From dfd8540b54212e5c0089139ce18dc164a92c4b9b Mon Sep 17 00:00:00 2001 From: Chris Hill-Scott Date: Thu, 7 Apr 2016 16:02:06 +0100 Subject: [PATCH] =?UTF-8?q?Don=E2=80=99t=20allow=20commas=20in=20placehold?= =?UTF-8?q?ers?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit > If a user tries to save a template containing something like > ((name,date)) we should give a validation error. This is because it causes havoc with the column headers in CSV files. https://www.pivotaltracker.com/story/show/117043389 --- app/main/forms.py | 8 ++++++-- app/main/validators.py | 11 +++++++++++ tests/app/main/test_validators.py | 10 +++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/app/main/forms.py b/app/main/forms.py index 9d400470b..a65a1ba12 100644 --- a/app/main/forms.py +++ b/app/main/forms.py @@ -15,7 +15,7 @@ from wtforms import ( from wtforms.fields.html5 import EmailField, TelField from wtforms.validators import (DataRequired, Email, Length, Regexp) -from app.main.validators import (Blacklist, CsvFileValidator, ValidEmailDomainRegex) +from app.main.validators import (Blacklist, CsvFileValidator, ValidEmailDomainRegex, NoCommasInPlaceHolders) def email_address(label='Email address'): @@ -203,7 +203,11 @@ class SMSTemplateForm(Form): template_content = TextAreaField( u'Message content', - validators=[DataRequired(message="Can’t be empty")]) + validators=[ + DataRequired(message="Can’t be empty"), + NoCommasInPlaceHolders() + ] + ) class EmailTemplateForm(SMSTemplateForm): diff --git a/app/main/validators.py b/app/main/validators.py index 9fead6336..ff6e10af9 100644 --- a/app/main/validators.py +++ b/app/main/validators.py @@ -2,6 +2,7 @@ import re from wtforms import ValidationError from datetime import datetime from app.main.encryption import check_hash +from utils.template import Template class Blacklist(object): @@ -38,3 +39,13 @@ class ValidEmailDomainRegex(object): email_regex = "[^\@^\s]+@([^@^\\.^\\s]+\.)*({})$".format("|".join(valid_domains)) if not re.match(email_regex, field.data.lower()): raise ValidationError(message) + + +class NoCommasInPlaceHolders(): + + def __init__(self, message='You can’t have commas in your fields'): + self.message = message + + def __call__(self, form, field): + if ',' in ''.join(Template({'content': field.data}).placeholders): + raise ValidationError(self.message) diff --git a/tests/app/main/test_validators.py b/tests/app/main/test_validators.py index 80c4db467..6cb034263 100644 --- a/tests/app/main/test_validators.py +++ b/tests/app/main/test_validators.py @@ -1,6 +1,6 @@ import pytest from app.main.forms import RegisterUserForm -from app.main.validators import ValidEmailDomainRegex +from app.main.validators import ValidEmailDomainRegex, NoCommasInPlaceHolders from wtforms import ValidationError from unittest.mock import Mock @@ -112,3 +112,11 @@ def test_invalid_list_of_white_list_email_domains(app_, email): email_domain_validators = ValidEmailDomainRegex() with pytest.raises(ValidationError): email_domain_validators(None, _gen_mock_field(email)) + + +def test_for_commas_in_placeholders(app_): + with app_.test_request_context(): + with pytest.raises(ValidationError) as error: + NoCommasInPlaceHolders()(None, _gen_mock_field('Hello ((name,date))')) + assert str(error.value) == 'You can’t have commas in your fields' + NoCommasInPlaceHolders()(None, _gen_mock_field('Hello ((name))'))