From 3c019bf87ce42e218f4b149b603d39780a308591 Mon Sep 17 00:00:00 2001 From: stefan Date: Mon, 16 Feb 2009 21:02:23 +0000 Subject: [PATCH] Make cgi.templating more fault-tolerant towards invalid requests. git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/roundup/trunk@4132 57a73879-2fb5-44c3-a270-3262357dd7e2 --- roundup/cgi/templating.py | 24 +++++++++--------------- test/test_templating.py | 16 ++++++++++++++++ 2 files changed, 25 insertions(+), 15 deletions(-) diff --git a/roundup/cgi/templating.py b/roundup/cgi/templating.py index 313cfb0..0cf33a9 100644 --- a/roundup/cgi/templating.py +++ b/roundup/cgi/templating.py @@ -535,14 +535,14 @@ class HTMLClass(HTMLInputMixin, HTMLPermissions): value = lookupIds(self._db, prop, handleListCGIValue(form[item]), fail_ok=1) elif isinstance(prop, hyperdb.Link): - value = form[item].value.strip() + value = form.getfirst(item).strip() if value: value = lookupIds(self._db, prop, [value], fail_ok=1)[0] else: value = None else: - value = form[item].value.strip() or None + value = form.getfirst(item).strip() or None else: if isinstance(prop, hyperdb.Multilink): value = [] @@ -2225,10 +2225,10 @@ class HTMLRequest(HTMLInputMixin): key = '%s%s%d'%(special, name, idx) while key in self.form: self.special_char = special - fields.append (self.form[key].value) + fields.append(self.form.getfirst(key)) dirkey = '%s%sdir%d'%(special, name, idx) if dirkey in self.form: - dirs.append(self.form[dirkey].value) + dirs.append(self.form.getfirst(dirkey)) else: dirs.append(None) idx += 1 @@ -2239,7 +2239,7 @@ class HTMLRequest(HTMLInputMixin): if key in self.form and not fields: fields = handleListCGIValue(self.form[key]) if dirkey in self.form: - dirs.append(self.form[dirkey].value) + dirs.append(self.form.getfirst(dirkey)) if fields: # only try other special char if nothing found break for f, d in map(None, fields, dirs): @@ -2302,13 +2302,7 @@ class HTMLRequest(HTMLInputMixin): for name in ':search_text @search_text'.split(): if self.form.has_key(name): self.special_char = name[0] - try: - self.search_text = self.form[name].value - except AttributeError: - # http://psf.upfronthosting.co.za/roundup/meta/issue111 - # Multiple search_text, probably some kind of spambot. - # Use first value. - self.search_text = self.form[name][0].value + self.search_text = self.form.getfirst(name) # pagination - size and start index # figure batch args @@ -2316,17 +2310,17 @@ class HTMLRequest(HTMLInputMixin): for name in ':pagesize @pagesize'.split(): if self.form.has_key(name): self.special_char = name[0] - self.pagesize = int(self.form[name].value) + self.pagesize = int(self.form.getfirst(name)) self.startwith = 0 for name in ':startwith @startwith'.split(): if self.form.has_key(name): self.special_char = name[0] - self.startwith = int(self.form[name].value) + self.startwith = int(self.form.getfirst(name)) # dispname if self.form.has_key('@dispname'): - self.dispname = self.form['@dispname'].value + self.dispname = self.form.getfirst('@dispname') else: self.dispname = None diff --git a/test/test_templating.py b/test/test_templating.py index 80bae0e..a580349 100644 --- a/test/test_templating.py +++ b/test/test_templating.py @@ -72,6 +72,22 @@ class FunctionsTestCase(TemplatingTestCase): class HTMLClassTestCase(TemplatingTestCase) : + def test_link(self): + """Make sure lookup of a Link property works even in the + presence of multiple values in the form.""" + def lookup(key) : + self.assertEqual(key, key.strip()) + return "Status%s"%key + self.form.list.append(MiniFieldStorage("status", "1")) + self.form.list.append(MiniFieldStorage("status", "2")) + status = hyperdb.Link("status") + self.client.db.classes = dict \ + ( issue = MockNull(getprops = lambda : dict(status = status)) + , status = MockNull(get = lambda id, name : id, lookup = lookup) + ) + cls = HTMLClass(self.client, "issue") + cls["status"] + def test_multilink(self): """`lookup` of an item will fail if leading or trailing whitespace has not been stripped. -- 2.30.2