_str
|
||||
|
@ -815,3 +815,14 @@ def get_order_by_or_400(value):
|
|||
if not re.match(r'-?[a-z0-9_-]+$', value):
|
||||
raise RequestError()
|
||||
return value
|
||||
|
||||
|
||||
class QLookupRedirect:
|
||||
'''
|
||||
Class to use to interrupt a _q_lookup method and redirect.
|
||||
'''
|
||||
def __init__(self, url):
|
||||
self.url = url
|
||||
|
||||
def _q_traverse(self, path):
|
||||
return redirect(self.url)
|
||||
|
|
Loading…
Reference in New Issue