backoffice: add validity check for datasource URLs (#55871)
This commit is contained in:
parent
790caa0ddd
commit
598ce40e3d
|
@ -2321,6 +2321,40 @@ def test_form_edit_items_field(pub):
|
|||
assert FormDef.get(1).fields[0].items == ['XXX']
|
||||
|
||||
|
||||
def test_form_edit_items_datasource(pub):
|
||||
create_superuser(pub)
|
||||
create_role(pub)
|
||||
|
||||
FormDef.wipe()
|
||||
formdef = FormDef()
|
||||
formdef.name = 'form title'
|
||||
formdef.fields = [fields.ItemsField(id='1', label='1st field', type='items')]
|
||||
formdef.store()
|
||||
|
||||
app = login(get_app(pub))
|
||||
resp = app.get('/backoffice/forms/1/')
|
||||
resp = resp.click(href='fields/')
|
||||
assert '1st field' in resp.text
|
||||
|
||||
resp = app.get('/backoffice/forms/1/fields/1/')
|
||||
resp.form['data_mode'].value = 'data-source'
|
||||
resp.form['data_source$type'].value = 'json'
|
||||
resp.form['data_source$value'].value = 'random string'
|
||||
resp = resp.form.submit('submit')
|
||||
assert 'Value must be a full URL.' in resp.text
|
||||
resp.form['data_source$value'].value = 'http://whatever'
|
||||
resp = resp.form.submit('submit').follow()
|
||||
assert FormDef.get(1).fields[0].data_source == {'type': 'json', 'value': 'http://whatever'}
|
||||
|
||||
# check template strings are ok
|
||||
resp = app.get('/backoffice/forms/1/fields/1/')
|
||||
resp.form['data_mode'].value = 'data-source'
|
||||
resp.form['data_source$type'].value = 'json'
|
||||
resp.form['data_source$value'].value = '{{url}}'
|
||||
resp = resp.form.submit('submit').follow()
|
||||
assert FormDef.get(1).fields[0].data_source == {'type': 'json', 'value': '{{url}}'}
|
||||
|
||||
|
||||
def test_form_edit_page_field(pub):
|
||||
create_superuser(pub)
|
||||
create_role(pub)
|
||||
|
|
|
@ -179,6 +179,14 @@ class DataSourceSelectionWidget(CompositeWidget):
|
|||
value = self.get(name)
|
||||
if value:
|
||||
values[name] = value
|
||||
|
||||
if values.get('type') in ('json', 'jsonp', 'geojson'):
|
||||
url = values.get('value') or ''
|
||||
if url and not Template.is_template_string(url):
|
||||
parsed = urllib.parse.urlparse(url)
|
||||
if not (parsed.scheme and parsed.netloc):
|
||||
self.error = _('Value must be a full URL.')
|
||||
|
||||
if values.get('type', '') in ('none', ''):
|
||||
values = None
|
||||
self.value = values or None
|
||||
|
|
Loading…
Reference in New Issue