general: give a custom error message on invalid action link (#25722)
This commit is contained in:
parent
da5e7f52b0
commit
6d20a697b0
|
@ -4963,8 +4963,25 @@ def test_email_actions(pub, emails):
|
|||
formdata = formdef.data_class().select()[0]
|
||||
assert formdata.status == 'wf-accepted'
|
||||
|
||||
# no longer on a correct status, action url will now return a 404
|
||||
app.get(action_url, status=404)
|
||||
# action token has been used, it will now return a custom 404
|
||||
resp = app.get(action_url, status=404)
|
||||
assert 'This action link has already been used or has expired.' in resp.body
|
||||
|
||||
# check against independently changed status, it should also return a
|
||||
# custom 404.
|
||||
emails.empty()
|
||||
formdef.data_class().wipe()
|
||||
app = login(get_app(pub), username='foo', password='foo')
|
||||
resp = app.get(formdef.get_url())
|
||||
resp = resp.form.submit('submit')
|
||||
resp = resp.form.submit('submit')
|
||||
email_data = emails.get('New form2 (test email action)')
|
||||
action_url = re.findall(r'http.* ', email_data['payload'])[0].strip()
|
||||
formdata = formdef.data_class().select()[0]
|
||||
formdata.jump_status('rejected')
|
||||
app = get_app(pub)
|
||||
resp = app.get(action_url, status=404)
|
||||
assert 'This action link has already been used or has expired.' in resp.body
|
||||
|
||||
def test_manager_public_access(pub):
|
||||
user, manager = create_user_and_admin(pub)
|
||||
|
|
|
@ -28,12 +28,18 @@ from wcs.forms.common import FormTemplateMixin
|
|||
from wcs.wf.jump import jump_and_perform
|
||||
|
||||
|
||||
class MissingOrExpiredToken(errors.PublishError):
|
||||
status_code = 404
|
||||
title = N_('Error')
|
||||
description = N_('This action link has already been used or has expired.')
|
||||
|
||||
|
||||
class ActionsDirectory(Directory):
|
||||
def _q_lookup(self, component):
|
||||
try:
|
||||
token = tokens.Token.get(component)
|
||||
except KeyError:
|
||||
raise errors.TraversalError()
|
||||
raise MissingOrExpiredToken()
|
||||
if token.type != 'action':
|
||||
raise errors.TraversalError()
|
||||
return ActionDirectory(token)
|
||||
|
@ -54,7 +60,7 @@ class ActionDirectory(Directory, FormTemplateMixin):
|
|||
self.action = item
|
||||
break
|
||||
else:
|
||||
raise errors.TraversalError()
|
||||
raise MissingOrExpiredToken()
|
||||
|
||||
def _q_index(self):
|
||||
template.html_top(title=self.formdef.name)
|
||||
|
|
Loading…
Reference in New Issue