Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Carlos Ramos Carreño
erp5
Commits
45de0345
Commit
45de0345
authored
Apr 14, 2022
by
Jérome Perrin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ERP5Form/EditorField: don't initialize with user input
parent
c45c2295
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
51 additions
and
0 deletions
+51
-0
bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testFields.py
...estTemplateItem/portal_components/test.erp5.testFields.py
+41
-0
product/ERP5Form/EditorField.py
product/ERP5Form/EditorField.py
+10
-0
No files found.
bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testFields.py
View file @
45de0345
...
@@ -42,6 +42,7 @@ from Products.Formulator.StandardFields import FloatField, StringField,\
...
@@ -42,6 +42,7 @@ from Products.Formulator.StandardFields import FloatField, StringField,\
DateTimeField
,
TextAreaField
,
CheckBoxField
,
ListField
,
LinesField
,
\
DateTimeField
,
TextAreaField
,
CheckBoxField
,
ListField
,
LinesField
,
\
MultiListField
,
IntegerField
MultiListField
,
IntegerField
from
Products.ERP5Form.CaptchaField
import
CaptchaField
from
Products.ERP5Form.CaptchaField
import
CaptchaField
from
Products.ERP5Form.EditorField
import
EditorField
from
Products.Formulator.MethodField
import
Method
from
Products.Formulator.MethodField
import
Method
from
Products.Formulator.TALESField
import
TALESMethod
from
Products.Formulator.TALESField
import
TALESMethod
...
@@ -1260,6 +1261,45 @@ class TestCaptchaField(ERP5TypeTestCase):
...
@@ -1260,6 +1261,45 @@ class TestCaptchaField(ERP5TypeTestCase):
})
})
class
TestEditorField
(
ERP5TypeTestCase
):
def
afterSetUp
(
self
):
self
.
field
=
EditorField
(
'test_field'
).
__of__
(
self
.
portal
)
self
.
portal
.
REQUEST
[
'here'
]
=
self
.
portal
def
test_render_editable_textarea
(
self
):
self
.
field
.
values
[
'default'
]
=
'value'
self
.
assertEqual
(
self
.
field
.
render
(
REQUEST
=
self
.
portal
.
REQUEST
),
'<textarea rows="5" cols="40" name="field_test_field" >
\
n
value</textarea>'
)
def
test_render_editable_textarea_REQUEST
(
self
):
self
.
field
.
values
[
'default'
]
=
'default value'
self
.
field
.
values
[
'editable'
]
=
1
self
.
portal
.
REQUEST
.
form
[
self
.
field
.
generate_field_key
(
key
=
self
.
field
.
id
)
]
=
'user <value>'
self
.
assertEqual
(
self
.
field
.
render
(
REQUEST
=
self
.
portal
.
REQUEST
),
'<textarea rows="5" cols="40" name="field_test_field" >
\
n
user <value></textarea>'
)
def
test_render_non_editable_textarea
(
self
):
self
.
field
.
values
[
'default'
]
=
'<not &scaped'
self
.
field
.
values
[
'editable'
]
=
0
self
.
assertEqual
(
self
.
field
.
render
(
REQUEST
=
self
.
portal
.
REQUEST
),
'<div ><not &scaped</div>'
)
def
test_render_non_editable_textarea_REQUEST
(
self
):
self
.
field
.
values
[
'default'
]
=
'trusted value'
self
.
field
.
values
[
'editable'
]
=
0
self
.
portal
.
REQUEST
.
form
[
self
.
field
.
generate_field_key
(
key
=
self
.
field
.
id
)
]
=
'untrusted user value'
self
.
assertEqual
(
self
.
field
.
render
(
REQUEST
=
self
.
portal
.
REQUEST
),
'<div >trusted value</div>'
)
def
makeDummyOid
():
def
makeDummyOid
():
import
time
,
random
import
time
,
random
return
'%s%s'
%
(
time
.
time
(),
random
.
random
())
return
'%s%s'
%
(
time
.
time
(),
random
.
random
())
...
@@ -1280,4 +1320,5 @@ def test_suite():
...
@@ -1280,4 +1320,5 @@ def test_suite():
suite
.
addTest
(
unittest
.
makeSuite
(
TestProxyField
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestProxyField
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestFieldValueCache
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestFieldValueCache
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestCaptchaField
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestCaptchaField
))
suite
.
addTest
(
unittest
.
makeSuite
(
TestEditorField
))
return
suite
return
suite
product/ERP5Form/EditorField.py
View file @
45de0345
...
@@ -155,3 +155,13 @@ class EditorField(ZMIField):
...
@@ -155,3 +155,13 @@ class EditorField(ZMIField):
widget
=
EditorWidgetInstance
widget
=
EditorWidgetInstance
validator
=
Validator
.
TextValidatorInstance
validator
=
Validator
.
TextValidatorInstance
def
_get_user_input_value
(
self
,
key
,
REQUEST
):
"""
Try to get a value of the field from the REQUEST
"""
# because non-editable editor fields are used to render raw HTML, we don't
# initialize them with user input.
if
self
.
get_value
(
'editable'
):
return
REQUEST
.
form
[
key
]
raise
KeyError
(
key
)
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment